sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code
136,837 Commits 60 Branches 1,144 Tags 452 MiB
60022ed55f
Commit Graph

136837 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jo Sutton
4698cf0f33 s4:dsdb: Fix grammar 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Feb 16 03:47:12 UTC 2024 on atb-devel-224
 2024-02-16 03:47:12 +00:00
Jo Sutton
a838719570 libcli/security: Make ‘session_info’ parameter const 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
8c970eaa2e s4:ldap_server: Remove trailing whitespace 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
1e13e37e21 libcli/security: Include missing headers 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
b0b9e03c99 s4:dsdb: Let requests with the AS_SYSTEM control reset an account’s password 
dsdb_have_system_access() takes into account the AS_SYSTEM control as
well as the result of dsdb_module_am_system().

This change means that we can reset the password of an account without
being SYSTEM by means of the AS_SYSTEM control. This is essential for
ldapsrv_SearchRequest() to be able to process the automatic password
changes of Group Managed Service Accounts.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
eece2e8a9c s4:dsdb: Make use of dsdb_have_system_access() 
There should not be any change in behaviour.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
1ad9b93dbf s4:dsdb: Add function to determine whether we have system access 
This takes into account the dsdb session info, as well as the presence
or absence of an AS_SYSTEM control.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
e0e2126fac s4:dsdb: Add include guard to dsdb/samdb/ldb_modules/util.h 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
91fdd43164 s4:dsdb: Remove redundant include 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
324d0fbc06 s4:dsdb: Add function to create a GMSA password update request 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
d55c281c53 s4:dsdb: Remove unused includes 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
e1d27ba545 s4:dsdb: Add to ‘user_attrs’ attributes required for Group Managed Service Accounts 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
0d3d2c433a s3:passdb: Reformat long line 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
676601340c s3:passdb: Reformat array of strings 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
2135e91b40 s3:passdb: Make array of strings static 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
1b44febc8e s3:passdb: Remove trailing whitespace 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
f2a3c186c3 pidl: Do not call mapTypeName() on expression 
$var_name is not a type name, but an expression, such as ‘r->in.server’.
mapTypeName() will turn this into ‘struct r->in.server’, which makes no
sense.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
2d3712906d lib:crypto: Add test for GMSA password derivation 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
fe2dc16160 lib:crypto: Add functions for deriving gMSA passwords 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
e062db3225 lib:crypto: Add more GKDI functions 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
80a59d111b ldb: Fix documentation typos 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
d453feb894 ldb: Split out ldb_controls_get_control() to search a list of controls 
Update the ldb ABI accordingly.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
93762362c5 ldb: Correct copy‐and‐pasted comments 
These comments refer to controls being added, but in these functions the
controls are actually being *searched* for.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
f810ea94f3 ldb: Remove trailing whitespace 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
002e01963d s4:dsdb: Add dsdb_werror() macro 
This works like dsdb_module_werror(), but does not require an ldb module
to work.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
447467f77e s4:dsdb: Add search flag indicating that gMSA passwords are to be updated 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
eeadffc91c s4:dsdb: Include missing headers 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
424882452f s4:dsdb: Add dsdb control indicating that gMSA passwords are to be updated 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
78565c5ee3 s4:setup: Remove empty line 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
03e4de449d s4:dsdb: Fix code formatting 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
4e01e2bfc3 s4:dsdb: Add ‘ares’ parameter to operational attribute constructor functions 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
24552b0200 s4:dsdb: Make array static 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
f439bd3943 s4:dsdb: Remove trailing whitespace 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
c0f9c177d0 s4:dsdb: Remove duplicate word 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
25c610f8fa mailmap: Associate my identity with my old email address 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
ed37c6f23b s4:dsdb: Remove unused ‘domain_dn’ parameter 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
470a9838e1 s4:dsdb: Remove reference to now‐gone lmNewHash parameter 
This parameter was removed in commit
75c54d54ad.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
43cc1a9973 s4:dsdb: Split out function to create a ‘password set’ ldb request 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
7214225300 s4:dsdb: Allocate NT hash on to more appropriate memory context 
The NT hash should live at least as long as the message to which it is
added.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
e1e28d4298 s4:dsdb: Undefine helper macro 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
c3ac22a4cb s4:dsdb: Check return value of talloc_new() 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
8fe5765822 python:tests: Remove unused imports 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
2489ffbe00 s4:kdc: Remove ‘attrs’ parameter from samba_kdc_lookup_server() 
It is always equal to ‘server_attrs’.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
72ac0ec850 lib:compression: Update my name 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
2748466ec6 python: Reformat nt_time.py 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
debc4bc31f ldb: Fix code spelling 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
3ba0dcdcd8 ldb: Simplify ldb_errstring() 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
1b4eb4d638 ldb: Remove trailing whitespace 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
ac85c12007 lib:util: Remove inaccurate comment 
A C compiler would not be allowed to apply the tail call optimization in
this situation, because it would change the observed behaviour of the
program.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00
Jo Sutton
635f6baf7b s3:libads: Remove ‘unicodePwd’ attribute from ads_find_machine_acct() search 
This attribute was added to the search in commit
4f389c1f78. But it’s not clear to me that
anything actually retrieves the unicodePwd from the result (excluding
inconsequential things like ads_dump()).

Furthermore, this being a search over LDAP, it will never return a
unicodePwd.

Removing this attribute from the search means that we no longer have to
worry about the account possibly being a Group Managed Service Account
and the unicodePwd being out‐of‐date.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-02-16 02:41:36 +00:00