sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00
Code
133,725 Commits 60 Branches 1,145 Tags 452 MiB
f6a24e7d29
Commit Graph

133725 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Volker Lendecke
95fd166eff smbd: Remove unused "sbuf" argument from vfs_readdirname() 
The only caller did not use the result.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2023-06-23 17:34:30 +00:00
Volker Lendecke
daf6f2f7a1 smbd: Remove unused "sbuf" argument from ReadDirName() 
Nobody used that anymore, most callers had passed in NULL anyway.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2023-06-23 17:34:30 +00:00
Volker Lendecke
f36bdcc0ca smbd: Remove unused "pst" argument from dptr_ReadDirName() 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2023-06-23 17:34:30 +00:00
Volker Lendecke
ea670b66c4 smbd: Don't use "sbuf" in smbd_dirptr_get_entry() 
openat_pathref_fsp() does not need this anymore.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2023-06-23 17:34:30 +00:00
Volker Lendecke
3f97b6a4f7 smbd: Make sure smb_fname->st is valid in smbd_dirptr_get_entry 
This simplifies the two mode_fn()s we have.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2023-06-23 17:34:30 +00:00
Andreas Schneider
c837ecf442 python:samba: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 23 14:51:14 UTC 2023 on atb-devel-224
 2023-06-23 14:51:14 +00:00
Andreas Schneider
d4798967c0 python:samba:tests: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
ab3792931b python:samba:subunit: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
cac56ae4b8 python:samba:samba3: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
e5476ecfb0 python:samba:provision: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
e046986d04 python:samba:netcmd: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
de2c4879ce python:samba:kcc: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
97fb06a260 python:samba:gp_parse: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
f3b2814d84 python:samba:gp: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
a15b8611ce python:samba:emulate: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
535617a840 pidl: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
35500dc4e3 packaging:systemd: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
51bec2206e nsswitch: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
eba5b05a51 librpc:rpc: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
4ec8ecce07 librpc:ndr: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
ba02d89be1 librpc:idl: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
5d759393e5 libgpo:admx: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Andreas Schneider
232f281bd4 libcli:smbreadline: Fix code spelling 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-23 13:44:31 +00:00
Stefan Metzmacher
91eb3f1d22 testprogs/blackbox: add --recursive tests to test_samba-tool_ntacl.sh 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 22 00:22:47 UTC 2023 on atb-devel-224
 2023-06-22 00:22:47 +00:00
Stefan Metzmacher
11741791cc testprogs/blackbox: move 'ntacl get' out of test_changedomsid() in test_samba-tool_ntacl.sh 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Stefan Metzmacher
619f097b7d testprogs/blackbox: pass $CONFIGURATION to test_samba-tool_ntacl.sh 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Stefan Metzmacher
16b9b508af samba-tool/ntacl: implement set --recursive 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Stefan Metzmacher
27b29cfa76 samba-tool/ntacl: add set --verbose and print out the file/directory name 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Stefan Metzmacher
6327fd9cdb samba-tool/ntacl: don't announce -q,--quiet in --help as it's not used at all 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Stefan Metzmacher
4ca5b78f5b samba-tool/ntacl: let changedomsid ignore symlinks 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Stefan Metzmacher
3694f2ce62 vfs_aio_pthread: don't crash without a pthreadpool 
During 'samba-tool ntacl sysvolreset' and similar.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Björn Baumbach
0e9f1eec5a samba-tool: print default (domain) for --dns-directory-partition option in help message 
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Stefan Metzmacher
b26dcfba10 tests/krb5/s4u_tests.py: add test_constrained_delegation_authtime 
This demonstrates that we use the correct authtime
when doing constrained delegation.

The actual fix for the problem is already in place via
commit 75ec66c729
third_party/heimdal: Import lorikeet-heimdal-202306091507 (commit 7d8afc9d7e3d309ddccc2aea6405a8ca6280f6de)

The related patch is:
006a365a6aa3047a4e685e1607973746a28cc1f1 kdc: use the correct authtime from addtitional ticket for S4U2Proxy tickets

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13137

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Stefan Metzmacher
489cdefa6a tests/krb5/s4u_tests.py: add test_constrained_delegation_with_enc_auth_data_[no_]subkey() 
This demonstrates that we use the correct key for EncAuthorizationData
together with constrained delegation.

The actual fix for the problem is already in place via
commit 75ec66c729
third_party/heimdal: Import lorikeet-heimdal-202306091507 (commit 7d8afc9d7e3d309ddccc2aea6405a8ca6280f6de)

The related patches are:
38c47c54f0c78fed5afc1aea9c5f6683e06ec842 kdc: fix memory leak when decryption AuthorizationData
61c0089ea3f5387953818a3ac99fb529244196e6 kdc: decrypt b->enc_authorization_data in tgs_build_reply()
fed5579814108ee90f701ca6bfb5500f7d839bc4 kdc: if we don't have an authenticator subkey for S4U2Proxy we need to use the keys from evidence_tkt

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13131

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 23:24:37 +00:00
Andrew Bartlett
0ef8083cca WHATSNEW: Mention new default schema and Functional Level prep 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 21 20:01:06 UTC 2023 on atb-devel-224
 2023-06-21 20:01:06 +00:00
Joseph Sutton
a9d543cdfc s4:kdc: Gate claims, auth policies and NTLM restrctions behind 2012/2016 FLs 
Samba security features like AD claims, Authentication Policies and
Authentication Silos are enabled once the DC is at the required functional level.

We comment at the callers of of dsdb_dc_functional_level() to explain
why we do this.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2023-06-21 19:08:37 +00:00
Stefan Metzmacher
c95813374a testprogs/blackbox: also raise the levels to 2012_R2/2016 in functionalprep.sh 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 19:08:37 +00:00
Stefan Metzmacher
d2777d47d1 testprogs/blackbox: also prepare for to 2016 (schema=2019) in functionalprep.sh 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 19:08:37 +00:00
Stefan Metzmacher
205ee77c2f samba-tool: let 'domain level raise' call check_and_update_fl() in a transaction 
This makes it possible to raise the levels without starting
'samba' first, which is very useful for blackbox tests.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 19:08:37 +00:00
Stefan Metzmacher
3724ae3e10 samba-tool: move some parts of 'domain level [show|raise]' in to subfunctions 
This will make it easier to use transactions in the following changes...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 19:08:37 +00:00
Stefan Metzmacher
e92988ec94 samba-tool: move some parts of 'domain level [show|raise]' in to try/except 
This just adds indentation for now, the following changes will
add transactions...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 19:08:37 +00:00
Stefan Metzmacher
ea2712336b samba-tool: let 'domain level raise --domain-level' use the correct crossRef dn 
We should not rely on lp.get('workgroup')...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 19:08:37 +00:00
Stefan Metzmacher
f9f9771a55 samba-tool: check for invalid 'domain level' subcommands first 
This will simplify further changes...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 19:08:37 +00:00
Andrew Bartlett
1b1895a0d8 samba-tool: Fix missing import for "domain level raise --forest-level=2016" 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2023-06-21 19:08:37 +00:00
Stefan Metzmacher
48cc2862c2 docs-xml/smbdotconf: also allow 2012[_R2] for 'ad dc functional level' 
We may not jump to 2016 directly...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2023-06-21 19:08:37 +00:00
Joseph Sutton
ad98643fbd s4:kdc: Replace FAST cookie with dummy string 
All that uses the FAST cookie is the gss-preauth authentication
mechanism, which is untested in Samba, and disabled by default.
Disabling the FAST cookie code (and sending a dummy string instead)
relieves us of the maintenance and testing burden of this untested code.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jun 21 13:19:17 UTC 2023 on atb-devel-224
 2023-06-21 13:19:17 +00:00
Joseph Sutton
fc4740426d third_party/heimdal: Import lorikeet-heimdal-202306112240 (commit c7f4ffe1a6e8dafc86ec3357c498d31c97ece386) 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2023-06-21 12:23:33 +00:00
Joseph Sutton
53caae00b8 tests/krb5: Test that FX-COOKIE matches cookie returned by Windows 
The cookie produced by Windows differs depending on whether FAST was
used.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2023-06-21 12:23:32 +00:00
Volker Lendecke
c4e27ae4f6 smbd: Don't set security_descriptor_hash_v4->time 
This prevents de-duplication of xattrs in the backend file system
where otherwise ACLs are often very similar.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jun 21 07:11:56 UTC 2023 on atb-devel-224
 2023-06-21 07:11:56 +00:00
Andreas Schneider
d34ff44d91 s3:winbind: Fix talloc parent in find_dc() leading to a segfault 
[2023/06/16 16:30:18.677249,  0, pid=28112, effective(0, 0), real(0, 0), traceid=35] ../../lib/cmdline/cmdline.c:56(_samba_cmdline_talloc_log)
  Bad talloc magic value - unknown value
[2023/06/16 16:30:18.677374,  0, pid=28112, effective(0, 0), real(0, 0), traceid=35] ../../lib/util/fault.c:173(smb_panic_log)
  ===============================================================
[2023/06/16 16:30:18.677388,  0, pid=28112, effective(0, 0), real(0, 0), traceid=35] ../../lib/util/fault.c:177(smb_panic_log)
  INTERNAL ERROR: Bad talloc magic value - unknown value in pid 28112 (4.18.3)
[2023/06/16 16:30:18.677398,  0, pid=28112, effective(0, 0), real(0, 0), traceid=35] ../../lib/util/fault.c:182(smb_panic_log)
  If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
[2023/06/16 16:30:18.677408,  0, pid=28112, effective(0, 0), real(0, 0), traceid=35] ../../lib/util/fault.c:183(smb_panic_log)
  ===============================================================
[2023/06/16 16:30:18.677420,  0, pid=28112, effective(0, 0), real(0, 0), traceid=35] ../../lib/util/fault.c:185(smb_panic_log)
  PANIC (pid 28112): Bad talloc magic value - unknown value in 4.18.3
[2023/06/16 16:30:18.677698,  0, pid=28112, effective(0, 0), real(0, 0), traceid=35] ../../lib/util/fault.c:293(log_stack_trace)
  BACKTRACE: 22 stack frames:
   #0 /usr/lib64/samba/libgenrand-samba4.so(log_stack_trace+0x34) [0x7fcc04ad35d4]
   #1 /usr/lib64/samba/libgenrand-samba4.so(smb_panic+0xd) [0x7fcc04ad382d]
   #2 /lib64/libtalloc.so.2(+0x3121) [0x7fcc04650121]
   #3 /usr/sbin/winbindd(_wbint_InitConnection+0xe8) [0x55aa1fd79028]
   #4 /usr/sbin/winbindd(+0x59488) [0x55aa1fd7e488]
   #5 /lib64/libdcerpc-server-core.so.0(dcesrv_call_dispatch_local+0x69) [0x7fcc05890469]
   #6 /usr/sbin/winbindd(winbindd_dual_ndrcmd+0x3c5) [0x55aa1fd762d5]
   #7 /usr/sbin/winbindd(+0x4d664) [0x55aa1fd72664]
   #8 /lib64/libtevent.so.0(tevent_common_invoke_fd_handler+0x97) [0x7fcc03d2e707]
   #9 /lib64/libtevent.so.0(+0xef4f) [0x7fcc03d34f4f]
   #10 /lib64/libtevent.so.0(+0xcf5b) [0x7fcc03d32f5b]
   #11 /lib64/libtevent.so.0(_tevent_loop_once+0x95) [0x7fcc03d2d9b5]
   #12 /usr/sbin/winbindd(+0x4fd14) [0x55aa1fd74d14]
   #13 /usr/sbin/winbindd(+0x505cd) [0x55aa1fd755cd]
   #14 /lib64/libtevent.so.0(tevent_common_invoke_immediate_handler+0x182) [0x7fcc03d2ec72]
   #15 /lib64/libtevent.so.0(tevent_common_loop_immediate+0x27) [0x7fcc03d2eca7]
   #16 /lib64/libtevent.so.0(+0xed2f) [0x7fcc03d34d2f]
   #17 /lib64/libtevent.so.0(+0xcf5b) [0x7fcc03d32f5b]
   #18 /lib64/libtevent.so.0(_tevent_loop_once+0x95) [0x7fcc03d2d9b5]
   #19 /usr/sbin/winbindd(main+0xd34) [0x55aa1fd402f4]
   #20 /lib64/libc.so.6(__libc_start_main+0xe5) [0x7fcc0339dd85]
   #21 /usr/sbin/winbindd(_start+0x2e) [0x55aa1fd40e8e]
[2023/06/16 16:30:18.677828,  0, pid=28112, effective(0, 0), real(0, 0), traceid=35] ../../source3/lib/dumpcore.c:318(dump_core)
  coredump is handled by helper binary specified at /proc/sys/kernel/core_pattern

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15398

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 20 11:07:45 UTC 2023 on atb-devel-224
 2023-06-20 11:07:45 +00:00