1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

37189 Commits

Author SHA1 Message Date
Andrew Bartlett
5eeb441b77 dsdb: Allow special chars like "@" in samAccountName when generating the salt
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14874

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 20 12:54:54 UTC 2021 on sn-devel-184
2021-10-20 12:54:54 +00:00
Joseph Sutton
46039baa81 tests/krb5: Add tests for account salt calculation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14874

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-10-20 12:02:33 +00:00
Andreas Schneider
5d8e794551 waf: Allow building with MIT KRB5 >= 1.20
gssrpc/xdr.h:105:1: error: function declaration isn’t a prototype
[-Werror=strict-prototypes]
  105 | typedef bool_t (*xdrproc_t)();
      | ^~~~~~~

This can't be fixed, as the protoype is variadic. It can take up to three
arguments.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14870

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-10-20 12:02:33 +00:00
Joseph Sutton
6292f0597f selftest: Increase account lockout windows to make test more realiable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14868

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-10-20 12:02:33 +00:00
Douglas Bagnall
a169e013e6 pytest/rodc_rwdc: try to avoid race.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14868

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-10-20 12:02:33 +00:00
Viktor Dukhovni
7e961f3f7a HEIMDAL:kdc: Fix transit path validation CVE-2017-6594
Commit f469fc6 (2010-10-02) inadvertently caused the previous hop realm
to not be added to the transit path of issued tickets.  This may, in
some cases, enable bypass of capath policy in Heimdal versions 1.5
through 7.2.

Note, this may break sites that rely on the bug.  With the bug some
incomplete [capaths] worked, that should not have.  These may now break
authentication in some cross-realm configurations.

(similar to heimdal commit b1e699103f08d6a0ca46a122193c9da65f6cf837)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12998

Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 20 10:58:37 UTC 2021 on sn-devel-184
2021-10-20 10:58:37 +00:00
Andrew Bartlett
031a828764 kdc: Correctly strip PAC, rather than error on UF_NO_AUTH_DATA_REQUIRED for servers
UF_NO_AUTH_DATA_REQUIRED on a server/service account should cause
the PAC to be stripped not to given an error if the PAC was still
present.

Tested against Windows 2019

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14871

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-10-20 08:31:31 +00:00
Andrew Bartlett
92e8ce18a7 kdc: Remove UF_NO_AUTH_DATA_REQUIRED from client principals
Tests against Windows 2019 show that UF_NO_AUTH_DATA_REQUIRED
applies to services only, not to clients.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14871

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-10-20 08:31:31 +00:00
Joseph Sutton
d23d8e8593 heimdal:kdc: Fix ticket signing without a PAC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-17 22:53:37 +00:00
Nicolas Williams
f6adfefbbb krb5: Fix PAC signature leak affecting KDC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Cherry-picked from Heimdal commit
 54581d2d52443a9a07ed5980df331f660b397dcf]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:32 +00:00
Joseph Sutton
02fa69c6c7 s4:kdc: Check ticket signature
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:32 +00:00
Joseph Sutton
3bdce12789 heimdal: Make _krb5_pac_get_kdc_checksum_info() into a global function
This lets us call it from Samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Joseph Sutton
28a5a586c8 s4/heimdal/lib/krb5/pac.c: Align PAC buffers to match Windows
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Luke Howard
91e684f5dc kdc: correctly generate PAC TGS signature
When generating an AS-REQ, the TGS signature was incorrectly generated using
the server key, which would fail to validate if the server was not also the
TGS. Fix this.

Patch from Isaac Bourkis <iboukris@gmail.com>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Backported from Heimdal commit
 e7863e2af922809dad25a2e948e98c408944d551
 - Samba's Heimdal version does not have the generate_pac() helper
 function.
 - Samba's Heimdal version does not use the 'r' context variable.
]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Luke Howard
75d1a7cd14 kdc: use ticket client name when signing PAC
The principal in the PAC_LOGON_NAME buffer is expected to match the client name
in the ticket. Previously we were setting this to the canonical client name,
which would have broken PAC validation if the client did not request name
canonicalization

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Backported from Heimdal commit
 3b0856cab2b25624deb1f6e0e67637ba96a647ac
 - Renamed variable to avoid shadowing existing variable
]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Luke Howard
db30b71f79 kdc: only set HDB_F_GET_KRBTGT when requesting TGS principal
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Backported from Heimdal commit
 f1dd2b818aa0866960945edea02a6bc782ed697c
 - Removed change to _kdc_find_etype() use_strongest_session_key
 parameter since Samba's Heimdal version uses different logic
]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Luke Howard
d6a472e953 krb5: return KRB5KRB_AP_ERR_INAPP_CKSUM if PAC checksum fails
Return KRB5KRB_AP_ERR_INAPP_CKSUM instead of EINVAL when verifying a PAC, if
the checksum is absent or unkeyed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Cherry-picked from Heimdal commit
c4b99b48c4b18f30d504b427bc1961d7a71f631e]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Isaac Boukris
2773379603 krb5: rework PAC validation loop
Avoid allocating the PAC on error.

Closes: #836

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Cherry-picked from Heimdal commit
6df8be5091363a1c9a9165465ab8292f817bec81]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Isaac Boukris
2d09de5c41 krb5: allow NULL parameter to krb5_pac_free()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Cherry-picked from Heimdal commit
b295167208a96e68515902138f6ce93972892ec5]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Isaac Boukris
d7b03394a9 kdc: sign ticket using Windows PAC
Split Windows PAC signing and verification logic, as the signing has to be when
the ticket is ready.

Create sign and verify the PAC KDC signature if the plugin did not, allowing
for S4U2Proxy to work, instead of KRB5SignedPath.

Use the header key to verify PAC server signature, as the same key used to
encrypt/decrypt the ticket should be used for PAC server signature, like U2U
tickets are signed witht the tgt session-key and not with the longterm key,
and so krbtgt should be no different and the header key should be used.

Lookup the delegated client in DB instead of passing the delegator DB entry.

Add PAC ticket-signatures and related functions.

Note: due to the change from KRB5SignedPath to PAC, S4U2Proxy requests
against new KDC will not work if the evidence ticket was acquired from
an old KDC, and vide versa.

Closes: #767

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Backported from Heimdal commit
 2ffaba9401d19c718764d4bd24180960290238e9
 - Removed tests
 - Adapted to Samba's version of Heimdal
 - Addressed build failures with -O3
 - Added knownfails
]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Isaac Boukris
ccabc7f16c kdc: remove KRB5SignedPath, to be replaced with PAC
KRB5SignedPath was a Heimdal-specific authorization data element used to
protect the authenticity of evidence tickets when used in constrained
delegation (without a Windows PAC).

Remove this, to be replaced with the Windows PAC which itself now supports
signing the entire ticket in the TGS key.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Backported from Heimdal commit
 bb1d8f2a8c2545bccdf2c9179ce9259bf1050086
 - Removed tests
 - Removed auditing hook (only present in Heimdal master)
 - Added knownfails
]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Joseph Sutton
d5002c34ce s4/torture: Expect ticket checksum PAC buffer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Joseph Sutton
c14c61748b s4:kdc: Fix debugging messages
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Joseph Sutton
7149eeaceb s4:kdc: Simplify samba_kdc_update_pac_blob() to take ldb_context as parameter
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Joseph Sutton
56ccdba54e tests/krb5: Add constrained delegation tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Joseph Sutton
ae2c57fb03 tests/krb5: Add TKT_SIG_SUPPORT environment variable
This lets us indicate that service tickets should be issued with ticket
checksums in the PAC.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Joseph Sutton
238f52bad8 tests/krb5: Add environment variable to specify KDC FAST support
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Joseph Sutton
ec4b264bdf tests/krb5: Add compatability tests for ticket checksums
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Joseph Sutton
8e1efd8bd3 heimdal:kdc: Only check for default salt for des-cbc-crc enctype
Previously, this algorithm was preferring RC4 over AES for machine
accounts in the preauth case. This is because AES keys for machine
accounts in Active Directory use a non-default salt, while RC4 keys do
not use a salt. To avoid this behaviour, only prefer keys with default
salt for the des-cbc-crc enctype.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14864

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-10-14 18:59:31 +00:00
Volker Lendecke
246a5ceab1 netlogon: Move netlogon_server_pipe_state to netlogon.idl
Make this available as a shared structure for both source3 and source4

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:32 +00:00
Volker Lendecke
3a8374b831 dsdb: Simplify schema_attribute_description() & friends
Use talloc_asprintf_addbuf()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:32 +00:00
Volker Lendecke
187529c979 samba: Save a line with TALLOC_FREE
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:31 +00:00
Andrew Bartlett
b45190bdac selftest: Use self.assertRaisesLdbError() in user_account_control.py test
This changes most of the simple pattern with self.samdb.modify()
to use the wrapper.  Some other calls still need to be converted, while
the complex decision tree tests should remain as-is for now.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Oct  4 21:55:43 UTC 2021 on sn-devel-184
2021-10-04 21:55:43 +00:00
Andrew Bartlett
298515cac2 selftest: Move self.assertRaisesLdbError() to samba.tests.TestCase
This is easier to reason with regarding which cases should work
and which cases should fail, avoiding issues where more success
than expected would be OK because a self.fail() was missed in a
try: block.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-04 21:07:31 +00:00
Jeremy Allison
2d87e0f6ef s4: process_prefork: Make prefork_restart() use an asynchronous timer event instead of calling sleep(X).
This should prevent any long pauses in the calling process, as we get a callback
for the restart after X seconds. To make the code flow more understandable,
always go through a timer event even if the wait time is zero. This
has the same effect as an immediate event as it will call the callback
function as soon as we go back into the event loop.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct  2 01:38:43 UTC 2021 on sn-devel-184
2021-10-02 01:38:43 +00:00
Andrew Bartlett
b6d60e8f4d samldb: Address birthday paradox adding an RODC
It is possible that the randomly chosen RODC number will be one
that is already in use.  The samldb_krbtgtnumber_available()
function was meant to prevent that, but due to a typo did not.

There is no other race here as the whole thing is inside a transaction,
and we have duplicate protection on samAccountName, so the failure
looked like this:

...
Adding CN=krbtgt_TESTRODCDRS5320202,CN=Users,DC=samba,DC=example,DC=com
UNEXPECTED(error): samba4.drs.repl_rodc.python(ad_dc_ntvfs).repl_rodc.DrsRodcTestCase.test_msDSRevealedUsers_admin(ad_dc_ntvfs)
REASON: Exception: Exception: Traceback (most recent call last):
  File "/m/abartlet/aMASTER/b1635147/samba-def-build/source4/torture/drs/python/repl_rodc.py", line 111, in setUp
    self._create_rodc(self.rodc_ctx)
  File "/m/abartlet/aMASTER/b1635147/samba-def-build/source4/torture/drs/python/repl_rodc.py", line 693, in _create_rodc
    ctx.join_add_objects()
  File "bin/python/samba/join.py", line 641, in join_add_objects
    ctx.add_krbtgt_account()
  File "bin/python/samba/join.py", line 429, in add_krbtgt_account
    ctx.samdb.add(rec, ["rodc_join:1:1"])
_ldb.LdbError: (68, "LDAP error 68 LDAP_ENTRY_ALREADY_EXISTS -  <00002071: samldb: samAccountName krbtgt_4405 already in use!> <>")

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14854

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct  1 20:50:37 UTC 2021 on sn-devel-184
2021-10-01 20:50:36 +00:00
Joseph Sutton
fb758c32e7 s4/torture/drs/python: Fix attribute existence check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-09-28 09:44:35 +00:00
Joseph Sutton
2a4d53dc12 tests/krb5: Refactor tgs_req() to use _generic_kdc_exchange
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-09-21 23:05:41 +00:00
Volker Lendecke
ad462c27a4 rpc_server4: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-09-21 00:13:32 +00:00
Volker Lendecke
48521736b4 smbtorture: Fix epmapper.Map_full test
For detailed knownfail on subtests we need torture_assert() calls

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-09-18 00:02:27 +00:00
Andrew Bartlett
d12cb47724 selftest: Update user_account_control tests to pass against Windows 2019
This gets us closer to passing against Windows 2019, without
making major changes to what was tested.  More tests are needed,
but it is important to get what was being tested tested again.

Account types (eg UF_NORMAL_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT)
are now required on all objects, this can't be omitted any more.

Also for UF_NORMAL_ACCOUNT for these accounts without a password
set |UF_PASSWD_NOTREQD must be included.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 15 08:49:11 UTC 2021 on sn-devel-184
2021-09-15 08:49:11 +00:00
Andrew Bartlett
6b9b0439d8 heimdal: Remove lex.yy.c file left over from a bug in lexyacc.sh
This file was incorrectly added in 6a27fbbfc4,
was never referenced on our build system and should have been
removed with c51c15144e at least.

That script had a bug and did not remove this filename if
the particular version of lex generated it, and so it
likely was added to git as a result.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>

Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Sep 13 05:41:30 UTC 2021 on sn-devel-184
2021-09-13 05:41:30 +00:00
Ralph Boehme
b053bea0af s4/torture/masktest: don't ignore unknown options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14828

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Sep 10 16:02:10 UTC 2021 on sn-devel-184
2021-09-10 16:02:10 +00:00
Ralph Boehme
0c47f24431 s4/torture/locktest: don't ignore unknown options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14828

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-09-10 15:10:30 +00:00
Ralph Boehme
f6be1c18bf s4/torture/gentest: don't ignore unknown options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14828

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-09-10 15:10:30 +00:00
Ralph Boehme
ecb27e02e1 s4/regtree: don't ignore unknown options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14828

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-09-10 15:10:30 +00:00
Ralph Boehme
ac86779fe4 s4/regshell: don't ignore unknown options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14828

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-09-10 15:10:30 +00:00
Ralph Boehme
604ce3d85a s4/regpatch: don't ignore unknown options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14828

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-09-10 15:10:30 +00:00
Ralph Boehme
5c75b5bdeb s4/regdiff: don't ignore unknown options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14828

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-09-10 15:10:30 +00:00
Ralph Boehme
08532b3d2e s4/cifsdd: don't ignore unknown options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14828

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-09-10 15:10:30 +00:00