Andreas Schneider [Thu, 31 Aug 2023 13:39:51 +0000 (15:39 +0200)]
s3:rpcclient: Remove trailing white spaces from cmd_lsarpc.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 31 Aug 2023 09:23:03 +0000 (11:23 +0200)]
s3:libnetapi: Use dcerpc_lsa_open_policy_fallback() in localgroup.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 31 Aug 2023 08:27:12 +0000 (10:27 +0200)]
s3:utils: Use dcerpc_lsa_open_policy_fallback() in net_rpc_trust.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 31 Aug 2023 08:19:08 +0000 (10:19 +0200)]
s3:rpc_server: Use dcerpc_lsa_open_policy_fallback() for netlogon
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Mon, 23 Oct 2023 13:35:38 +0000 (15:35 +0200)]
s3:rpc_client: Implement dcerpc_lsa_open_policy_fallback()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 31 Aug 2023 08:18:23 +0000 (10:18 +0200)]
s3:rpc_client: Implement dcerpc_lsa_open_policy3()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 13 Jul 2023 19:19:37 +0000 (21:19 +0200)]
s4:torture: Implement lsa_OpenPolicy3 tests
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 31 Aug 2023 07:19:35 +0000 (09:19 +0200)]
s3:rpc_server: Implement _lsa_OpenPolicy3()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 30 Aug 2023 12:48:23 +0000 (14:48 +0200)]
s4:rpc_server: Implement dcesrv_lsa_OpenPolicy3()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Wed, 30 Aug 2023 05:46:42 +0000 (07:46 +0200)]
s4:torture: Adapt LSA tests for newer Windows versions
Newer Windows version directly disconnect the client. This is what
happens if the test is run against Windows Server 2022.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 18 Mar 2022 14:46:09 +0000 (15:46 +0100)]
lsa.idl: Backport changes from wireshark
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 18 Mar 2022 12:34:38 +0000 (13:34 +0100)]
lsa.idl: Add new functions and types
[MS-LSAD] got new functions in order to use AES encryption
and other security related features.
For our servers we still pretent we don't
know about the new functions and return DCERPC_FAULT_OP_RNG_ERROR.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Wed, 30 Aug 2023 07:24:06 +0000 (09:24 +0200)]
s4:rpc_server: Remove trailing white spaces from lsa_init.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Mon, 20 Nov 2023 03:05:13 +0000 (16:05 +1300)]
python:tests: Add ndrdump test for GMSA Managed Password blobs
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 20 22:51:17 UTC 2023 on atb-devel-224
Joseph Sutton [Mon, 13 Nov 2023 04:08:58 +0000 (17:08 +1300)]
tests/ndr: Add tests for GMSA Managed Password blobs
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 20 Nov 2023 02:46:16 +0000 (15:46 +1300)]
python:tests: Move NDR tests to their own directory
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 21:54:42 +0000 (10:54 +1300)]
librpc: Add NDR test for GMSA Managed Password blobs
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 17 Nov 2023 01:59:20 +0000 (14:59 +1300)]
gmsa.idl: Add definition for MANAGEDPASSWORD_BLOB
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sun, 19 Nov 2023 21:07:22 +0000 (10:07 +1300)]
pidl: Add new ‘u16string’ type
This type represents a UTF‐16–encoded string. These strings are kept
UTF‐16–encoded rather than converted to the Unix charset to be stored in
memory; this avoids issues regarding NULL termination and conversion
between character sets. We want to be able to handle strings that are
not valid UTF‐16.
Not bumping the NDR ABI version, because there hasn’t been an NDR
release since commit
c4f281e9ae36c225b6003e0fa1cb8fb2e67bf543.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sun, 19 Nov 2023 21:03:59 +0000 (10:03 +1300)]
pidl: Add a helper function to determine whether a type is a string type
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 16 Nov 2023 23:56:17 +0000 (12:56 +1300)]
s4:librpc: Produce more helpful error message when bytes length is odd
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 16 Nov 2023 23:52:29 +0000 (12:52 +1300)]
util/charset: Have talloc_utf16_str[n]dup() accept NULL pointers
This is in line with ‘talloc_str[n]dup()’.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 16 Nov 2023 21:45:29 +0000 (10:45 +1300)]
librpc:ndr: Don’t try to log always‐NULL string
Commit
c51795c747198f9e002505ffa39ad710beff0358 reorganized
ndr_pull_string() so that when we reach this DEBUG(), we don’t yet have
a string to log — ‘as’ will always be NULL. Attempting to log a NULL
string invokes undefined behaviour.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 8 Nov 2023 12:12:21 +0000 (13:12 +0100)]
gitlab-ci: Update Fedora to version 39
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Nov 20 16:38:20 UTC 2023 on atb-devel-224
Andreas Schneider [Thu, 9 Nov 2023 21:27:03 +0000 (22:27 +0100)]
python:tests: SHA1 is no longer supported by cryptography module
See https://github.com/pyca/cryptography/issues/8213#issuecomment-
1419060001
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 9 Nov 2023 20:43:54 +0000 (21:43 +0100)]
python:tests: Fix assertEquals which doesn't exist in Python 3.12
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 9 Nov 2023 16:16:17 +0000 (17:16 +0100)]
third_party: Build pypamtest with -Wno-error=declaration-after-statement
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 9 Nov 2023 10:35:56 +0000 (11:35 +0100)]
Use python.h from libreplace
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 9 Nov 2023 10:32:58 +0000 (11:32 +0100)]
lib:replace: Add python.h
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Thu, 16 Nov 2023 20:05:12 +0000 (21:05 +0100)]
s4-winreg: fix dcesrv_winreg_EnumValue behavior
When returning WERR_MORE_DATA the winreg server needs to indicate the
required buffer size.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 20 04:50:00 UTC 2023 on atb-devel-224
Günther Deschner [Wed, 15 Nov 2023 16:13:20 +0000 (17:13 +0100)]
s3-winreg: fix _winreg_EnumValue behavior
When returning WERR_MORE_DATA the winreg server needs to indicate the
required buffer size.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Wed, 15 Nov 2023 16:36:46 +0000 (17:36 +0100)]
s4-torture: add test to check for Windows behavior of EnumValue call
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Wed, 15 Nov 2023 18:07:32 +0000 (19:07 +0100)]
s4-torture: add torture_assert_werr_equal_goto and torture_assert_werr_ok_goto macros
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Mon, 13 Nov 2023 15:49:32 +0000 (16:49 +0100)]
s3-rpcclient: add winreg_enumval command
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Mon, 18 Sep 2023 11:45:54 +0000 (13:45 +0200)]
s4/server.c: move some log messages from ERR to NOTICE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Mon, 18 Sep 2023 21:42:31 +0000 (23:42 +0200)]
profile: issues info message with lower log level
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Mon, 18 Sep 2023 12:35:55 +0000 (14:35 +0200)]
source3/nmbd/nmbd.c: use DBG_STARTUP_NOTICE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Mon, 18 Sep 2023 12:34:29 +0000 (14:34 +0200)]
lib/util/become_daemon.c: use DBG_STARTUP_NOTICE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Wed, 15 Nov 2023 18:44:38 +0000 (19:44 +0100)]
README.Coding.md: add DBG_STARTUP_NOTICE macro
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Mon, 5 Jun 2023 16:10:07 +0000 (18:10 +0200)]
logging: use DBG_STARTUP_NOTICE for startup message
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Mon, 18 Sep 2023 11:48:06 +0000 (13:48 +0200)]
debug.h: introduce DEBUG_STARTUP_NOTICE
this is log level -1 and lowest syslog priority. This is used for start up
messages and copyright notices, which should always be printed but which are no
errors or warnings.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Tue, 6 Jun 2023 15:25:35 +0000 (17:25 +0200)]
lib/util: move copyright define to copyright.h
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Anoop C S [Fri, 17 Nov 2023 06:46:25 +0000 (12:16 +0530)]
vfs_ceph: Fix some uninitialized structs and pointers
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Nov 17 18:04:43 UTC 2023 on atb-devel-224
MikeLiu [Thu, 26 Oct 2023 08:15:39 +0000 (16:15 +0800)]
vfs_fruit: ignore ENAMETOOLONG in fruit_unlink_rsrc_adouble()
adouble_path() inside fruit_unlink_rsrc_adouble() prepend "._" to a basename,
lenth of apple double filename will exceed NAME_MAX if length of basename
is equal to NAME_MAX (or NAME_MAX-1).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15504
Signed-off-by: MikeLiu <mikeliu@qnap.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Nov 17 11:07:01 UTC 2023 on atb-devel-224
Günther Deschner [Tue, 7 Nov 2023 00:19:16 +0000 (01:19 +0100)]
pidl: include scompat headers and servers in s3 server template
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Nov 17 00:39:18 UTC 2023 on atb-devel-224
Björn Jacke [Fri, 17 Jun 2022 05:28:01 +0000 (07:28 +0200)]
posix_acls.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Thu Nov 16 22:39:05 UTC 2023 on atb-devel-224
Björn Jacke [Fri, 17 Jun 2022 05:27:38 +0000 (07:27 +0200)]
open.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Fri, 17 Jun 2022 05:26:53 +0000 (07:26 +0200)]
vfs_recycle.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Fri, 17 Jun 2022 05:26:30 +0000 (07:26 +0200)]
vfs_posix_eadb.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Fri, 17 Jun 2022 05:26:02 +0000 (07:26 +0200)]
vfs_default.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Fri, 17 Jun 2022 05:25:37 +0000 (07:25 +0200)]
vfs_acl_xattr.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Fri, 17 Jun 2022 05:25:08 +0000 (07:25 +0200)]
vfs_acl_common.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Fri, 17 Jun 2022 05:24:28 +0000 (07:24 +0200)]
nfs4_acls.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Fri, 17 Jun 2022 05:22:57 +0000 (07:22 +0200)]
token_util.c: prefer capabilities over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Fri, 10 Nov 2023 08:58:43 +0000 (09:58 +0100)]
dosmode.c: prefer use of capabilities at two places over become_root
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Thu, 9 Nov 2023 13:56:06 +0000 (14:56 +0100)]
system.c: fall back to become_root if CAP_DAC_OVERRIDE isn't usable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15093
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Ralph Boehme [Thu, 16 Nov 2023 09:50:32 +0000 (10:50 +0100)]
smbd: fix close order of base_fsp and stream_fsp in smb_fname_fsp_destructor()
VFS modules like streams_xattr use the function fsp_is_alternate_stream() on the
fsp to determine in an fsp is a stream, eg in streams_xattr_close(). If
fspo->base_fsp is arlready set to NULL, this won't work anymore.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15521
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 16 18:31:17 UTC 2023 on atb-devel-224
Joseph Sutton [Wed, 15 Nov 2023 22:20:22 +0000 (11:20 +1300)]
s4:librpc: Add functions converting between bytes and UTF‐16 strings
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 16 06:23:35 UTC 2023 on atb-devel-224
Joseph Sutton [Wed, 8 Nov 2023 08:09:14 +0000 (21:09 +1300)]
s4:librpc: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 04:07:02 +0000 (17:07 +1300)]
tests/krb5: Allow creating Group Managed Service Accounts
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 14 Nov 2023 23:10:36 +0000 (12:10 +1300)]
pidl: Don’t overwrite exception set by PyUnicode_AsEncodedString()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 9 Nov 2023 01:08:19 +0000 (14:08 +1300)]
pidl: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 02:07:53 +0000 (15:07 +1300)]
librpc:ndr: Fix comment
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 21:15:36 +0000 (10:15 +1300)]
librpc:ndr: Don’t duplicate strings needlessly
If the source string doesn’t need to be converted, there’s no reason for
it to be talloc‐allocated.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 16 Nov 2023 01:50:58 +0000 (14:50 +1300)]
librpc:ndr: Move call to convert_string_talloc() on to its own line
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 21:22:26 +0000 (10:22 +1300)]
librpc:ndr: Introduce common out path in ndr_push_string()
This ensures that ‘dest’ gets freed on failure.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 04:04:34 +0000 (17:04 +1300)]
librpc:ndr: Fix error message
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 21:43:12 +0000 (10:43 +1300)]
librpc:ndr: Fix code formatting
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 22:10:28 +0000 (11:10 +1300)]
util/charset: Add talloc_utf16_str[n]dup()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 02:26:56 +0000 (15:26 +1300)]
util/charset: Include missing headers
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sun, 12 Nov 2023 23:21:20 +0000 (12:21 +1300)]
util/charset: Remove unnecessary cast
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 16 Nov 2023 01:10:45 +0000 (14:10 +1300)]
s4-scripting: Remove repl_cleartext_pwd.py
This script was the precursor to newer samba-tool commands and no longer
works. The previous commits record some of the work to have it operate in the
modern era, but keeping this around is more trouble than it is worth.
Use these commands instead:
samba-tool drs clone-dc-database --include-secrets
samba-tool user getpassword administrator --attributes=virtualClearTextUTF8
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 16 02:46:57 UTC 2023 on atb-devel-224
Andrew Bartlett [Thu, 30 Mar 2023 01:29:22 +0000 (01:29 +0000)]
s4-scripting/devel: Fix str() vs bytes() issue in repl_cleartext_pwd.py
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Andrew Bartlett [Thu, 30 Mar 2023 01:22:24 +0000 (14:22 +1300)]
s4-scripting/devel: Fix repl_cleartext_pwd to use built-in RC4
This allows the usage test to pass on our CI hosts without
python-crypto and not uxsuccess on hosts with it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Noel Power [Wed, 15 Nov 2023 13:07:26 +0000 (13:07 +0000)]
s3/utils: Use sddl_decode_err_msg instead of sddl_decode
Use sddl_decode_err_msg instead of sddl_decode for possible better
error reporting.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Wed, 15 Nov 2023 12:55:36 +0000 (12:55 +0000)]
s3/utils: Detect (and report) failure to parse sddl
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Wed, 15 Nov 2023 11:29:46 +0000 (11:29 +0000)]
libcli/security: Debug only when we failed to decode
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 23:45:35 +0000 (12:45 +1300)]
python:tests: Ensure we clean up callbacks in pymessaging tests
Not calling ‘deregister()’ results in memory getting leaked.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 15 23:11:13 UTC 2023 on atb-devel-224
Joseph Sutton [Mon, 13 Nov 2023 23:34:01 +0000 (12:34 +1300)]
python:tests: Fix crashing pymessaging tests
Commit
8c75d9fc73614fad29a998d08c4b11034ab2aebb changed
Messaging.deregister() to take a two‐element tuple containing private
data as well as a callback, but it did not change the call in
samba.tests.messaging.MessagingTests.test_register to match.
Since imessaging_deregister() completely ignored the ‘private_data’
parameter passed to it (assuming the callback was registered with
msg_type == -1), everything still appeared to work — until commit
b22c21799527323877b330c16c23057582721abb changed Messaging.deregister()
to no longer leak memory. Now the wrong variable had its reference count
decremented, causing the test to crash.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:46:17 +0000 (12:46 +1300)]
util/charset: Prefer PULL_LE_U16() to older SVAL() macro
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 23:31:07 +0000 (12:31 +1300)]
util/charset/tests: Add tests for UTF‐16 string length functions
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 14 Nov 2023 00:07:19 +0000 (13:07 +1300)]
s4:torture: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:43:07 +0000 (12:43 +1300)]
util/charset: Add utf16_len_n()
This function returns the length in bytes — at most ‘n’ — of a UTF‐16
string excluding the null terminator.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 14 Nov 2023 01:38:48 +0000 (14:38 +1300)]
util/charset: Include final UTF‐16 code unit in length calculation loop
Change ‘<’ to ‘<=’ so that we check the final UTF‐16 code unit in our
search for the null terminator. This makes no difference to the result:
if we’ve reached the final code unit without finding a terminator, the
final code unit will be included in the length whether it is a null
terminator or not.
Why make this change? We’re about to factor out this loop into a new
function, utf16_len_n(), where including the final code unit *will*
matter.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:39:02 +0000 (12:39 +1300)]
util/charset: Add utf16_len()
This function returns the length in bytes of a UTF‐16 string excluding
the null terminator.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:36:21 +0000 (12:36 +1300)]
util/charset: Rename utf16_len() to utf16_null_terminated_len()
The new name indicates that — contrary to functions such as strnlen() —
the length may include the terminator.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:33:43 +0000 (12:33 +1300)]
util/charset: Rename utf16_len_n() to utf16_null_terminated_len_n()
The new name indicates that — contrary to functions such as strnlen() —
the length may include the terminator.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:33:16 +0000 (12:33 +1300)]
s4:smb_server: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:32:20 +0000 (12:32 +1300)]
s4:libcli: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:31:22 +0000 (12:31 +1300)]
util/charset: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 04:09:04 +0000 (17:09 +1300)]
librpc:ndr: Convert NDR flags types to enumerations
Using an enumeration rather than ‘uint32_t’ or ‘uint64_t’ means that
debuggers such as gdb can now associate the flag constants with their
respective types. This means that if you have an instance of these flags
types, the debugger will show you the individual flags that make up the
value rather than an inscrutable integer value.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 00:48:22 +0000 (13:48 +1300)]
librpc:ndr: Fix comment
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 13 Jul 2023 02:59:52 +0000 (14:59 +1200)]
libndr:ndr: Allow only one string encoding flag
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 13 Jul 2023 02:44:40 +0000 (14:44 +1200)]
librpc:ndr: Prohibit STR_NULLTERM|STR_NOTERM flags combination
ndr_pull_string() prohibited this, but ndr_push_string() always masked
STR_NOTERM out. Now the set of allowed flags should be consistent
between the two functions.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 03:18:54 +0000 (16:18 +1300)]
librpc:ndr: Check return values of talloc functions
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 13 Jul 2023 02:37:27 +0000 (14:37 +1200)]
librpc:ndr: Fix error messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 23:11:24 +0000 (12:11 +1300)]
libcli/security:sddl_decode message offset safety latch
the message offset is largely calculated using the differences
between pointers in many places scattered throughout the code.
If we got one of these wrong, we could easily have a SIZE_MAX-ish
offset, which would be unfortunate if we came decided to display
the offset using spaces.
We can sanely limit the offset to the length of the SDDL.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 22:44:56 +0000 (11:44 +1300)]
libcli/security/test_sddl_conditional_ace: add message tests
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 22:33:56 +0000 (11:33 +1300)]
libcli/security:sddl_parse: add some top level error messages
the way we parse things, we can't really distinguish between complete
nonsense and an ACL that seems to end early because of bad flags. That
is, "D:ZZ(A;;;;;WD)" looks the same as "ZZ" to the parser. But at least
we can point to the right place in the string.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 22:28:57 +0000 (11:28 +1300)]
libcl/security:sddl_decode_acl: expand a comment
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>