1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

4592 Commits

Author SHA1 Message Date
Mathieu Parent
25ac1f192c Fix spelling s/receving/receiving/
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2018-05-12 02:09:27 +02:00
Mathieu Parent
1af8968690 Fix spelling s/openened/opened/
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2018-05-12 02:09:26 +02:00
Volker Lendecke
212815969f rpc_server: Init local_server_* in make_internal_rpc_pipe_socketpair
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13370
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Apr 11 15:19:19 CEST 2018 on sn-devel-144
2018-04-11 15:19:19 +02:00
Volker Lendecke
1643c334db libsmb: Give dsgetdcname.c its own header
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-04-11 01:06:39 +02:00
Volker Lendecke
39bdd175e9 libsmb: Give namequery.c its own header
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-04-11 01:06:39 +02:00
Gary Lockyer
428c0a81ae source3: initilize_password_db after a fork.
This is required because we need a new pointer for LDB after the fork,
and with LMDB we can not longer rely on tdb_reopen_all() to do that
for us.

This can not be done in reinit_after_fork() due to the dependency loop
this would create.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-04-06 02:08:45 +02:00
Andreas Schneider
22a28ac8ac s3:spoolss: Fix size types
This fixes compilation with -Wstrict-overflow=2.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-04-03 20:20:10 +02:00
Andreas Schneider
e3483f955b s3:rpc_server: Fix size types in spoolss
This fixes compilation with -Wstrict-overflow=2

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-20 23:16:16 +01:00
Andreas Schneider
c2e9fb63c0 s3:rpc_server: Fix size types in srvsvc
This fixes compilation with -Wstrict-overflow=2

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-20 23:16:16 +01:00
Simo Sorce
01319b6e65 Revert "Use "localhost" to be ipv6 only friendly"
This reverts commit 54548f6dde3cf74f0e90ef577a55fd720dca6d93.
2018-03-19 15:34:32 +01:00
Simo Sorce
3e8c50901c Use "localhost" to be ipv6 only friendly
Signed-off-by: Simo Sorce <idra@samba.org>
2018-03-19 15:34:32 +01:00
Stefan Metzmacher
0ee9a55094 s3:rpc_server: make use of make_session_info_anonymous()
For unauthenticated connections we should default to a
session info with an anonymous nt token.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-15 21:54:17 +01:00
Jeremy Allison
c41895be82 CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11343

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Mar 13 16:06:10 CET 2018 on sn-devel-144
2018-03-13 16:06:10 +01:00
Andreas Schneider
d4ccca2d66 s3:spoolss: Remove incorrect fall through comment in srv_spoolss_nt.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:44 +01:00
Andreas Schneider
cafe8ac965 s3:lsa: Add FALL_THROUGH statements in srv_lsa_nt.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:43 +01:00
Andreas Schneider
d17cb7cebf s3:rpc_server: Add FALL_THROUGH statements in rpc_server.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:42 +01:00
Volker Lendecke
9d7701c923 srvsvc: Avoid a dependency on share_mode_entry->id
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
fc424b28cd smbd: Pass "file_id" explicitly into share_mode_entry_to_message()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
c1079e3d2a srvsvc: Use the passed-in file_id
The one in share_mode_entry will go

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
9487510e9e smbd: Pass in "file_id" into share_mode_str()
This used to directly access share_entry->id, which will go

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
786e307fd4 srvsvc: Use the passed-in file id, not the one from share_mode_entry
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
f519162657 smbd: Pass "file_id" through share_entry_forall
It's also in the share_entry, but that is redundant and will go

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
a63aafb05d srcctl3: Improve debug messages
A customer's syslog was filled with

_svcctl_OpenServiceW: Failed to get a valid security descriptor

messages. This improves the messages to give info about which service failed
with which error code. Also, it makes OpenServiceW fail with the same error
message Windows fails with for unknown services.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 16 02:43:03 CET 2018 on sn-devel-144
2018-01-16 02:43:03 +01:00
Volker Lendecke
6aa0cc2570 rpc_server: Improve a debug message
A client sending us a bind with an unknown interface should not spam
syslog by default. Also, show what interface the client tried to connect
to.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-01-15 22:17:08 +01:00
Gary Lockyer
3a504d48c3 source3/rpc_server/rpc_server.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept.  This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-12-18 04:38:20 +01:00
Volker Lendecke
41cfc737df lib: Remove unused serverid.tdb
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec  5 04:58:26 CET 2017 on sn-devel-144
2017-12-05 04:58:26 +01:00
Volker Lendecke
6423ca4bf2 lib: Use messaging_send_all instead of message_send_all
Just a global search&replace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-12-05 00:56:13 +01:00
Volker Lendecke
fc2f0023a0 messaging: Remove the "n_sent" arg from message_send_all
The only user of this is an informative message in smbcontrol. I don't think
that's worth the effort.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-12-05 00:56:12 +01:00
Uri Simchoni
80b4b53fba s3-rpc-server: fix type of enum in lsa server
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-11-22 10:20:21 +01:00
Marc Muehlfeld
36cbb4ad49 Updated error message text and reduced its debug level
Previously, "net rpc share add|remove" commands failed if no
"add|delete share command" parameter was set in smb.conf. However,
the error was only logged at level 10 and not very clear.
This patch updates the error message text and sets the log level of this
error to 1 to make it more obvious what is missing.

Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-10-12 21:14:13 +02:00
Samuel Cabrero
fc03049ca1 s3: spoolss: Fix GUID string format on GetPrinter info
Fix regression introduced by commit a4157e7c5d which removed the braces
around the printer GUID in the printer info level 7 structure.

MS-RPRN section 2.2 says this protocol uses curly-braced GUIDs so printers
are deleted from the directory by the domain controller's pruning service.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12993

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct  6 05:21:25 CEST 2017 on sn-devel-144
2017-10-06 05:21:25 +02:00
Ralph Boehme
7b58c8f544 s3/mdssvc: missing assignment in sl_pack_float
Spotted by -Werror=maybe-uninitialized:

../source3/rpc_server/mdssvc/marshalling.c: In function ‘sl_pack_float’:
../source3/rpc_server/mdssvc/marshalling.c:171:11: error:
‘ieee_fp_union.w’ may be used uninitialized in this function
[-Werror=maybe-uninitialized]
  offset = sl_push_uint64_val(buf, offset, bufsize, ieee_fp_union.w);

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12991

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-08-29 01:00:34 +02:00
Andreas Schneider
f9c0a8e3e0 s3:spoolss: Set timeout values to the one which Windows uses by default
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2017-08-24 09:30:33 +02:00
Gary Lockyer
1898096c7e rpc: use symbolic constant to replace /root/ncalrpc_as_system
Modified to use constant AS_SYSTEM_MAGIC_PATH_TOKEN instead of string literal
"/root/ncalrpc_as_system"

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2017-07-24 23:29:22 +02:00
Andrew Bartlett
fca8536a82 samr: Disable NTLM-based password changes on the server if NTLM is disabled
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-07-04 06:57:21 +02:00
Andrew Bartlett
e23e8d9ff9 s3-rpc_server: Disable the NETLOGON server by default
The NETLOGON server is only needed when the classic/NT4 DC is enabled
and has been the source of security issues in the past.  Therefore
reduce the attack surface.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-07-04 06:57:20 +02:00
Stefan Metzmacher
1f5a297b51 s3:rpc_server: wrap make_auth4_context() into {become,unbecome}_root()
This need to create a temporary messaging context in order to do
the auth logging. This can only be done as root.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12850

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Jul  3 08:15:29 CEST 2017 on sn-devel-144
2017-07-03 08:15:29 +02:00
Jeremy Allison
6acb0d6ca0 s3: VFS: Change SMB_VFS_CHDIR to use const struct smb_filename * instead of const char *.
We need to migrate all pathname based VFS calls to use a struct
to finish modernising the VFS with extra timestamp and flags parameters.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
2017-07-01 03:07:11 +02:00
Stefan Metzmacher
5f6f4ea01a s3:rpc_server/spoolss: allow spoolss_connect_to_client() to use SMB2
It's just required that we can run DCERPC over the connection.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-06-22 13:07:39 +02:00
Andreas Schneider
cbf67123e0 s3:smbd: Pass down remote and local address to get_referred_path()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12687

Pair-Programmed-With: Ralph Boehme <slow@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-05-31 02:24:18 +02:00
Garming Sam
fd29e28d52 netlogon: Implement SendToSam along with its winbind forwarding
This allows you to forward bad password count resets to 0. Currently,
there is a missing access check for the RODC to ensure it only applies
to cached users (msDS-Allowed-Password-Replication-Group).

(further patches still need to address forcing a RWDC contact)

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-05-30 08:06:07 +02:00
Volker Lendecke
02a76d86db CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Wed May 24 14:34:30 CEST 2017 on sn-devel-144
2017-05-24 14:34:30 +02:00
Jeremy Allison
f2f936a961 s3: smbd: We can now remove the 'bool dfs_path' parameter from filename_convert().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2017-05-22 18:41:16 +02:00
Stefan Metzmacher
e217c2e30a s3:rpc_server: move gensec_update() out of auth_generic_server_authtype_start*()
We let the caller use auth_generic_server_step() instead.
This allows us to request GENSEC_FEATURE_SIGN_PKT_HEADER before
starting the gensec_update() dance.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-05-21 21:05:09 +02:00
Günther Deschner
02b4275e6d s3-rpc_server: remove some dead prototypes
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-10 15:53:20 +02:00
Günther Deschner
cb17fcc5f5 s3-spoolss: add winreg_del_driver_package_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue May  9 20:44:17 CEST 2017 on sn-devel-144
2017-05-09 20:44:17 +02:00
Günther Deschner
1e81178e2b s3-spoolss: add winreg_get_driver_package_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 16:43:13 +02:00
Günther Deschner
5a3b99b7ce s3-spoolss: add winreg_add_driver_package_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 16:43:13 +02:00
Günther Deschner
48e65a15ac s3-spoolss: add winreg_add_core_driver_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 16:43:13 +02:00
Günther Deschner
5eeb178fe8 s3-spoolss: add winreg_get_core_driver_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 16:43:13 +02:00