summaryrefslogtreecommitdiff
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
* s3:utils: Fix typoJoseph Sutton2023-05-181-1/+1
| | | | | Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* python: Safely clear structure membersJoseph Sutton2023-05-161-6/+2
| | | | | | | | Using Py_CLEAR() ensures that these structures are observed in a consistent state by any Python code that may run during deconstruction. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth: Return status code if configuration prohibits NTLMJoseph Sutton2023-05-161-0/+1
| | | | | | | | Currently, we rely on ‘stored_nt’ being NULL to give an NT_STATUS_WRONG_PASSWORD error. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* param: Add new parameter "ad dc functional level"Andrew Bartlett2023-05-161-0/+3
| | | | | | | | This allows the new unsupported functional levels to be unlocked, but with an smb.conf option that is easily seen. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
* rpc_server3: Pass winbind_env_set() state through to rpcd_*Volker Lendecke2023-05-162-4/+33
| | | | | | | | | | | | | | | | Winbind can ask rpcd_lsad for LookupNames etc. This can recurse back into winbind for getpwnam. We have the "_NO_WINBINDD" environment variable set in winbind itself for this case, but this is lost on the way into rpcd_lsad. Use a flag in global_sid_Samba_NPA_Flags to pass this information to dcerpc_core, where it sets the variable on every call if requested. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue May 16 11:54:32 UTC 2023 on atb-devel-224
* lib: Add security_token_del_npa_flags() helper functionVolker Lendecke2023-05-162-0/+16
| | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* rpc: Remove named_pipe_auth_req_info6->need_idle_serverVolker Lendecke2023-05-164-124/+126
| | | | | | | | Involves bumping up the version number Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* rpc_server3: Use global_sid_Samba_NPA_Flags to pass "need_idle"Volker Lendecke2023-05-162-2/+53
| | | | | | | | More code, but will be more flexible in the future. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* rpc: Add global_sid_Samba_NPA_Flags SIDVolker Lendecke2023-05-162-0/+21
| | | | | | | | | | | This will be used as a flexible way to pass per-RPC-connection flags over ncalrpc to the RPC server without having to modify named_pipe_auth_req_info6 every time something new needs to be passed. It's modeled after global_sid_Samba_SMB3. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* smbd: Use security_token_count_flag_sids() in open_np_file()Volker Lendecke2023-05-161-12/+11
| | | | | | | | Simpler logic in the caller Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* winbind: Fix "wbinfo -u" on a Samba AD DC with >1000 usersVolker Lendecke2023-05-091-40/+62
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=15366 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue May 9 02:58:45 UTC 2023 on atb-devel-224
* winbind: Test wbinfo -u with more than 1000 usersVolker Lendecke2023-05-091-0/+28
| | | | | | | | | | | | | | | | | | | winbind asks dcerpc_samr_LookupRids in one batch, where samr.idl has NTSTATUS samr_LookupRids( [in,ref] policy_handle *domain_handle, [in,range(0,1000)] uint32 num_rids, [in,size_is(1000),length_is(num_rids)] uint32 rids[], [out,ref] lsa_Strings *names, [out,ref] samr_Ids *types ); limiting num_rids to 1000 entries. Test this. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15366 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:lib: Fix typosJoseph Sutton2023-05-051-2/+2
| | | | | | | | | These typos were also spotted by a mailing list user: https://lists.samba.org/archive/samba-technical/2023-April/138190.html Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:utils: Move error-handling code into more suitable spot (CID 1524680)Joseph Sutton2023-05-041-7/+7
| | | | | | | | | | | | | The loop above would only exit once ‘c’ was equal to −1, and thus this code could never be reached. Also set ‘ok’ to false to indicate failure. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu May 4 01:29:10 UTC 2023 on atb-devel-224
* s3:utils: Use ‘int’ for popt parametersJoseph Sutton2023-05-041-6/+6
| | | | | | | | | | | Previously we were handing the addresses of bool parameters to popt for POPT_ARG_NONE parameters. This is not supported, and popt was returning POPT_ERROR_BADOPERATION for these parameters (not bundled popt, though, nor on Debian or Ubuntu). Using integers instead ensures that these addresses are aligned and sized as popt expects. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3:utils: Use floating-point arithmetic when result is assigned to a doubleJoseph Sutton2023-05-041-1/+1
| | | | | | | This avoids any loss of precision from performing an integer division. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3/utils: when encoding ace string use "FA", "FR", "FW", "FX" string rightsNoel Power2023-04-281-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | prior to this patch rights matching "FA", "FR", "FW", "FX" were outputted as the hex string representing the bit value. While outputting the hex string is perfectly fine, it makes it harder to compare icacls output (which always uses the special string values) Additionally adjust various tests to deal with use of shortcut access masks as sddl format now uses FA, FR, FW & FX strings (like icalcs does) instead of hex representation of the bit mask. adjust samba4.blackbox.samba-tool_ntacl samba3.blackbox.large_acl samba.tests.samba_tool.ntacl samba.tests.ntacls samba.tests.posixacl so various string comparisons of the sddl format now pass Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> [abartlet@samba.org Adapted to new stricter SDDL behaviour around leading zeros in hex numbers, eg 0x001]
* s3:torture: sid2unixid2: DEBUG blames the right functionDouglas Bagnall2023-04-281-7/+7
| | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:torture:LOCAL-IDMAP-TDB-COMMON: avoid talloc stacktraceDouglas Bagnall2023-04-281-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The short version is: Running LOCAL-IDMAP-TDB-COMMON test_getnewid1: PASSED! test_setmap1: PASSED! test_unixid2sid1: PASSED! test_sid2unixid1: could not create uid map! TEST LOCAL-IDMAP-TDB-COMMON FAILED! LOCAL-IDMAP-TDB-COMMON took 0.029819 secs Freed frame ../../source3/torture/torture.c:15748, expected ../../source3/torture/test_idmap_tdb_common.c:986. =============================================================== INTERNAL ERROR: Frame not freed in order. in pid 3692106 (4.19.0pre1-DEVELOPERBUILD) If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting =============================================================== PANIC (pid 3692106): Frame not freed in order. in 4.19.0pre1-DEVELOPERBUILD BACKTRACE: 11 stack frames: #0 bin/shared/private/libgenrand-samba4.so(log_stack_trace+0x32) [0x7f2f39b430ba] #1 bin/shared/private/libgenrand-samba4.so(smb_panic_log+0x1dd) [0x7f2f39b43037] #2 bin/shared/private/libgenrand-samba4.so(smb_panic+0x1c) [0x7f2f39b43056] #3 bin/shared/libsamba-util.so.0(+0x75309) [0x7f2f3a659309] #4 bin/shared/private/libtalloc-samba4.so(+0x5cc6) [0x7f2f3a758cc6] #5 bin/shared/private/libtalloc-samba4.so(+0x6173) [0x7f2f3a759173] #6 bin/shared/private/libtalloc-samba4.so(_talloc_free+0x10c) [0x7f2f3a75a54b] #7 /data/samba/samba-review/bin/smbtorture3(main+0xa97) [0x55cb3dc8cedc] #8 /lib/x86_64-linux-gnu/libc.so.6(+0x29d90) [0x7f2f396d4d90] #9 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x80) [0x7f2f396d4e40] #10 /data/samba/samba-review/bin/smbtorture3(_start+0x25) [0x55cb3dc59895] smb_panic(): calling panic action [/data/samba/samba-review/selftest/gdb_backtrace 3692106] Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:test_larg_acl: adapt for the canonical ACE flags formatDouglas Bagnall2023-04-281-2/+5
| | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:lib: Give better warnings about corrupted AppleDobule filesAndreas Schneider2023-04-271-5/+13
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Apr 27 09:25:50 UTC 2023 on atb-devel-224
* s3:lib: Move ad_unpack() debug message to notice levelAndreas Schneider2023-04-271-20/+34
| | | | | | We should give a good warning message one level above. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:torture: Fix possible array out of bounds accessAndreas Schneider2023-04-271-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In function ‘test_one’, inlined from ‘retest’ at source3/torture/locktest2.c:401:8: source3/torture/locktest2.c:331:37: error: array subscript 2 is above array bounds of ‘int[2][2][2]’ [-Werror=array-bounds=] 331 | fnum[server][fstype][conn][f] = try_open(cli[server][conn], nfs[server], fstype, FILENAME, | ~~~~~~~~~~~~^~~~~~~~ source3/torture/locktest2.c: In function ‘retest’: source3/torture/locktest2.c:390:23: note: while referencing ‘fnum’ 390 | int fnum[NSERVERS][NUMFSTYPES][NCONNECTIONS][NFILES], | ~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In function ‘test_one’, inlined from ‘retest’ at source3/torture/locktest2.c:401:8: source3/torture/locktest2.c:316:62: error: array subscript 2 is above array bounds of ‘int[2][2][2]’ [-Werror=array-bounds=] 316 | fnum[server][fstype][conn][f], | ~~~~~~~~~~~~^~~~~~~~ source3/torture/locktest2.c: In function ‘retest’: source3/torture/locktest2.c:390:23: note: while referencing ‘fnum’ 390 | int fnum[NSERVERS][NUMFSTYPES][NCONNECTIONS][NFILES], | ~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In function ‘test_one’, inlined from ‘retest’ at source3/torture/locktest2.c:401:8: source3/torture/locktest2.c:300:60: error: array subscript 2 is above array bounds of ‘int[2][2][2]’ [-Werror=array-bounds=] 300 | fnum[server][fstype][conn][f], | ~~~~~~~~~~~~^~~~~~~~ source3/torture/locktest2.c: In function ‘retest’: source3/torture/locktest2.c:390:23: note: while referencing ‘fnum’ 390 | int fnum[NSERVERS][NUMFSTYPES][NCONNECTIONS][NFILES], | ~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:torture: Remove trailing white spaces in locktest2.cAndreas Schneider2023-04-271-27/+27
| | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:locking: fix debug level for NT_STATUS_NOT_FOUND messanges in ↵Stefan Metzmacher2023-04-241-1/+1
| | | | | | | | | | | | get_static_share_mode_data BUG: https://bugzilla.samba.org/show_bug.cgi?id=15362 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Apr 24 14:13:35 UTC 2023 on atb-devel-224
* s3:client: Remove unused tree.cAndreas Schneider2023-04-201-812/+0
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Apr 20 12:56:53 UTC 2023 on atb-devel-224
* s3:libsmb: Also deprecate smbc_init()Andreas Schneider2023-04-201-14/+3
| | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
* s3:utils: Use smbc_set_credentials_with_fallback() for smbgetAndreas Schneider2023-04-201-43/+60
| | | | | | smbc_set_credentials() is deprecated. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
* s3:libsmb: Mark smbc_set_credentials() as deprecatedAndreas Schneider2023-04-201-22/+17
| | | | | | This will issue a compiler warning! Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
* s3:lib: Do not try to match '.' and '..' directories in is_in_path()Andreas Schneider2023-04-191-0/+5
| | | | | | | | | | | | | This fixes setting veto files to '.*' to not list hidden files and directories starting with a dot. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Apr 19 22:30:19 UTC 2023 on atb-devel-224
* s3:tests: Add test that veto files works for hidden filesAndreas Schneider2023-04-191-0/+25
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:tests: Create a temporary directory for test_veto_files.shAndreas Schneider2023-04-191-2/+8
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* pylibsmb: Return "flags" in create_returnsVolker Lendecke2023-04-181-1/+3
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Apr 18 15:58:42 UTC 2023 on atb-devel-224
* smbd: Save 488 bytes RSSVolker Lendecke2023-04-181-25/+83
| | | | | | | With this ld.so does not have to relocate the string pointers Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libsmb: Adapt cli_echo_send() to modern conventionsVolker Lendecke2023-04-181-31/+22
| | | | | | | | Nowadays we rather do protocol-specific _done() functions, and overall this cuts a few lines. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* smbd: Fix a DBG statementVolker Lendecke2023-04-181-2/+1
| | | | | | | This is not smbd_smb2_create_send() anymore. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libsmb: Make setting errno safer in SMBC_add_cached_server()Volker Lendecke2023-04-181-1/+1
| | | | | | | DEBUG should preserve errno, but make this more obvious. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libsmb: Simplify SMBC_add_cached_server()Volker Lendecke2023-04-181-9/+6
| | | | | | | ENOMEM is the only error condition we have Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libsmb: Avoid an explicit ZERO_STRUCTP with callocVolker Lendecke2023-04-181-3/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libsmb: Slightly simplify smbc_init()Volker Lendecke2023-04-181-13/+14
| | | | | | | Reduce indentation with an early return, review with git show -w Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libsmb: Make cli_smb2_qpathinfo2() asynchronousVolker Lendecke2023-04-183-65/+188
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libsmb: Make cli_qpathinfo2_done() parse the resultsVolker Lendecke2023-04-181-20/+36
| | | | | | | Make it easier to do an async SMB2 version Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libsmb: Introduce type-safe struct cli_smb2_create_flagsVolker Lendecke2023-04-185-32/+52
| | | | | | | | | | | | | | | This makes it clearer what to pass into the create_flags argument to cli_smb2_create_fnum(). There was already confusion in source3/torture/test_smb2.c: It passed in SMB2_OPLOCK_LEVEL_NONE (which was okay because it #defines to 0), but it should have been a straight 0, for example SMB2_OPLOCK_LEVEL_EXCLUSIVE would have been wrong. This way adding other flags (.nofollow comes to mind) will be much easier to handle. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* shadow_copy2: Fix stream open for streams_depot pathsVolker Lendecke2023-04-171-9/+16
| | | | | | | | | | | | | streams_depot hands us absolute paths with : filename components instead of having set smb_fname_in->stream_name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15358 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Apr 17 18:11:07 UTC 2023 on atb-devel-224
* streams_depot: Create files when requestedVolker Lendecke2023-04-171-1/+1
| | | | | | | | | | | | | If you set "create mask = 0600" no streams will be created.... Tested manually. Not creating an automated test for this, there are so many places where this can go wrong that testing this individual glitch does not gain us much confidence. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15357 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* selftest: Fix samba3.clustered.smb2.deny.deny2 testJoseph Sutton2023-04-121-1/+1
| | | | | | | | | This test failed to start, emitting the following error: Unknown torture operation 'clustered.smb2.deny.deny2' To fix this, remove the 'clustered.' prefix from the test name. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest: Only run clusteredmember tests if ctdb is builtJoseph Sutton2023-04-121-49/+54
| | | | | | | Trying to run any of these tests without having built ctdb results in a failure, as the environment cannot be started. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:tests: Correct conditionJoseph Sutton2023-04-121-1/+1
| | | | Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:script: Always return a non-zero status code on failureJoseph Sutton2023-04-122-4/+12
| | | | | | | If $expected didn't match $received, these functions would still return zero. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* testprogs: Make testit_expect_failure() return 0 on successJoseph Sutton2023-04-121-12/+12
| | | | | | | | | This is the behaviour that most existing callers expect, but the function actually returns a non-zero status code in that case. Adjust all callers expecting the opposite behaviour to match. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
View Lorry Controller Status