summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* docs: remove duplicate mention of "smbtorture" in smbtorture manpage.Günther Deschner2013-11-191-4/+0
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: remove duplicate arguments listing in regdiff manpage.Günther Deschner2013-11-191-3/+0
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* heimdal: Fix CID 745516 Use after freeVolker Lendecke2013-11-141-1/+3
| | | | | | | | | | | If the loop is exited normally, i.e. we did not find anything proper within DH_NUM_TRIES, we try to BN_free a second time. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Thu Nov 14 19:17:06 CET 2013 on sn-devel-104
* s4:rpc-server: fix lsa_lookupsids return value for the domain sidMichael Adam2013-11-131-0/+10
| | | | | | | | | | | We currently return type UNKNOWN and copy the domain sid to the name. Instead we should return type DOMAIN and return NULL as name. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Nov 13 13:34:16 CET 2013 on sn-devel-104
* s4:rpc-server: fix use after free in dcesrv_lsa_lookup_sid()Michael Adam2013-11-131-1/+4
| | | | | | | | Authority name may be accessed after state has gone away and take domain_name with it. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* heimdal: Fix CID 240779 Allocation size mismatchVolker Lendecke2013-11-131-2/+2
| | | | | | | | | | | | | The error Coverity complains about is in the malloc. krb5_enctypes is an enum, so it is usually smaller than the size of a pointer. So we overallocate, but in the memcpy further down we copy from potentially invalid memory. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Nov 13 11:05:44 CET 2013 on sn-devel-104
* tls: Fix CID 242014 Uninitialized scalar variableVolker Lendecke2013-11-131-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* tls: Fix some noblank line endingsVolker Lendecke2013-11-131-33/+32
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* heimdal: Fix CID 241943 Uninitialized pointer readVolker Lendecke2013-11-131-1/+2
| | | | | | | | In the error case without EXTRA_ADDRESSES we access ignore_addresses without initialization Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4-dsdb: Fix a use after free segfault.Andreas Schneider2013-11-121-3/+4
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Tue Nov 12 19:22:28 CET 2013 on sn-devel-104
* s4-torture: Relax time checking in CHECK_NTTIME.Andreas Schneider2013-11-122-2/+2
| | | | | | | | | NTTIME has a nanosecond resolution. We should be tolerate if the system is busy writing and reading the value. To reproduce this problem just run the test under valgrind. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* s4:torture/netlogon: Test netlogon with additional attrsBenjamin Franzke2013-11-121-0/+83
| | | | | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com> se enter the commit message for your changes. Lines starting Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Nov 12 00:57:19 CET 2013 on sn-devel-104
* s4:torture/ldap: Add test for netlogon over tcpBenjamin Franzke2013-11-114-330/+519
| | | | | | | | | | | | | | | This patch moves the udp netlogon tests from cldap.c to netlogon.c and passes a generic netlogon-send function as parameter. Therefore a tcp replacement for cldap_netlogon is also added. The two variants tcp and udp are added as 2 new torture tests: ldap.netlogon-udp & ldap.netlogon-tcp Both tests succeed. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* s4:dsdb: Move cldap netlogon functions into samdb/ldb_modulesBenjamin Franzke2013-11-1110-34/+10
| | | | | | | | As netlogon is handled by the samdb now, the corresponding functions should live there as well. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* s4:cldap_server: Do not handle netlogon ourself anymoreBenjamin Franzke2013-11-113-62/+5
| | | | | | | | | Netlogon is now handled by the ldb rootdse module. The netlogon files will be moved to dsdb in the next commit. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* s4:dsdb/rootdse: Support netlogon requestBenjamin Franzke2013-11-113-11/+77
| | | | | | | | | | | | | | | | | | | | | | This patch adds support for a netlogon ldap style request over the tcp socket. This is available since win2k3+ [1]. The automatic client join & configuration daemon "realmd" makes use of this ability. Realmd can now be used to join a computer to a samba 4 domain. (See also: https://lists.samba.org/archive/samba-technical/2013-October/095606.html) Tested with: ldapsearch -h samba-srv -x -b '' -s base "(&(NtVer=\06\00\00\00)(AAC=\00\00\00\00))" NetLogon And compared the result in wireshark with cldap request issued by examples/misc/cldap.pl. [1]: http://wiki.wireshark.org/MS-CLDAP?action=recall&rev=8 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* s4:dsdb/rootdse: Pass rootdse context to rootdse_add_dynamicBenjamin Franzke2013-11-111-20/+19
| | | | | | | | This replaced the *module parameter, and uses ac->module in the function instead, same for *req and *attrs. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* s4:cldap_server: Move netlogon parsing into utility functionBenjamin Franzke2013-11-112-34/+73
| | | | | | | To be used later by netlogon-request over ldap. Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* s4:torture/cldap: Fix a typoBenjamin Franzke2013-11-111-1/+1
| | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* gpo: Fix CID 1034880 Resource leakVolker Lendecke2013-11-111-2/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> Autobuild-User(master): Ira Cooper <ira@samba.org> Autobuild-Date(master): Mon Nov 11 22:59:10 CET 2013 on sn-devel-104
* gpo: Fix CID 1034881 Resource leakVolker Lendecke2013-11-111-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* ntvfs: Fix CID 1034883 Resource leakVolker Lendecke2013-11-111-1/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* backupkey: Fix CID 1034885 Resource leakVolker Lendecke2013-11-111-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* samdb: Fix CID 241968 Uninitialized pointer readVolker Lendecke2013-11-111-1/+1
| | | | | | | Interestingly gcc does not catch this at all. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* heimdal: Fix 241482 Resource leakVolker Lendecke2013-11-111-2/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* registry: Fix Coverity ID 1034918 Wrong sizeof argumentVolker Lendecke2013-11-111-2/+2
| | | | | | | | sizeof(data_val) is the size of the pointer. This might well be 8 bytes where the string is only 4 bytes long Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* registry: Fix Coverity ID 1034917 Wrong sizeof argumentVolker Lendecke2013-11-111-2/+3
| | | | | | | | sizeof(data_val) is the size of the pointer. This might well be 8 bytes where the string is only 4 bytes long Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* registry: Fix Coverity ID 1034916 Wrong sizeof argumentVolker Lendecke2013-11-111-1/+2
| | | | | | | | sizeof(data_val) is the size of the pointer. This might well be 8 bytes where the string is only 4 bytes long Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* dsdb: Fix Coverity ID 1034907 Dereference before null checkVolker Lendecke2013-11-111-1/+1
| | | | | | | "module" has already been dereferenced by ldb_module_get_private(module) Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* oLschema2ldif: Add some NULL checksVolker Lendecke2013-11-111-0/+6
| | | | | | | This should fix Coverity ID 1034812 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* s4:torture:smb2: add new lease.upgrade3 test to test the contended upgradeMichael Adam2013-11-111-0/+143
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Test what upgrades work when there is another lease already held, in addition to the lease to be upgraded. The summary of the behaviour is this: ------------------------------------- If we have two leases (lease1 and lease2) on the same file, then attempt to upgrade lease1 results in a change if and only if the requested lease state: - is valid, - is strictly a superset of lease1, and - can held together with lease2. In that case, the resuling lease state of the upgraded lease1 is the state requested in the upgrade. lease2 is not broken and remains unchanged. Note that this contrasts the case of directly opening with an initial requested lease state, in which case you get that portion of the requested state that can be shared with the already existing leases (or the states that they get broken to). Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Mon Nov 11 18:04:47 CET 2013 on sn-devel-104
* s4:torture:smb2: add comment explaining lease upgrade in the non-contended caseMichael Adam2013-11-111-0/+11
| | | | | | | | | | | | | | | The summary of the behaviour is this: ------------------------------------- An uncontended lease upgrade results in a change if and only if the requested lease state is - valid, and - strictly a superset of the lease state already held. In that case the resulting lease state is the one requested in the upgrade. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* CVE-2013-4476: s4:libtls: check for safe permissions of tls private key file ↵Björn Baumbach2013-11-112-0/+33
| | | | | | | | | | | | | | | | | | (key.pem) If the tls key is not owned by root or has not mode 0600 samba will not start up. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Björn Baumbach <bb@sernet.de> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Mon Nov 11 13:07:16 CET 2013 on sn-devel-104
* CVE-2013-4476: s4:libtls: Create tls private key file (key.pem) with mode 0600Björn Baumbach2013-11-111-1/+1
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234 Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-smb_server: Fix a use after free.Andreas Schneider2013-11-081-1/+5
| | | | | | | If we haven't allocated the smbsrv_session then we should not free it. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-lsa: Make sure we also duplicate the domain_name.Andreas Schneider2013-11-071-4/+20
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Nov 7 18:58:44 CET 2013 on sn-devel-104
* s4-lsa: Add missing null checks in dcesrv_lsa_lookup_name().Andreas Schneider2013-11-071-0/+12
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s4-lsa: Fix a user after free in dcesrv_lsa_lookup_name().Andreas Schneider2013-11-071-3/+9
| | | | | | Pair-Programmed-With: Volker Lendecke <vl@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* Add regression test for bug #10229 - No access check verification on stream ↵Jeremy Allison2013-11-041-0/+181
| | | | | | | | | | | | | | files. Checks against a file with attribute READONLY, and a security descriptor denying WRITE_DATA access. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: David Disseldorp <ddiss@suse.de> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Nov 4 23:10:10 CET 2013 on sn-devel-104
* torture: Add smb2.rename.rename_dir_benchVolker Lendecke2013-11-041-0/+375
| | | | | | | | | This is a little benchmark test excercising parallel directory renames. With lots of open files directory renames get pretty slow against some SMB server implementations. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-dsdb: instanceType NC_HEAD is only allowed combined with WRITE for an ↵Nadezhda Ivanova2013-11-032-5/+15
| | | | | | | | | | | | originating add operation As described in MS-ATDS 3.1.1.5.2.8. Signed-off-by: Nadezhda Ivanova <nivanova@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Sun Nov 3 16:17:30 CET 2013 on sn-devel-104
* auth-kerberos: add the credentials.h so that enum credentials_obtained is ↵Matthieu Patou2013-10-271-0/+1
| | | | | | | | | | | | | defined We had a warning about the enum being defined in the parameter list: warning: ‘enum credentials_obtained’ declared inside parameter list Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlet <abartlet@samba.org> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Sun Oct 27 02:25:47 CET 2013 on sn-devel-104
* torture: add FSCTL_SRV_COPYCHUNK_WRITE access testDavid Disseldorp2013-10-251-2/+51
| | | | | | | | | | | Check that FSCTL_SRV_COPYCHUNK_WRITE succeeds when the copy-chunk target is opened with SEC_RIGHTS_FILE_WRITE only. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Oct 25 22:48:59 CEST 2013 on sn-devel-104
* s4-dsacl: Fixed incorrect handling of privileges in sec_access_check_dsNadezhda Ivanova2013-10-252-1/+31
| | | | | | | | | | Restore and backup privileges are not relevant to ldap access checks, and the TakeOwnership privilege should grant write_owner right Signed-off-by: Nadezhda Ivanova <nivanova@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* torture: Add smb2.oplock.levelII501 testVolker Lendecke2013-10-241-1/+256
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Thu Oct 24 16:15:50 CEST 2013 on sn-devel-104
* torture: Extend the raw.oplock.level_ii_1 testVolker Lendecke2013-10-231-0/+14
| | | | | | | | | | | | | | smbd broke to none twice. Make sure this won't happen again :-) This used to happen before the MSG_SMB_BREAK_RESPONSE merge. In process_oplock_break_message we did not call remove_oplock, which would have prevented this. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Oct 23 14:06:13 CEST 2013 on sn-devel-104
* torture: Add a test showing we have to break L2 at open timeVolker Lendecke2013-10-231-0/+105
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture: Add oplock break to l2/none testsVolker Lendecke2013-10-232-0/+179
| | | | | | | | | The level we have to break to depends on the create disposition of the second opener. If it's overwriting, break to none. If it's not, break to level2. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture: Check break level in raw.oplock.exclusive5Volker Lendecke2013-10-231-0/+1
| | | | | | | | | | This is what Windows does in this case, we don't survive that. We break to LEVEL2 here. Fixes and more precise test to follow. We don't survive this anymore. Re-enable later. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* torture: Add reproducer for bug 10216Volker Lendecke2013-10-231-0/+12
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
generated by cgit (git 2.34.1) at 2024-06-30 19:57:19 +0000