IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Such buffers are not to be trusted.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov 7 22:54:42 UTC 2023 on atb-devel-224
dcesrv_lsa_CreateTrustedDomain_base() invokes DCESRV_PULL_HANDLE(),
which invokes DCESRV_PULL_HANDLE_RETVAL(), which invokes
DCESRV_CHECK_HANDLE(), which might invoke DCESRV_FAULT(), which accesses
r2.out.result, which is uninitialized — invoking undefined behaviour.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 2 04:04:49 UTC 2023 on atb-devel-224
dcesrv_lsa_CreateTrustedDomain_base() invokes DCESRV_PULL_HANDLE(),
which invokes DCESRV_PULL_HANDLE_RETVAL(), which invokes
DCESRV_CHECK_HANDLE(), which might invoke DCESRV_FAULT(), which accesses
r2.out.result, which is uninitialized — invoking undefined behaviour.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The aim is to allow samba-tool to tell users where their SDDL went
wrong.
Some tests would turn into errors (not knownfail-able failures)
if they were not changed at the same time, so they are changed too.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This will soon be raised for SDDL parsing errors.
It would have been nice to have it as a subclass of
ValueError, meaning that all existing callers would
continue to catch this error as before, but it turns
out that that is quite difficult.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Instead of ‘int’ or ‘uint32_t’, neither of which convey much meaning,
consistently use a newly added type to hold NDR_ flags.
Update the NDR 4.0.0 ABI.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The LIBNDR_FLAG_ namespace is getting dangerously full, with only a
single flag value (1 << 9) remaining for use. After that flag is put
into use, we won’t be able to add any new flags without increasing the
flag width to 64‐bit.
Up to now we’ve used a haphazard mix of int, unsigned, and uint32_t to
store these flags. Introduce a new type, ‘libndr_flags’, to be used
consistently to hold LIBNDR flags. If in the future we find we need to
move to 64‐bit flags, this type gives us an opportunity to do that.
Bump the NDR version to 4.0.0 — an major version increment, for we’re
changing the function ABI and adding the new symbol
ndr_print_libndr_flags.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
One advantage of this is that the type of the switch value is no longer
tied to the type of the NDR flags.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
samba_kdc_get_user_info_dc() will add the Asserted Identity and Claims
Valid SIDs as appropriate.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
samba_kdc_get_user_info_dc() now adds the SID itself.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We only ever use the principal comparison functions to check equality.
Having these functions only handle equality simplifies their
implementation and makes them a bit easier to use.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15482
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 26 02:26:02 UTC 2023 on atb-devel-224
smb_krb5_princ_component() takes its component index parameter as ‘int’,
not ‘unsigned int’.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15482
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We should return error codes rather than silently mask failures.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15482
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This matches the behaviour of Windows.
NOTE: This commit finally works again!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15482
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
principal_comp_strcmp() cannot yet indicate a failure case, but it will
soon be changed to do so.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15482
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The existing implementation did not differentiate between the case where
the relevant component was not present, and that where talloc_strndup()
failed. To correct this situation, put the result into an out parameter
on success and return an error on failure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15482
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This shouldn't happen -- that is, there should never be non-tombstone
records in conjunction with a tombstone record -- and if it does, the
situation should resolve itself here. But the flow is confusing and
strange things sometimes happen often enough that it would be helpful
to know if this ever occurs.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
wsp_util.c contains property definitions for well known windows
properties that can be used with WSP. These properties are generated from
some csv files (located in the librpc/wsp). The csv files themselves
were generated from a couple of sources e.g. the [MS-WSP]:
Windows Search Protocol document and wireshark mswsp dissector source code.
for more details please see librpc/wsp/README
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Add struct tstream_context to tstream_read_pdu_blob_full_fn_t and update
all callers of tstream_read_pdu_blob_send() to use the correct callback.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This means that expressions like ‘Device_Member_of(WD)’ will now work,
as they should.
It *also* means that expressions like ‘Device_Member_of(NU)’ will work,
even though they shouldn’t. This is because we consider SID_NT_NETWORK
to be a default group.
Our new behaviour may be wrong, but at least it’s now consistent with
the behaviour of user‐relative expressions like ‘Member_of(WD)’ and
‘Member_of(NU)’.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
