s3:winbindd: call reset_cm_connection_on_error() in wb_cache_query_user_list()
This is mostly for consistency, every remote call should call
reset_cm_connection_on_error(). Note this is more than
a simple invalidate_cm_connection() as it may set
domain->conn.netlogon_force_reauth = true.
Martin Schwenke [Mon, 3 Jul 2023 02:02:36 +0000 (12:02 +1000)]
ctdb-tests: Run ShellCheck on event-script unit test support scripts
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Jul 5 12:16:57 UTC 2023 on atb-devel-224
Martin Schwenke [Sun, 2 Jul 2023 23:32:26 +0000 (09:32 +1000)]
ctdb-tests: Avoid ShellCheck warnings
These are all trivial, so handle them in bulk.
* Change code to avoid (approximately sorted by frequency):
SC2004 $/${} is unnecessary on arithmetic variables.
SC2086 Double quote to prevent globbing and word splitting.
SC2162 read without -r will mangle backslashes.
SC2254 Quote expansions in case patterns to match literally rather than as a glob.
SC2154 (warning): <variable> is referenced but not assigned.
SC3037 (warning): In POSIX sh, echo flags are undefined.
SC2016 (info): Expressions don't expand in single quotes, use double quotes for that.
SC2069 (warning): To redirect stdout+stderr, 2>&1 must be last (or use '{ cmd > file; } 2>&1' to clarify).
SC2124 (warning): Assigning an array to a string! Assign as array, or use * instead of @ to concatenate.
SC2166 (warning): Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
SC2223 (info): This default assignment may cause DoS due to globbing. Quote it.
* Locally disable checks:
SC2034 (warning): <variable> appears unused. Verify use (or export if used externally).
SC2086 (info): Double quote to prevent globbing and word splitting. [once]
SC2120 (warning): <function> references arguments, but none are ever passed.
SC2317 (info): Command appears to be unreachable. Check usage (or ignore if invoked indirectly).
While touching reads for SC2162, switch unused variables to "_"
instead of "_x", which seems to be preferred by ShellCheck.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Andreas Schneider <asn@samba.org>
In ./tests/UNIT/eventscripts/scripts/local.sh line 328:
echo $(ctdb ifaces -X | awk -F'|' 'FNR > 1 {print $2}')
^-- SC2046 (warning): Quote this to prevent word splitting.
^-- SC2005 (style): Useless echo? Instead of 'echo $(cmd)', just use 'cmd'.
Use xargs to get output on 1 line.
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Andreas Schneider <asn@samba.org>
Martin Schwenke [Mon, 3 Jul 2023 01:42:56 +0000 (11:42 +1000)]
ctdb-tests: Drop unreachable code
This generates ShellCheck warnings:
In ./tests/UNIT/eventscripts/scripts/60.nfs.sh line 412:
if [ -n "$service_check_cmd" ]; then
^----------------^ SC2031 (info): service_check_cmd was modified in a subshell. That change might be lost.
In ./tests/UNIT/eventscripts/scripts/60.nfs.sh line 413:
if eval "$service_check_cmd"; then
^----------------^ SC2031 (info): service_check_cmd was modified in a subshell. That change might be lost.
service_check_cmd will never be set here because it is only set in a
sub-shell in rpc_set_service_failure_response().
If testcases requiring use of service_check_cmd are later added then
this will need to be redone properly. This would probably start by
renaming this function nfs_iterate_rpc_test().
Signed-off-by: Martin Schwenke <mschwenke@ddn.com> Reviewed-by: Andreas Schneider <asn@samba.org>
s3:libads: re-initialize num_requests to 0 for cldap_ping_list retries
Commit 8132edf119757ee91070facffef016c93de9c2a6 introduced a retry loop
arround cldap_multi_netlogon(), but it forgot to reset num_requests to 0
for the retries.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 5 07:32:15 UTC 2023 on atb-devel-224
Andrew Bartlett [Fri, 30 Jun 2023 20:02:36 +0000 (08:02 +1200)]
libcli/smb: Remove unused fallback case for ALLOW_GNUTLS_AEAD_CIPHER_ENCRYPTV2_AES_GCM
We now require a GnuTLS version that is not impacted for AES-GCM
(fixed in 3.6.11, we require 3.6.13).
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 4 07:42:35 UTC 2023 on atb-devel-224
Volker Lendecke [Mon, 15 May 2023 15:23:43 +0000 (17:23 +0200)]
lib: Translate ENXIO to NT_STATUS_ILLEGAL_FUNCTION
ENXIO is returned when trying to openat() a unix domain socket or a
FIFO without anything at the other end. [MS-ERREF] has
ILLEGAL_FUNCTION as "The specified handle is not open to the server
end of the named pipe.", which comes pretty close to me.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 28 Jun 2023 09:48:34 +0000 (11:48 +0200)]
smbd: Save 76 bytes of .text
Probably not really measurable, but as this is a pretty frequently
accessed table, maybe this saves us some cache misses. And it's very
cheap to get :-)
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
wb_dsgetdcname: don't use stack variables for async code
This is not really a problem because we call ndr_push from
with a _send() function, but still we leave dangling pointers
arround...
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Sun Jul 2 17:42:56 UTC 2023 on atb-devel-224
Andrew Bartlett [Fri, 30 Jun 2023 10:41:51 +0000 (22:41 +1200)]
build: Remove unused check for SHA1_Update and SHA1_RENAME_NEEDED
I can not find the code that required this, even in the history.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 30 14:59:46 UTC 2023 on atb-devel-224
Volker Lendecke [Thu, 22 Jun 2023 13:12:25 +0000 (15:12 +0200)]
smbd: Rewrite smbd_dirptr_get_entry()
Move filtering of entries, in particular symlinks, fully into
smbd_dirptr_get_entry(). Before, this was hidden in magic code inside
openat_pathref_fsp() and the mode_fn()s. Changing anything file open
code led to changes in very distant code paths because of unforeseen
consequences to directory listing. This change centralizes the
decision what directory entries to show into
smbd_dirptr_get_entry(). It uses openat_pathref_fsp_nosymlink()
without any symlink magic. It might need some tweaking when we also
want to show other special files, but this will hopefully be easier.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 12 Dec 2022 13:04:00 +0000 (14:04 +0100)]
smbd: Extend openat_pathref_dirfsp_nosymlink()
Turn it into openat_pathref_fsp_nosymlink() which opens not only
directories but normal files and symlinks too. If it finds a symlink,
return NT_STATUS_STOPPED_ON_SYMLINK and all the metadata we can find:
struct stat_ex plus the symlink target.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 8 Dec 2022 10:07:53 +0000 (11:07 +0100)]
test: skip the open-eintr test
With 7bb8af3f74c we already had to tune the error_inject VFS object to filter
out the openat-calls coming from filename_convert_dirfsp&friends. With
the next patch openat() will be called from even more places, and I
don't really see a good way to properly deal with EINTR in all the
places where it can happen. The real case where EINTR is something we
need to handle properly I guess is with kernel oplocks active: open()
waits for another process to give up its kernel oplock, which opens
the window for EINTR to become a valid case to properly take care
of. For all other opens I would be willing to live with the fact that
we just return an error message that might be different from Windows.
To detect that kernel oplock case properly, with O_PATH we have to
look at the /proc/self/fd/<n> reopen or the O_EMPTY_PATH FreeBSD
flavor from inside the error_inject module I guess. But then, the
second time we come around the corner we have to let it pass.
Difficult to properly test, disable the test for now.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 16 May 2023 09:13:35 +0000 (11:13 +0200)]
smbd: Lift up conn->cwd from openat_pathref_dirfsp_nosymlink()
The goal of this patch is to make the next patches smaller. Next
patches will also make openat_pathref_dirfsp_nosymlink() open real
files, not only directories.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 5 Dec 2022 11:15:21 +0000 (12:15 +0100)]
smbd: Add read_symlink_reparse()
Fake up a symlink reparse point structure from an on-disk reparse
point.
Turn in-share absolute symlinks into relative ones for the client to
properly follow symlinks. Pass on everything else as-is. In particular
clients follow symlinks pointing at \\server\share\...
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 21 Jun 2023 15:48:24 +0000 (17:48 +0200)]
smbd: Slightly simplify smbd_dirptr_get_entry()
Implementing virtually empty directories for "dont descend" looks
easier to me this way. It should also be an optimization, because now
we don't walk the whole directory anymore after . and .., which always
come first anyway.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
[abartlet@samba.org Use Debian 11 for the 32 bit host as the compile
currently fails - just exits without information - mid-way on Debian 12]
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jun 30 08:51:17 UTC 2023 on atb-devel-224
third_party: Update socket_wrapper to version 1.4.2
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 29 16:06:11 UTC 2023 on atb-devel-224
Jones Syue [Tue, 27 Jun 2023 09:19:59 +0000 (17:19 +0800)]
s3:utils: smbget fix a memory leak
Using smbget to download files recursively (-R).
If smbget found that a file is already existed in the destination,
smbget would said 'File exists', return early, and 'newname' allocated
memory is never freed, this is found by valgrind.
Signed-off-by: Jones Syue <jonessyue@qnap.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jun 28 07:02:34 UTC 2023 on atb-devel-224
s4:kdc: don't log an error if msDS-AllowedToActOnBehalfOfOtherIdentity is missing
We log a warnings if access is not granted from a security descriptor in
msDS-AllowedToActOnBehalfOfOtherIdentity, so we should use the same log
level if msDS-AllowedToActOnBehalfOfOtherIdentity is not available at
all.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jun 27 06:39:08 UTC 2023 on atb-devel-224
Joseph Sutton [Tue, 20 Jun 2023 04:50:18 +0000 (16:50 +1200)]
s4:kdc: Include default groups in security token
This is consistent with the behaviour of the existing function
_authn_policy_access_check() and of Windows.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 20 Jun 2023 02:22:15 +0000 (14:22 +1200)]
s4:kdc: Implement Heimdal hook for resource-based constrained delegation
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 20 Jun 2023 04:46:03 +0000 (16:46 +1200)]
tests/krb5: Be less strict regarding acceptable delegation error codes
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
samba_kdc_check_s4u2proxy() is never going to return an SDB_* error
code, so these conditions can never be hit.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 20 Jun 2023 04:40:03 +0000 (16:40 +1200)]
s4:kdc: Initialize pointers with NULL
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Mon, 26 Jun 2023 05:09:22 +0000 (17:09 +1200)]
s4:kdc: Don’t overwrite error code
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 26 12:11:30 UTC 2023 on atb-devel-224
Joseph Sutton [Thu, 22 Jun 2023 23:55:24 +0000 (11:55 +1200)]
s4:kdc: Add comment to clarify that we fetch the client claims
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
s4:kdc: clear client and device claims from trusts
As we don't support the Claims Transformation Algorithm [MS-CTA]
we better clear claims as they have no valid meaning in our domain.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sun, 25 Jun 2023 23:10:51 +0000 (11:10 +1200)]
s4:kdc: Make [client,device]_claims_blob const pointers
This is so that we can have them point to ‘null_data’ if we so choose.
We can’t assign the result of data_blob_talloc() to a const pointer, so
we go through an intermediary non-const pointer for the
device_claims_blob case.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Sun, 25 Jun 2023 23:11:19 +0000 (11:11 +1200)]
s4:kdc: Remove unnecessary NULL check
pac_blobs_add_blob() already checks whether the blob argument is NULL,
and skips adding the blob if so.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
s4:kdc: pass krbtgt skdc_entries to samba_kdc_update_pac()
For now we only pass in the krbtgt that verified the client pac
and optionally the krbtgt that verified the device pac.
These can be different depending on the domain of the related
principals.
If we want to apply SID filtering in future we may also need
to pass in the krbtgt that verified the delegated_proxy_pac,
but that needs more research and if not required for the
following changes.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
s4:kdc: adjust formatting of samba_kdc_update_pac() documentation
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 16 Jun 2023 03:08:00 +0000 (15:08 +1200)]
s4:kdc: Enforce authentication policy service restrictions when getting a PAC
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Fri, 16 Jun 2023 02:24:50 +0000 (14:24 +1200)]
s4:kdc: Check authentication policy server restrictions
For a constrained delegation request, we need to pass ‘delegated_proxy’
(and the delegated proxy PAC, if one was provided) into
samba_kdc_update_pac() so that we can verify that the delegating server
is allowed to authenticate to the target server.
The ‘const’ is entirely unnecessary in a function declaration, but we
add it just to be consistent.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 20 Jun 2023 00:57:27 +0000 (12:57 +1200)]
s4:kdc: Add comment stating that policies aren’t looked up for S4U clients
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 20 Jun 2023 00:59:11 +0000 (12:59 +1200)]
tests/krb5: Test that client policies are not enforced with S4U
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
projects / thirdparty / samba.git / log
