1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

7588 Commits

Author SHA1 Message Date
Ralph Boehme
94462dfabf s4:torture/smb2: fix typo in acls.c
This fixes the failing samba-codecheck CI job and is not part of the functional
security fix.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15439

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-10-11 11:47:44 +00:00
Ralph Boehme
b1fd656941 CVE-2023-4091: smbtorture: test overwrite dispositions on read-only file
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15439

Signed-off-by: Ralph Boehme <slow@samba.org>
2023-10-10 14:49:39 +00:00
Joseph Sutton
bc680b6f4a s4:torture: Fix building with FORTIFY_SOURCE=2
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-01 22:45:38 +00:00
Rob van der Linde
f9d406dca6 netcmd: tests: bugfix: argument -U was already in creds so listed twice
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-29 02:18:34 +00:00
Joseph Sutton
a2700cf685 s4:torture: Initialize ‘tm’ structure
‘tm’ must be initialized prior to calling strptime().

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-27 02:43:28 +00:00
Joseph Sutton
dc73160381 s4:torture: Use SID constants
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-27 02:43:28 +00:00
Samuel Cabrero
8cdb4f2985 netapi: Pass net's cmdline credentials to libnetapi_net_init()
Avoid unnecessary credentials allocation and initialization by passing the
net's cmdline creds to libnetapi_net_init() directly.

Fixes the problem of running cli_credentials_guess() (which runs password
callbacks) twice, one for the net's cmdline creds and a second time for the
creds initialized in libnetapi_net_init(), just to override them immediately
after.

Example:

$ export PASSWD_FD=0
$ ./bin/net offlinejoin composeodj <...>
foo
bar

Password is read from STDIN twice.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Samuel Cabrero
5cad827810 netapi: Pass loadparm_context to libnetapi_net_init()
The net's tool cmdline lp_ctx can be reused, no need to init a new one except
for external library users.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
39a88a83f3 s4:torture: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Douglas Bagnall
31dadff39a s4/torture: initialise ACE structs to zero
Because soon these structs will have more members, which are typically
going to be zero.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-24 02:53:30 +00:00
Joseph Sutton
892c1b0a0c s4:torture: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-21 23:37:29 +00:00
Andreas Schneider
920ffe5dc9 s4:torture: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
0d241305b4 s4:torture:smb2: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
085cfe0c4a s4:torture:rpc: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
ff2f813b68 s4:torture:raw: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
428c155646 s4:torture:nbt: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
c4ed99a223 s4:torture:nbench: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
664f69617d s4:torture:libnetapi: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
faa06e5ed2 s4:torture:ldb: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
1c4e84fd2a s4:torture:ldap: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
3f023d7414 s4:torture:ldap: Remove trailing white spaces
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
56fdc3c588 s4:torture:krb5: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
e2c952cfea s4:torture:dns: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
5850ea6338 s4:torture:basic: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
69b7876965 s4:torture:drs: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:30 +00:00
Andreas Schneider
3dd7625ab9 s4:torture:dfs: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:29 +00:00
Andreas Schneider
5dd07a44a2 s4:torture:auth: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 21:45:29 +00:00
Joseph Sutton
7da7b81d4d s4:torture: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-14 04:57:34 +00:00
Andrew Bartlett
8741495521 s4-torture/drs: Add test showing that if present in the set the NC root leads and tmp_highest_usn moves
The NC root, on any replication when it appears, is the first object to be
replicated, including for all subsequent chunks in the replication.

However the tmp_highest_usn is not updated by that USN, it must
only be updated for the non-NC changes (to match Windows exactly),
or at least only updated with the non-NC changes until it would
naturally appear.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-08-13 21:59:29 +00:00
Andrew Bartlett
b323169d6f s4-torture/drs: Add test demonstrating that a GetNCChanges REPL_OBJ will not reset the replication cookie
This demonstrates the behaviour used by the "Azure AD Connect" cloud sync tool.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-08-13 21:59:29 +00:00
Andrew Bartlett
db16366b0b s4-torture/drs: Add a test matching Azure AD Connect REPL_OBJ behaviour
Azure AD Connect will send a GUID but no DummyDN.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-08-13 21:59:29 +00:00
Andrew Bartlett
40f831e67e s4-torture/drs: Use addCleanup() in getchanges.py for OU handling
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-08-13 21:59:29 +00:00
Andrew Bartlett
628eab11b3 s4-torture/drs: Create temp OU with a unique name per test
It is always better to keep the testing OUs unique if possible.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-08-13 21:59:29 +00:00
Andrew Bartlett
c30bb8769f s4-torture/drs: Save the server dnsname on the DcConnection object
This object is used to hold one of many possible connections and
it is helpful for debugging and uniqueness to know which DC is being
connected to.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-08-13 21:59:29 +00:00
Stefan Metzmacher
4028d65829 s4:torture/smb2: add smb2.multichannel.bugs.bug_15346
This demonstrates the race quite easily against
Samba and works fine against Windows Server 2022.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-08-08 12:57:29 +00:00
Stefan Metzmacher
2b93058be3 s4:torture/smb2: make it possible to pass existing_conn to smb2_connect_ext()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-08-08 12:57:29 +00:00
Stefan Metzmacher
dc5a500f0a s4:torture/smb2: let us have a common torture_smb2_con_share()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-08-08 12:57:29 +00:00
Stefan Metzmacher
ade663ee6c s4:torture/smb2: let torture_smb2_con_sopt() use smb2_connect()
There's no need for smb2_connect_ext().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-08-08 12:57:29 +00:00
Stefan Metzmacher
c37adb7626 s4:torture/ndr: add tests for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED
The PDUs were generated by Windows clients.

And we fail to parse them currently.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2023-08-08 08:02:40 +00:00
Joseph Sutton
43b44827d6 s4:torture: Fix code spelling
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:38 +00:00
Andrew Bartlett
abc3d58e1c dcom: Remove remainder of DCOM test client code
This follows f2416493c0, removing the remaining parts
of our DCOM effort.  This can be resumed at a later time, but for now this is untested
(as we have no server) and just uses build time.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-28 10:48:32 +00:00
Ralph Boehme
a9a2b182df CVE-2023-3347: CI: add a test for server-side mandatory signing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15397

Signed-off-by: Ralph Boehme <slow@samba.org>
2023-07-21 12:05:35 +00:00
Ralph Boehme
d402c0cc6a CVE-2023-34968: mdssvc: introduce an allocating wrapper to sl_pack()
sl_pack_alloc() does the buffer allocation that previously all callers of
sl_pack() did themselves.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-21 12:05:35 +00:00
Ralph Boehme
6d77daa3af CVE-2023-34968: smbtorture: remove response blob allocation in mdssvc.c
This is alreay done by NDR for us.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-07-21 12:05:35 +00:00
Ralph Boehme
3b3c30e2ac CVE-2023-34967: CI: add a test for type checking of dalloc_value_for_key()
Sends a maliciously crafted packet where the value in a key/value style
dictionary for the "scope" key is a simple string object whereas the server
expects an array. As the server doesn't perform type validation on the value, it
crashes when trying to use the "simple" object as a "complex" one.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15341

Signed-off-by: Ralph Boehme <slow@samba.org>
2023-07-21 12:05:35 +00:00
Ralph Boehme
10b6890d26 CVE-2023-34966: CI: test for sl_unpack_loop()
Send a maliciously crafted packet where a nil type has a subcount of 0. This
triggers an endless loop in mdssvc sl_unpack_loop().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15340

Signed-off-by: Ralph Boehme <slow@samba.org>
2023-07-21 12:05:35 +00:00
Stefan Metzmacher
404ce08e90 s4:torture/rpc: let rpc.schannel also check netr_LogonGetCapabilities with different levels
The important change it that we expect DCERPC_NCA_S_FAULT_INVALID_TAG
for unsupported query_levels, we allow it to work with servers
with or without support for query_level=2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15418

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-07-17 06:37:31 +00:00
Volker Lendecke
c7df6cea8a torture4: Fix an error message
The fsctl is called FSCTL_SET_ZERO_DATA

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-07-03 19:40:35 +00:00
Andrew Bartlett
11b3c6826d Remove redundant check and fallback for AES CMAC 128 as we now require GnuTLS 3.6.13
This allows us to remove a lot of conditionally compiled code and so
know with more certainly that our tests are covering our code-paths.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-06-30 14:00:38 +00:00
Andrew Bartlett
eda1022b59 crypto: Rely on GnuTLS 3.6.13 and gnutls_pbkdf2()
This removes a lot of inline #ifdef and means this feature is always tested.

We can do this as we have chosen GnuTLS 3.6.13 as the new minimum version.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2023-06-30 14:00:38 +00:00