sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code
137,262 Commits 60 Branches 1,145 Tags 452 MiB
ffbe623963
Commit Graph

137262 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Bartlett
ffbe623963 selftest: Add tests that demonstrate the issues with ldb use after free 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-04-10 05:13:32 +00:00
Douglas Bagnall
3ffc6c139b pytest:krb5/lockout: associate user DN with the ldb it is used with 
LDB is soon going to object strongly to Python DNs that don't come from
the ldb that they are being used with, for memory safety reasons.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-10 05:13:32 +00:00
Andrew Bartlett
dbba6c22a4 auth/credentials: Read managed_password.passwords.query_interval only after parsing 
The code previously read the uninitialised stack not the parsed
structure, and so could segfault if the stack was not zero.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Apr  9 23:59:54 UTC 2024 on atb-devel-224
 2024-04-09 23:59:54 +00:00
Volker Lendecke
811c184bbb smbd: Simplify an if-condition 
current_sid == NULL is true if and only if we could not assign current_sid
because num_sids was too small. Make that more explicit.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Volker Lendecke
51c950c162 smbd: Save 3 lines 
Just cosmetic

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Volker Lendecke
f573a51341 smbd: Remove an obsolete comment 
This looks like a cut&paste from other smbXsrv files.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Volker Lendecke
798826d4f1 smbXsrv_session: Remove a "can't happen" NULL check 
This should really not happen, crashing would be the right
response. Align with fdca0558ef.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Volker Lendecke
8998198737 smbXsrv_session: Use talloc_tos() for pushing smbXsrv_session_globalB 
Use the toplevel talloc pool, align with 0c709cb6b7.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Volker Lendecke
292c264546 smbXsrv_session: Remove two implicit NULL initializations 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Volker Lendecke
c5f98c0d95 smbXsrv_session: Use struct initialization 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andrew Bartlett
005ce15aab python/samba/tests: Fix gMSA blackbox test to expect failure to get password after membership change 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
50f424e8d3 s3:rpc_server: Implement _lsa_CreateTrustedDomainEx3() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
8df1728e12 s3:rpc_server: Implement lsa_CreateTrustedDomain_common() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
3385c2fe44 s3:rpc_server: Implement and use lsa_CreateTrustedDomain_precheck() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
8f52b64979 s3:rpc_server: Log error in _lsa_CreateTrustedDomainEx2() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
56e1051ad7 s3:rpc_client: Implement createtrustdomex3 command 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
bb4d8de9a8 s3:rpc_client: Implement createtrustdomex2 command 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
d078ee6af6 s3:rpc_client: Implement rpc_lsa_encrypt_trustdom_info_aes() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
97499a4755 s4:torture: Add test for lsa_CreateTrustedDomainEx3 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
f390981c1a s4:rpc_server: Enable AES in dcesrv_lsa_OpenPolicy3() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
933ba49607 s4:rpc_server: Implement dcesrv_lsa_CreateTrustedDomainEx3() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
87595140c3 s4:rpc_server: Implement get_trustdom_auth_blob_aes() for LSA 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
0177cd898e s4:rpc_server: Use dcesrv_lsa_CreateTrustedDomain_common() in lsa_CreateTrustedDomain 
This also removes dcesrv_lsa_CreateTrustedDomain_base() as it is unused with
this commit. We need to do it here or the compiler will complain about an unused
function.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
b957cb34d4 s4:rpc_server: Use dcesrv_lsa_CreateTrustedDomain_common() for lsa_CreateTrustedDomainEx 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
1790828bc5 s4:rpc_server: Use dcesrv_lsa_CreateTrustedDomain_common() for lsa_CreateTrustedDomainEx2 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
6d90397ff2 s4:rpc_server: Implement dcesrv_lsa_CreateTrustedDomain_common() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
dad8c78edc s4:rpc_server: Implement dcesrv_lsa_CreateTrustedDomain_precheck() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
18af510bd5 s4:rpc_server: Use talloc_zero in dcesrv_lsa_CreateTrustedDomain() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
8b1c0bd718 s4:rpc_server: Fix trailing white spaces in dcesrv_lsa.c 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
354f61d868 s4:torture: Use dcerpc_lsa_OpenPolicy3_r() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
8e35e5f567 s4:torture: Use rpc_lsa_encrypt_trustdom_info() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
05e9cb36b7 s3:rpc_client: Implement rpc_lsa_encrypt_trustdom_info() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
dbe9e9a839 s4:torture: Use init_lsa_String() from init_lsa.h 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
84d5150363 librpc:rpc: Add dcerpc_lsa.h 
This adds AES constants by MS.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
2d60d1b96a python: Use OpenPolicyFallback() in trust.py 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:38 +00:00
Andreas Schneider
859e7f8c5f python: Implement CreateTrustedDomainFallback() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:37 +00:00
Andreas Schneider
812d4e0d6c python: Add aead_aes_256_cbc_hmac_sha512() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:37 +00:00
Andreas Schneider
23e61d2ceb python: Use secrets.token_bytes instead of random 
random should not be used to create secure random numbers for tokens.
The secrets module is exactly for this.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:37 +00:00
Andreas Schneider
decacb0e7e python: Set parameter types for CreateTrustedDomainRelax() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:37 +00:00
Andreas Schneider
9e5fc81564 python:tests: Clean lsa_utils.py code according to Python standards 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:37 +00:00
Andreas Schneider
e32be2ade4 python:tests: Rename createtrustrelax.py to lsa_utils.py 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:37 +00:00
Andreas Schneider
00ed209e48 python: Implement OpenPolicyFallback() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:37 +00:00
Andreas Schneider
85d0ab38f7 python:samba: Rename trust_utils.py to lsa_utils.py 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:37 +00:00
Andreas Schneider
01940ae7af buildtools: Fix PYTHONPATH and print it 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-09 22:52:37 +00:00
Rob van der Linde
be2ade2d88 netcmd: fix broken shell command missing Model 
This is already in MODELS which is populated in ModelMeta

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Apr  8 04:07:22 UTC 2024 on atb-devel-224
 2024-04-08 04:07:22 +00:00
Rob van der Linde
bcae4c2dbe python: lint: fix pylint R1720 unnecessary "raise" after "else" 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-08 03:00:39 +00:00
Rob van der Linde
3dd49b9f56 python: lint: remove unused imports in claims and gmsa commands 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-08 03:00:39 +00:00
Rob van der Linde
8f7ff1c7ef python: tests: type check should always use "is" or "is not" 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-08 03:00:39 +00:00
Rob van der Linde
e388bf4b4a python: tests: fix closing quote in docstring example 
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-08 03:00:39 +00:00
Noel Power
a18c53a9b9 libcli/http: Detect unsupported Transfer-encoding type 
Also removes knownfail for test that now passes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15611
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2024-04-08 03:00:39 +00:00