Volker Lendecke [Mon, 2 Jan 2023 15:35:16 +0000 (16:35 +0100)]
smbd: list reparse tag in QUERY_DIRECTORY
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 4 17:39:21 UTC 2024 on atb-devel-224
Volker Lendecke [Mon, 2 Jan 2023 15:01:28 +0000 (16:01 +0100)]
tests: Check that query_directory lists the reparse tag
With the source3/ based clilist.c, we can't test all infolevels where
this matters (see callers of get_dirent_ea_size()). But porting the
source4 based all-infolevel search code into source3/libsmb or doing
this one the reparse point test in the source4 infrastructure to me
seems like a lot of effort for moderate gain.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Jo Sutton [Tue, 28 May 2024 03:12:36 +0000 (15:12 +1200)]
s3:rpc_server: Check query level according to MS-NRPC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15465 Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jun 4 09:39:42 UTC 2024 on atb-devel-224
Jo Sutton [Tue, 28 May 2024 03:10:51 +0000 (15:10 +1200)]
s3:rpc_server: Check function code according to MS-NRPC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15465 Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Noel Power <noel.power@suse.com>
Noel Power [Mon, 25 Sep 2023 08:58:33 +0000 (09:58 +0100)]
s3/rpc_server: Fix dereference of client pointer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15465 Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Noel Power [Sun, 24 Sep 2023 00:03:37 +0000 (01:03 +0100)]
s4/torture: Test with level 4 with NETLOGON_CONTROL_SET_DBFLAG function
Change levels tested from 1 - 3 to 1 - 4 for NETLOGON_CONTROL_SET_DBFLAG
This change triggers a core dump in the server and so we add a knownfail
here. Following commit will fix (and remove known fail)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15465 Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Noel Power [Mon, 25 Sep 2023 09:30:30 +0000 (10:30 +0100)]
s4/torture: Prepare to handle Level 4 check with unknown func code
A future (next) commit will change the NETLOGON_CONTROL_SET_DBFLAG test
to use levels 1 - 4 (current test just tests 1 - 3). A side affect of
this test is that the following test will now test passing an unknown
function code against against Level 4 (previously level 3).
Unfortunately s4 and s3 netlogon server results differ when handling
a level 4 request with an unknown function code.
s3 server returns WERR_NOT_SUPPORTED and
s4 server returns WERR_INVALID_PARAMETER.
For level 3 both return WERR_NOT_SUPPORTED.
MS-NRPC doesn't seem to specifically indicate the required response in
this case.
this commit modifies the test to cater for either response (for either
level) A future commit could explore the test response combinations more
thorougly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15465 Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Volker Lendecke [Tue, 28 May 2024 16:49:41 +0000 (18:49 +0200)]
gensec: Refactor gensec_security_mechs()
The decision whether to offer a mechanism was split between
gensec_security_mechs() and gensec_use_kerberos_mechs() with two
booleans passed down. Consolidate that decision into one
gensec_offer_mech() function that queries all information on its own.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Anoop C S [Fri, 17 May 2024 06:27:26 +0000 (11:57 +0530)]
vfs_ceph: Implement SMB_VFS_FSET_DOS_ATTRIBUTES for precise btime
Previously we added an implementation for SMB_VFS_FGET_DOS_ATTRIBUTES
so that the btime is always preserved unless explicitly changed using
SMB_VFS_FNTIMES. But there are situations with open file handle where
btime stored on dos attributes as create_time has to be precise for
comparison because a one-to-one conversion between timepsec and nttime
is not always guaranteed.
Accordingly preserve btime via SMB_VFS_FSET_DOS_ATTRIBUTES so that we
always compare the exact btime from fsp stat information while the file
handle is still open.
Signed-off-by: Anoop C S <anoopcs@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Mon Jun 3 11:10:11 UTC 2024 on atb-devel-224
Douglas Bagnall [Wed, 29 May 2024 22:44:24 +0000 (10:44 +1200)]
examples:winexe: embed Samba version as exe timestamp
It turns out the timestamp doesn't need to be real, and it isn't used,
but it might as well tell you something. So let's make it tell you what
version of Samba it came from, which could be useful for people who have
lots of old winexes lying around, the poor souls.
00000040 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000050 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000060 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000070 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......| 00000080 50 45 00 00 64 86 0a 00 00 15 04 00 00 00 00 00 |PE..d...........|
| | |
| | major 4.
| minor 21.
release 0
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri May 31 01:28:06 UTC 2024 on atb-devel-224
Douglas Bagnall [Mon, 27 May 2024 23:34:51 +0000 (11:34 +1200)]
examples:winexe: reproducible builds with zero timestamp
Windows Portable Executable files have a timestamp field and a
checksum field. By default the timestamp field is updated to the
current time, which consequently changes the checksum. This makes the
build nondeterministic. It looks like this:
https://learn.microsoft.com/en-us/windows/win32/debug/pe-format says
that a timestamp of zero can be used to represent a time that is not
"real or meaningful", so we do that.
As far as I can tell, the timestamp and checksum are only used in
DLLs, not directly executed .exe files.
Thanks to Freexian and the Debian LTS project for sponsoring this work.
Douglas Bagnall [Tue, 28 May 2024 00:17:06 +0000 (12:17 +1200)]
buildtools:pidl: avoid hash randomisation in pidl
Like many languages, Perl uses has randomisation to prevent nasty
users using crafted values that hash to the same number to effect a
denial of service. This means the traversal order of perl HASH tables
is different every time.
The IDL handed to pidl is trusted, so we don't really need
randomisation, but we do want to be sure the build is the same every
time.
I am not aware of hash randomisation causing problems, but it seems
prudent to avoid it.
We do a similar thing with PYTHONHASHSEED for the entire build.
Thanks to Freexian and the Debian LTS project for sponsoring this work.
Douglas Bagnall [Wed, 29 May 2024 00:14:04 +0000 (12:14 +1200)]
pidl:Typelist: resolveType(): don't mistake a reference for a name
This function is only used by Python.pm, and was assuming any argument
unrecognised by hasType is a name. It sometimes isn't, resulting in
structures like this:
The problem with that is we end up with the HASH reference as a name
in Python bindings, like this
PyErr_SetString(PyExc_TypeError, "Can not convert C Type struct HASH(0x5e2dfe5ee278) from Python");
which makes the build nondeterministic (as well as making the message
a little mysterious).
I think all the structures for which this happens are marked
'[ignore]' in IDL, meaning they are not transmitted on the wire. They
should perhaps also not have useless Python getsetters, but let's call
that a different problem.
Thanks to Freexian and the Debian LTS project for sponsoring this work.
Andrew Bartlett [Wed, 29 May 2024 22:50:12 +0000 (10:50 +1200)]
build: Add --vendor-name --vendor-patch-revision options to ./configure
These options are for packagers and vendors to set so that when
Samba developers are debugging an issue, we know exactly which
package is in use, and so have an idea if any patches have been
applied.
This is included in the string that a Samba backtrace gives,
as part of the PANIC message.
Martin Schwenke [Fri, 10 May 2024 08:00:18 +0000 (18:00 +1000)]
ctdb-scripts: Protect against races when starting grace period
While the PID check is worth it in relevant cases, NFS-Ganesha still
might go away after the check. Unfortunately, neither grace command
fails an indicative exit code, so invent one by checking error
messages. This can then be converted to success by the caller.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu May 30 12:50:01 UTC 2024 on atb-devel-224
Path values do not need to have quotes. The current code fails if
there aren't any.
Instead, implement a 2 stage parser using 2 sed commands. See
comments in the code for details.
Regexps are POSIX basic regular expressions, apart from \<WORD\> (used
to ensure WORD is on word boundaries, and the 'i' flag for case
insensitivity. The latter is supported in FreeBSD sed.
This code successfully parses Path values out of the following
monstrosity:
Martin Schwenke [Mon, 19 Jun 2023 00:39:29 +0000 (10:39 +1000)]
ctdb-scripts: No longer run statd-callout under sudo
This simplifies and removes a bad hack. Also, in my test environment,
it also drops the average time take to run an add-client/del-client
pair from ~0.055s to ~0.030s.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org>
Martin Schwenke [Wed, 2 Aug 2023 03:37:03 +0000 (13:37 +1000)]
ctdb-scripts: Use find_statd_sm_dir() in one more place
Take advantage of new function find_statd_sm_dir() when clearing the
local system statd state directory, so it uses the correct directory
when running on a non-RH distro.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org>
Martin Schwenke [Mon, 19 Jun 2023 02:17:44 +0000 (12:17 +1000)]
ctdb-scripts: Set ownership of statd-callout state directory
For add-client and del-client, statd-callout is called by rpc.statd,
which runs as rpcuser, statd or some other non-root system user. This
means that add-client and del-client can't write in the statd-callout
state directory if it is only writable by root. rpc.statd must be
able to write to its own local system statd state directory, so find
this directory and use it as a reference to set the ownership of
CTDB's statd-callout state directory.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org>
Martin Schwenke [Thu, 29 Jun 2023 00:12:44 +0000 (10:12 +1000)]
ctdb-scripts: Avoid connecting to ctdbd in add-client/del-client
rpc.statd runs statd-callout as a non-root user, which is currently
hacked around using some sudo logic that fails to work in some
contexts (e.g. in a container).
Use $CTDB_MY_PUBLIC_IPS_CACHE to access the node's currently assigned
public IPs, for add-client/del-client. This avoids connecting to
ctdbd when called from rpc.statd.
Also, use $CTDB_MY_PUBLIC_IPS_CACHE in other places where it makes
sense.
Connections to ctdbd are still made in the "notify" action, but this
is always run as root.
In the test code, set the PNN after public addresses setup so that the
cache of assigned IPs correctly initialised.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org>
Martin Schwenke [Thu, 15 Jun 2023 06:21:19 +0000 (16:21 +1000)]
ctdb-scripts: Add caching function for public IPs
This is way more complicated than I would like but, as per the
comment, this is due to complexities in the way public IPs work. The
main consumer will be statd-callout, which will then be able to run as
a non-root user.
Also generate the cache file in test code, whenever the PNN is set.
However, this can cause "ctdb ip" to generate a fake IP layout before
public IPs are setup. So, have the "ctdb ip" stub generate the IP
layout every time it is run to avoid it being stale.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Volker Lendecke <vl@samba.org>
s3:utils: let smbstatus report anonymous signing/encryption explicitly
We should mark sessions/tcons with anonymous encryption or signing
in a special way, as the value of it is void, all based on a
session key with 16 zero bytes.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 23 13:37:09 UTC 2024 on atb-devel-224
s3:smbd: allow anonymous encryption after one authenticated session setup
I have captures where a client tries smb3 encryption on an anonymous session,
we used to allow that before commit da7dcc443f45d07d9963df9daae458fbdd991a47
was released with samba-4.15.0rc1.
Testing against Windows Server 2022 revealed that anonymous signing is always
allowed (with the session key derived from 16 zero bytes) and
anonymous encryption is allowed after one authenticated session setup on
the tcp connection.
https://bugzilla.samba.org/show_bug.cgi?id=15412
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
Douglas Bagnall [Wed, 22 May 2024 21:40:00 +0000 (09:40 +1200)]
ldb: move struct ldb_debug_ops to ldb_private.h
Only accessed through struct ldb_context -> debug_ops, which is already private.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu May 23 00:19:30 UTC 2024 on atb-devel-224
Douglas Bagnall [Sun, 12 May 2024 22:39:44 +0000 (10:39 +1200)]
lib/fuzzing: add fuzz_strncasecmp_ldb
As well as checking for the usual overflows, this asserts that
strncasecmp_ldb is always transitive, by splitting the input into 3
pieces and comparing all pairs.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 16 May 2024 02:09:46 +0000 (14:09 +1200)]
ldb-samba: use ldb_comparison_fold_utf8()
This means ldb-samba/dsdb comparisons will be case-insensitive for
non-ASCII UTF-8 characters (within the bounds of the 16-bit casefold
table). And they will remain transitive.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Sun, 12 May 2024 23:32:26 +0000 (11:32 +1200)]
util:charset: strncasecmp_ldb degrades to ASCII strncasecmp
If strncasecmp_ldb() encounters invalid utf-8 bytes, it compares those
as greater than any valid bytes (that is, it sorts them to the end of
the list).
If an invalid sequence is encountered in both strings at once, the
rest of the strings are now compared using the default ldb_comparison_fold
rules, as implemented in ldb_comparison_fold_ascii(). That is, each
byte is compared individually, [a-z] are translated to [A-Z], and runs of
spaces are collapsed into single spaces.
There is no perfect answer in this case, but this solution is stable,
fine-grained, and probably close to what is expected. This
byte-by-byte comparison is equivalent to a utf-8 comparison without
case-folding of multibyte codes.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 30 Apr 2024 00:41:43 +0000 (12:41 +1200)]
util:charset: add strncasecmp_ldb()
This is a function for comparing strings in a way that suits a
case-insenstive syntaxes in LDB.
We have it here, rahter than in LDB itself, because it needs the
upcase table. By default uses ASCII-only comparisons. SSSD and
OpenChange use it in that configuration, but Samba replaces the
comparison and casefold functions with Unicode aware versions.
Until now Samba has done that in a bad way; this will allow it to do
better.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 May 2024 05:21:29 +0000 (17:21 +1200)]
ldb: ldb_comparison_fold_ascii sorts unsigned
Typically in 8-bit character sets, those with the 0x80 bit set are
seen as 288-255, not negative numbers. This will sort them after 'Z',
not before 'A'.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 15 May 2024 08:51:08 +0000 (20:51 +1200)]
ldb: add ldb_comparison_fold_ascii() for default comparisons
This function is made from the ASCII-only bits of the old
ldb_comparison_fold() -- that is, what you get if you never follow a
`goto utf8str` jump. It comparse the bytes, but collapses spaces and
maps [a-z] to [A-Z].
This does exactly what ldb_comparison_fold_utf8_broken() would do in
situations where ldb_casfold() calls ldb_casefold_default(). That
means SSSD.
The comparison is probably using signed char, so high bytes are
actually low bytes.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 16 May 2024 23:34:35 +0000 (11:34 +1200)]
ldb: add ldb_set_utf8_functions() for setting casefold functions
This replaces ldb_set_utf8_fns(), which will be deprecated really soon.
The reason for this, as shown in surrounding commits, is that without
an explicit case-insensitive comparison we need to rely on the casefold,
and if the casefold can fail (because, e.g. bad utf-8) the comparison
ends up being a bit chaotic. The strings being compared are generally
user controlled, and a malicious user might find ways of hiding values
or perhaps fooling a binary search.
A case-insensitive comparisons that works gradually through the string
without an all-at-once casefold is better placed to deal with problems
where they happen, and we are able to separately specialise for the
ASCII case (used by SSSD) and the UTF-8 case (Samba).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
projects / thirdparty / samba.git / log
