Andrew Bartlett [Tue, 7 Nov 2023 00:44:55 +0000 (13:44 +1300)]
libcli/security: conditional aces: don't allow U+0000 in unicode
Allowing this broke a round-trip decode-encode fuzz test. Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62742
(Comments are from an earlier commit by Douglas Bagnall <douglas.bagnall@catalyst.net.nz>)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 13 02:30:23 UTC 2023 on atb-devel-224
Andrew Bartlett [Sun, 5 Nov 2023 22:11:14 +0000 (11:11 +1300)]
librpc/ndr: Add support for LIBNDR_FLAG_STR_NO_EMBEDDED_NUL
This requires that, other than termination, no NUL (\0) codepoints
exist in the input string, because bytes beyon that will be lost
in the output string.
This in turn causes trouble for round-trip testing, so it is easiest
to reject it upfront (on an opt-in basis).
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Andrew Bartlett [Sun, 5 Nov 2023 21:18:47 +0000 (10:18 +1300)]
librpc/ndr: Remove confusing case where returned string pointer "as" could be NULL
The failure to talloc_strdup("") is just an error and all other cases set the
string or given an error.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Volker Lendecke [Thu, 9 Nov 2023 15:23:49 +0000 (16:23 +0100)]
torture3: Correct use of enum client_flavour defines
enum client_flavour does not define LINUX, it defines WINDOWS and
POSIX.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 10 02:33:33 UTC 2023 on atb-devel-224
Volker Lendecke [Thu, 9 Nov 2023 15:18:13 +0000 (16:18 +0100)]
librpc: Fix the build on FreeBSD
ndr_wsp.h included standalone does not find struct timespec on FreeBSD
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 9 Nov 2023 15:17:50 +0000 (16:17 +0100)]
librpc: Fix #define header guard
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Joseph Sutton [Thu, 9 Nov 2023 23:43:03 +0000 (12:43 +1300)]
third_party/heimdal: krb5: Try to decode e-data as KERB-ERROR-DATA (falling back to METHOD-DATA) (Import lorikeet-heimdal-
202311092338 (commit
50996e5f0b0f22a4eb755a6f22cb7b4ecab2aeea))
Previously we tried to decode KERB-ERROR-DATA as METHOD-DATA,
resulting in a confusing error message. Now we just ignore it; but we
could also choose to set an error message containing the NTSTATUS code
in hexadecimal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15514
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Nov 10 01:35:32 UTC 2023 on atb-devel-224
Joseph Sutton [Tue, 7 Nov 2023 02:44:21 +0000 (15:44 +1300)]
netcmd: Disallow device‐specific attributes and operators for allowed‐to‐authenticate‐from fields
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 9 09:01:25 UTC 2023 on atb-devel-224
Joseph Sutton [Tue, 7 Nov 2023 02:43:29 +0000 (15:43 +1300)]
netcmd: Add ‘allow_device_in_sddl’ parameter to SDDLField()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 7 Nov 2023 02:42:38 +0000 (15:42 +1300)]
s4:librpc: Add ‘allow_device_in_sddl’ parameter to security.descriptor.from_sddl()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 3 Nov 2023 01:57:02 +0000 (14:57 +1300)]
libcli/security: Optionally disallow device‐specific attributes and operators where they are not applicable
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 7 Nov 2023 03:50:49 +0000 (16:50 +1300)]
netcmd:tests: Test authentication policies containing device‐specific attributes and operators
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 7 Nov 2023 02:35:28 +0000 (15:35 +1300)]
libcli/security: Mark arrays ‘const’
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 7 Nov 2023 00:39:04 +0000 (13:39 +1300)]
ilbcli/security: Fix duplicated words
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 6 Nov 2023 22:57:21 +0000 (11:57 +1300)]
libcli/security: Include missing headers
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 6 Nov 2023 22:48:58 +0000 (11:48 +1300)]
libcli/security: Reassign flags
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 6 Nov 2023 23:16:12 +0000 (12:16 +1300)]
s4:librpc: Fix leak
We should not leak error messages returned by sddl_decode_err_msg().
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 6 Nov 2023 23:15:37 +0000 (12:15 +1300)]
s4:librpc: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 2 Nov 2023 03:34:52 +0000 (16:34 +1300)]
third_party/heimdal: Import lorikeet-heimdal-
202311082119 (commit
844610f06bac2b7b2a208cbabc7414bde23abac7)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 26 Oct 2023 04:11:43 +0000 (17:11 +1300)]
tests/krb5: Test Kerberos principal names containing non–BMP Unicode characters
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 7 Nov 2023 23:41:16 +0000 (12:41 +1300)]
tests/krb5: Add ‘expected_sname’ parameter to _fast_as_req()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 26 Oct 2023 03:43:09 +0000 (16:43 +1300)]
tests/krb5: Encode KerberosString objects as UTF‐8
Windows treats Kerberos strings as UTF‐8, but by default, pyasn1 encodes
strings as ISO-8859-1. (There is a UTF8String type that gets encoded as
UTF‐8, but it has a different ASN.1 encoding from GeneralString, and so
can’t be used). asn1ate provides no way to override the encoding.
Except…
It turns out we can force UTF‐8 encoding by cunningly overriding
KerberosString.__getattribute__().
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 26 Oct 2023 00:08:09 +0000 (13:08 +1300)]
tests/krb5: Move ‘rfc4120_pyasn1’ to ‘rfc4120_pyasn1_generated’
‘rfc4120_pyasn1_generated’ is not to be used directly. Its contents are
now reexported from ‘rfc4120_pyasn1’, which becomes a simple wrapper.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Tue, 21 Apr 2020 07:40:12 +0000 (09:40 +0200)]
librpc: add missing service control defines
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Mon, 20 Apr 2020 16:16:32 +0000 (18:16 +0200)]
s4-torture: add test for svcctl_ControlServiceExW()
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Mon, 20 Apr 2020 16:51:14 +0000 (18:51 +0200)]
librpc: add svcctl_ServiceStopReason enums
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Mon, 20 Apr 2020 13:09:01 +0000 (15:09 +0200)]
s4-torture: add test for svcctl_QueryServiceConfigEx
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Mon, 20 Apr 2020 16:51:37 +0000 (18:51 +0200)]
librpc: use SERVICE_CONTROL enum in ControlService calls
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Wed, 4 Mar 2020 14:23:50 +0000 (15:23 +0100)]
librpc: add various new commands and types to SVCCTL IDL.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Thu, 12 Mar 2020 12:37:28 +0000 (13:37 +0100)]
svcctl: rename SERVICE_FAILURE_ACTIONS to SERVICE_FAILURE_ACTIONSW
(there will be a SERVICE_FAILURE_ACTIONSA variant also)
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Wed, 4 Mar 2020 12:47:13 +0000 (13:47 +0100)]
svcctl: unify operation names and always prefix with svcctl_
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 26 Oct 2023 22:51:02 +0000 (15:51 -0700)]
vfs_gpfs: Implement CAP_DAC_OVERRIDE for fstatat
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Nov 8 18:42:13 UTC 2023 on atb-devel-224
Christof Schmitt [Thu, 26 Oct 2023 21:45:34 +0000 (14:45 -0700)]
vfs_gpfs: Implement CAP_DAC_OVERRIDE for fstat
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Thu, 26 Oct 2023 21:39:46 +0000 (14:39 -0700)]
vfs_gpfs: Move fstatat with DAC_CAP_OVERRIDE to helper function
Allow reuse of this code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Thu, 26 Oct 2023 21:37:15 +0000 (14:37 -0700)]
vfs_gpfs: Use O_PATH for opening dirfd for stat with CAP_DAC_OVERRIDE
Use O_PATH when available; this avoids the need for READ/LIST access on
that directory. Keep using O_RDONLY if the system does not have O_PATH.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Joseph Sutton [Tue, 7 Nov 2023 03:19:30 +0000 (16:19 +1300)]
s4:kdc: Don’t convey PAC buffers from an RODC‐issued PAC
Such buffers are not to be trusted.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov 7 22:54:42 UTC 2023 on atb-devel-224
Joseph Sutton [Tue, 7 Nov 2023 03:22:41 +0000 (16:22 +1300)]
s4:kdc: Move return code checks closer to where the return codes are set
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 6 Nov 2023 22:45:50 +0000 (11:45 +1300)]
s4:auth: Add comment about claims going ignored for SamLogon
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 6 Nov 2023 22:43:36 +0000 (11:43 +1300)]
s4:auth: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 6 Nov 2023 22:10:59 +0000 (11:10 +1300)]
tests/krb5: Add tests for AllowedToAuthenticateTo with SamLogon
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 16 Oct 2023 23:01:34 +0000 (12:01 +1300)]
tests/krb5: Add test for an authentication policy that allows a specific account
This is a counterpart to ‘test_conditional_ace_allowed_from_user_deny’.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 3 Nov 2023 00:51:27 +0000 (13:51 +1300)]
tests/krb5: Correct authentication policy SDDL
There is no claim called ‘abc’, so the condition ‘(abc)’ is always going
to fail. Replace this with a condition using ‘Member_of’.
Furthermore, an ACL containing only Deny ACEs will only ever deny. Add a
trailing Allow ACE so that the ACL might allow other principals.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 2 Nov 2023 23:00:15 +0000 (12:00 +1300)]
tests/krb5: Remove unused parameter ‘expected_device_groups’
It was never passed in by any callers.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 2 Nov 2023 22:59:48 +0000 (11:59 +1300)]
tests/krb5: Remove unused parameter ‘expected_device_groups’
It was never passed in by any callers.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Sat, 4 Nov 2023 15:17:36 +0000 (16:17 +0100)]
smbd: Make get_real_filename_cache_key() static in files.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Nov 7 13:58:07 UTC 2023 on atb-devel-224
Volker Lendecke [Wed, 18 Oct 2023 09:50:20 +0000 (11:50 +0200)]
smbd: Simplify openat_pathref_fsp_case_insensitive()
This is more lines of code, but it's still a simplification. With this
patch we don't call the full openat_pathref_fsp() anymore when looking
up the last component in filename_convert_dirfsp(), instead we do the
direct SMB_VFS_OPENAT(). We don't need the whole complexity of
non_widelink_open() for this case, we do know that we have a real
non-cwd dirfsp.
The other big change that is not obvious just from looking at the
patch: This removes the special case for looking up posix
symlinks. Before this patch, filename_convert_dirfsp() returned a
proper smb_filename but without an attached fsp when a smb1 posix
client hits a symlink. This caused all sorts of special case code
everywhere. For example smbd_do_qfilepathinfo() needs to cover both
cases just for the smb1 posix symlink case. This special-case handling
can go now. We can do the path lookup in the smb1-only qpathinfo code
and call into the common code with a proper fsp.
When hitting a symlink and with O_PATH available, we'll get the
symlink opened with an O_PATH fd. Without O_PATH we obviously can't do
that, there we get fd=-1 and an indication that we don't have the
procfd fallback around.
Why all this?
I want to present FIFOs (and eventually symlinks) as reparse points as
the very next step. Without this patch, there is no real unified way
to get the file attributes from disk. Now we can use the proper logic
of fdos_mode() everywhere and not rely on special cases for fsp==NULL.
This patch also changes some error codes for smb1 posix extensions. I
chose to just change the test instead of going after each and every
change. As long as we do get an error, I'm willing to accept that we
slightly change error path behaviour for this deprecated code.
And, I tried to split this up into smaller patches but I failed.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sat, 4 Nov 2023 14:41:40 +0000 (15:41 +0100)]
smbd: Make get_real_filename_cache_key() public
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 25 Oct 2023 16:58:34 +0000 (18:58 +0200)]
smbd: We want to delete symlinks as such in reply_unlink()
Even with "follow symlinks = yes" we don't want to delete the target
when being given a symlink name.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 23 Oct 2023 13:45:08 +0000 (15:45 +0200)]
smbd: Make create_open_symlink_err() public
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 1 Dec 2022 16:42:13 +0000 (17:42 +0100)]
smbd: Make in_create_options available in smbd_smb2_create_after_exec()
Enable NT_STATUS_IO_REPARSE_TAG_NOT_HANDLED and _STOPPED_ON_SYMLINK if
not opening with FILE_OPEN_REPARSE_POINT. We only know after all the
open logic what we have.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 23 Oct 2023 14:40:55 +0000 (16:40 +0200)]
smbd: Make a fake file's stat a valid regular file
We'll add strict checks to only open IFDIR and IFREG soon.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 29 Oct 2023 11:10:08 +0000 (12:10 +0100)]
smbd: Simplify fsp_fullbasepath()
Don't call snprintf() if not necessary.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 25 Oct 2023 17:22:11 +0000 (19:22 +0200)]
smbd: Correct PATH_ vs NAME_NOT_FOUND for not following lcomp
Right now this is handled in openat_pathref_fsp(), but this will
change soon.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 24 Oct 2023 16:47:59 +0000 (18:47 +0200)]
smbd: Return OBJECT_NAME_NOT_FOUND if lcomp points outside the share
filename_convert_dirfsp() is the only caller of
safe_symlink_target_path(). Right now this is not called with
"unparsed==0" because the last component is handled in
openat_pathref_fsp() and thus non_widelink_open(). I have code that
will change this, so that we can simplify
openat_pathref_fsp_case_insensitive() to directly call OPENAT, not
going through non_widelink_open. This will cause
safe_symlink_target_path() also be called for the last component,
which means it needs logic to distinguish between PATH_ and
NAME_NOT_FOUND.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 16 Dec 2022 15:35:00 +0000 (16:35 +0100)]
smbd: Return open_symlink_err from filename_convert_dirfsp_nosymlink()
Don't lose information returned from openat_pathref_fsp_nosymlink()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 31 Oct 2023 14:48:09 +0000 (15:48 +0100)]
libcli: Fix whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 15 Oct 2023 15:56:46 +0000 (17:56 +0200)]
smbd: We don't reopen anything but dirs and files
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 2 Nov 2023 12:35:19 +0000 (13:35 +0100)]
smbd: Remove a few pointless return; statements
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 31 Oct 2023 14:38:46 +0000 (15:38 +0100)]
smbd: Protect ea-reading on symlinks
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 31 Oct 2023 14:35:59 +0000 (15:35 +0100)]
smbd: Remove an assert that never triggers
We've checked that right above.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 3 Nov 2023 15:02:32 +0000 (16:02 +0100)]
librpc: Fix error path cleanups in start_rpc_host_send()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Sun, 29 Oct 2023 17:08:22 +0000 (18:08 +0100)]
CI: smb3unix.py: check more attributes of test files (and dirs) in test_posix_perm_files()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Nov 5 19:35:51 UTC 2023 on atb-devel-224
Ralph Boehme [Fri, 3 Nov 2023 10:09:47 +0000 (11:09 +0100)]
smbtorture3: also check test file and it's attributes in two POSIX tests
Verifies that the correct DOS attribute, FILE_ATTRIBUTE_ARCHIVE in this case,
are returned over SMB1 with UNIX extensions.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 11:25:38 +0000 (12:25 +0100)]
smbd: allow setting ARCHIVE bit in POSIX context with "store dos attributes"
Cf https://lists.samba.org/archive/samba-technical/2023-October/138504.html
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 09:11:50 +0000 (10:11 +0100)]
smbtorture3: prepare POSIX tests for differentianting between client flavour in the list callback
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 11:28:28 +0000 (12:28 +0100)]
smbtorture3: remove unused initializers
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 09:05:30 +0000 (10:05 +0100)]
smbd: s/FILE_ATTRIBUTES_INVALID/FILE_ATTRIBUTE_INVALID/g
No idea what got me into having an "S" in the define when I added it.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 05:05:25 +0000 (06:05 +0100)]
smbtorture3: reduce indentation in posix_ls_fn()
Prepares for adding more logic in a later commit.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 11:24:35 +0000 (12:24 +0100)]
smbd: allow POSIX opens for file_set_dosmode() in rename_internals_fsp()
As this check was previously added to file_set_dosmode() this is not yet a
change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 11:24:12 +0000 (12:24 +0100)]
smbd: allow POSIX opens for file_set_dosmode() in mkdir_internal()
As this check was previously added to file_set_dosmode() this is not yet a
change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 11:23:44 +0000 (12:23 +0100)]
smbd: allow POSIX opens for file_set_dosmode() in mark_file_modified()
As this check was previously added to file_set_dosmode() this is not yet a
change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 11:16:59 +0000 (12:16 +0100)]
smbd: move POSIX check from possibly_set_archive() to file_set_dosmode()
No change in behaviour. Move the check to the more low-level function
file_set_dosmode() to ensure all callers use this consistently.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 11:10:17 +0000 (12:10 +0100)]
smbd: in file_set_dosmode() do an early exit if smb_fname->fsp is NULL
No change in behaviour. Simplifies coming changes.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 31 Oct 2023 09:06:38 +0000 (10:06 +0100)]
smbd: ignore symlinks in file_set_dosmode()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 30 Oct 2023 18:15:53 +0000 (19:15 +0100)]
smbd: add and use helper function possibly_set_archive()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 30 Oct 2023 18:04:56 +0000 (19:04 +0100)]
smbd: remove call to fdos_mode() when setting DOS attrs
This added in
49a754b82d33fb523cda4151a865584ae52a2e2f to work with stored
itime based File-Ids. Since switching back to purely inode based File-Ids we
can remove this call that primed itime from DOS xattr.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Joseph Sutton [Fri, 3 Nov 2023 01:27:52 +0000 (14:27 +1300)]
third_party/heimdal: Import lorikeet-heimdal-
202311030123 (commit
2346a67fe25cbf16128501665db41f6840546e15)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Nov 3 03:53:08 UTC 2023 on atb-devel-224
Joseph Sutton [Tue, 31 Oct 2023 20:33:10 +0000 (09:33 +1300)]
tests/krb5: Fix comments
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 2 20:13:50 UTC 2023 on atb-devel-224
Joseph Sutton [Thu, 2 Nov 2023 01:32:58 +0000 (14:32 +1300)]
tests/krb5: Test RODC‐issued TGTs that already contain device info/claims
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 2 Nov 2023 01:32:00 +0000 (14:32 +1300)]
tests/krb5: Don’t reuse SID S-1-2-3-4
We’re already using it in ‘client_sids’ to work around a bug in Windows.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 1 Nov 2023 03:59:21 +0000 (16:59 +1300)]
tests/krb5: Test target authentication policies when the TGT already contains device info/claims
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 2 Nov 2023 02:29:32 +0000 (15:29 +1300)]
tests/krb5: Add tests for PACs containing extraneous buffers
Test that the KDC removes these buffers from RODC‐issued PACs.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 2 Nov 2023 02:27:24 +0000 (15:27 +1300)]
tests/krb5: Pass a list of PAC modification functions
This is simpler than chaining functions together.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 1 Nov 2023 00:55:14 +0000 (13:55 +1300)]
tests/krb5: Test performing a FAST‐armored TGS‐REQ when the TGT already contains device info/claims
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 31 Oct 2023 21:16:57 +0000 (10:16 +1300)]
tests/krb5: Add support to test framework for existing device info or claims buffers
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 1 Nov 2023 00:39:28 +0000 (13:39 +1300)]
tests/krb5: Always expect client claims
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 1 Nov 2023 00:38:24 +0000 (13:38 +1300)]
tests/krb5: Ensure that device SIDs and claims are present only if we expect them to be
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 1 Nov 2023 00:07:54 +0000 (13:07 +1300)]
tests/krb5: No longer pass two‐component form of TGS principal
Samba now handles one‐component TGS principals more correctly.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 31 Oct 2023 23:05:50 +0000 (12:05 +1300)]
tests/krb5: Remove unused import
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 30 Oct 2023 18:29:57 +0000 (07:29 +1300)]
selftest/flapping: Mark smb2.multichannel.bugs.bug_15346(nt4_dc) flapping
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15498
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Wed, 1 Nov 2023 14:39:12 +0000 (15:39 +0100)]
tests: Convert the regression test for bug15505 to python
The shell version is flapping, but I can't really figure out
why. Maybe this version is not flapping, and it also shows the failure
if you revert
952d6c2cf48.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Wed, 1 Nov 2023 14:38:55 +0000 (15:38 +0100)]
tests: Make clean_file() handle directories
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Wed, 1 Nov 2023 13:22:09 +0000 (14:22 +0100)]
tests: Allow to specify share names in smb2symlink tests
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 30 Oct 2023 23:14:27 +0000 (12:14 +1300)]
s4:rpc_server: Properly initialize ‘lsa_CreateTrustedDomainEx2’ structure (CID
1499404)
dcesrv_lsa_CreateTrustedDomain_base() invokes DCESRV_PULL_HANDLE(),
which invokes DCESRV_PULL_HANDLE_RETVAL(), which invokes
DCESRV_CHECK_HANDLE(), which might invoke DCESRV_FAULT(), which accesses
r2.out.result, which is uninitialized — invoking undefined behaviour.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 2 04:04:49 UTC 2023 on atb-devel-224
Joseph Sutton [Mon, 30 Oct 2023 23:11:37 +0000 (12:11 +1300)]
s4:rpc_server: Properly initialize ‘lsa_CreateTrustedDomainEx2’ structure (CID
1499407)
dcesrv_lsa_CreateTrustedDomain_base() invokes DCESRV_PULL_HANDLE(),
which invokes DCESRV_PULL_HANDLE_RETVAL(), which invokes
DCESRV_CHECK_HANDLE(), which might invoke DCESRV_FAULT(), which accesses
r2.out.result, which is uninitialized — invoking undefined behaviour.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 30 Oct 2023 23:21:26 +0000 (12:21 +1300)]
s3:rpc_client: Add missing ‘break’ statement
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 30 Oct 2023 22:39:09 +0000 (11:39 +1300)]
s3:rpc_client: Align integer types (CID
1548342)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 30 Oct 2023 23:16:15 +0000 (12:16 +1300)]
s3:utils: Initialize flags (CID
1499396)
If ‘got_bcast’ is false and ‘give_flags’ is true, this variable will be
used uninitialized.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 30 Oct 2023 22:35:25 +0000 (11:35 +1300)]
s3:utils: Avoid integer overflow (CID
1548343)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 30 Oct 2023 22:33:39 +0000 (11:33 +1300)]
s3:utils: Align integer type
If ‘count’ is larger than INT_MAX, ‘i’ might overflow in the loop and
lead to undefined behaviour.
See also CID
1548342.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>