samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00

Author	SHA1	Message	Date
Stefan Metzmacher	c4bec67f06	s3:selftest: pass alice credentials to the smb2.session tests for ad_dc This allows us to test session binds with different users. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-17 00:49:32 +00:00
Stefan Metzmacher	2045008995	s4:torture/smb2: add smb2.session.bind_{invalid_auth,different_user} These demonstrate that a failing bind does not destroy the existing session and binding with a different user results in ACCESS_DENIED. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-17 00:49:32 +00:00
Stefan Metzmacher	457b989881	s4:torture/smb2: add smb2.session.bind_negative_{smb202,smb210,smb2to3,smb3to2,smb3to3} 'smb2.session.bind_negative_smb202' is similar to the MultipleChannel_Negative_SMB2002 test from the Windows Protocol Test Suite. It demonstrates that the server needs to do lookup in the global session table in order to get the signing and error code of invalid session setups correct. In order to work out the details I've added more similar tests. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-17 00:49:32 +00:00
Ralph Boehme	16a1aefb72	smbd: call set_current_user_info() in smbd_become_authenticated_pipe_user() The current_user_info is updated at the SMB level, but currently not at the RPC level in the RPC impersonation function smbd_become_authenticated_pipe_user(). For RPC services running embedded this is not an issue as the SMB level impersonation has already taken care of current_user_info, but for RPC services running as external daemons, eg spoolssd, the omission of updating current_user_info results in variable expansion of eg %U (username) to be broken. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14668 MR: https://gitlab.com/samba-team/samba/-/merge_requests/1834 RN: %U variable expansion not working in spoolsd Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Mar 12 00:54:01 UTC 2021 on sn-devel-184	2021-03-12 00:54:01 +00:00
Ralph Boehme	7662a77c4c	selftest: add a test for %U variable expansion in spoolssd This targets the nt4_dc testenv which luckily already runs with spoolssd enabled. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14668 MR: https://gitlab.com/samba-team/samba/-/merge_requests/1834 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-11 23:43:32 +00:00
David Mulder	2d6bed495e	samba-gpupdate: Check sysvol download paths in case-insensitive way https://bugzilla.samba.org/show_bug.cgi?id=14665 Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Björn Baumbach <bb@sernet.de>	2021-03-11 20:29:41 +00:00
David Mulder	554f2134a9	samba-gpupdate: Test that sysvol paths download in case-insensitive way Bug: https://bugzilla.samba.org/show_bug.cgi?id=14665 Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Björn Baumbach <bb@sernet.de>	2021-03-11 20:29:41 +00:00
David Mulder	88c9c291b0	samba-tool: gpo manage sudoers handle missing and dispersed principal names If we don't anticipate a missing principal name, samba-tool crashes. Also, principal names could be in dispersed listelements. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Björn Baumbach <bb@sernet.de>	2021-03-11 20:29:41 +00:00
David Mulder	bba91c462e	samba-tool: Ensure that gpo manage sudoers handles missing/dispersed principal names Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Björn Baumbach <bb@sernet.de>	2021-03-11 20:29:41 +00:00
David Mulder	fed09b307f	samba-tool: Enable pydns without ad dc Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2021-03-10 21:43:34 +00:00
David Mulder	e5e39a836a	python: Test samdb import Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2021-03-10 21:43:34 +00:00
David Mulder	77f96a3079	samba-tool: Add a gpo command for setting VGP Issue Group Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Mar 8 20:57:50 UTC 2021 on sn-devel-184	2021-03-08 20:57:50 +00:00
David Mulder	7593e067fa	samba-tool: Test gpo manage issue set command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	0f5af87fbf	samba-tool: Add a gpo command for listing VGP Issue Group Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	bb47a68ca9	samba-tool: Test gpo manage issue list command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	2461c89c07	gpo: Apply Group Policy Issue setting from VGP Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	9df279dde6	gpo: Test Group Policy VGP Issue Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	5046912ceb	samba-tool: Add a gpo command for setting VGP MOTD Group Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	4715a0ee0d	samba-tool: Test gpo manage motd set command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	0fbc5e5414	samba-tool: Add a gpo command for listing VGP MOTD Group Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	f8d68d9f84	samba-tool: Test gpo manage motd list command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	efc9bce868	gpo: Apply Group Policy MOTD setting from VGP Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	f200c6933b	gpo: Test Group Policy VGP MOTD Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 19:45:30 +00:00
David Mulder	c2ce101bfd	gpo: vgp_sudoers_ext handle missing and dispersed principal names If we don't anticipate a missing principal name, the extension crashes. Also, principal names could be in dispersed listelements. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 17:58:37 +00:00
David Mulder	d771314ee0	gpo: Ensure that vgp_sudoers_ext handles missing/dispersed principal names Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 17:58:37 +00:00
David Mulder	a5928566a0	gpo: Ensure that samba-gpupdate doesn't require ad-dc Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 17:58:37 +00:00
David Mulder	f914b42d27	gpo: Test to ensure that samba-gpupdate doesn't require ad-dc Running samba-gpupdate on a client is causing an error in gp_access_ext, due to it attempting to access sam.ldb before detecting whether we are on an ad-dc. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-08 17:58:37 +00:00
Stefan Metzmacher	f1f5c36581	smbd: make sure that xconn is alive for the lifetime of smbXsrv_connection_shutdown_send/recv BUG: https://bugzilla.samba.org/show_bug.cgi?id=14533 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-06 02:20:05 +00:00
Stefan Metzmacher	2a0626c32a	s4:torture/smb2: add smb2.lease.timeout-disconnect test This reproduces a problem that is triggered when smbd_server_connection_terminate() is called recursively. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14533 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-06 02:20:05 +00:00
Stefan Metzmacher	638c4435a0	smbXsrv_session: set session->db_rec = NULL after session->db_rec = local_rec This actually fixes crashes due to stale pointers. With multi-channel and with 2 (or more) connections, we'll call smbXsrv_session_disconnect_xconn() when a connection gets disconnected, but we'll leave smbXsrv_client and all other connections in place. However smbXsrv_session_disconnect_xconn_callback() left a stale session->db_rec pointer in place, which means a following smbXsrv_session_logoff() will call dbwrap_record_delete(local_rec) on a stale pointer. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14532 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-06 02:20:05 +00:00
Stefan Metzmacher	2cf1628419	s4:torture/smb2: add a smb2.session.two_logoff test This reproduces a bug where two SMB2_LOGOFF messages kill the whole client smbd when multi-channel is used, instead of just removing the logical session. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14532 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-06 02:20:05 +00:00
Stefan Metzmacher	c784f8c9ab	selftest: enable 'server multi channel support = yes' BUG: https://bugzilla.samba.org/show_bug.cgi?id=14534 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-03-06 02:20:05 +00:00
Björn Baumbach	bb00979c08	selftest: fix typos in README files Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2021-03-01 03:50:35 +00:00
David Mulder	85d2406826	samba-tool: Add a gpo command for removing VGP Startup Scripts Group Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Feb 24 22:01:08 UTC 2021 on sn-devel-184	2021-02-24 22:01:08 +00:00
David Mulder	91655e6d71	samba-tool: Test gpo manage script startup remove command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-24 20:51:30 +00:00
David Mulder	e5efe17246	samba-tool: Add a gpo command for adding VGP Startup Scripts Group Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-24 20:51:30 +00:00
David Mulder	f6a0bd8b91	samba-tool: Test gpo manage script startup add command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-24 20:51:30 +00:00
David Mulder	d22196117c	samba-tool: Add a gpo command for listing VGP Startup Scripts Group Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-24 20:51:30 +00:00
David Mulder	329b6c397b	samba-tool: Test gpo manage script startup list command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-24 20:51:30 +00:00
David Mulder	15cec2ac4d	gpo: Apply Group Policy Startup Scripts from VGP Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-24 20:51:30 +00:00
David Mulder	b13b2d8c3e	gpo: Test Group Policy VGP Startup Script Policy Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-24 20:51:30 +00:00
David Mulder	09a8f409e5	samba-tool: Replace gpo command for removing Sudoers Group Policy Replace it with the VGP command for removing sudoers entries from an xml file. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sun Feb 14 00:53:41 UTC 2021 on sn-devel-184	2021-02-14 00:53:41 +00:00
David Mulder	430e065fa9	samba-tool: Test gpo manage vgp sudoers remove command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-13 23:50:36 +00:00
David Mulder	30e0ba2ed8	samba-tool: Replace gpo command for adding Sudoers Group Policy Replace it with the VGP command for adding sudoers entries in an xml file. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-13 23:50:36 +00:00
David Mulder	7f3c2b69be	samba-tool: Test VGP sudoers add command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-13 23:50:36 +00:00
David Mulder	777173923c	samba-tool: Replace gpo command for listing Sudoers Group Policy Replace it with the VGP command for listing sudoers entries in an xml file. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-13 23:50:36 +00:00
David Mulder	ca60a0cb17	samba-tool: Test gpo manage vgp sudoers list command Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-13 23:50:36 +00:00
David Mulder	35cf85d213	gpo: VGP Sudoers policy must handle group principals Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-13 23:50:36 +00:00
David Mulder	7c2f2d31c3	gpo: Test that VGP Sudoers policy handles group principals Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>	2021-02-13 23:50:36 +00:00
David Mulder	8fa5398592	gpo: Security gpext rsop list only own policies The rsop should only list the policies from that extension, not from all policies in the same file. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Feb 11 18:28:09 UTC 2021 on sn-devel-184	2021-02-11 18:28:09 +00:00

1 2 3 4 5 ...

800 Commits