IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
We should avoid converting time_t to 32 bit wherever possible
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
We'll call filename_convert_dirfsp() from a lot more places soon.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
... down to netlogon_pings(). Passing 0 right now, this will change
for some callers
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
All existing callers use share_entry_forall_read, so no change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15608
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Gives callers the option to modify data if needed. All existing
callers use g_lock_locks_read(), so no change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15608
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Direct leak of 120 byte(s) in 1 object(s) allocated from:
#0 0x7f2f7f0fc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7f2f7ee24c57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
#2 0x7f2f7ee26acf in __talloc ../../lib/talloc/talloc.c:825
#3 0x7f2f7ee26acf in _talloc_named_const ../../lib/talloc/talloc.c:982
#4 0x7f2f7ee26acf in _talloc_array ../../lib/talloc/talloc.c:2784
#5 0x7f2f7e3f6a99 in data_blob_talloc_named ../../lib/util/data_blob.c:58
#6 0x7f2f7e3f6b1b in data_blob_named ../../lib/util/data_blob.c:40
#7 0x5570b9e36100 in test_lm_ntlm_broken ../../source3/utils/ntlm_auth_diagnostics.c:56
#8 0x5570b9e36b5d in test_ntlm ../../source3/utils/ntlm_auth_diagnostics.c:180
#9 0x5570b9e387f3 in diagnose_ntlm_auth ../../source3/utils/ntlm_auth_diagnostics.c:707
#10 0x5570b9e34efd in main ../../source3/utils/ntlm_auth.c:2855
#11 0x7f2f7ba2a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Reviewed-by: Martin Schwenke <martin@meltin.net>
Direct leak of 192 byte(s) in 1 object(s) allocated from:
#0 0x7fc5afefc777 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7fc5afaefc57 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
#2 0x7fc5afaf18cf in __talloc ../../lib/talloc/talloc.c:825
#3 0x7fc5afaf18cf in _talloc_named_const ../../lib/talloc/talloc.c:982
#4 0x7fc5afaf18cf in _talloc_zero ../../lib/talloc/talloc.c:2421
#5 0x7fc5aeac4809 in loadparm_init_s3 ../../lib/param/loadparm.c:3223
#6 0x560ee34b3949 in main ../../source3/utils/ntlm_auth.c:2806
#7 0x7fc5ac62a2ad in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Obvious omission
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sun Oct 6 02:25:09 UTC 2024 on atb-devel-224
ADD_TO_ARRAY with an explicit NULL mem_ctx is only used in 3
places. I've checked the other places, and I think I made sure that the
mem_ctx being passed in is non-NULL everywhere else.
This makes the "legacy" use with SMB_REALLOC more obvious.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This is ugly, but it's less ugly than doing it deep
inside of cli_spoolss.c and other code.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
On a cluster we need to use the ctdb controlled database and not
a local secrets.tdb...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15714
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Sep 20 05:54:43 UTC 2024 on atb-devel-224
This will allow doing tests and make sure using anonymous credentials
doesn't cause false positive results...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15714
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
FreeIPA uses own procedure to retrieve keytabs and during the setup of
Samba on FreeIPA client the keytab is already present, only machine
account needs to be set in the secrets database.
'sync machine password to keytab' option handling broke this use case by
always attempting to contact a domain controller and failing to do so
(Fedora bug https://bugzilla.redhat.com/show_bug.cgi?id=2309199).
The original synchronizing machine account password to keytab feature
did not have a mechanism to disable its logic at all.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Sep 13 13:16:09 UTC 2024 on atb-devel-224
I could not find any caller which uses rap_error outside of the
routine implementing the rap client call itself.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Aug 21 12:49:45 UTC 2024 on atb-devel-224
cli_oem_change_password() returns a bool, net_rap_password must return
0 for success
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
It will be done in secrets_{prepare,finish}_password_change
BUG: https://bugzilla.samba.org/show_bug.cgi?id=6750
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Function trust_pw_change() originally from library trustis_util was updated
to call functionality from ads library. This would introduce circular
dependency between the two libraries. To avoid it, trusts_util is merged
into ads.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=6750
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Run ntlm_auth with options --lm-response/--nt-response/--challenge, and pass
wrong length to these options, got error prompted logs about 'only got xxx
bytes', which are not consistent with length check. This patch revise logs
for length check to make it more consistent.
For example --lm-response requires exact 24 hex, let us input three kinds
of length 23 24 25, prompted logs said 'only got 25 bytes' seems confusing.
script:
for length in 23 24 25; \
do \
ntlm_auth --username=${un} --password=${pw} \
--lm-response="`openssl rand -hex ${length}`"; \
done;
output:
hex decode of 04db772593f5e6023d0ab4bc67a942c9179963477eb49d failed! (only got 23 bytes)
NT_STATUS_OK: The operation completed successfully. (0x0)
hex decode of 1e57749feb46bedcf969af6cbbe10e21d0232e35c27eb07294 failed! (only got 25 bytes)
After patch it shows 'got 25 bytes, expected 24' seems more consistent:
hex decode of e13e70c9cf2ac1e20015657c4bec53435b1b948febb63f failed! (got 23 bytes, expected 24)
NT_STATUS_OK: The operation completed successfully. (0x0)
hex decode of 64647005243092b036856f572faad262e0b69386d095d60f54 failed! (got 25 bytes, expected 24)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15677
Signed-off-by: Jones Syue <jonessyue@qnap.com>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jul 6 00:52:02 UTC 2024 on atb-devel-224
Found by Covscan.
"Error: INTEGER_OVERFLOW (CWE-190):
samba-4.20.0rc2/source3/utils/regedit_list.c:522: tainted_data_return: Called function ""get_window_height(list)"", and a possible return value may be less than zero.
samba-4.20.0rc2/source3/utils/regedit_list.c:522: cast_underflow: An assign of a possibly negative number to an unsigned type, which might trigger an underflow.
samba-4.20.0rc2/source3/utils/regedit_list.c:526: overflow: The expression ""list->cursor_row -= page"" is deemed underflowed because at least one of its arguments has underflowed.
samba-4.20.0rc2/source3/utils/regedit_list.c:529: overflow_sink: ""list->cursor_row"", which might have underflowed, is passed to ""data_get_row_n(list, list->cursor_row)"".
527| list->start_row -= page;
528| }
529|-> tmp = data_get_row_n(list, list->cursor_row);
530| break;
531| case ML_CURSOR_PGDN:"
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 6 21:32:53 UTC 2024 on atb-devel-224
This is not used anywhere in that functions or the functions we are
calling. It was replaced by command line cli credentials stored in
c->creds. This fixes a memory leak.
Direct leak of 12 byte(s) in 1 object(s) allocated from:
#0 0x7f17fdaf5830 in strdup ../../../../libsanitizer/asan/asan_interceptors.cpp:578
#1 0x7f17fc7e7339 in smb_xstrdup ../../lib/util/util.c:752
#2 0x55f079bf0723 in rpc_trustdom_establish ../../source3/utils/net_rpc.c:6591
#3 0x55f079c529af in net_run_function ../../source3/utils/net_util.c:464
#4 0x55f079bdbecf in rpc_trustdom ../../source3/utils/net_rpc.c:7483
#5 0x55f079c529af in net_run_function ../../source3/utils/net_util.c:464
#6 0x55f079bfe7de in net_rpc ../../source3/utils/net_rpc.c:8413
#7 0x55f079c529af in net_run_function ../../source3/utils/net_util.c:464
#8 0x55f079baa0a8 in main ../../source3/utils/net.c:1436
#9 0x7f17f8a2a1ef in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Otherwise we don't get the correct header include paths and krb5.h in
a non default location won't be found.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We should mark sessions/tcons with anonymous encryption or signing
in a special way, as the value of it is void, all based on a
session key with 16 zero bytes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15412
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 23 13:37:09 UTC 2024 on atb-devel-224
