Andreas Schneider [Wed, 21 Feb 2024 08:10:47 +0000 (09:10 +0100)]
python:gp: Implement client site lookup in site_dn_for_machine()
This is [MS-GPOL] 3.2.5.1.4 Site Search.
The netr_DsRGetSiteName() needs to run over local rpc, however we do not
have the call implemented in our rpc_server. What netr_DsRGetSiteName()
actually does is an ldap query to get the sitename, we can just do the
same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15588
Signed-off-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Wed, 21 Feb 2024 07:56:06 +0000 (08:56 +0100)]
librpc:idl: Make netlogon_samlogon_response public
This is required that we can use it with ndrdump or in python to decode
a NETLOGON_SAM_LOGON_RESPONSE_EX ldap response.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15588
Signed-off-by: Andreas Schneider <asn@samba.org>
Martin Schwenke [Fri, 9 Feb 2024 06:29:46 +0000 (17:29 +1100)]
ctdb-protocol: Add missing push support for new controls
CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and
CTDB_CONTROL_TCP_CLIENT_PASSED were added in commits
c6602b686b4e50d93272667ef86d3904181fb1ab and
037e8e449deb136ad5ed5e4de05439411b545b6d. They were missing test
support for the packet push/pull. While adding the testing (for
completeness, before adding another new control) I noticed that the
push functionality was absent. This adds that, along with the test
support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15580
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Feb 19 10:21:48 UTC 2024 on atb-devel-224
Noel Power [Thu, 8 Feb 2024 14:05:43 +0000 (14:05 +0000)]
s3/rpc_client: Fix array offset check
Previous to this commit we were modifying the offset before
the array offset check. This was causing a spurious debug
message indicating the offset was out of bounds. An second
problem is that upon detecting the error we don't exit the loop.
A third problem was that when reading the offset the check
didn't cater for the size of the integer address about to be read.
This commit moves the offset check to before the first read,
additionally when an error is detected now we actually exit the loop
and the offset have been corrected to include the size of the
integer to be read
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Feb 17 17:58:43 UTC 2024 on atb-devel-224
Noel Power [Wed, 14 Feb 2024 11:19:39 +0000 (11:19 +0000)]
s3/rpc_client: Ensure max possible row buffer size is not exceeded
The max buf size of rows buffer should not exceed 0x00004000.
Ensuring this value is within limits means we can safely use
uint32_t offsets.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Noel Power [Wed, 14 Feb 2024 12:01:28 +0000 (12:01 +0000)]
idl: Add constant for max rows buffer size
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jo Sutton [Tue, 13 Feb 2024 03:53:57 +0000 (16:53 +1300)]
s4:dsdb: Fix grammar
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Feb 16 03:47:12 UTC 2024 on atb-devel-224
Jo Sutton [Tue, 13 Feb 2024 19:17:03 +0000 (08:17 +1300)]
libcli/security: Make ‘session_info’ parameter const
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 03:48:36 +0000 (16:48 +1300)]
s4:ldap_server: Remove trailing whitespace
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 18 Jan 2024 01:28:04 +0000 (14:28 +1300)]
libcli/security: Include missing headers
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 01:13:46 +0000 (14:13 +1300)]
s4:dsdb: Let requests with the AS_SYSTEM control reset an account’s password
dsdb_have_system_access() takes into account the AS_SYSTEM control as
well as the result of dsdb_module_am_system().
This change means that we can reset the password of an account without
being SYSTEM by means of the AS_SYSTEM control. This is essential for
ldapsrv_SearchRequest() to be able to process the automatic password
changes of Group Managed Service Accounts.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 01:12:30 +0000 (14:12 +1300)]
s4:dsdb: Make use of dsdb_have_system_access()
There should not be any change in behaviour.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 01:09:23 +0000 (14:09 +1300)]
s4:dsdb: Add function to determine whether we have system access
This takes into account the dsdb session info, as well as the presence
or absence of an AS_SYSTEM control.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 15 Feb 2024 03:48:29 +0000 (16:48 +1300)]
s4:dsdb: Add include guard to dsdb/samdb/ldb_modules/util.h
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 15 Feb 2024 03:48:06 +0000 (16:48 +1300)]
s4:dsdb: Remove redundant include
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 01:06:38 +0000 (14:06 +1300)]
s4:dsdb: Add function to create a GMSA password update request
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 00:50:40 +0000 (13:50 +1300)]
s4:dsdb: Remove unused includes
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 00:45:10 +0000 (13:45 +1300)]
s4:dsdb: Add to ‘user_attrs’ attributes required for Group Managed Service Accounts
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 00:43:59 +0000 (13:43 +1300)]
s3:passdb: Reformat long line
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 00:40:48 +0000 (13:40 +1300)]
s3:passdb: Reformat array of strings
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 00:40:29 +0000 (13:40 +1300)]
s3:passdb: Make array of strings static
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 00:40:20 +0000 (13:40 +1300)]
s3:passdb: Remove trailing whitespace
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 00:17:28 +0000 (13:17 +1300)]
pidl: Do not call mapTypeName() on expression
$var_name is not a type name, but an expression, such as ‘r->in.server’.
mapTypeName() will turn this into ‘struct r->in.server’, which makes no
sense.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 01:39:41 +0000 (14:39 +1300)]
lib:crypto: Add test for GMSA password derivation
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 00:04:06 +0000 (13:04 +1300)]
lib:crypto: Add functions for deriving gMSA passwords
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 13 Feb 2024 00:04:48 +0000 (13:04 +1300)]
lib:crypto: Add more GKDI functions
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 23:34:43 +0000 (12:34 +1300)]
ldb: Fix documentation typos
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 22:57:07 +0000 (11:57 +1300)]
ldb: Split out ldb_controls_get_control() to search a list of controls
Update the ldb ABI accordingly.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 22:54:57 +0000 (11:54 +1300)]
ldb: Correct copy‐and‐pasted comments
These comments refer to controls being added, but in these functions the
controls are actually being *searched* for.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 22:53:07 +0000 (11:53 +1300)]
ldb: Remove trailing whitespace
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 22:52:06 +0000 (11:52 +1300)]
s4:dsdb: Add dsdb_werror() macro
This works like dsdb_module_werror(), but does not require an ldb module
to work.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 22:51:35 +0000 (11:51 +1300)]
s4:dsdb: Add search flag indicating that gMSA passwords are to be updated
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 22:51:19 +0000 (11:51 +1300)]
s4:dsdb: Include missing headers
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 22:25:33 +0000 (11:25 +1300)]
s4:dsdb: Add dsdb control indicating that gMSA passwords are to be updated
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 22:26:08 +0000 (11:26 +1300)]
s4:setup: Remove empty line
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 03:58:41 +0000 (16:58 +1300)]
s4:dsdb: Fix code formatting
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 03:56:59 +0000 (16:56 +1300)]
s4:dsdb: Add ‘ares’ parameter to operational attribute constructor functions
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 03:50:39 +0000 (16:50 +1300)]
s4:dsdb: Make array static
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 03:49:44 +0000 (16:49 +1300)]
s4:dsdb: Remove trailing whitespace
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 16 Jan 2024 02:48:43 +0000 (15:48 +1300)]
s4:dsdb: Remove duplicate word
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 23:32:19 +0000 (12:32 +1300)]
mailmap: Associate my identity with my old email address
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Fri, 19 Jan 2024 23:01:30 +0000 (12:01 +1300)]
s4:dsdb: Remove unused ‘domain_dn’ parameter
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 15 Feb 2024 01:12:07 +0000 (14:12 +1300)]
s4:dsdb: Remove reference to now‐gone lmNewHash parameter
This parameter was removed in commit
75c54d54ad9fdff7098c1b4f11252528f35ea658.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Fri, 19 Jan 2024 23:00:27 +0000 (12:00 +1300)]
s4:dsdb: Split out function to create a ‘password set’ ldb request
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 12 Feb 2024 03:25:10 +0000 (16:25 +1300)]
s4:dsdb: Allocate NT hash on to more appropriate memory context
The NT hash should live at least as long as the message to which it is
added.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Fri, 19 Jan 2024 22:58:45 +0000 (11:58 +1300)]
s4:dsdb: Undefine helper macro
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Fri, 19 Jan 2024 00:33:09 +0000 (13:33 +1300)]
s4:dsdb: Check return value of talloc_new()
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 17 Jan 2024 21:01:49 +0000 (10:01 +1300)]
python:tests: Remove unused imports
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 17 Jan 2024 00:13:56 +0000 (13:13 +1300)]
s4:kdc: Remove ‘attrs’ parameter from samba_kdc_lookup_server()
It is always equal to ‘server_attrs’.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 7 Feb 2024 21:55:32 +0000 (10:55 +1300)]
lib:compression: Update my name
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Fri, 2 Feb 2024 00:11:22 +0000 (13:11 +1300)]
python: Reformat nt_time.py
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 24 Jan 2024 21:28:31 +0000 (10:28 +1300)]
ldb: Fix code spelling
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 24 Jan 2024 01:19:26 +0000 (14:19 +1300)]
ldb: Simplify ldb_errstring()
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 24 Jan 2024 01:19:11 +0000 (14:19 +1300)]
ldb: Remove trailing whitespace
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Fri, 19 Jan 2024 20:53:20 +0000 (09:53 +1300)]
lib:util: Remove inaccurate comment
A C compiler would not be allowed to apply the tail call optimization in
this situation, because it would change the observed behaviour of the
program.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 18 Jan 2024 23:38:24 +0000 (12:38 +1300)]
s3:libads: Remove ‘unicodePwd’ attribute from ads_find_machine_acct() search
This attribute was added to the search in commit
4f389c1f78cdc2424795e3b2a1ce43818c400c2d. But it’s not clear to me that
anything actually retrieves the unicodePwd from the result (excluding
inconsequential things like ads_dump()).
Furthermore, this being a search over LDAP, it will never return a
unicodePwd.
Removing this attribute from the search means that we no longer have to
worry about the account possibly being a Group Managed Service Account
and the unicodePwd being out‐of‐date.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Fri, 19 Jan 2024 00:23:36 +0000 (13:23 +1300)]
testprogs:blackbox: Fix code spelling
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 17 Jan 2024 22:26:34 +0000 (11:26 +1300)]
samba-tool: Display friendlier error message if no password is available
‘samba-tool user get-kerberos-ticket’ is supposed to display an error
message if no password is available. However, the conditions for which
the message is displayed are impossible to be met. If ‘utf16_pw’ is not
None, the message is not displayed; if ‘utf16_pw’ *is* None, ‘nt_pass’
is assigned with a samr.Password object, which is not None — and so the
message is still not displayed.
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 17 Jan 2024 21:55:55 +0000 (10:55 +1300)]
python:tests: Pass correct arguments to set_named_ccache()
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Wed, 17 Jan 2024 21:48:44 +0000 (10:48 +1300)]
python:tests: Fix code spelling
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 11 Jan 2024 00:52:27 +0000 (13:52 +1300)]
s4:dsdb: Add helper functions to get GKDI root key DNs
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Sun, 7 Jan 2024 20:48:44 +0000 (09:48 +1300)]
lib:crypto: Explicitly check for zero
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 9 Jan 2024 01:14:23 +0000 (14:14 +1300)]
lib:crypto: Comment on GKDI definitions
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Tue, 9 Jan 2024 01:13:31 +0000 (14:13 +1300)]
lib:crypto: Export gkid_key_type() and gkid_is_valid()
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Fri, 22 Dec 2023 03:01:36 +0000 (16:01 +1300)]
lib:crypto: Fix code formatting
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 11 Jan 2024 00:49:58 +0000 (13:49 +1300)]
python:tests: Produce more helpful error message for future GKIDs
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Thu, 8 Feb 2024 10:25:14 +0000 (23:25 +1300)]
netcmd: models: add GroupManagedServiceAccount model
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Thu, 8 Feb 2024 10:17:34 +0000 (23:17 +1300)]
netcmd: models: add missing fields to User model
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Thu, 8 Feb 2024 10:13:16 +0000 (23:13 +1300)]
netcmd: models: add missing enum fields to Group model
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Tue, 13 Feb 2024 00:17:24 +0000 (13:17 +1300)]
netcmd: models: make Group.system_flags a flags based EnumField
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Thu, 8 Feb 2024 10:02:11 +0000 (23:02 +1300)]
netcmd: models: add Computer model subclass of User
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Thu, 8 Feb 2024 09:47:14 +0000 (22:47 +1300)]
netcmd: models: stop using LookupError exception and change it to NotFound
LookupError is a base class for IndexError and KeyError and isn't really the appropriate exception.
NotFound inherits from ModelError just like the other model exceptions.
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Thu, 8 Feb 2024 09:34:46 +0000 (22:34 +1300)]
netcmd: models: rename DoesNotExist exception to NotFound
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Mon, 12 Feb 2024 09:03:34 +0000 (22:03 +1300)]
netcmd: models: SDDLField move line down where it gets used
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Mon, 12 Feb 2024 08:56:43 +0000 (21:56 +1300)]
netcmd: models: SDDLField parses to object instead of string
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Mon, 12 Feb 2024 03:13:13 +0000 (16:13 +1300)]
netcmd: delegation: don't use assert but raise CommandError
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Mon, 12 Feb 2024 03:04:08 +0000 (16:04 +1300)]
netcmd: delegation: initial value not required because of raise below
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Mon, 12 Feb 2024 03:02:22 +0000 (16:02 +1300)]
netcmd: delegation: move line down where it gets used
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Mon, 12 Feb 2024 02:59:32 +0000 (15:59 +1300)]
netcmd: delegation: pep8 fix blank lines
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Thu, 8 Feb 2024 07:53:01 +0000 (20:53 +1300)]
netcmd: bugfix: json encoder failed to call super method
This lead to a strange recursion error when a field came up that the JSONEncoder couldn't encode.
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Mon, 12 Feb 2024 02:53:53 +0000 (15:53 +1300)]
netcmd: json encoder supports security descriptor objects
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Thu, 8 Feb 2024 10:33:09 +0000 (23:33 +1300)]
netcmd: support hyphens in top-level commands and convert to underscore
Hyphens in python modules are invalid and makes them only importable by importlib, which makes them harder to import in tests.
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Rob van der Linde [Thu, 8 Feb 2024 07:30:31 +0000 (20:30 +1300)]
libds: remove unreachable break statements after return
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Stefan Metzmacher [Thu, 8 Feb 2024 14:43:39 +0000 (15:43 +0100)]
docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Feb 13 21:06:24 UTC 2024 on atb-devel-224
Stefan Metzmacher [Thu, 8 Feb 2024 14:31:10 +0000 (15:31 +0100)]
smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 8 Feb 2024 14:15:28 +0000 (15:15 +0100)]
smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run
rpcd_witness needs ncacn_ip_tcp support and that's only
available if samba-dcerpcd is not started on demand.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 8 Feb 2024 13:25:05 +0000 (14:25 +0100)]
docs-xml: add details for 'net witness'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 8 Feb 2024 14:07:42 +0000 (15:07 +0100)]
s3:utils: fix help string for 'net witness force-response'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 2 Feb 2024 12:54:20 +0000 (13:54 +0100)]
ctdb/events: add 47.samba-dcerpcd.script
If someone wants to enable the witness service
samba-dcerpcd needs to be started as standalone service
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 2 Feb 2024 12:54:20 +0000 (13:54 +0100)]
ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script
We can easily monitor if the service is running at all,
that better than no monitoring at all...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Jo Sutton [Fri, 12 Jan 2024 00:28:55 +0000 (13:28 +1300)]
selftest: Fix code spelling
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 8 03:51:51 UTC 2024 on atb-devel-224
Jo Sutton [Thu, 11 Jan 2024 22:39:11 +0000 (11:39 +1300)]
s4:dsdb: Fix code formatting
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 11 Jan 2024 21:43:39 +0000 (10:43 +1300)]
s4:dsdb: Avoid buffer overflow in samdb_result_hashes()
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 11 Jan 2024 21:42:51 +0000 (10:42 +1300)]
s4:dsdb: Mark hash returned by samdb_result_hash() as secret
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 11 Jan 2024 02:05:22 +0000 (15:05 +1300)]
s4:dsdb: Correct reference to source file
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Thu, 11 Jan 2024 02:05:07 +0000 (15:05 +1300)]
s4:dsdb: Remove trailing whitespace
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 8 Jan 2024 02:05:11 +0000 (15:05 +1300)]
s4:dsdb: Correct NDR push error message
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 8 Jan 2024 02:04:47 +0000 (15:04 +1300)]
s4:dsdb: Fix code spelling
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Mon, 8 Jan 2024 02:04:17 +0000 (15:04 +1300)]
s4:dsdb: Remove trailing whitespace
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jo Sutton [Sun, 14 Jan 2024 21:23:51 +0000 (10:23 +1300)]
s4:auth: Fix code spelling
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>