summaryrefslogtreecommitdiff
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* auth: Simplify session generationVolker Lendecke2019-11-061-12/+3
| | | | | | | We don't need to parse a text sid, we have those as binary available Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* CVE-2019-14847 dsdb: Correct behaviour of ranged_results when combined with ↵Andrew Bartlett2019-10-312-7/+27
| | | | | | | | | | | | dirsync BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org> Autobuild-Date(master): Thu Oct 31 23:29:15 UTC 2019 on sn-devel-184
* CVE-2019-14847 dsdb: Demonstrate the correct interaction of ranged_results ↵Andrew Bartlett2019-10-311-0/+26
| | | | | | | | | | | | style attributes and dirsync Incremental results are provided by a flag on the dirsync control, not by changing the attribute name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* s4-torture: Reduce flapping in SambaToolDrsTests.test_samba_tool_replicate_localAndrew Bartlett2019-10-311-1/+2
| | | | | | | | | This test often flaps in Samba 4.9 (where more tests and DCs run in the environment) with obj_1 being 3. This is quite OK, we just need to see some changes get replicated, not 0 changes. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* source4/scripting/bin/samba_upgradeprovision: typo fixesBjörn Jacke2019-10-311-5/+5
| | | | | Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* source4/rpc_server/lsa/lsa_lookup.c: typo fixesBjörn Jacke2019-10-311-4/+4
| | | | | Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* source4/libcli/libcli.h: typo fixesBjörn Jacke2019-10-311-1/+1
| | | | | Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* source4/libcli/clireadwrite.c: typo fixesBjörn Jacke2019-10-311-1/+1
| | | | | Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* source4/dsdb/schema/schema_description.c: typo fixesBjörn Jacke2019-10-311-27/+27
| | | | | Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
* s4: torture: Add additional smbc_readdirplus2() tests into readdirplus_seek().Jeremy Allison2019-10-301-11/+104
| | | | | | | | Make sure we haven't broken anything :-). Signed-off-by: Puran Chand <pchand@vmware.com> Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4: torture Add a test for smbc_readdirplus2()Jeremy Allison2019-10-301-0/+138
| | | | | | Signed-off-by: Puran Chand <pchand@vmware.com> Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* torture: expand test "vfs.fruit.resource fork IO" to check sizeRalph Boehme2019-10-301-0/+29
| | | | | | | | | Reveals a bug where the resource fork size is capped at 65454 bytes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* CVE-2019-14833 dsdb: send full password to check password scriptBjörn Baumbach2019-10-291-6/+24
| | | | | | | | | | | | | | | | | | utf8_len represents the number of characters (not bytes) of the password. If the password includes multi-byte characters it is required to write the total number of bytes to the check password script. Otherwise the last bytes of the password string would be ignored. Therefore we rename utf8_len to be clear what it does and does not represent. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438 Signed-off-by: Björn Baumbach <bb@sernet.de> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Tue Oct 29 11:58:45 UTC 2019 on sn-devel-184
* s4:dirsync: fix interaction of dirsync and extended_dn controlsStefan Metzmacher2019-10-241-3/+18
| | | | | | | | | | | | | | | | | | | Azure AD connect reports discovery errors: reference-value-not-ldap-conformant for attributes member and manager. The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without an ExtendedDNRequestValue blob, which means the flag value should be treated as 0 and the HEX string format should be used. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153 RN: Prevent azure ad connect from reporting discovery errors: reference-value-not-ldap-conformant Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Oct 24 11:06:58 UTC 2019 on sn-devel-184
* s4:tests/dirsync: add tests for dirsync with extended_dnStefan Metzmacher2019-10-241-0/+31
| | | | | | | | | | | | | | | | | | This demonstrates a problems that the extended_dn returned by the dirsync module always uses the SDDL format for GUID/SID components. Azure AD connect reports discovery errors: reference-value-not-ldap-conformant for attributes member and manager. The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without an ExtendedDNRequestValue blob, which means the flag value should be treated as 0 and the HEX string format should be used. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blobStefan Metzmacher2019-10-211-3/+3
| | | | | | | | | | | | | We need the target service without realm, but the proxy services with realm. I have a domain with an w2008r2 server and a samba and now both generate the same S4U_DELEGATION_INFO. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest: add a test for PAC delegation-info blob in S4U2ProxyIsaac Boukris2019-10-211-0/+233
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest/remote_pac: split test_PACVerify() in twoIsaac Boukris2019-10-211-37/+60
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* librpc:core: Allocate struct dcesrv_interface with tallocSamuel Cabrero2019-10-182-6/+7
| | | | | | | | | The S3 implementation needs to reinit the dcesrv_context and free the endpoints list with their registered interfaces. Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Move core functions to core librarySamuel Cabrero2019-10-185-3829/+2
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Move core structures and prototypes to core librarySamuel Cabrero2019-10-181-577/+1
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* librpc: Add new dcerpc server core librarySamuel Cabrero2019-10-181-1/+1
| | | | | | | | Next commits will move the core of s4 rpc server to this library. Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Make functions publicSamuel Cabrero2019-10-182-11/+27
| | | | | | | | | These functions will be moved to core dcerpc library and called from s4 and s3 implementations. Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Add public function dcesrv_connection_loop_startSamuel Cabrero2019-10-182-16/+21
| | | | | | | | | This function starts the server loop and will be called from s3 and s4 implementations. Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Add transport termination function pointerSamuel Cabrero2019-10-182-4/+14
| | | | | | | | | | | | As the dcesrv_terminate_connection function will be moved to the shared rpc server core library, hide the stream_terminate_connection call behind a function pointer. The s3 implementation will define its own termination function. Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Find association groups through context callbacksSamuel Cabrero2019-10-184-36/+55
| | | | | | | | | Split the association group management from the server code, the s3 and s4 implementation will handle differently. Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: inline the dcesrv_assoc_group_find functionSamuel Cabrero2019-10-181-17/+6
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Hide gensec prepare behind function pointerSamuel Cabrero2019-10-185-25/+47
| | | | | | | | This function will be different for s3 and s4 Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Add dcesrv_context_callbacks to dcesrv_contextSamuel Cabrero2019-10-185-39/+72
| | | | | | | | | | | | Add a new struct dcesrv_context_callbacks in dcesrv_context to hold pointers to functions whose implementation will differ between S3 and S4. The log_successful_dcesrv_authz_event implementation will differ as it requires an imessaging_context. Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Do not include s4 librpc headers in dcerpc coreSamuel Cabrero2019-10-185-3/+3
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* librpc: Move dcerpc_log_packet from s4 librpc to common librpcSamuel Cabrero2019-10-181-39/+0
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* librpc: Move dcerpc_ncacn_push_auth from s4 librpc to common librpcSamuel Cabrero2019-10-181-56/+0
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:librpc: Rename ncacn_push_auth to dcerpc_ncacn_push_authSamuel Cabrero2019-10-184-13/+22
| | | | | | | | Next commit will move this function to common librpc Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Split dcerpc_generic_session_key for server and clientSamuel Cabrero2019-10-184-10/+5
| | | | | | | | | Split the common bits of dcerpc_generic_session_key to librpc and rename client the specific part to dcecli_generic_session_key. Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Remove server_id from dcerpc core structsSamuel Cabrero2019-10-183-8/+11
| | | | | | | | Add a helper function to retrieve it from the stream connection. Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Remove imessaging_context from dcerpc core structsSamuel Cabrero2019-10-1811-44/+98
| | | | | | | | | Add a helper function to retrieve the imessaging_context from the stream connection. Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Rename common/reply.c to dcesrv_reply.cSamuel Cabrero2019-10-182-1/+1
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Cleanup includesSamuel Cabrero2019-10-185-24/+8
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:rpc_server: Fix debug string printing duplicated function nameSamuel Cabrero2019-10-181-2/+1
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:torture: Assert connectionSamuel Cabrero2019-10-181-6/+4
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:torture: Fix torture commentSamuel Cabrero2019-10-181-2/+3
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:torture: Add bracesSamuel Cabrero2019-10-181-1/+2
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* dsdb: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in operational moduleAndrew Bartlett2019-10-181-3/+2
| | | | | | | | | | | This call does not use the context argument so no additional parameter is needed. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Mulder <dmulder@suse.com> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Oct 18 10:58:45 UTC 2019 on sn-devel-184
* s4-rpc_server: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in getncchangesAndrew Bartlett2019-10-181-8/+6
| | | | | | | | This call does not use the context argument so no additional parameter is needed. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Mulder <dmulder@suse.com> Reviewed-by: Andreas Schneider <asn@samba.org>
* dsdb: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in repl_meta_data moduleAndrew Bartlett2019-10-181-4/+3
| | | | | | | | This call does not use the context argument so no additional parameter is needed. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: David Mulder <dmulder@suse.com> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:selftest: Do not print the target env twiceAndreas Schneider2019-10-121-16/+16
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:selftest: Do not print the target env twiceAndreas Schneider2019-10-121-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: add tests for no optimistic spnego exchangeIsaac Boukris2019-10-121-0/+4
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Signed-off-by: Isaac Boukris <iboukris@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* librpc: Remove client and server build of rot.idlAndrew Bartlett2019-10-101-1/+0
| | | | | | | | We do not have a client or server for this DCOM component so do not generate the code for it. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* mdssvc.idl: pass policy_handle as pointerRalph Boehme2019-10-091-10/+10
| | | | | | | | | | | | No change in behaviour, this just changes all functions to take the policy_handle argument as pointer instead of passing it by value. This is how all other IDLs pass it. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Noel Power <noel.power@suse.com> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Wed Oct 9 15:52:55 UTC 2019 on sn-devel-184
View Lorry Controller Status