This makes the logical steps a bit cleaner and future changes easier.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jan 15 14:00:28 UTC 2025 on atb-devel-224
s4:auth/ntlm: let authsam_check_password_internals() add NETLOGON_NTLMV2_ENABLED
Windows returns NETLOGON_NTLMV2_ENABLED in all
netr_LogonSamLogon* response messages.
Even if NTLMv1 was actually used and also
for password authentication.
selftest: force 'client use krb5 netlogon = yes' for admem_idmap_autorid
With 'reject aes netlogon servers = yes' we prevent any fallback.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan 14 00:37:34 UTC 2025 on atb-devel-224
s3:libads: prepare trust_pw_change() for ServerAuthenticateKerberos()
We use kerberos_kinit_passwords_ext() to check the password before
and after ServerPasswordSet2() as ServerAuthenticateKerberos()
does not check it. We use the ip address of the dcerpc connection
in order to use a fixed KDC, so that we talk to the same server
that also received the ServerPasswordSet2().
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Vinit Agnihotri [Tue, 3 Dec 2024 05:42:34 +0000 (11:12 +0530)]
param: Add API to load registry without share info
As number of shares increases loading entire registry configuration along with
share information becomes very costly operation.
Since we may not require share information all time, we can optimise
this by using API just loading configuration without any share info.
s4:selftest: samba.tests.krb5.netlogon don't need explicit FAST_SUPPORT
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jan 8 10:16:50 UTC 2025 on atb-devel-224
s4:dsdb: fix logic of dsdb_trust_routing_by_name()
We need to use the longest dnsname match as possible.
If we are the domain samba.example.com and have a trust
to example.com, a routing request for dc.samba.example.com
should return the tdo for samba.example.com instead
of example.com.
It lets the KDC of ADDOM.SAMBA2008R2.EXAMPLE.COM to
generate a (referral) ticket for
krbtgt/SAMBA2008R2.EXAMPLE.COM@ADDOM.SAMBA2008R2.EXAMPLE.COM
instead of
cifs/addc.addom.samba2008r2.example.com@ADDOM.SAMBA2008R2.EXAMPLE.COM
As ADDOM.SAMBA2008R2.EXAMPLE.COM has a forest trust (without msDS-TrustForestTrustInfo)
to SAMBA2008R2.EXAMPLE.COM dsdb_trust_update_best_tln() overwrote the
best match of addom.samba2008r2.example.com with samba2008r2.example.com.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Jan 8 04:14:47 UTC 2025 on atb-devel-224
Ralph Boehme [Thu, 5 Dec 2024 09:26:59 +0000 (10:26 +0100)]
smbd: fill fsp_flas.posix_append in open_file_ntcreate()
This small changes enables the new append-IO machinery.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 7 23:05:57 UTC 2025 on atb-devel-224
Ralph Boehme [Fri, 22 Nov 2024 18:40:38 +0000 (19:40 +0100)]
smbd: prepare smb2_write.c for handling a negative offset
Use off_t instead of uint64_t for the offset in order to support negative
offsets coming in over the wire for SMB3 POSIX append-IO which enforces
offset=VFS_PWRITE_APPEND_OFFSET (-1) for all writes.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 29 Nov 2024 12:04:36 +0000 (13:04 +0100)]
smbd: check for VFS_PWRITE_APPEND_OFFSET in vfs_fill_sparse()
This is the only place a function dealing with allocation and file length being
called from the write IO path. In the case of POSIX append-IO with
offset=VFS_PWRITE_APPEND_OFFSET vfs_fill_sparse() must be a noop.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 29 Nov 2024 12:00:30 +0000 (13:00 +0100)]
smbd: add vfs_valid_allocation_range() as a copy of vfs_valid_pwrite_range()
Not a copy of the whole code obviously, a copy of behaviour. A subsequent commit
will further change vfs_valid_pwrite_range().
Existing callers of vfs_valid_pwrite_range() that are not calling it in the
write-IO codepath, but when dealing with allocation and size, are converted to
use vfs_valid_allocation_range().
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 9 Nov 2024 15:00:39 +0000 (16:00 +0100)]
smbtorture: verify Windows SEC_FILE_APPEND_DATA behaviour
This test proves that Windows will not enforce append behaviour when using
SEC_FILE_APPEND_DATA: writing with an offset and length into existing data is
not mapped to an append operation. According to
If only the FILE_APPEND_DATA and SYNCHRONIZE flags are set, the caller can
write only to the end of the file, and any offset information on writes to the
file is ignored. However, the file is automatically extended as necessary for
this type of write operation.
...but at least over SMB2 it doesn't work.
This also demonstrates that Windows behaves as documented in the footnote in
MS-SMB2 3.3.5.13 "Receiving an SMB2 WRITE Request":
If the range being written to is within the existing file size and
Open.GrantedAccess does not include FILE_WRITE_DATA, or if the range being
written to extends the file size and Open.GrantedAccess does not include
FILE_APPEND_DATA, the server SHOULD<358> fail the request with
STATUS_ACCESS_DENIED.
MS-SMB2 <358> Section 3.3.5.13:
Windows SMB2 servers allow the operation when either FILE_APPEND_DATA or
FILE_WRITE_DATA is set in Open.GrantedAccess.
==47833== Invalid read of size 1
==47833== at 0x4846782: strlen (vg_replace_strmem.c:494)
==47833== by 0x4F9D257: __vfprintf_internal (vfprintf-process-arg.c:397)
==47833== by 0x4FBD3A5: __vasprintf_internal (vasprintf.c:57)
==47833== by 0x4EBDFFD: __dbgtext_va (debug.c:1939)
==47833== by 0x4EBE125: dbgtext (debug.c:1960)
==47833== by 0x49A9E77: exit_server_common (server_exit.c:230)
==47833== by 0x49A9EE6: smbd_exit_server_cleanly (server_exit.c:247)
==47833== by 0x4ECA2EF: exit_server_cleanly (smbd_shim.c:113)
==47833== by 0x495E72B: smbd_server_connection_terminate_done (smb2_server.c:1758)
==47833== by 0x4D4ED6A: _tevent_req_notify_callback (tevent_req.c:177)
==47833== by 0x4D4EEFB: tevent_req_finish (tevent_req.c:234)
==47833== by 0x4D4F02A: tevent_req_trigger (tevent_req.c:291)
==47833== Address 0xb8cf820 is 96 bytes inside a block of size 123 free'd
==47833== at 0x484317B: free (vg_replace_malloc.c:872)
==47833== by 0x4CF8950: _tc_free_internal (talloc.c:1222)
==47833== by 0x4CF993E: _tc_free_children_internal (talloc.c:1669)
==47833== by 0x4CF8830: _tc_free_internal (talloc.c:1184)
==47833== by 0x4CF993E: _tc_free_children_internal (talloc.c:1669)
==47833== by 0x4CF8830: _tc_free_internal (talloc.c:1184)
==47833== by 0x4CF89F7: _talloc_free_internal (talloc.c:1248)
==47833== by 0x4CF9D93: _talloc_free (talloc.c:1792)
==47833== by 0x495E700: smbd_server_connection_terminate_done (smb2_server.c:1748)
==47833== by 0x4D4ED6A: _tevent_req_notify_callback (tevent_req.c:177)
==47833== by 0x4D4EEFB: tevent_req_finish (tevent_req.c:234)
==47833== by 0x4D4F02A: tevent_req_trigger (tevent_req.c:291)
==47833== Block was alloc'd at
==47833== at 0x48407B4: malloc (vg_replace_malloc.c:381)
==47833== by 0x4CF7CAC: __talloc_with_prefix (talloc.c:783)
==47833== by 0x4CF7E46: __talloc (talloc.c:825)
==47833== by 0x4CFB007: __talloc_strlendup (talloc.c:2454)
==47833== by 0x4CFB0BD: talloc_strdup (talloc.c:2470)
==47833== by 0x495E7B6: smbd_server_connection_terminate_ex (smb2_server.c:1775)
==47833== by 0x4969222: smbd_smb2_connection_handler (smb2_server.c:5291)
==47833== by 0x4D4CAE2: tevent_common_invoke_fd_handler (tevent_fd.c:174)
==47833== by 0x4D596D5: epoll_event_loop (tevent_epoll.c:696)
==47833== by 0x4D59E5E: epoll_event_loop_once (tevent_epoll.c:926)
==47833== by 0x4D5529C: std_event_loop_once (tevent_standard.c:110)
==47833== by 0x4D4B3B9: _tevent_loop_once (tevent.c:820)
==47833==
state was a child of "xconn", so when xconn was freed state went away.
As reason is used at the very end of exit_server_common() after *all* global
objects that could be used as talloc parent are freed, there's just no other way
to make "reason" a talloc string then allocating it from the NULL context right
away.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Tokarev [Thu, 17 Nov 2022 20:51:03 +0000 (23:51 +0300)]
fruit: fixup size_t overflow check
https://bugzilla.samba.org/show_bug.cgi?id=13622 .
The check ('bandsize > SIZE_MAX/nbands' is wrong, since
it caps the total size to the wrong data type size_t
instead of off_t -- samba is always built with LFS support
so off_t is always 64bits, while size_t is 32bit son a
32bit platform. This has caused issues already, capping
size of the bands: https://bugs.debian.org/974868 .
Since there's another overflow check already, let's just
fold this one to the following one and log a more complete
error message.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Sat Jan 4 20:47:35 UTC 2025 on atb-devel-224
Michael Tokarev [Fri, 29 Nov 2024 06:34:42 +0000 (09:34 +0300)]
include <grp.h> for setgroups in a few places
setgroups(), unlike getgroups(), is not in <unistd.h> but in <grp.h>.
Recent compilers require function declaration before using a function
(or more and more distributions treat lack of declaration as error),
so all configure-time tests fails with source3/lib/util_sec.c:
source3/../lib/util/setid.c: In function 'samba_setgroups':
source3/../lib/util/setid.c:244:16: error: implicit declaration of function \
'setgroups'; did you mean 'getgroups'? [-Wimplicit-function-declaration]
244 | return setgroups(setlen, gidset);
Add the missing include so configuration finds the existing system
functions instead of failing.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Thu Jan 2 17:58:50 UTC 2025 on atb-devel-224
Michael Tokarev [Mon, 18 Nov 2024 12:00:05 +0000 (15:00 +0300)]
remove usage of bzero
bzero() function has been deprecated for a long time.
In samba it is replaced with memset(). But samba also
provides common memory-zeroing macros, like ZERO_STRUCT().
In all places where bzero() is used, it actually meant to
zero a structure or an array.
So replace these bzero() calls with ZERO_STRUCT() or
ZERO_ARRAY() as appropriate, and remove bzero() replacement
and testing entirely.
While at it, also stop checking for presence of memset() -
this function is standard for a very long time, and the
only conditional where HAVE_MEMSET were used, was to
provide replacement for bzero() - in all other places
memset() is used unconditionally.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Michael Tokarev [Mon, 18 Nov 2024 11:19:54 +0000 (14:19 +0300)]
replace direct calls to memset_s() with commonly used macros
samba provides macros for zeroing various structures in memory,
and all code uses them instead of relying on memset_s().
However, a few places use memset_s() directly. Replace these
usages with macros for consistency and to be able to replace
memset_s() easier.
A few notes.
Commit 03a50d8f7d872b6ef701d12 "lib:util: Check memset_s() error
code in talloc_keep_secret_destructor()" (Aug-2022) added a check
for error return from memset_s(). This is the only place in whole
codebase which bothers about doing this. But I've difficult time
figuring out the intention. Was there a real case when this code
path is actually executed?
Commit 7658c9bf0a9c99e3f200571 "lib:crypto: Remove redundant array
zeroing" (Nov-2023) removed the OTHER line from the two lines used
to zero memory in here. Initially the code used both memset_s()
*and* ZERO_ARRAY_LEN(), the former has been removed. This change
removes the other - memset_s(), reintroducing ZERO_ARRAY_LEN().
Here however, it's probably better to use BURN_PTR instead of
ZERO_ARRAY - in this place and a few lines above.
Commit 8dddea2ceda40f2365bd6b1 "lib:talloc: Use memset_s() to avoid
the call gets optimized out" (Feb-2024) is a recent commit which
introduces memset_s(). However, it does not seem like it makes
any difference whatsoever for a testsuite, or that it actually
needs to clean up the memory to begin with.
We've quite an assortment of all this memory zeroing stuff. Also
it is repeated in replace.h and memory.h (two sets in these files
are different but has big intersection). I'd say, to fix this mess,
things from replace.h should be removed in favour of memory.h, and
necessary includes added, but this is for the next time. We also
have lots of direct usages of memset_s() in heimdal code.
Cc: Joseph Sutton <josephsutton@catalyst.net.nz> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Michael Tokarev [Tue, 26 Apr 2022 13:14:38 +0000 (16:14 +0300)]
testparm: do not fail if /run/samba does not exist
testparm explicitly fails if $piddir or $lockdir does not exist.
However, the daemons which actually use these directories, will
create it on demand, there is no need to fail even simple testparm
operations if the dirs are not there.
This change lets to (pre)configure samba without bothering to
pre-create the directories which are overwise needed only to fulfil
testparm criteria.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Michael Tokarev [Mon, 26 Feb 2024 11:15:00 +0000 (14:15 +0300)]
Minimal EDNS0 support for built-in DNS client
Currently, samba built-in DNS client is UDP-only (it does
support TCP mode, but not all components use it). In
particular, when winbind queries list of AD DCs (SRV
record) which can be quite large, it uses UDP-only query.
And at the same time, samba DNS client does not support
EDNS0 at all, so the reply is limited to standard DNS
packet size which is 512 bytes.
Add minimal EDNS0 OPT record to ADDITIONAL section when
sending a DNS request out, indicating we can accept
DNS packets up to 4Kb in size.
Since DNSSEC is in wide use today and DNSSEC requires
EDNS0, it is okay to assume ENDS0 is widely supported
these days, so there should be no regressions when
enabling EDNS0.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Michael Tokarev [Mon, 18 Nov 2024 09:45:08 +0000 (12:45 +0300)]
libsamba-errors: eliminate dependency on samba-debug
libsamba-errors is a collection of error codes/descriptions
like strerror(), - it is a set of simple functions converting
error code to string or the like. However, in one single
place there's a DBG_DEBUG() "call" in errmap_unix.c, in
map_errno_from_nt_status(), which is here for a very long time
(since before samba3, initially with debug level 10).
Drop this debugging info, and eliminate extra dependency.
This makes libsamba-errors independent and self-contained,
with a well-known and stable ABI.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
projects / thirdparty / samba.git / log
