1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

4540 Commits

Author SHA1 Message Date
Justin Stephenson
a2402f9714 s3: net: Do not set NET_FLAGS_ANONYMOUS with -k
This affects net rpc getsid and net rpc changetrustpw commands.
This avoids an anonymous IPC connection being made when -k is used,
this only affects net rpc getsid and net rpc changetrustpw commands.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13726

Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2019-01-08 03:40:28 +01:00
Volker Lendecke
69a3b899f1 smbcacls: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-12-20 23:40:24 +01:00
Volker Lendecke
454d7d00ec net: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-12-20 23:40:23 +01:00
Swen Schillig
5eefb0885c utils: Add kerberos tracing
Replace kerberos context initialization from
raw krb5_init_context() to smb_krb5_init_context_basic()
which is adding common tracing as well.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2018-12-19 21:49:29 +01:00
Gary Lockyer
ff9052c923 s3 smbcontrol: Add sleep command
Add a sleep command that pauses the target process for the specified
number of seconds

This command is only enabled on developer and self test builds.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-12-19 04:52:59 +01:00
Gary Lockyer
8167486b99 s4 messaging: support smbcontrol inject fault command
Add support of the smbcontrol inject fault command to the samba daemon.
This is useful for manual testing of process restart etc.

command is only enabled for developer and self test builds

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-12-19 04:52:59 +01:00
Volker Lendecke
6e55ca9e6f net: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-11 00:40:31 +01:00
Volker Lendecke
2c179bcdec pdbedit: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-11 00:40:30 +01:00
Volker Lendecke
d20c57c2d6 sharesec: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-11 00:40:30 +01:00
Volker Lendecke
3028401737 net: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-11 00:40:30 +01:00
Volker Lendecke
c48d6345e3 profiles: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-11 00:40:30 +01:00
Volker Lendecke
eaa035b8c4 net: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-11 00:40:30 +01:00
Volker Lendecke
1b3ee68b79 net: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-07 23:29:01 +01:00
Volker Lendecke
a32564eaf9 net_usershare: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-07 23:29:00 +01:00
Volker Lendecke
b080389f3e net_rpc: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-07 23:29:00 +01:00
Volker Lendecke
99a7756598 net_rpc: Use dom_sid_equal where appropriate
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-07 23:29:00 +01:00
Olly Betts
3d9ba1b7e6 Fix net rpc share allowedusers short description
This command allows one to list allowed users, not modify them.

Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-30 03:35:13 +01:00
Olly Betts
6af599223c net rpc share allowedusers: Allow restricting shares
The help already implies that you can specify "targets" for net rpc
share allowedusers, but actually the tail end of the command line
is just ignored.

This patch allows a list of shares to be specified, and only those
shares are checked, which can be much faster if you're only interested
in a few shares on a server which exports lots.

This subcommand already accepts an optional filename for the output
of net usersidlist, with a default of stdin.  Typically you'd just pipe
one command to the other so stdin is most likely what you want.  This
patch adds support for a filename of "-" to mean stdin so that you can
specify stdin explicitly when you provide a list of shares, since in
this case the filename can't be omitted.

Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-30 03:35:13 +01:00
Olly Betts
28aeb86a9f Fix spelling mistakes
Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-30 03:35:13 +01:00
Olly Betts
1cf84b6b99 net: Add support for a credentials file
Add support for the same -A authfile/--authentication-file authfile
option that most of the other tools already do.

Signed-off-by: Olly Betts <olly@survex.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-30 03:35:13 +01:00
Anoop C S
e99402235d s3/testparm: Reduce debug level to 1
Adhere to what we document in manual page for testparm that default
debug level is set to reasonable value 1.

Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Nov 29 11:52:22 CET 2018 on sn-devel-144
2018-11-29 11:52:22 +01:00
Andreas Schneider
fce92606b3 s3:utils: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-28 23:19:24 +01:00
Swen Schillig
64fbc4c151 utils: Free host realm after processing
In case of error and at the end of processing the list
of realms have to be free'd again.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Nov 22 11:18:41 CET 2018 on sn-devel-144
2018-11-22 11:18:41 +01:00
Swen Schillig
c73c345f6f utils: Free krb5 context for net_lookup_kdc
In case of an error while processing and at the end of processing
the krb5 conext must be free'd.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-11-22 08:22:19 +01:00
Volker Lendecke
1386200be5 gencache: Remove transaction-based tdb
At more than one large site I've seen significant problems due to
gencache_stabilize. gencache_stabilize was mainly introduced to
survive machine crashes with the cache still being in place. Given
that most installations crash rarely and this is still a cache, this
safety is overkill and causes real problems.

With the recent changes to tdb, we should be safe enough to run on
completely corrupted databases and properly detect errors. A further
commit will introduce code that wipes the gencache.tdb if such a
corruption is detected.

There is one kind of corruption that we don't properly handle:
Orphaned space in the database. I don't have a good idea yet how to
handle this in a graceful and efficient way during normal operations,
but maybe this idea pops up at some point.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-06 18:57:26 +01:00
Volker Lendecke
dbc9a1a772 net: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-02 21:21:15 +01:00
Christian Ambach
fce0d1b290 s3:utils/smbget fix recursive download with empty source directories
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13199
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Oct 26 09:58:07 CEST 2018 on sn-devel-144
2018-10-26 09:58:07 +02:00
Christian Ambach
b89732c31b s3:utils/smbget add error handling for mkdir() calls
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-10-26 06:59:09 +02:00
Andreas Schneider
d15a00babf s3:smbcontrol: Simplify the return code check
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 20 02:17:56 CEST 2018 on sn-devel-144
2018-10-20 02:17:56 +02:00
Volker Lendecke
5b2c3f2f42 lib: Remove gencache.h from proto.h
It's a pain to recompile the world if gencache.h changes

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Oct 19 18:52:50 CEST 2018 on sn-devel-144
2018-10-19 18:52:50 +02:00
Martin Schwenke
08a5fbd867 s3: Fix the build when compiling without JSON support
[3762/3895] Compiling source3/utils/net_ads_gpo.c
../source3/utils/net_ads.c: In function ‘net_ads_cldap_netlogon_json’:
../source3/utils/net_ads.c:311:2: error: parameter name omitted
  (ADS_STRUCT *, const char *,
  ^
../source3/utils/net_ads.c:311:2: error: parameter name omitted
../source3/utils/net_ads.c:312:16: error: parameter name omitted
   const struct NETLOGON_SAM_LOGON_RESPONSE_EX *)
                ^
../source3/utils/net_ads.c: In function ‘net_ads_info_json’:
../source3/utils/net_ads.c:520:1: error: parameter name omitted
 static int net_ads_info_json(ADS_STRUCT *)
 ^

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Sep 24 07:03:09 CEST 2018 on sn-devel-144
2018-09-24 07:03:09 +02:00
Philipp Gesang
2a19b4e31b s3: net: normalize output of lookup subcommand
Use spaces and tabs consistently following the majority of the
printed output: tabs only for indenting, no space before the
colon separator, a single space after the separator.

The irregularities in formatting date back to the original commit
2c029a8b96..

Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-09-22 06:05:07 +02:00
Philipp Gesang
5534b9248f s3: net: implement json output for ads lookup
Add JSON printer (option '--json') for the 'net ads lookup'
command. This outputs the same information as the plain version,
with integral ({LMNT,LM20} Token, NT Version) and boolean values
(Flags) not stringified.

Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-09-22 06:05:06 +02:00
Philipp Gesang
2e00ad44aa s3: net: implement json output for ads info
Add the switch '--json' to 'net' to format the output as JSON.

The rationale is to supply the information in a machine-readable
fashion to complement the text version of the output which is
neither particularly well defined nor locale-safe.

The output differs from that of plain 'info' in that times are
not formatted as timestamps.

Currently affects only the 'net ads info' subcommand.

Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-09-22 06:05:06 +02:00
Christof Schmitt
ae7db3e543 s3: Rename server_event_context() to global_event_context()
This reflects that the event context is also used outside of the server
processes.

The command used for the rename:
find . -name '*.[hc]' -print0 | xargs -0 sed -i 's/server_event_context/global_event_context/'

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:17 +02:00
Christof Schmitt
20ed13923e s3:smbget: Use cmdline_messaging_context
Initialize the messaging context through cmdline_messaging_context to
allow access to config in clustered Samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:17 +02:00
Christof Schmitt
de040eafbd s3:smbcontrol: Use cmdline_messaging_context
Initialize the messaging context through cmdline_messaging_context to
allow access to config in clustered Samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:16 +02:00
Christof Schmitt
7eeff96b82 s3:dbwrap_tool: Use cmdline_messaging_context
Initialize the messaging context through cmdline_messaging_context to
allow access to config in clustered Samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:16 +02:00
Christof Schmitt
095123df94 s3:eventlogadm: Use cmdline_messaging_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:16 +02:00
Christof Schmitt
9ed617474f s3: ntlm_auth: Use cmdline_messaging_context
Call cmdline_messaging_context to initialize the messaging context
before accessing clustered Samba config.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:16 +02:00
Christof Schmitt
cab8f27bbc s3:sharesec: Use cmdline_messaging_context
Call cmdline_messasging_context to initialize messaging context before
accessing clustered Samba config.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:16 +02:00
Christof Schmitt
ea7a4ff7ae s3:testparm: Use cmdline_messaging_context
Call cmdline_messaging_context to initialize a messaging config before
accessing clustered Samba config.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:16 +02:00
Christof Schmitt
4661537c20 s3:pdbedit: Use cmdline_messaging_context
Initialize the messaging context through cmdline_messaging_context to
allow access to config in clustered Samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:16 +02:00
Christof Schmitt
f2b659e4f5 s3:net: Use cmdline_messaging_context
Use cmdline_messaging_context with its error checking instead of open
coding the same steps.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:15 +02:00
Christof Schmitt
d7fa3815a8 s3:smbstatus: Use cmdline_messaging_context
Use cmdline_messaging_context to initialize a messaging context instead
of open coding the same steps.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:15 +02:00
Christof Schmitt
29fd2c2e5a s3:smbpasswd: Use cmdline_messaging_context
smbpasswd does not use POPT_CREDENTIALS. Call cmdline_messaging_context
to initialize a messaging_context with proper error checking before
calling lp_load_global.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:15 +02:00
Christof Schmitt
b7464fd89b s3:lib: Move popt_common_credentials to separate file
This is only used by command line utilities and has additional
dependencies. Move to a separate file to contain the dependencies to the
command line tools.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:14 +02:00
Volker Lendecke
05e618cbaf dbwrap_tool: We don't do "listwatchers" anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Sep  3 21:38:40 CEST 2018 on sn-devel-144
2018-09-03 21:38:40 +02:00
Volker Lendecke
0ce26c75cb dbwrap_tool: Avoid an unnecessary "else"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-03 18:44:24 +02:00
Volker Lendecke
02d448429c dbwrap_tool: Simplify persistent/non-persistent check
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-03 18:44:24 +02:00
Volker Lendecke
46819e2628 dbwrap_tool: Simplify listkey_fn
To me dbwrap_record_get_key(rec).dsize just looks a bit ugly

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-03 18:44:24 +02:00
Volker Lendecke
89f9c163f3 dbwrap_tool: Simplify dbwrap_tool_erase
That's what dbwrap_wipe is for :-)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-03 18:44:23 +02:00
Volker Lendecke
6ca5ba5272 lib: Pass mem_ctx to cache_path()
Fix a confusing API: Many places TALLOC_FREE the path where it's not
clear you have to do it.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Aug 17 14:28:51 CEST 2018 on sn-devel-144
2018-08-17 14:28:51 +02:00
Volker Lendecke
c2ea100777 lib: Pass mem_ctx to state_path()
Fix a confusing API: Many places TALLOC_FREE the path where it's not
clear you have to do it.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-08-17 11:30:11 +02:00
Volker Lendecke
f986a73b24 lib: Pass mem_ctx to lock_path()
Fix a confusing API: Many places TALLOC_FREE the path where it's not
clear you have to do it.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-08-17 11:30:10 +02:00
Günther Deschner
947cf38597 CVE-2018-1139 s3-utils: use enum ntlm_auth_level in ntlm_password_check().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360

CVE-2018-1139: Weak authentication protocol allowed.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-08-14 13:57:15 +02:00
Andreas Schneider
b7b4fc51d0 s3:utils: Do not leak memory in new_user()
Found by covscan.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567

Pair-Programmed-With: Justin Stephenson <jstephen@redhat.com>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-08-11 01:49:16 +02:00
Andreas Schneider
f20150fb1e s3:utils: Do not overflow the destination buffer in net_idmap_restore()
Found by covsan.

error[invalidScanfFormatWidth]: Width 128 given in format string (no. 2)
is larger than destination buffer 'sid_string[128]', use %127s to
prevent overflowing it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567

Pair-Programmed-With: Justin Stephenson <jstephen@redhat.com>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-08-11 01:49:16 +02:00
Andreas Schneider
0530cccc41 s3:waf: Install eventlogadm to /usr/sbin
The eventlogadm binary needs write access to the registry which, by
default, is only possible as root.

https://bugzilla.samba.org/show_bug.cgi?id=13561

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug  7 01:49:34 CEST 2018 on sn-devel-144
2018-08-07 01:49:34 +02:00
Noel Power
e053aad4ae s3/utils: fix regression where specifying -Unetbios/root works
Usually you need to be root on a linux server to modify quotas. Even
with a linux server joined to a windows AD you could always log in as
local root with smbcquotas. However in recent builds this has changed.
This patch fixes this

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jul 31 19:45:59 CEST 2018 on sn-devel-144
2018-07-31 19:45:59 +02:00
Justin Stephenson
d881f0c8a0 s3:libads: Add net ads leave keep-account option
Add the ability to leave the domain with --keep-account argument to avoid
removal of the host machine account.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13498

Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2018-07-30 07:34:11 +02:00
Volker Lendecke
6ed119eccf smbstatus: Use share_mode_data->leases
This is the only user of share_mode_entry->lease

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-26 22:44:25 +02:00
Volker Lendecke
3bff0494e1 smbd: Pass "share_mode_data" to share_entry_forall callback
Quite a bit of the contents have been passed explicitly anyway.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-26 22:44:25 +02:00
Andreas Schneider
4a3164e0be s3:smbget: Fix buffer truncation issues with gcc8
../source3/utils/smbget.c: In function ‘smb_download_file’:
../source3/utils/smbget.c:97:27: error: ‘b’ directive output may be truncated writing 1 byte into a region of size between 0 and 19 [-Werror=format-truncation=]
   snprintf(buffer, l, "%jdb", (intmax_t)s);
                           ^

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2018-06-20 22:22:07 +02:00
Andreas Schneider
95dcdd3d4f testparm: Remove warning from the last century
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2018-06-19 08:59:11 +02:00
Stefan Metzmacher
934b375639 smbd: remove unused tevent_context argument from notify_init
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-06-18 08:59:18 +02:00
Andreas Schneider
a9084dce29 s3:utils: Remove double error check
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu May 24 18:07:03 CEST 2018 on sn-devel-144
2018-05-24 18:07:03 +02:00
Günther Deschner
9b6dc8f504 s3-utils: fix format-truncation in smbpasswd
../source3/utils/smbpasswd.c: In function ‘process_root’:
../source3/utils/smbpasswd.c:414:37: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
   slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
                                     ^
In file included from ../source3/include/includes.h:23,
                 from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
 #define slprintf snprintf
../source3/utils/smbpasswd.c:414:3: note: in expansion of macro ‘slprintf’
   slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
   ^~~~~~~~
../source3/utils/smbpasswd.c:397:35: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
   slprintf(buf, sizeof(buf)-1, "%s$", user_name);
                                   ^
In file included from ../source3/include/includes.h:23,
                 from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
 #define slprintf snprintf
../source3/utils/smbpasswd.c:397:3: note: in expansion of macro ‘slprintf’
   slprintf(buf, sizeof(buf)-1, "%s$", user_name);
   ^~~~~~~~
cc1: some warnings being treated as errors

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437

Pair-Programmed-With: Andreas Schneider <asn@samba.org>

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
2018-05-17 17:30:09 +02:00
Andreas Schneider
cdd98aa1e2 s3:utils: Do not segfault on error in DoDNSUpdate()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13440

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu May 17 17:28:28 CEST 2018 on sn-devel-144
2018-05-17 17:28:28 +02:00
Mathieu Parent
44ae08858e Fix spelling s/retrive/retrieve/
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2018-05-12 02:09:27 +02:00
Mathieu Parent
f5b908d818 Fix spelling s/formated/formatted/
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2018-05-12 02:09:26 +02:00
Simo Sorce
4b793d9764 Fix Jean François name to be UTF-8
Signed-off-by: Simo Sorce <idra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed May  9 10:38:57 CEST 2018 on sn-devel-144
2018-05-09 10:38:57 +02:00
Volker Lendecke
6120f56801 ntlm_auth: PAM_AUTH_CRAP needs a privileged socket
This only works right now because wb_common always tries privileged

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-04-24 14:32:10 +02:00
Volker Lendecke
1643c334db libsmb: Give dsgetdcname.c its own header
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-04-11 01:06:39 +02:00
Volker Lendecke
39bdd175e9 libsmb: Give namequery.c its own header
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-04-11 01:06:39 +02:00
Volker Lendecke
c3341ed29a net: Avoid tallocs
Not really performance critical, but I think it's worth establishing sample
code to use more stack variables than going out to talloc.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-04-04 00:44:23 +02:00
Volker Lendecke
54db80e6e7 net: Fix CID 1414752 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-04-04 00:44:23 +02:00
Volker Lendecke
54fc90025b utils: Fix CID 1035541 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-04-04 00:44:23 +02:00
Volker Lendecke
67c31842b0 net: Fix CID 1128559 Dereference null return value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-29 00:21:57 +02:00
Volker Lendecke
cfe8fa2c75 smbstatus: Fix CID 1128560 Dereference null return value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-29 00:21:56 +02:00
Andreas Schneider
dfb69482c4 s3:utils: Fix size type in log2pcaphex
This fixes compilation with -Wstrict-overflow=2

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-20 23:16:16 +01:00
Volker Lendecke
0af88b98e7 winbind: Add smbcontrol disconnect-dc
Make a winbind child drop all DC connections

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-15 15:46:09 +01:00
Volker Lendecke
bffae41842 utils: Add destroy_netlogon_creds_cli
This is a pure testing utility that will garble the netlogon_creds_cli
session_key. This creates a similar effect to our schannel credentials
as does a domain controller reboot.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-03-15 15:46:09 +01:00
Noel Power
0af66455ef s3:libads: 'net ads keytab create' shouldn't write SPN(s)
Modify default behaviour of 'net ads keytab create'

The change modifies the behaviour of 'net ads keytab create' such
that only the keytab file is modified. The current behaviour doesn't
make sense, existing SPN(s) pulled from the computer AD object have
the format 'serviceclass/host:port/servicename'.
'ads_keytab_create_default' calls ads_keytab_add_entry passing
'serviceclass' for each SPN retrieved from the AD. For each
serviceclass passed in a new pair of SPN(s) is generated as follows
    i) long form 'param/full_qualified_dns'
   ii) short form 'param/netbios_name'

This doesn't make sense as we are creating a new SPN(s) from an existing
one probably replacing the existing host with the 'client' machine.

If the keytab file exists then additionally each kerberos principal in the
keytab file is parsed to strip out the primary, then 'ads_keytab_add_entry'
is called which then tries by default to generate a SPN from any primary
that doesn't end in '$'. By default those SPNs are then added to the AD
computer account for the client running the command.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-03-02 14:07:15 +01:00
Noel Power
5adb29f242 s3:utils: Modify default behaviour of 'net ads keytab add'
This change modifies the behaviour of 'net ads keytab add' such
that only the keytab file is modified.

A new command 'net ads keytab add_update_ads' has been added that
preserves the legacy behaviour which can update the AD computer
object with Winows SPN(s) as appropriate. Alternatively the new
command 'net ads setspn add' can be used to manually add the
windows SPN(s) that previously would have been added.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-03-02 14:07:15 +01:00
Noel Power
4e518ecdda s3:libads: add param to prevent writing spn(s) to ads
'net ads keytab add' currently in addition to adding to the
keytab file this command also can update AD computer objects
via ldap. This behaviour isn't very intuitive or expected given
the command name. By default we shouldn't write to the ADS.

Prepare to change the default behaviour by modifying the function
'ads_keytab_add_entry' to take a paramater to modify the existing
behaviour to optionally update the AD (or not).

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-03-02 14:07:15 +01:00
Noel Power
5fa82263ad s3:utils: add new 'net ads setspn delete' subcommand
This patch adds 'delete' to the 'net ads setspn' subcommand

(see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc731241(v=ws.11)

Usage:

    net ads setspn delete <computer> <SPN>

Note: <computer> is optional, if not specified the computer account
associated with value returned by lp_netbios_name() is used instead.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-03-02 14:07:14 +01:00
Noel Power
8a6c3c5ae2 s3:utils: add new 'net ads setspn add' subcommand
This patch adds 'add' to the 'net ads setspn' subcommand

(see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc731241(v=ws.11)

Usage:

     net ads setspn add <computer> <SPN>

Note: <computer> is optional, if not specified the computer account
associated with value returned by lp_netbios_name() is used instead.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-03-02 14:07:14 +01:00
Noel Power
65ef044b8d s3:utils: add new 'net ads setspn list' subcommand
This patch adds basic functionality not unlike the setspn.exe
command that is provided by windows for adminsistering SPN on
the AD. (see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc731241(v=ws.11)

Only the basic list operation (that corresponds to the -l
    switch for setspn.exe is implemented)

Usage:

     net ads setspn list <computer>

Note: <computer> is optional, if not specified the computer account
associated with value returned by lp_netbios_name() is used instead.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2018-03-02 14:07:14 +01:00
Andreas Schneider
5ba0b72fa3 s3:utils: Add FALL_THROUGH statements in ntlm_auth.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:43 +01:00
Andreas Schneider
45153120cb s3:utils: Add FALL_THROUGH statements in net_registry_check.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:43 +01:00
Andreas Schneider
7b946e3480 s3:utils: Add FALL_THROUGH statements in net_rpc_conf.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:42 +01:00
Andreas Schneider
36315769b8 s3:utils: Add FALL_THROUGH statements in net_conf.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:42 +01:00
Andreas Schneider
273ef59761 s3:utils: Add FALL_THROUGH statements in regedit.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:42 +01:00
Volker Lendecke
5f4b71d21d winbindd: Remove "DUMP_EVENT_LIST" message
This was no longer implemented, remove it completely

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-02-26 22:30:14 +01:00
Douglas Bagnall
a4c853a7de util/rfc1738_unescape(): return end pointer or NULL on error
At present we don't detect errors, but when we do we'll return NULL.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-02-22 01:04:18 +01:00
Volker Lendecke
f8313d715b winbind: Don't send "server_id" explicitly for DUMP_DOMAIN_LIST
messaging already provides the sender id

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 16 00:56:36 CET 2018 on sn-devel-144
2018-02-16 00:56:36 +01:00
Volker Lendecke
0e3c2c8bc6 winbind: Don't explicitly send "server_id" for ONLINESTATUS
Messaging already provides the sender id

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-15 20:32:24 +01:00
Volker Lendecke
46148e657f net: Slightly simplify net_lookup_dsgetdcname()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-02-13 16:42:22 +01:00
Volker Lendecke
77c1df57a8 net: Add some {}
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-02-13 16:42:22 +01:00
Volker Lendecke
f519162657 smbd: Pass "file_id" through share_entry_forall
It's also in the share_entry, but that is redundant and will go

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
be3c8d08ec lib: Make g_lock_locks use TDB_DATA
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Feb  8 14:50:49 CET 2018 on sn-devel-144
2018-02-08 14:50:49 +01:00
Volker Lendecke
67fcc7dbb9 lib: Make g_lock_dump use TDB_DATA
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-02-08 10:01:50 +01:00
Volker Lendecke
a6c749e76c lib: Make g_lock_do use TDB_DATA
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-02-08 10:01:50 +01:00
Gary Lockyer
562ac9a955 source3/utils/smbfilter.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept.  This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-12-18 04:38:20 +01:00
Volker Lendecke
6423ca4bf2 lib: Use messaging_send_all instead of message_send_all
Just a global search&replace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-12-05 00:56:13 +01:00
Volker Lendecke
2dfabd85d9 net: Remove "net serverid list"
Traversing a clustered tdb is a pretty expensive operation. If someone
really needs this command-line interface, we can re-add it for the local
node using messaging_dgm_forall. If someone needs that globally, there's
the "onnode all" script that could be used. Alternatively, we could
implement an enhanced ping broadcast message also returning a processes
unique id.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-12-05 00:56:12 +01:00
Volker Lendecke
c9022d594b net: Remove "net serverid wipe"
This used to be a hygiene command for clustered node startup. In
clustered mode, CLEAR_IF_FIRST does not work, records can stay alive
by means of recovery. serverid.tdb will soon die, so remove this
command.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-12-05 00:56:12 +01:00
Volker Lendecke
e8ac34d3f7 smbcontrol: Use messaging_dgm_forall
Doing stacktraces can be done locally only anyway

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-12-05 00:56:12 +01:00
Volker Lendecke
fc2f0023a0 messaging: Remove the "n_sent" arg from message_send_all
The only user of this is an informative message in smbcontrol. I don't think
that's worth the effort.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-12-05 00:56:12 +01:00
Volker Lendecke
19afcd0e81 net: Parse namemap_cache in "net cache list"
namemap_cache.c saves these as strv lists: An array of 0-terminated strings.
"net cache list" only printfs the values, so they would be cut off.

We might want to do this with other gencache values too in the future.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-11-29 16:59:16 +01:00
Ralph Boehme
81e9ae1368 smbstatus: correctly denote not fully authenticated sessions
Currently for sessions where authentication is still in progress we
print uid and gid as -1.

With this change we nicely list them like this:

PID  Username   Group    Machine                          Protocol Version ....
6604 (auth in progress)  127.0.0.1 (ipv4:127.0.0.1:47930) SMB3_11 ....

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-27 22:08:17 +01:00
Ralph Boehme
eb6dd7dc29 s3/smbstatus: add a NULL check
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-27 22:08:17 +01:00
Jeremy Allison
757a120fc4 s3: utils: net. Fix return paths that don't free talloc stackframe.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13151

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2017-11-21 05:03:16 +01:00
Garming Sam
78fd02cf31 gpo: fix the building of gpext to only once
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-11-20 21:41:14 +01:00
Volker Lendecke
ffbf393fba ntlm_auth: Use libwbclient in get_winbind_netbios_name()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-18 00:09:16 +01:00
Volker Lendecke
403003b528 ntlm_auth: Use libwbclient in get_require_membership_sid()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-18 00:09:16 +01:00
Volker Lendecke
25e85a4507 ntlm_auth: Use libwbclient in get_winbind_domain()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-18 00:09:16 +01:00
Volker Lendecke
5781cefc42 ntlm_auth: Use libwbclient in winbind_separator()
Avoid direct winbindd_request_response()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-11-18 00:09:16 +01:00
Ralph Boehme
a826394a2f smbcacls: no need to fetch the sd when changing ownership
Reading the SD may be denied but changing ownership could be allowed. As
we don't really need the server SD for the change ownership request,
don't fetch it.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct  7 00:04:54 CEST 2017 on sn-devel-144
2017-10-07 00:04:54 +02:00
Ralph Boehme
064e17c0d6 net: groupmap cleanup should not delete BUILTIN mappings
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13065

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Oct  2 15:17:00 CEST 2017 on sn-devel-144
2017-10-02 15:17:00 +02:00
Richard Sharpe
835f5068e3 s3: Fix a small spelling mistake in smbcacls.
Signed-off-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Sep 22 05:44:09 CEST 2017 on sn-devel-144
2017-09-22 05:44:08 +02:00
Volker Lendecke
a2fc00b1f5 net: Don't depend on libnet_samsync anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-09-20 22:48:15 +02:00
Volker Lendecke
66c608a6ba net: Remove NT4-based vampire keytab
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-09-20 22:48:15 +02:00
Volker Lendecke
df7e7c65ed net: Remove NT4-based rpc vampire ldif
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-09-20 22:48:15 +02:00
Volker Lendecke
adecdad282 net: Remove rpc vampire from NT4 domains
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-09-20 22:48:15 +02:00
Volker Lendecke
4e9877d304 net: Remove rpc samdump
This uses the NT4 replication commands. Samba does not have a server
for this, no tests, and whoever needs to migrate a native domain can
use an old Samba version

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-09-20 22:48:15 +02:00
Andreas Schneider
4a4bfcb539 s3:utils: Remove pointless if-clause for remote_machine
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975

Review with: git show -U20

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2017-08-23 13:16:20 +02:00
Andreas Schneider
dc129a968a s3:utils: Make sure we authenticate against our SAM name in smbpasswd
If a local user wants to change his password using smbpasswd and the
machine is a domain member, we need to make sure we authenticate against
our SAM and not ask winbind.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2017-08-23 13:16:20 +02:00
Andreas Schneider
b483340639 s3:utils: Pass domain to password_change() in smbpasswd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2017-08-23 13:16:20 +02:00
Andreas Schneider
41a31a71ab s3:utils: Make strings const passed to password_change() in smbpasswd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2017-08-23 13:16:20 +02:00
Andreas Schneider
c773844e75 s3:libsmb: Move prototye of remote_password_change()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2017-08-23 13:16:20 +02:00
Andreas Schneider
7a554ee7dc s3:libsmb: Pass domain to remote_password_change()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12975

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2017-08-23 13:16:20 +02:00
Andreas Schneider
95e30b081f s3:utils: Do not report an invalid range for AD DC role
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12629

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug 23 03:23:55 CEST 2017 on sn-devel-144
2017-08-23 03:23:55 +02:00
Andreas Schneider
08cee6cfd2 s3:utils: Allow to run smbpasswd as user
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12974

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Aug 18 14:01:27 CEST 2017 on sn-devel-144
2017-08-18 14:01:27 +02:00
Andreas Schneider
b86f44cbd0 s3:utils: Fix buffer size for snprintf and format string
GCC 7.1 produces an error:
‘snprintf’ output between 47 and 66 bytes into a destination of size 40

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12930

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug  9 13:37:47 CEST 2017 on sn-devel-144
2017-08-09 13:37:47 +02:00
Volker Lendecke
0c70bcdaf3 smbpasswd: Initialize messaging for messaging_ctdb_conn
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-07-25 17:43:18 +02:00
Noel Power
c57dcafb15 s3/utils: smbcacls failed to detect DIRECTORIES using SMB2 (windows only)
uint16_t get_fileinfo(...) returns file attributes, this function
called

     cli_qfileinfo_basic(cli, fnum, &mode, NULL, NULL, NULL,
                     NULL, NULL, NULL);

which was failing with NT_STATUS_ACCESS_DENIED errors when fnum above
was obtained via (when using protocol > SMB). Note: This only seems to be
an issue when run against a windows server, with smbd SMB1 & SMB2 work fine.

    status = cli_ntcreate(cli, filename, 0, CREATE_ACCESS_READ,
                  0, FILE_SHARE_READ|FILE_SHARE_WRITE,
                  FILE_OPEN, 0x0, 0x0, &fnum, NULL);

The failing cli_qfileinfo_basic call above is unnecessary as we can already
obtain the required information from the cli_ntcreate call

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2017-07-20 18:49:27 +02:00
Ralph Boehme
ee93e652ba net: fix net cache samlogon list output
Don't print the table header for every entry.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12875

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2017-07-04 13:11:16 +02:00
Ralph Boehme
a760324dbd net: add net cache samlogon list|show|ndrdump|delete
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jul  4 00:12:46 CEST 2017 on sn-devel-144
2017-07-04 00:12:46 +02:00
Stefan Metzmacher
4ae6a3ffb2 net: make use of secrets_*_password_change() for "net changesecretpw"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-06-27 16:57:46 +02:00
Stefan Metzmacher
c7c17d9f50 net: add "net primarytrust dumpinfo" command that dumps the details of the workstation trust
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-06-27 16:57:46 +02:00
Stefan Metzmacher
1421abfc73 s3:trusts_util: pass dcname to trust_pw_change()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-06-27 16:57:45 +02:00
Stefan Metzmacher
cd1e888773 s3:secrets: rename secrets_delete() to secrets_delete_entry()
secrets_delete_entry() fails if the key doesn't exist.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-06-27 16:57:45 +02:00
Volker Lendecke
5757d9bf75 net: Dump data for net_g_lock dump
4d404f2 added user-data for a g_lock. Print it in net g_lock dump.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-06-24 01:21:10 +02:00
Jeremy Allison
bd31d538a2 s3: libsmb: Correctly save and restore connection tcon in smbclient, smbcacls and smbtorture3.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
2017-06-17 06:39:20 +02:00
Volker Lendecke
90d7784d45 g_lock: Make g_lock_dump return a complete list of locks
To be honest, it did not really make sense to just pass in
lock holders individually. You could argue that it made sense
with in reality only G_LOCK_WRITE around, but soon we will have
G_LOCK_READ and thus multiple lock holders on a single lock.

Now that we also have userdata, change the g_lock_dump API

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-06-15 13:19:14 +02:00
Noel Power
df3844f4df s3/utils: Add warning to testparm for "client ipc signing" param values
We should warn about security sensitive settings where we can,
client ipc signing has 2 values that can allow connections to proceed
without SMB signing. This may be unavoidable (e.g. connecting to legacy
systems) but nevertheless it is worthwhile to warn.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun  6 22:40:12 CEST 2017 on sn-devel-144
2017-06-06 22:40:12 +02:00
Jeremy Allison
47dc643b0d s3: client tools: Call popt_free_cmdline_auth_info() on all normal exits.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 09:56:09 +02:00
Jeremy Allison
bec0cd2ee2 s3: client tools. Remove direct access to struct user_auth_info *cmdline_auth_info.
Only access through utility functions. Remove all the local pointer aliases
that were just being set to cmdline_auth_info in the client tools.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 09:56:09 +02:00
Christof Schmitt
25b5bb3056 net: Add net tdb command to print information from tdb records
The main purpose is to debug "hot" records from ctdb. ctdb tracks
contended records and identifies them by key in the dbstatistics:

DB Statistics: locking.tdb
[...]
 Num Hot Keys:     1
     Count:3 Key:6a4128e3ced4681b02a00000000000000000000000000000

This command allows querying additional information for the associated
key to identify the affected file. For now this only adds a subcommand
for the locking.tdb, but could be extended to others:

net tdb locking 6a4128e3ced4681b02a00000000000000000000000000000
Share path:            /test/share
Name:                  testfile
Number of share modes: 2

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2017-05-08 21:08:23 +02:00
Christian Ambach
770edb6aab s3:smbcacls add prompt for password
if no password was given, ask for one

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12765
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Thu May  4 20:36:50 CEST 2017 on sn-devel-144
2017-05-04 20:36:50 +02:00
Stefan Metzmacher
e999b798c6 s3:ntlm_auth: fix memory leak in manage_gensec_request()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12736

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-04-07 16:49:15 +02:00
Andrew Bartlett
a0ab86dedc auth: Add logging of service authorization
In ntlm_auth.c and authdata.c, the session info will be incomplete

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:27 +02:00
Andrew Bartlett
2235982092 ntlm_auth: Set ntlm_auth as the service_description into gensec
This allows this use case to be clearly found when logged.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:25 +02:00
Stefan Metzmacher
541d687347 auth: let auth4_context->check_ntlm_password() return pauthoritative
BUG: https://bugzilla.samba.org/show_bug.cgi?id=2976

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-03-24 11:57:10 +01:00
Stefan Metzmacher
d568ebbcf9 ntlm_auth3: let contact_winbind_auth_crap() return pauthoritative
BUG: https://bugzilla.samba.org/show_bug.cgi?id=2976

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-03-24 11:57:09 +01:00
Volker Lendecke
2901fe8921 net: Don't crash if lsa_LookupPrivDisplayName returns NULL
lsa_LookupPrivDisplayName on Windows 2012R2 can return success and still return
a NULL name:

rpc_api_pipe: got frag len of 36 at offset 0: NT_STATUS_OK
rpc_api_pipe: host 172.18.103.80 returned 12 bytes.
     lsa_LookupPrivDisplayName: struct lsa_LookupPrivDisplayName
        out: struct lsa_LookupPrivDisplayName
            disp_name                : *
                disp_name                : NULL
            returned_language_id     : *
                returned_language_id     : 0x0000 (0)
            result                   : NT_STATUS_OK

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 23 07:43:57 CET 2017 on sn-devel-144
2017-03-23 07:43:57 +01:00
Uri Simchoni
5ef7bd3b5b testparm: remove check for "ea support" in fruit shares
Now that ea support is not required for vfs_fruit, drop the
check that it's enabled in shares using vfs_fruit.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-03-02 22:30:23 +01:00
Chris Lamb
809aa6f993 Correct "descriptior" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-02-22 08:26:22 +01:00
Chris Lamb
093003e061 Correct "perfom" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-02-22 08:26:22 +01:00
Chris Lamb
fa6eb442fb Correct "coult" typo.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-02-22 08:26:22 +01:00
Stefan Metzmacher
13fd543929 s3:net_rpc_trust: make use of trust_pw_new_value()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-02-21 16:09:22 +01:00
Ralph Boehme
32116e015b s3/util: mvxattr, a tool to rename extended attributes
Usage: mvxattr -s STRING -d STRING PATH [PATH ...]
  -s, --from=STRING         xattr source name
  -d, --to=STRING           xattr destination name
  -l, --follow-symlinks     follow symlinks, the default is to ignore them
  -p, --print               print files where the xattr got renamed
  -v, --verbose             print files as they are checked
  -f, --force               force overwriting of destination xattr

Help options:
  -?, --help            Show this help message
  --usage               Display brief usage message

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 10 22:24:59 CET 2017 on sn-devel-144
2017-02-10 22:24:59 +01:00
Volker Lendecke
9af73f62ce lib: Add lib/util/server_id.h
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-01-22 18:30:11 +01:00
Ralph Boehme
98d05dcac3 smbcontrol: add ringbuf-log
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jan 20 22:33:14 CET 2017 on sn-devel-144
2017-01-20 22:33:14 +01:00
Volker Lendecke
9c72823a99 ntlm_auth: Use "all_zero" where appropriate
... Saves a few bytes of footprint

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-01-03 16:04:28 +01:00
Stefan Metzmacher
4fb0e65a85 s3:popt_common: let POPT_COMMON_CREDENTIALS imply logfile and conffile loading
All users of POPT_COMMON_CREDENTIALS basically need the same logic,
while some ignore a broken smb.conf and some complain about it.

This will allow the future usage of config options in the
credential post processing.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-12-20 01:11:25 +01:00
Stefan Metzmacher
b38f1aee40 s3:utils: Use cli_cm_force_encryption() instead of cli_force_encryption()
This allows SMB3 encryption instead of returning NT_STATUS_NOT_SUPPORTED.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Dec 19 13:41:15 CET 2016 on sn-devel-144
2016-12-19 13:41:15 +01:00
Andreas Schneider
74c2c4647e s3-testparm: Print an error if we have overlapping idmap config
Except if both backends are 'ad'.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2016-12-12 20:19:10 +01:00
Andreas Schneider
3de634d7a0 s3-testparm: Print error if the default backend is incorrect
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2016-12-12 20:19:10 +01:00
Andreas Schneider
46337ce43c s3-testparm: Fix trailing whitespaces
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-12-12 20:19:10 +01:00
Volker Lendecke
2adcbc94b8 ntlm_auth3: xfile->stdio
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-12-11 11:17:23 +01:00
Jeremy Allison
9fbd544b90 s3: ntlm_auth: Don't corrupt the output stream with debug messages.
Calling programs expect to cleanly read from STDOUT.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12467

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2016-12-11 11:17:23 +01:00
Stefan Metzmacher
5ca59a1772 s3:libsmb: don't pass 'passlen' to cli_tree_connect[_send]() and allow pass=NULL
There're no callers which try to pass a raw lm_response directly anymore.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Dec  9 13:09:37 CET 2016 on sn-devel-144
2016-12-09 13:09:37 +01:00
Andreas Schneider
f858121d8f s3:waf: Make PARAM and SMBREGISTRY a subsystem of smbconf only
This is the only way to resolve cirular dependencies with these
libraries.  I've tried several ways but this is the only way to do it
correctly. In future we should try to seperate them by passing down
information or making a more lightweight loadparm mechanism.

+---------+                       +-------------+
|         |                       |             |
|  param  <---------+    +--------+ smbregistry |
|         |         |    |        |             |
+----+----+         |    |        +------^------+
     |          +---+----v--+            |
     |          |           |            |
     +---------->  smbconf  +------------+
                |           |
                +-----------+

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-12-04 16:35:22 +01:00
Günther Deschner
28fbc5ea2e s3-net: use SMB_SIGNING_DEFAULT in connect_to_service()
For non IPC$ connections we get NT_STATUS_REVISION_MISMATCH otherwise when using
the connection.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Nov 23 16:52:38 CET 2016 on sn-devel-144
2016-11-23 16:52:38 +01:00
Ralph Wuerthner
41cc17c8d1 net conf: fix error message
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2016-11-23 13:00:21 +01:00
Volker Lendecke
4f702e4b44 ntlm_auth: Avoid some statics
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-11-20 17:29:07 +01:00
Volker Lendecke
df9e7c7ae5 lib: Remove global xfile.h includes
This makes it more obvious where this legacy code is used

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Nov 20 06:23:19 CET 2016 on sn-devel-144
2016-11-20 06:23:19 +01:00
Andreas Schneider
233b903f3f s3:net: Use messaging_init_client()
Pair-Programmed-With: Jeremy Allison <jra@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
2016-11-16 00:20:06 +01:00
Stefan Metzmacher
d6d8893d56 s3:popt_common: simplify popt_common_credentials handling
This offers a global 'struct user_auth_info *cmdline_auth_info',
similar to the 'cmdline_credentials' we have in
source4/lib/cmdline/popt_common.c.

And we create that in the POPT_CALLBACK_REASON_PRE stage
and finalize it in the POPT_CALLBACK_REASON_POST stage.

That means much less boring work for the callers
and more freedom to change the user_auth_info internals
in future.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-11-15 11:00:26 +01:00
Günther Deschner
04c6576279 s3-waf: Create a wscript_build for the utils subdir
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 15:56:10 +02:00
Stefan Metzmacher
3c27a10e1c s3:ntlm_auth: don't use gensec_want_feature(gensec_security, GENSEC_FEATURE_{SIGN,SEAL}) as server
They're always supported and using gensec_want_feature() on them would require
them in future.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:12 +02:00
Andreas Schneider
c7bcbd166d s3-utils: Fix loading smb.conf in smbcquotas
Pair-Programmed-With: Uri Simchoni <uri@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-06 02:30:16 +02:00
Uri Simchoni
1dacc09b25 smbcquotas: add -m option
Add the "standard" -m command line option that controls max
client protocol.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
5e9b1f77ad cliquota: factor out building of FILE_QUOTA_INFORMATION
Add a function to build a FILE_QUOTA_INFORMATION buffer
out of a quota list, and a function that adds a record
to a quota list.

Some parameters of the new functions are unused by
client code, but will be used by server code.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:23 +02:00
Uri Simchoni
610c26d74c smbcquotas: fix error message listing quotas
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12270

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-10-04 02:00:22 +02:00
Günther Deschner
a9b20c647e werror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source3/utils/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:32 +02:00
Günther Deschner
5acda019a3 werror: replace WERR_DCNOTFOUND with WERR_NERR_DCNOTFOUND in source3/utils/net_ads.c
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:29 +02:00
Günther Deschner
a15159f5a5 werror: replace WERR_INVALID_PARAM with WERR_INVALID_PARAMETER in source3/utils/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:23 +02:00
Günther Deschner
a74ccb154d werror: replace WERR_GENERAL_FAILURE with WERR_GEN_FAILURE in source3/utils/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:21 +02:00
Günther Deschner
b00f30c0ac werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/utils/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:19 +02:00
Günther Deschner
9c164efe2a werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/utils/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:19 +02:00
Günther Deschner
f7b172fd42 werror: replace WERR_BADFILE with WERR_FILE_NOT_FOUND in source3/utils/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:17 +02:00
Andreas Schneider
f5401ff314 s3-util: Fix asking for username and password in smbget.
If the user specified the username in the URI with with:

  smb://DOMAIN;user:secret@server/share

the tool should not prompt for the username nor the password.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12175

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 26 04:22:27 CEST 2016 on sn-devel-144
2016-08-26 04:22:27 +02:00
Amitay Isaacs
5855b039dd regedit: Fix format-nonliteral warning
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12168

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-24 01:33:50 +02:00
Stefan Metzmacher
9c994ba86e s3:ntlm_auth: call fault_setup() in order to get usefull backtraces
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-07-22 16:03:25 +02:00
Volker Lendecke
3caa8a1bf1 smbd: Pass "sconn" via notify to notify_callback()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-20 05:21:07 +02:00
Volker Lendecke
d446e406db smbd: There's only one notify_callback
We do not have different callbacks per notify, put the callback function into
the notify context

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-20 05:21:07 +02:00
Volker Lendecke
fb71692128 dbwrap: Remove dbwrap_watchers.tdb based code
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-15 20:43:16 +02:00
Shyamsunder Rathi
a8c737fc93 s3:utils/net: Add new option 'unregister' in 'net ads dns' command.
This new option allows DNS names to be unregistered and removes all
IP entries for a given name in the specified AD server.

Signed-off-by: Shyamsunder Rathi <shyam.rathi@nutanic.com>
Reviewed-by: Richard SHarpe <rsharpe@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Mon Jun 27 20:43:26 CEST 2016 on sn-devel-144
2016-06-27 20:43:26 +02:00
Andreas Schneider
8b91178aa8 smbget: Fix a memory leak
Found by cppcheck.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-06-24 02:01:19 +02:00
Richard Sharpe
9379a86943 s3/net: print returned addresses in dns gethostbyname
Make net ads dns gethostbyname actually print out the returned addresses
so we can use it in self tests.

Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sun Jun 19 10:34:37 CEST 2016 on sn-devel-144
2016-06-19 10:34:37 +02:00
Günther Deschner
632faa8761 s3-libnet: Print error string even on successfuly completion of libnetjoin.
Sometimes useful information should be printed to the users.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11977

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
2016-06-15 16:31:17 +02:00
Richard Sharpe
227b35ac96 s3: net: Return an error when no name servers were returned by the lookup so that we see an error in self test.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat May 28 04:34:20 CEST 2016 on sn-devel-144
2016-05-28 04:34:20 +02:00
Andreas Schneider
1171fe6c7e s3-net: Cleanup the code of printing migration
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed May 18 23:00:35 CEST 2016 on sn-devel-144
2016-05-18 23:00:35 +02:00
Andreas Schneider
858e1eaa64 s3-net: Convert the key_name to UTF8 during migration
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11922

Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
2016-05-18 19:27:18 +02:00
Stefan Metzmacher
825cce1f88 s3:ntlm_auth: make ntlm_auth_generate_session_info() more complete
The generate_session_info() function maybe called more than once
per session.

Some may try to look/dereference session_info->security_token,
so we provide simplified token.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11914

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-05-18 12:13:23 +02:00
Michael Adam
3776a9cd73 s3:smbfilter: fix O3 error unused result of system()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
6bd436fd45 s3:utils:log2pcaphex: fix O3 error uninitialized variable
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
b7cf77143a s3:utils:log2pcaphex: fix O3 error unused result of fgets
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Volker Lendecke
93b982faad lib: Give base64.c its own .h
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-05-04 01:28:23 +02:00
Volker Lendecke
cf5a81013d lib: Make callers of base64_encode_data_blob check for success
Quite a few callers already did check for !=NULL. With the current code this is
pointless due to a SMB_ASSERT in base64_encode_data_blob() itself. Make the
callers consistently check, so that we can remove SMB_ASSERT from base64.c.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-05-04 01:28:23 +02:00
Christof Schmitt
e2642da130 smbcacls: Do not read old ACL for 'set' operation
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-30 01:01:42 +02:00
Richard Sharpe
ac7974a64e Fixes an obvious copy-paste error in source3/utils/net_dns.c
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Apr 22 10:45:30 CEST 2016 on sn-devel-144
2016-04-22 10:45:30 +02:00
Ralph Boehme
e9c0adffda CVE-2016-2115: net: use SMB_SIGNING_IPC_DEFAULT
Use SMB_SIGNING_IPC_DEFAULT for RPC connections.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-04-12 19:25:26 +02:00
Uri Simchoni
9d6d62010b smbcquotas: print "NO LIMIT" only if returned quota value is 0.
If the user being queried has no quota, the server returns 0 as
its quota. This is the observed smbd and Windows behavior, which
is also documented in [MS-FSA] 2.5.1.20.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11815

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-31 20:30:11 +02:00
Stefan Metzmacher
ef1ad0e122 s3:ntlm_auth: pass manage_squid_request() needs a valid struct ntlm_auth_state from within get_password()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Mar 22 19:20:38 CET 2016 on sn-devel-144
2016-03-22 19:20:38 +01:00
Herwin Weststrate
0b500d413c Added MSV1_0_ALLOW_MSVCHAPV2 flag to ntlm_auth
An implementation of https://lists.samba.org/archive/samba/2012-March/166497.html (which has been discussed in 2012, but was never implemented).

It has been tested on a Debian Jessie system with this patch added to the Debian package (which is currently 4.1.17). Even though this is Samba 4, the ntlm_auth installed is the one from Samba 3 (yes, it surprised me too). The backend was a machine with Windows 2012R2.

It was first tested with the local security policy 'Network Security: LAN Manager authentication level' setting changed to 'Send NTLMv2 Response Only' (allow ntlm v1). This way we are able to authenticate with and without the MSV1_0_ALLOW_MSVCHAPV2 flag (as expected).

After the basic step has been verified, the local security policy 'Network Security: LAN Manager authentication level' setting was changed to 'Send NTLMv2 Response Only. Refuse LM & NTLM' (only allow ntlm v2). The behaviour now changed according to the MSV1_0_ALLOW_MSVCHAPV2 flag (again: as expected).

  $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain=
  Logon failure (0xc000006d)
  $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain= --allow-mschapv2
  NT_KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The changes in `wbclient.h` are intended for programs that use libwinbind directly instead of authenticating via `ntlm_auth`. I intend to use that within FreeRADIUS (see https://bugzilla.samba.org/show_bug.cgi?id=11149).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11694
Signed-off-by: Herwin Weststrate <herwin@quarantainenet.nl>
Reviewed-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-11 22:58:18 +01:00
Stefan Metzmacher
279d58c1e6 s3:ntlm_auth: also use gensec for "ntlmssp-client-1" and "gss-spnego-client"
This implicitly fixes bug #10708.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10708

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-10 06:52:28 +01:00
Stefan Metzmacher
69a7ec7942 s3:ntlm_auth: fix --use-cached-creds with ntlmssp-client-1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11776

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-10 06:52:27 +01:00
Aurelien Aptel
085b687768 s3/utils/regedit.c: typo
loop should exit on any case of Q.

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-03-10 00:08:11 +01:00
Ralph Boehme
3e88ccdd73 testparm: vfs_fruit checks
- vfs_fruit requires "ea support = yes"

- OS X clients negotiate AAPL on the first tcon, so mixing shares with
  and without fruit will globally disable AAPL if the first tcon is
  without fruit

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-10 00:08:11 +01:00
Christian Ambach
fcb56e0e11 s3:utils/smbget fix option parsing
* use proper values for val in poptOption
* popt does not support bool, so set them via the switch statement
* abort when option parsing reported errors

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-02-26 11:31:33 +01:00
Christian Ambach
dfc35044d8 s3:utils/smbget remove -P option
as agreed on samba-technical list.
It does not really provide a useful function but can cause confusion

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-02-26 11:31:32 +01:00
Christian Ambach
113f8dd3d9 s3:utils/smbget improve check of write() result
check that all bytes in the buffer have been written

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-02-26 11:31:32 +01:00
Christian Ambach
01ba35dca2 s3:utils/smbget abort recursive download on error
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-02-26 11:31:32 +01:00
Christian Ambach
c91dde9cae s3:utils/smbget another int -> bool conversion
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-02-26 11:31:32 +01:00
Christian Ambach
da2aae933e s3:utils/smbget set default blocksize
this got lost in the recent refactorings and causes problems
when smbget attempts to use a zero byte read buffer

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Feb  5 12:10:16 CET 2016 on sn-devel-144
2016-02-05 12:10:16 +01:00
Christian Ambach
64121471f9 s3:utils/smbget add a error message on allocation error
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2016-02-05 09:00:20 +01:00
Christian Ambach
cac1086ae1 s3-utils/smbget: Fix user-/name password reading from rcfile
As the password option is gone, code needs to be able to read password
from user parameter when user%password syntax is used.

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-01-28 09:58:26 +01:00
Christian Ambach
bf1c1ad068 s3-utils/smbget: Fix reading the rcfile
shortName in POPT_AUTOHELP is null, so the loop always stopped at this
item.

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-01-28 09:58:26 +01:00
Andreas Schneider
e1548c5bf7 s3-utils/smbget: Fix option parsing and apply samba defaults
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-01-28 09:58:26 +01:00
Christian Ambach
b7da062cba s3:utils/smbget make use of bool for flags
convert flags stored as int to bool

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 25 13:33:12 CET 2016 on sn-devel-144
2016-01-25 13:33:12 +01:00
Christian Ambach
76f16796cc s3:utils/smbget use C99 format identifiers
for ssize_t and off_t variables

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-01-25 10:24:24 +01:00
Christian Ambach
4d033bac76 s3:utils/smbget code format
adopt the code to latest README.Coding standards
e.g. curly braces everywhere, blanks before braces,
obey 80 character limit (except for the popt definitions)

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-01-25 10:24:23 +01:00
Christian Ambach
ec802d27ce s3:utils/smbget fix recursive download
get_auth_data is called multiple times (once for the directory listing and then
for every file to be downloaded). Save the obtained values across multiple calls
to make smbclient use the correct username for each download.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=6482
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-01-25 10:24:23 +01:00
Ralph Boehme
b74bef8f7d smbstatus: add support for SMB1 signing and CIFS UNIX extensions encryption
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jan 22 11:06:05 CET 2016 on sn-devel-144
2016-01-22 11:06:05 +01:00
Ralph Boehme
1e60a3f009 smbstatus: show signing state of sessions and tcons
Show the signing state of sesssions tcons in smbstatus. This is SMB2/3
only. SMB1 support will be added in a later commit.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 07:52:21 +01:00
Ralph Boehme
780743d1b2 smbstatus: show encrpytion state of tree connects
Show the encrpytion state of tcons in smbstatus. This is SMB3 only. CIFS
UNIX extensions encryption will be added in a later commit.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 07:52:21 +01:00
Ralph Boehme
83a557dfad smbstatus: align tree connect header and output
Align output and use timestring() instead of time_to_asc(). The latter calls
asctime() which forces a \n into the time string.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 07:52:21 +01:00
Ralph Boehme
e0fc93112f smbstatus: show encrpytion state of sessions
Show the encrpytion state of sessions in smbstatus. This is SMB3
only. CIFS UNIX extensions encryption will be added in a later commit.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 07:52:21 +01:00
Ralph Boehme
5d750787eb smbstatus: align session list header and ouput
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 07:52:20 +01:00
Ralph Boehme
603f1de9cf smbstatus: pass talloc context to traverse_connections
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 07:52:20 +01:00
Ralph Boehme
c2443d608a smbstatus: pass talloc context to traverse_sessionid
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 07:52:20 +01:00
Ralph Boehme
f59ef038ed smbstatus: rework connection dialect printing
In a later change I want to print the signing cipher which depends upon
the connection dialect. So let's store the connection dialect in the
sessionid struct and move the code that maps dialect integers to strings
to smbstatus.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 07:52:20 +01:00
Ralph Boehme
63a13f40cf smbstatus: remove obsolete verbose message
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-22 07:52:20 +01:00
Uri Simchoni
6cff009547 smbcacls: fix uninitialized variable
An uninitialized variable causes "numeric" mode to be
used without the -n option.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11682

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jan 20 12:12:12 CET 2016 on sn-devel-144
2016-01-20 12:12:12 +01:00
Volker Lendecke
fe3c270ea6 smbcontrol: Use procid_is_local
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2016-01-07 16:01:09 +01:00