| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
This makes it clearer that we don't really have a string in .hdr
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
|
|
|
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan (metze) Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Mar 10 18:05:13 CET 2015 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
| |
Rather than keep state in global variables, store the current
context such as the winbind file descriptor in a struct that is
passed in. This makes the winbind client library thread-safe.
Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Issue a QAR request with an offset and length that generate an integer
(uint64_t) overflow when summed together. This should result in an
NT_STATUS_INVALID_PARAMETER response, as confirmed against Windows
Server 2012 & 2008.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 10 00:02:18 CET 2015 on sn-devel-104
|
|
|
|
|
|
|
|
| |
Write 10 x 64K ranges, with 64K holes punched in between. Afterwards,
check that all ranges are present in the QAR response.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
| |
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
| |
An exclusively locked file can still be marked sparse. QAR requests
covering the locked-range should also succed. ZERO_DATA requests are
blocked.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
| |
This test confirms that correct FSCTL_SET_SPARSE permission checks are
in place on the server.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
check_pattern() currently attempts to read all data in one go. Fix it to
use a 64K maximum IO size so that it works against Windows Server 2008.
Additionally, rework write_pattern() so that it only allocates a buffer
for the largest IO size (now 64K), rather than for the full write
length.
Finally, assert that callers are correctly performing pattern IO in
8-byte increments - copy_chunk_tiny was not, so fix it.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Attempt to extend a file using ZERO_DATA. The operation should succeed,
but the file should not be extended, as specified in MS-FSCC <58>
Section 2.3.65:
This FSCTL sets the range of bytes to zero (0) without extending the
file size.
Also test zero length and invalid BFZ requests.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
NTFS deallocates an entire file when a sparse zero-data request spans
the full length. Other filesystems (e.g. EXT4 and Btrfs) do not.
vfs_btrfs is additionally capable of preserving sparse regions for
copy-chunk, using the BTRFS_IOC_CLONE_RANGE ioctl. This should not be
treated as a failure.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Samba uses PUNCH_HOLE to zero a range, and subsequently uses fallocate()
to allocate the punched range if the file is marked non-sparse and
"strict allocate" is enabled.
In both cases, the zeroed range will not be detected by SEEK_DATA, so
the range won't be present in QAR responses until the file is marked
non-sparse again.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
| |
These tests assumed that 4K chunks remain allocated following write at
a subsequent offset. This is not the case for other filesystems (E.g.
XFS, Btrfs, Etc.), which may deallocate the chunk.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[MS-FSCC] specifies:
The number of FILE_ALLOCATED_RANGE_BUFFER elements returned is
computed by dividing the size of the returned output buffer (from
either SMB or SMB2, the lower-layer protocol that carries the FSCTL)
by the size of the FILE_ALLOCATED_RANGE_BUFFER element.
Ideally, this requirement could be defined in idl with the following:
[flag(NDR_REMAINING)] file_alloced_range_buf array[];
However, this is not currently supported by PIDL, so just use an opaque
data blob for now.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This test only checks for S4U2Self of the same user, but shows
that a user account is not a valid service for this purpose.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Mar 9 12:10:09 CET 2015 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
| |
This is now handled properly by samba_kdc_lookup_server() and this wrapper actually
breaks things.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During initial wire trace analysis, the DCE/RPC PDU verification trailer
was incorrectly identified and tagged in IDL as an FSRVP "magic" blob.
This change removes the incorrectly tagged FSRVP request fields and
corresponding test code - with 1e1b7b1021b16e3ab61c2fca8328c94e60a2c99c
verification trailer parsing is now tested separately.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 7 20:01:20 CET 2015 on sn-devel-104
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I think Coverity is right here: Before the preceding call to
krb5_make_principal we already krb5_free_principal(ctx, tmp_creds.server)
without wiping out tmp_creds.server. The call to krb5_make_principal only
stores something fresh when it also returns 0 a.k.a. success.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Mar 6 17:38:09 CET 2015 on sn-devel-104
|
|
|
|
|
|
| |
Change-Id: Idb40fcb564455f16608ea991b086e41e22ae51e3
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
| |
Change-Id: Iaa1af59005eaee7ea79f3260b250a2c948e07532
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
| |
Change-Id: Ie9a115d131624bfc68e6f40822acade70d145735
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
| |
Change-Id: Icaf472198e93e283db2ae6ed99fd7ceae037af87
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
|
|
|
|
|
|
|
|
|
|
| |
Different gcc versions complain at different places
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Mar 3 13:14:53 CET 2015 on sn-devel-104
|
|
|
|
|
|
|
| |
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(The testsuite got removed with 5bb410f85312196bb24e62a6a0b8350576433dc6).
Although nss_wrapper now also has an upstream testsuite, it is still important
to run the older torture testsuite within Samba so we have some testing on
nss_winbind correctnes and consistency.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
|
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Feb 25 16:32:29 CET 2015 on sn-devel-104
|
|
|
|
|
| |
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
|
|
|
|
|
|
| |
This may be handy if this key is compromised, or along with chgtdcpass to isolate test copies
of production domains in such a way that they cannot mix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
|
|
|
|
|
|
|
| |
We now have a reliable handler for backlinks so this we can now rename both objects
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
|
|
|
|
|
|
| |
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
| |
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
|
| |
We use GnuTLS because it can reliably generate 2048 bit keys every time.
Windows clients strictly require 2048, no more since it won't fit and no
less either. Heimdal would almost always generate a smaller key.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10980
|
|
|
|
|
|
|
|
|
| |
Without GnuTLS, we don't have ldaps:// support and we are unable to
readily create RSA keys of the correct length for the BackupKey
protocol.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
| |
These show that MS-BKRP 3.1.4.1.1 BACKUPKEY_BACKUP_GUID is incorrect when it
states that the key must be the leading 64 bytes, it must be the whole 256 byte
buffer.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
|
|
|
|
|
|
|
|
|
| |
2012R2
This is done in both smbtoture and in our server
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
|
|
|
|
|
|
|
|
|
|
|
| |
We implement both modes in BACKUPKEY_RESTORE_GUID, as it may decrypt
both ServerWrap and ClientWrap data, and we implement
BACKUPKEY_RESTORE_GUID_WIN2K.
BUG: https://bugzilla.samba.org/attachment.cgi?bugid=11097
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
|
|
|
|
|
|
|
|
|
| |
no value
This happen on the RODC, a case that we try not to permit at all.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
|
|
|
|
|
|
|
| |
The values we return here are client-provided passwords or other keys, that we decrypt for them.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
|
|
|
|
|
|
|
|
| |
This makes it clear that this is the data stored on the LSA secrets store
and not the client-provided data to be encrypted.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
|
|
|
|
|
|
|
| |
BUG: https://bugzilla.samba.org/attachment.cgi?bugid=11097
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
|