1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

39618 Commits

Author SHA1 Message Date
Stefan Metzmacher
38874d2840 s4:pyrpc: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
5d3faa86fd s4:py_net: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
bf888b59e3 s4:libnet: make use of dcerpc_binding_handle_auth_session_key() in libnet_become_dc.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
51f5eefcd1 s4:drepl: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
6446715747 s4:librpc/rpc: add dcerpc_bh_auth_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
d9bf23f971 s4:librpc/rpc: remove unused dcerpc_fetch_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
4ccd2dd8a2 s4:torture/rpc: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
57905603e0 xss4:pyrpc: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
93e8d58736 s4:libnet: make use of dcerpc_binding_handle_transport_session_key() in libnet_passwd.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
2d1c182bf5 s4:libnet: add struct dcerpc_binding_handle helper variables in libnet_passwd.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
3cc6ddeb58 s4:librpc/rpc: remove unused dcerpc_transport_encrypted()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
9567d753ac s4:pyrpc: let py_iface_transport_encrypted() use dcerpc_binding_handle_transport_encrypted()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
9b50ab08c1 s4:librpc/rpc: add dcerpc_bh_transport_{encrypted,session_key}()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
061267e0e4 s4:torture/rpc: avoid using DCERPC_NDR_REF_ALLOC in fsrvp.c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
136ee756fe s4:torture/rpc: remove useless usage of DCERPC_SIGN, DCERPC_SEAL
We already used DCERPC_AUTH_LEVEL_PRIVACY for the connection.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
b0be3c8af8 s4:torture/rpc: avoid checking p->last_fault_code in iremotewinspool*
Now that we check for NT_STATUS_RPC_UNSUPPORTED_TYPE, there's no
need to check for DCERPC_NCA_S_UNSUPPORTED_TYPE.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
492f6a0eef librpc/rpc: map DCERPC_NCA_S_UNSUPPORTED_TYPE to NT_STATUS_RPC_UNSUPPORTED_TYPE
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
ef4ef04e7f s4:torture/smb2: add smb2.durable-v2-regressions.durable_v2_reconnect_bug15624
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-09-19 18:27:33 +00:00
Stefan Metzmacher
a14320461e s4:lib/messaging: fix interaction between imessaging_reinit and irpc_destructor
This was missing in commit 0d09693119.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15280

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Sep 18 19:45:56 UTC 2024 on atb-devel-224
2024-09-18 19:45:56 +00:00
Jeremy Allison
7da019d614 s4: torture: Add a new test lease_rename_with_overwrite.
Creates and opens two files with leases, then tries
rename-with-overwrite on file_src -> file_dst.

Ensures we get a lease break on file_dst before
getting the access denied response.

Passes against Windows, fails against Samba.

Add knownfail.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Sep 18 05:42:15 UTC 2024 on atb-devel-224
2024-09-18 05:42:15 +00:00
Ralph Boehme
0983560830 smbtorture: test creating stream doesn't crash when using "inherit permissions = yes"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-09-02 07:19:38 +00:00
Stefan Metzmacher
e2c8f718ca s4:torture/smb2: better error handling in create.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 29 19:47:54 UTC 2024 on atb-devel-224
2024-08-29 19:47:54 +00:00
Stefan Metzmacher
3fd40cb8a9 s4:torture/raw: better error handling in streams.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-08-29 18:25:28 +00:00
Stefan Metzmacher
28fd1ea4a1 s4:torture/smb2: make use of torture_assert_*_equal_goto() in streams.c
We should fail immediately...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-08-29 18:25:28 +00:00
Stefan Metzmacher
e2a9cd1d02 s4:libcli/smb2: let smb2_deltree delete directory streams
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-08-29 18:25:28 +00:00
Stefan Metzmacher
b1b1f2ea6b s4:libcli: allow smb2_composite_unlink* to truncate the file before close
This is needed to delete streams...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15656

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-08-29 18:25:28 +00:00
David Disseldorp
5e278a5264 smb2_ioctl: fix truncated FSCTL_QUERY_ALLOCATED_RANGES responses
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15699

Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224
2024-08-28 08:54:11 +00:00
David Disseldorp
5cf57f1f53 s4:torture/smb2: test FSCTL_QUERY_ALLOCATED_RANGES truncation
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.

Flag the new test knownfail; fix in subsequent commit.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2024-08-28 07:37:41 +00:00
Douglas Bagnall
b5e0e83150 dsdb:cracknames: free more on error (CID 240724)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Aug 28 05:39:36 UTC 2024 on atb-devel-224
2024-08-28 05:39:36 +00:00
Douglas Bagnall
3f83d029de dsdb:util: dsdb_module_dn initialises on failure
I think this may be a root cause of some Coverity false positives.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Douglas Bagnall
24b0dad5b5 dsdb:mod:operational: initialise a pointer (CID 1499411)
A Coverity false positive (we check for error) but it is worth
doing per README.Coding

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Douglas Bagnall
7dac035896 s4:drs:test:getncchanges skips some tests with reserved_usn = 0
These tests are not affected by the reserved_usn change, so there is
no need to run them twice.

The test_repl_get_tgt_multivalued_links fails with or without
reserved_usn set to zero, but it fails differently in either case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Douglas Bagnall
44a478038b s4:drs:test:getncchanges: remove timeout failure
We don't need a timeout failure any more, since replication should
always work. Leaving the timeout in might sometimes cause a flapping
test if replication is being slow for some reason.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Douglas Bagnall
7a623d8d56 s4:drsuapi:getncchanges: allow 0 reserved_usn reply
Azure AD will set reserved_usn to zero when we expect it to be
the number we gave them.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Douglas Bagnall
5ef2701903 s4:drsuapi:getncchanges: use DBG_ERR() macro
The next commit will indent this more, so it's a bit squished up.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Douglas Bagnall
2e1ccb3523 s4:drsuapi:getncchanges: fix whitespace
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Douglas Bagnall
67c7609ab7 s4:drs:tests: repeat getncchanges test with zero reserved_usn
This emulates the behaviour of Azure AD.

As this is quite slow we will later reduce the test load in this case,
but for now we want to run all the getncchanges tests this way.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Douglas Bagnall
796e92a530 s4:drs:tests: add hook for changing highwatermark
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Douglas Bagnall
4b4a7c3fd4 s4:drs:test:getncchanges: add a timeout failure
In the next commit we are going to add tests in which the client
modifies the highwatermark in a way that resets replication (on Samba
only). After that we'll fix it.

If we leave the test in an eternal loop, the commit history will not
be bisectable, so we are temporarily going to turn long waits into
failures.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15701

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Volker Lendecke
56ec6fe5ed lib: Add a few explicit includes
Required to trim down includes from gen_ndr/*security*

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Stefan Metzmacher
f9d7a930f0 s4:torture/smb2: add smb2.create.mkdir-visible
This reproduces a race where one client creates
a directory and other clients see it before
the directory is fully setup including the correct
permissions and similar things.

We have a DENY ACE for SEC_DIR_ADD_FILE, which means
that files can't be created. This is set on
a base directory 'mkdir_visible'.

Then we have a lot of async loops trying to create
a file called 'mkdir_visible\dir\file_NR'. These loop
as fast as possible expecting OBJECT_PATH_NOT_FOUND,
because 'mkdir_visible\dir' is not there.

Then we send a create for 'mkdir_visible\dir' and
expect that to work.

This should turn the 'mkdir_visible\dir\file_NR' loop
into getting ACCESS_DENIED, because the
DENY ACE for SEC_DIR_ADD_FILE should be inherited
before 'mkdir_visible\dir' is visible to other clients.

Because of the complex steps in mkdir_internal(),
smbd allows the creation 'mkdir_visible\dir\file_NR',
as 'mkdir_visible\dir' is already visible after the
mkdirat(), before the DENY ACE is inherited.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-08-21 08:02:30 +00:00
Alexander Bokovoy
3d98048a5a kdc: warn if DES-only keys enforced on the account
With MIT Kerberos 1.21+ DES is not available by default and will be
refused. This means userAccountFlags with UF_DES_KEYS_ONLY will result
in a likely authentication falure (unless allow_des=true is set in
krb5.conf).

Warn about such cases to give admins yet another chance to detect an
error in setting userAccountFlags.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Sat Aug 17 11:59:01 UTC 2024 on atb-devel-224
2024-08-17 11:59:01 +00:00
Stefan Metzmacher
f6009aa73b s4:torture/smb2: let smb2.session.expire2* also check compound requests
This shows that all compound related requests should get
NT_STATUS_NETWORK_SESSION_EXPIRED.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15696

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2024-08-13 21:13:33 +00:00
Jo Sutton
18b078a8b9 dsdb periodic: Produce a debugging message if kccsrv_samba_kcc() fails
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-08-04 00:32:39 +00:00
Jo Sutton
7b02049223 s4-kcc: Remove nonfunctional fallback code
The following line in the pre‐2003 attributes fallback code:

attrs = post_2003_attrs;

presumably should have read

attrs = pre_2003_attrs;

As it is this fallback, added in commit
2fc233b78f and subsequently modified in
commit 783ff68628, does not do what it was
intended to do.

Besides, attempting a failed search again, just with different
attributes, will presumably not yield any more of a result.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-08-04 00:32:39 +00:00
Jo Sutton
1616a640dd s4:dsdb: Fix code spelling
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-08-04 00:32:39 +00:00
Jo Sutton
7485d4d588 s4:dsdb: Remove trailing whitespace
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-08-04 00:32:39 +00:00
Andreas Schneider
48963251fb s4:torture: Fix memory leak
Direct leak of 102 byte(s) in 1 object(s) allocated from:
    #0 0x7f35322fc7d7 in malloc ../../../../libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f3531e43bc2 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
    #2 0x7f3531e45034 in __talloc ../../lib/talloc/talloc.c:825
    #3 0x7f3531e45034 in __talloc_strlendup ../../lib/talloc/talloc.c:2454
    #4 0x7f3531e45034 in talloc_strdup ../../lib/talloc/talloc.c:2470
    #5 0x7f352f90264b in smbcli_parse_unc ../../source4/libcli/cliconnect.c:269
    #6 0x55fbf83aa207 in torture_parse_target ../../source4/torture/smbtorture.c:192
    #7 0x55fbf83ae031 in main ../../source4/torture/smbtorture.c:744
    #8 0x7f352ca2a1ef in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug  1 16:55:43 UTC 2024 on atb-devel-224
2024-08-01 16:55:43 +00:00
Andreas Schneider
a105595697 s4:torture: Remove trailing spaces from smbtorture.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-08-01 15:47:30 +00:00
Stefan Metzmacher
7dc19dd94c s4:torture/smb2: add 'smb2.bench.session-setup'
This test loops over session-setup/logoff as fast as possible,
for nprocs * qdepth loops.

It was created to demonstrate the krb5 replay cache problem
(at least with MIT kerberos before 1.18, I've tested with
1.15 only).

This forces kerberos with the machine account:

time smbtorture //fileserver.example.com/ipc\$ \
        smb2.bench.session-setup \
        --option="torture:timelimit=600" \
        --option="torture:nprocs=50" \
        --option="torture:qdepth=1" \
        --machine-pass \
        --use-kerberos=required

This forces ntlmssp with the machine account:

time smbtorture //fileserver.example.com/ipc\$ \
        smb2.bench.session-setup \
        --option="torture:timelimit=600" \
        --option="torture:nprocs=50" \
        --option="torture:qdepth=1" \
        --machine-pass \
        --use-kerberos=off

This forces anonymous ntlmssp (without depending
on the DC performance):

time smbtorture //fileserver.example.com/ipc\$ \
        smb2.bench.session-setup \
        --option="torture:timelimit=600" \
        --option="torture:nprocs=50" \
        --option="torture:qdepth=1" \
        -U% \
        --use-kerberos=off

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Jul 30 15:18:42 UTC 2024 on atb-devel-224
2024-07-30 15:18:42 +00:00
Pavel Filipenský
be29fe50ad selftest: setup clusteredmember with kerberos, change dependency to "ad_dc"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=6750

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-07-26 17:12:36 +00:00
Andreas Schneider
7bb59168e9 s4:torture: Initialize struct cldap_netlogon
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/ldap/cldapbench.c:40: var_decl: Declaring variable ""io"" without initializer.
samba-4.20.0rc2/source4/torture/ldap/cldapbench.c:45: uninit_use_in_call: Using uninitialized value ""io.in.map_response"" when calling ""cldap_netlogon_recv"".
   43|   	TALLOC_CTX *tmp_ctx = talloc_new(NULL);
   44|   	io.in.version = 6;
   45|-> 	status = cldap_netlogon_recv(req, tmp_ctx, &io);
   46|   	talloc_free(req);
   47|   	if (NT_STATUS_IS_OK(status)) {"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 18 13:48:03 UTC 2024 on atb-devel-224
2024-07-18 13:48:03 +00:00
Andreas Schneider
bd298f2612 s4:torture: Remove trailing spaces from cldapbench.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2024-07-18 12:47:30 +00:00
Andreas Schneider
125c5a93bb s4:torture: Initialize struct netr_LogonSamLogonEx
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/schannel.c:49: var_decl: Declaring variable ""r"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/schannel.c:152: uninit_use_in_call: Using uninitialized value ""r.in.validation_level"" when calling ""torture_comment"".
  150|   			""LogonSamLogonEx failed"");
  151|   	} else {
  152|-> 		torture_comment(tctx,
  153|   				""Skip auth_level[%u] Testing LogonSamLogonEx with name %s using %s and validation_level: %d\n"",
  154|   				auth_level, ninfo.identity_info.account_name.string, crypto_alg,"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2024-07-18 12:47:30 +00:00
Andreas Schneider
d64242f676 s4:torture: Initialize union spoolss_KeyNames
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/spoolss.c:7835: var_decl: Declaring variable ""key_buffer"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/spoolss.c:7906: uninit_use: Using uninitialized value ""key_buffer.string_array"".
 7904|
 7905|   	if (array) {
 7906|-> 		*array = key_buffer.string_array;
 7907|   	}
 7908|"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2024-07-18 12:47:30 +00:00
Andreas Schneider
2e1ac4bbf5 s4:torture: Initialize pointer with NULL
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/durable_open.c:1447: var_decl: Declaring variable ""tree2"" without initializer.
samba-4.20.0rc2/source4/torture/smb2/durable_open.c:1492: uninit_use_in_call: Using uninitialized value ""tree2"" when calling ""smb2_util_unlink"".
 1490|   		}
 1491|
 1492|-> 		smb2_util_unlink(tree2, fname);
 1493|
 1494|   		talloc_free(tree);"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2024-07-18 12:47:29 +00:00
Andreas Schneider
f7229d61ed s4:torture: Add new LSA test_query_forest_trust_info()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 18 12:36:25 UTC 2024 on atb-devel-224
2024-07-18 12:36:25 +00:00
Andreas Schneider
14a5d9e626 s4:torture: Split out a new LSA test_set_forest_trust_info() function
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-07-18 11:27:38 +00:00
Pavel Filipenský
471163e512 libnet: Fix debug text
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-07-17 07:48:31 +00:00
Andreas Schneider
85d80240ec s4:torture: Do not set sr.in.info to info be we queried the info
`sr.in.info = info` is correctly set later after we called
dcerpc_lsa_QueryTrustedDomainInfoByName_r() which filling the info
pointer with data.

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/forest_trust.c:211: var_decl: Declaring variable ""info"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/forest_trust.c:248: uninit_use: Using uninitialized value ""info"".
  246|   	sr.in.trusted_domain = talloc_zero(tctx, struct lsa_String);
  247|   	sr.in.trusted_domain->string = name;
  248|-> 	sr.in.info = info;
  249|
  250|   	for (c = 0; il[c].info_level != -1; c++) {"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jul 16 12:42:39 UTC 2024 on atb-devel-224
2024-07-16 12:42:39 +00:00
Andreas Schneider
bd5e095e27 s4:torture: Remove tailing spaces in forest_trust.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-07-16 11:41:33 +00:00
Andreas Schneider
03283dfae2 s4:torture: Initialize struct smb_nttrans
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/basic/scanner.c:368: var_decl: Declaring variable ""parms"" without initializer.
samba-4.20.0rc2/source4/torture/basic/scanner.c:388: uninit_use_in_call: Using uninitialized value ""parms.in.setup"" when calling ""smb_raw_nttrans"".
  386|   	parms.in.data = ntdata_blob;
  387|
  388|-> 	status = smb_raw_nttrans(cli->tree, mem_ctx, &parms);
  389|
  390|   	if (NT_STATUS_IS_ERR(status)) {"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-07-16 11:41:33 +00:00
Andreas Schneider
7723353dae s4:torture: Remove tailing spaces in scanner.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-07-16 11:41:33 +00:00
Andreas Schneider
d003a17191 s4:torture: Initialize struct smb2_create
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/sharemode.c:639: var_decl: Declaring variable ""cr3"" without initializer.
samba-4.20.0rc2/source4/torture/smb2/sharemode.c:736: uninit_use_in_call: Using uninitialized value ""cr3.out.file.handle"" when calling ""smb2_util_close"".
  734|   	smb2_util_close(tree, cr1.out.file.handle);
  735|   	smb2_util_close(tree, cr2.out.file.handle);
  736|-> 	smb2_util_close(tree, cr3.out.file.handle);
  737|   	smb2_util_unlink(tree, fname);
  738|   	return ret;"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-07-16 11:41:33 +00:00
Andreas Schneider
ae47ec172f s4:torture: Initialize union smb_open
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/raw/open.c:1136: var_decl: Declaring variable ""io1"" without initializer.
samba-4.20.0rc2/source4/torture/raw/open.c:1198: uninit_use_in_call: Using uninitialized value ""io1.ntcreatex.out.file.fnum"" when calling ""smbcli_close"".
 1196|    done:
 1197|   	smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
 1198|-> 	smbcli_close(cli->tree, io1.ntcreatex.out.file.fnum);
 1199|   	smbcli_deltree(cli->tree, BASEDIR);
 1200|   	return ret;"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-07-16 11:41:33 +00:00
Andreas Schneider
3aa6aa02a8 s4:torture: Initialize struct netr_IdentityInfo
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/samr.c:3601: var_decl: Declaring variable ""identity"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/samr.c:3650: uninit_use: Using uninitialized value ""identity"". Field ""identity.domain_name.length"" is uninitialized.
 3648|   		}
 3649|
 3650|-> 		pinfo.identity_info = identity;
 3651|   		logon.password = &pinfo;
 3652|"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2024-07-16 11:41:33 +00:00
Andréas Leroux
2c1a4a516f ldap_server: Add a ldapsrv debug class to log LDAP queries
Patch updated for recent samba versions in merge request #3295 by kvvloten
Initial patch created by Jeremy Allison (https://www.spinics.net/lists/samba/msg161128.html) to log LDAP server queries/functions in a separate file

Signed-off-by: Andréas Leroux <aleroux@tranquil.it>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul  9 08:37:22 UTC 2024 on atb-devel-224
2024-07-09 08:37:22 +00:00
Andreas Schneider
742e5b48ae s4:torture: Initialize pointer with NULL
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/samsync.c:342: var_decl: Declaring variable ""dom_sid"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/samsync.c:385: uninit_use_in_call: Using uninitialized value ""dom_sid"" when calling ""dom_sid_dup"".
  383|   	}
  384|   	if (samsync_state->domain_handle[database_id]) {
  385|-> 		samsync_state->sid[database_id] = dom_sid_dup(samsync_state, dom_sid);
  386|   	}
  387|"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-07-08 07:36:33 +00:00
Pavel Filipenský
f434524b47 s4:torture: Initialize struct smb2_handle consistently in lease.c
Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/lease.c:567: var_decl: Declaring variable "h" without initializer.
samba-4.20.0rc2/source4/torture/smb2/lease.c:642: uninit_use_in_call: Using uninitialized value "h" when calling "smb2_util_close".
  640|
  641|    done:
  642|->         smb2_util_close(tree, h);
  643|           smb2_util_close(tree, h2);
  644|

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-07-05 07:45:32 +00:00
Jo Sutton
e50a69334e s4:dsdb: Remove unnecessary MIN()
Since we have ensured that val->length >= sizeof(hash->hash),
MIN(val->length, sizeof(hash->hash)) will here always be equal to
sizeof(hash->hash).

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-07-02 03:39:35 +00:00
Jo Sutton
66928d858f s4:auth: Correct order of parameters in documentation
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-07-02 03:39:35 +00:00
Jo Sutton
939481329e perftest:ndr_pack_performance: Remove obselete comment
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-07-02 03:39:35 +00:00
Jo Sutton
4844b1c34c perftest:ndr_pack_performance: Remove unused import
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-07-02 03:39:35 +00:00
Jo Sutton
c4728578de s4:dsdb: Use appropriate type for userAccountControl flags
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-07-02 03:39:35 +00:00
Jo Sutton
3dffd0fa67 s4:auth: Use appropriate type for userAccountControl flags
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2024-07-02 03:39:35 +00:00
Andreas Schneider
6d3cfb4b1c s4:torture: Initialize param arrays
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/gentest.c:2690: var_decl: Declaring variable ""parm"" without initializer.
samba-4.20.0rc2/source4/torture/gentest.c:2711: uninit_use: Using uninitialized value ""parm[0]"". Field ""parm[0].out"" is uninitialized.
 2709|   	}
 2710|
 2711|-> 	GEN_COPY_PARM;
 2712|   	GEN_SET_FNUM_SMB2(in.file.handle);
 2713|   	GEN_CALL_SMB2(smb2_lock(tree, &parm[i]));"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Jul  1 00:23:08 UTC 2024 on atb-devel-224
2024-07-01 00:23:08 +00:00
Andreas Schneider
f52e7fd3c0 s4:torture: Remove trailing spaces from gentest.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
2024-06-30 23:20:34 +00:00
Andreas Schneider
57001527ae s4:torture: Initialize pointers
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/durable_open.c:1518: var_decl: Declaring variable ""tree2"" without initializer.
samba-4.20.0rc2/source4/torture/smb2/durable_open.c:1584: uninit_use_in_call: Using uninitialized value ""tree2"" when calling ""smb2_util_close"".
 1582|   	if (tree != NULL) {
 1583|   		if (h != NULL) {
 1584|-> 			smb2_util_close(tree2, *h);
 1585|   		}
 1586|"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
2024-06-30 23:20:33 +00:00
Andreas Schneider
1d38f6ee92 s4:torture: Initialize struct smb2_handle
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/lease.c:452: var_decl: Declaring variable ""h"" without initializer.
samba-4.20.0rc2/source4/torture/smb2/lease.c:516: uninit_use_in_call: Using uninitialized value ""h"" when calling ""smb2_util_close"".
  514|
  515|    done:
  516|-> 	smb2_util_close(tree, h);
  517|   	smb2_util_close(tree, hnew);
  518|   	smb2_util_close(tree, h2);"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
2024-06-30 23:20:33 +00:00
Andreas Schneider
b6d66e55ad s4:torture: Initialize struct netr_LogonSamLogonEx
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/schannel.c:250: var_decl: Declaring variable ""r"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/schannel.c:357: uninit_use_in_call: Using uninitialized value ""r.in.validation_level"" when calling ""torture_comment"".
  355|   			""LogonSamLogonEx failed"");
  356|   	} else {
  357|-> 		torture_comment(tctx,
  358|   				""Skip auth_level[%u] Testing LogonSamLogonEx with name %s using %s and validation_level: %d\n"",
  359|   				auth_level, ninfo.identity_info.account_name.string, crypto_alg,"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
2024-06-30 23:20:33 +00:00
Andreas Schneider
9ec0f8bd60 s4:torture: Make sure struct smb2_handle is initialized
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/lease.c:1223: var_decl: Declaring variable ""h2"" without initializer.
samba-4.20.0rc2/source4/torture/smb2/lease.c:1328: uninit_use_in_call: Using uninitialized value ""h2"" when calling ""smb2_util_close"".
 1326|    done:
 1327|   	smb2_util_close(tree, h);
 1328|-> 	smb2_util_close(tree, h2);
 1329|
 1330|   	smb2_util_unlink(tree, fname);"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
2024-06-30 23:20:33 +00:00
Andreas Schneider
a77cffaa25 s4:torture: Initialize struct wrepl_wins_name
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:1244: var_decl: Declaring variable ""wins_name1"" without initializer.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:4835: assign: Assigning: ""wins_name_r1"" = ""&wins_name1"", which points to uninitialized data.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:4905: uninit_use_in_call: Using uninitialized value ""*wins_name_r1"". Field ""wins_name_r1->is_group"" is uninitialized when calling ""test_wrepl_update_one"".
 4903|
 4904|   		/* now apply R1 */
 4905|-> 		ret &= test_wrepl_update_one(tctx, ctx, records[i].r1.owner, wins_name_r1);
 4906|   		ret &= test_wrepl_is_applied(tctx, ctx, records[i].r1.owner,
 4907|   					     wins_name_r1, records[i].r1.apply_expected);"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 28 12:44:31 UTC 2024 on atb-devel-224
2024-06-28 12:44:31 +00:00
Andreas Schneider
54ce370f7d s4:torture: Fully initialize struct samr_OpenUser
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/samr.c:7381: var_decl: Declaring variable ""r"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/samr.c:7428: uninit_use: Using uninitialized value ""r.out.result.v"".
 7426|   		torture_assert_ntstatus_ok(tctx, dcerpc_samr_QueryUserInfo_r(b, tctx, &q),
 7427|   			""QueryUserInfo failed"");
 7428|-> 		if (!NT_STATUS_IS_OK(r.out.result)) {
 7429|   			torture_result(tctx, TORTURE_FAIL, ""QueryUserInfo(%u) failed - %s\n"", r.in.rid, nt_errstr(r.out.result));
 7430|   			return false;"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2024-06-28 11:39:33 +00:00
Andreas Schneider
7990a2ba08 s4:torture: Initialize struct wrepl_wins_name
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:6759: var_decl: Declaring variable ""wins_name_"" without initializer.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:6760: assign: Assigning: ""wins_name"" = ""&wins_name_"", which points to uninitialized data.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:9455: uninit_use_in_call: Using uninitialized value ""*wins_name"". Field ""wins_name->is_group"" is uninitialized when calling ""test_wrepl_update_one"".
 9453|   		wins_name->unknown	= ""255.255.255.255"";
 9454|
 9455|-> 		ret &= test_wrepl_update_one(tctx, ctx, &ctx->b, wins_name);
 9456|
 9457|   		/*"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2024-06-28 11:39:33 +00:00
Andreas Schneider
09d731470e s4:torture: Initialize struct smb2_handle
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/lease.c:336: var_decl: Declaring variable ""hnew"" without initializer.
samba-4.20.0rc2/source4/torture/smb2/lease.c:377: uninit_use_in_call: Using uninitialized value ""hnew"" when calling ""smb2_util_close"".
  375|    done:
  376|   	smb2_util_close(tree, h);
  377|-> 	smb2_util_close(tree, hnew);
  378|
  379|   	smb2_util_unlink(tree, fname);"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2024-06-28 11:39:33 +00:00
Andreas Schneider
4777464946 s4:torture: Initialize struct nbt_name_query
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/nbt/query.c:53: var_decl: Declaring variable ""io"" without initializer.
samba-4.20.0rc2/source4/torture/nbt/query.c:76: uninit_use_in_call: Using uninitialized value ""io.in.retries"" when calling ""nbt_name_query_send"".
   74|   		while (num_sent - (result->num_pass+result->num_fail) < 10) {
   75|   			struct nbt_name_request *req;
   76|-> 			req = nbt_name_query_send(nbtsock, &io);
   77|   			torture_assert(tctx, req != NULL, ""Failed to setup request!"");
   78|   			req->async.fn = increment_handler;"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2024-06-28 11:39:33 +00:00
Andreas Schneider
deced5eaae s3:torture: Remove trailing spaces in query.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2024-06-28 11:39:33 +00:00
Volker Lendecke
8a7aad7fe0 torture4: Fix some whitespace
Review with "git show -w"

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2024-06-24 16:21:32 +00:00
Andreas Schneider
3cb4073cd0 s4:dsdb: Avoid possible underflows with new_len
Found by Covscan.

"Error: INTEGER_OVERFLOW (CWE-190):
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:403: tainted_data_argument: The check ""i < new_len"" contains the tainted expression ""i"" which causes ""new_len"" to be considered tainted.
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:407: overflow: The expression ""new_len - i"" is deemed underflowed because at least one of its arguments has underflowed.
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:407: overflow: The expression ""(new_len - i) * 8UL"" is deemed underflowed because at least one of its arguments has underflowed.
samba-4.20.0rc2/source4/dsdb/schema/schema_query.c:407: overflow_sink: ""(new_len - i) * 8UL"", which might have underflowed, is passed to ""memmove(val1, val2, (new_len - i) * 8UL)"". [Note: The source code implementation of the function has been overridden by a builtin model.]
  405|   			const char **val2 = &attr_list[i];
  406|   			if (ldb_attr_cmp(*val1, *val2) == 0) {
  407|-> 				memmove(val1, val2, (new_len - i) * sizeof( *attr_list));
  408|   				attr_list[new_len-1] = NULL;
  409|   				new_len--;"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
2024-06-24 06:14:36 +00:00
Andreas Schneider
44db391ae1 s4:dsdb: Remove trailing spaces in schema_query.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
2024-06-24 06:14:36 +00:00
Andreas Schneider
94c06dd189 s4:torture: Initialize struct wrepl_wins_name
Found by Covscan.

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:5040: var_decl: Declaring variable ""wins_name_"" without initializer.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:5041: assign: Assigning: ""wins_name"" = ""&wins_name_"", which points to uninitialized data.
samba-4.20.0rc2/source4/torture/nbt/winsreplication.c:6680: uninit_use_in_call: Using uninitialized value ""*wins_name"". Field ""wins_name->is_group"" is uninitialized when calling ""test_wrepl_update_one"".
 6678|   			wins_name->unknown	= ""255.255.255.255"";
 6679|
 6680|-> 			ret &= test_wrepl_update_one(tctx, ctx, &ctx->b, wins_name);
 6681|   			ret &= test_wrepl_is_applied(tctx, ctx, &ctx->b, wins_name, true);
 6682|   		} else {"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
2024-06-24 06:14:36 +00:00
Andreas Schneider
5d568f6e61 s4:torture: Remove trailing spaces in winsreplication.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
2024-06-24 06:14:36 +00:00
Stefan Metzmacher
db2c576f32 testprogs/blackbox: add test_ldap_token.sh to test "client use kerberos" and --use-kerberos
This shows that they are ignored for machine accounts as domain member.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15666

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-06-19 09:07:36 +00:00
Stefan Metzmacher
372476aeb0 s4:torture/smb2: add smb2.ioctl.copy_chunk_bug15644
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15664

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
2024-06-17 16:54:29 +00:00
Andreas Schneider
4a48148a7d s4:torture: Add missing NULL checks in spoolss.c
source4/torture/rpc/spoolss.c: In function
  ‘check_printer_driver_file.isra’:
source4/torture/rpc/spoolss.c:10850:58: error: ‘%s’ directive argument
  is null [-Werror=format-overflow=]
10850 |         const char *remote_name = talloc_asprintf(tctx, "%s\\%d\\%s",
      |                                                          ^~

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2024-06-13 12:25:37 +00:00
Douglas Bagnall
de19f4d675 s4/pytest: remove py2 str/bytes workaround in getnc_exop
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-12 08:14:34 +00:00
Noel Power
7f1de90f72 selftest: Add a python blackbox test for some misc (widelink) DFS tests
On master attempting to chdir into a nested dfs link

e.g. cd dfslink (works)
     cd dfslink/another_dfslink (fails)

[1] Add a test for this scenario (nested chdir)
[2] Add test for enumerating a dfs link in root of dfs share
[3] Add a test to check case insensitive chdir into dfs link on widelink
  enabled share

Add knownfails for tests 1 and 3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435
2024-06-11 18:28:34 +00:00
Jo Sutton
b42c489180 s4:auth: Handle expired accounts in authsam_account_ok() (CID 1603594)
We check the ACB_PW_EXPIRED bit to determine whether the account is
expired. Since ACB_PW_EXPIRED can’t be represented in a 16‐bit integer,
we must increase the width of acct_flags so as not to lose that bit.

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-11 04:32:30 +00:00
Jo Sutton
facb418c99 s4:dsdb: Remove trailing whitespace
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-11 04:32:30 +00:00
Jo Sutton
5ffa768329 s4:auth: Add temporary memory context to authsam_reread_user_logon_data()
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-11 04:32:30 +00:00