[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f1a83798f01 third_party/heimdal: Import lorikeet-heimdal-202402132018 (commit 66d4c120376f60ce0d02f4c23956df8e4d6007f2) via beaeeaff501 s4:rpc_server: Make some arrays static via 3b85345c4c5 lib:util: Fix printing hex‐escaped characters via 7e855f8d89c lib:util: Correctly determine whether a character needs to be escaped via 18208dbef72 s4:rpc_server: Remove trailing whitespace via 4b0f3f3d100 python: Fail the test if we don’t receive an NTSTATUSError via 3e342e2d37a tests/krb5: Move assertLocalSamDB() into RawKerberosTest via df475fbc2f8 tests/krb5: type hinting via 69c3044a726 python/tests: Use TestCaseInTempDir rather than "private dir" for exported keytab via a1d7af24853 python/tests: Convert dckeytab test to use new NDR keytab parser via 2e230f728ec python/tests: Add test for new krb5 keytab parser via e6ef2fc2240 librpc/idl: Check protocol version number in Kerberos ccache parser via ecaaff57e45 librpc/idl: Add a parser for a FILE: format keytab via 9a5cc120421 python/samba/samdb: Only do caching of well known DNs in dbcheck from 5a0fce58650 source4/torture: Add SEC_STD_DELETE to enable proper cleanup https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f1a83798f0102f7d35295a6c0d4db0580a791579 Author: Jo Sutton Date: Wed Feb 14 09:37:13 2024 +1300 third_party/heimdal: Import lorikeet-heimdal-202402132018 (commit 66d4c120376f60ce0d02f4c23956df8e4d6007f2) Signed-off-by: Jo Sutton Reviewed-by: Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Tue Feb 27 02:19:31 UTC 2024 on atb-devel-224 commit beaeeaff501b22fdfb3928d788597398fcbbbe29 Author: Jo Sutton Date: Tue Feb 20 16:46:07 2024 +1300 s4:rpc_server: Make some arrays static Signed-off-by: Jo Sutton Reviewed-by: Andrew Bartlett commit 3b85345c4c5bc7fa7196c8802a6be60e0e4a043f Author: Jo Sutton Date: Tue Feb 20 16:35:43 2024 +1300 lib:util: Fix printing hex‐escaped characters A signed char, passed to snprintf(), will be promoted to an ‘int’, and then interpreted (according to the format string) as an ‘unsigned int’. Any negative values passed in will thus be interpreted as large unsigned values, too large to be represented in the two characters allocated for them. In practice, they will always be represented as ‘\xFF’. Cast these characters to ‘unsigned char’, and use the appropriate length modifier for that type. Signed-off-by: Jo Sutton Reviewed-by: Andrew Bartlett commit 7e855f8d89cb0b3491d31c93da608417c38c6b00 Author: Jo Sutton Date: Tue Feb 20 16:30:15 2024 +1300 lib:util: Correctly determine whether a character needs to be escaped The condition ‘c > 0x1F’ is clearly meant to test whether a character is a control code or not. While it works for ASCII characters, when ‘char’ is signed it fails for codepoints above 0x7f, which get represented as negative values. Make this calculation work as it was (presumably) intended by casting to ‘unsigned char’. Signed-off-by: Jo Sutton Reviewed-by: Andrew Bartlett commit 18208dbef721babf21533e5058f388d3b98d372e Author: Jo Sutton Date: Tue Feb 20 14:43:33 2024 +1300 s4:rpc_server: Remove trailing whitespace Signed-off-by: Jo Sutton Reviewed-by: Andrew Bartlett commit 4b0f3f3d100dcdf5a5bf9947a2baa574af76ad30 Author: Jo Sutton Date: Tue Feb 20 12:27:36 2024 +1300 python: Fail the test if we don’t receive an NTSTATUSError Signed-off-by: Jo Sutton Reviewed-by: Andrew Bartlett commit 3e342e2d37aed612cab59f5433870f5208a6 Author: Jo Sutton Date: Thu Feb 15 13:45:10 2024 +1300 tests/krb5: Move assertLocalSamDB() into RawKerberosTest Signed-off-by: Jo Sutton Reviewed-by: Andrew Bartlett commit df475fbc2f8e19e37674ece59cdb8daa0aece072 Author: Jo Sutton Date: Fri Dec 8 14:05:45 2023 +1300 tests/krb5: type hinting Signed-off-by: Jo Sutton Reviewed-by: Andrew Bartlett commit 69c3044a7265c83d053b2690de772eb4ff9d86ca Author: Andrew Bartlett Date: Wed Feb 21 14:29:44 2024 +1300 python/tests: Use TestCaseInTempDir rather than "private dir" for exported keytab Signed-off-by: Andrew Bartlett Reviewed-by: Jo Sutton commit a1d7af2485365b188f1364d6a8388c9cc30e8107 Author: Andrew Bartlett Date: Wed Feb 21 14:14:24 2024 +1300 python/tests: Convert dckeytab test to use new NDR keytab parser This is much nicer than reading strings out of the binary file. Signed-off-by: Andrew Bartlett Reviewed-by: Jo Sutton commit 2e230f728ec8026997183ad50ff6371961c9a9ea Author: Andrew Bartlett Date: Wed Feb 21 10:22:12 2024 +1300 python/tests:
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5a0fce58650 source4/torture: Add SEC_STD_DELETE to enable proper cleanup from e4c3c61302b python:gp: Implement client site lookup in site_dn_for_machine() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5a0fce58650770bc7701d1be72492637c2ced63c Author: Anoop C S Date: Thu Feb 22 19:26:08 2024 +0530 source4/torture: Add SEC_STD_DELETE to enable proper cleanup basic.maximum_allowed and smb2.maximum_allowed attempt to unlink the files created by those tests. But the restrictive SD with which they were created prohibits the deletion inside shares where vfs_acl_xattr is configured including "ignore system acls". The very same file will otherwise cause problems while progressing with remaining sub tests. SEC_STD_DELETE could be the minimum required additional access mask to successfully delete the file under the said configuration using vfs_acl_xattr and "ignore system acls" option without loosing the integrity of the overall test. Signed-off-by: Anoop C S Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Feb 26 18:35:43 UTC 2024 on atb-devel-224 --- Summary of changes: source4/torture/basic/denytest.c | 30 ++- source4/torture/smb2/max_allowed.c | 42 +- 2 files changed, 66 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/basic/denytest.c b/source4/torture/basic/denytest.c index c9f4a97743e..ba636fe2a95 100644 --- a/source4/torture/basic/denytest.c +++ b/source4/torture/basic/denytest.c @@ -2680,10 +2680,11 @@ bool torture_maximum_allowed(struct torture_context *tctx, struct security_descriptor *sd, *sd_orig; union smb_open io; static TALLOC_CTX *mem_ctx; - int fnum, i; + int fnum, fnum1 = -1, i; bool ret = true; NTSTATUS status; union smb_fileinfo q; + union smb_setfileinfo set; const char *owner_sid; bool has_restore_privilege, has_backup_privilege, has_system_security_privilege; @@ -2813,7 +2814,34 @@ bool torture_maximum_allowed(struct torture_context *tctx, smbcli_close(cli->tree, fnum); } + io.generic.level = RAW_OPEN_NTTRANS_CREATE; + io.ntcreatex.in.access_mask = SEC_STD_WRITE_DAC; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.fname = MAXIMUM_ALLOWED_FILE; + + status = smb_raw_open(cli->tree, mem_ctx, &io); + CHECK_STATUS(status, NT_STATUS_OK); + fnum1 = io.ntcreatex.out.file.fnum; + + sd = security_descriptor_dacl_create(tctx, + 0, NULL, NULL, + SID_NT_AUTHENTICATED_USERS, + SEC_ACE_TYPE_ACCESS_ALLOWED, + SEC_STD_DELETE, + 0, + NULL); + set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC; + set.set_secdesc.in.file.fnum = fnum1; + set.set_secdesc.in.secinfo_flags = SECINFO_DACL; + set.set_secdesc.in.sd = sd; + + status = smb_raw_setfileinfo(cli->tree, &set); + CHECK_STATUS(status, NT_STATUS_OK); + done: + smbcli_close(cli->tree, fnum1); smbcli_unlink(cli->tree, MAXIMUM_ALLOWED_FILE); return ret; } diff --git a/source4/torture/smb2/max_allowed.c b/source4/torture/smb2/max_allowed.c index af8b08ac9a9..6d69b84fbe6 100644 --- a/source4/torture/smb2/max_allowed.c +++ b/source4/torture/smb2/max_allowed.c @@ -33,11 +33,12 @@ static bool torture_smb2_maximum_allowed(struct torture_context *tctx, struct security_descriptor *sd = NULL, *sd_orig = NULL; struct smb2_create io = {0}; TALLOC_CTX *mem_ctx = NULL; - struct smb2_handle fnum = {{0}}; + struct smb2_handle fnum = {{0}}, fnum1 = {{0}}; int i; bool ret = true; NTSTATUS status; union smb_fileinfo q; + union smb_setfileinfo set; const char *owner_sid = NULL; bool has_restore_privilege, has_backup_privilege, has_system_security_privilege; @@ -82,7 +83,7 @@ static bool torture_smb2_maximum_allowed(struct torture_context *tctx, q.query_secdesc.in.file.handle = fnum; q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER; status = smb2_getinfo_file(tree, tctx, &q); - torture_assert_ntstatus_ok_goto(tctx, status, ret, done, + torture_assert_ntstatus_ok_goto(tctx, status, ret, set_sd,
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 6c2a8b4 NEWS[4.20.0rc3]: Samba 4.20.0rc3 Available for Download from 11f39d0 NEWS[4.19.5]: Samba 4.19.5 Available for Download https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 6c2a8b43fc453a0c94b8410b6e8721dee1023dcf Author: Jule Anger Date: Mon Feb 26 12:45:05 2024 +0100 NEWS[4.20.0rc3]: Samba 4.20.0rc3 Available for Download Signed-off-by: Jule Anger --- Summary of changes: posted_news/20240226-114717.4.20.0rc3.body.html | 12 posted_news/20240226-114717.4.20.0rc3.headline.html | 3 +++ 2 files changed, 15 insertions(+) create mode 100644 posted_news/20240226-114717.4.20.0rc3.body.html create mode 100644 posted_news/20240226-114717.4.20.0rc3.headline.html Changeset truncated at 500 lines: diff --git a/posted_news/20240226-114717.4.20.0rc3.body.html b/posted_news/20240226-114717.4.20.0rc3.body.html new file mode 100644 index 000..fac8863 --- /dev/null +++ b/posted_news/20240226-114717.4.20.0rc3.body.html @@ -0,0 +1,12 @@ + +26 February 2024 +Samba 4.20.0rc3 Available for Download + +This is the third release candidate of the upcoming Samba 4.20 release series. + + +The uncompressed tarball has been signed using GnuPG (ID AA99442FB680B620). +The source code can be https://download.samba.org/pub/samba/rc/samba-4.20.0rc3.tar.gz";>downloaded now. +See https://download.samba.org/pub/samba/rc/samba-4.20.0rc3.WHATSNEW.txt";>the release notes for more info. + + diff --git a/posted_news/20240226-114717.4.20.0rc3.headline.html b/posted_news/20240226-114717.4.20.0rc3.headline.html new file mode 100644 index 000..5a2ee5c --- /dev/null +++ b/posted_news/20240226-114717.4.20.0rc3.headline.html @@ -0,0 +1,3 @@ + + 26 February 2024 Samba 4.20.0rc3 Available for Download + -- Samba Website Repository
[SCM] Samba Shared Repository - branch v4-20-stable updated
The branch, v4-20-stable has been updated via 17bab5c0774 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc3 release. via f3da62a2bba WHATSNEW: Add release notes for Samba 4.20.0rc3. via 253c5585c91 s3/rpc_client: Fix array offset check via 1ab3de6f46e s3/rpc_client: Ensure max possible row buffer size is not exceeded via 3e226dd1cd5 idl: Add constant for max rows buffer size via c1016224041 s3/rpc_client: cleanup unmarshalling of variant types from row columns via 77cbdf342ca s3/utils: use full 64 bit address for getrows (with 64bit offsets) via ec239d16a97 s3/rpc_client: Remove stray unnecessary comment via 3d47cae71d9 s3/rpc_client: change type of offset to uint64_t via 7107b233346 ctdb-protocol: Add missing push support for new controls via 22e56d9ea2d python: Remove ‘typing.Final’ via 9366f554862 python: do not make use of typing.Final for python 3.6 via 858090913e3 docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" via d8e056d8b0d smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used via 3a8a86adc66 smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run via 87e56ada0db docs-xml: add details for 'net witness' via c4e4d41f0ac s3:utils: fix help string for 'net witness force-response' via f9c0968743d ctdb/events: add 47.samba-dcerpcd.script via bc89a069b3c ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script via d998b68af68 VERSION: Bump version up to Samba 4.20.0rc3... from 0167b75a5b2 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc2 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-stable - Log - --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 23 +- ctdb/config/events/legacy/47.samba-dcerpcd.script | 66 +++ ctdb/config/events/legacy/48.netbios.script | 11 + ctdb/protocol/protocol_control.c | 8 + ctdb/tests/src/protocol_common_ctdb.c | 33 ++ ctdb/tests/src/protocol_ctdb_test.c | 2 +- docs-xml/manpages/net.8.xml | 567 ++ docs-xml/smbdotconf/protocol/smb3sharecaps.xml| 202 librpc/idl/wsp_data.idl | 5 + python/samba/gkdi.py | 16 +- python/samba/nt_time.py | 8 +- python/samba/tests/gkdi.py| 4 +- source3/rpc_client/wsp_cli.c | 127 +++-- source3/smbd/smb2_tcon.c | 20 +- source3/utils/net_witness.c | 2 +- source3/utils/wspsearch.c | 22 +- 17 files changed, 1059 insertions(+), 59 deletions(-) create mode 100755 ctdb/config/events/legacy/47.samba-dcerpcd.script create mode 100644 docs-xml/smbdotconf/protocol/smb3sharecaps.xml Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 12917e08428..efcf3f379e6 100644 --- a/VERSION +++ b/VERSION @@ -89,7 +89,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=2 +SAMBA_VERSION_RC_RELEASE=3 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index de3b0f03d49..f540dc555c0 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the second release candidate of Samba 4.20. This is *not* +This is the third release candidate of Samba 4.20. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -214,6 +214,27 @@ smb.conf changes acl claims evaluation new AD DC only +CHANGES SINCE 4.20.0rc2 +=== + +o Rob van der Linde + * BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6. + +o Stefan Metzmacher + * BUG 15577: Additional witness backports for 4.20.0. + +o Noel Power + * BUG 15579: Error output with wspsearch. + +o Martin Schwenke + * BUG 15580: Packet marshalling push support missing for + CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and + CTDB_CONTROL_TCP_CLIENT_PASSED. + +o Jo Sutton + * BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6. + + CHANGES SINCE 4.20.0rc1 === diff --git a/ctdb/config/events/legacy/47
[SCM] Samba Shared Repository - annotated tag samba-4.20.0rc3 created
The annotated tag, samba-4.20.0rc3 has been created at b9aa026d652349997cb7eedb2aa34edf86ce3170 (tag) tagging 17bab5c077450626e90331d38e4b6b8586a1c80b (commit) replaces samba-4.20.0rc2 tagged by Jule Anger on Mon Feb 26 12:44:49 2024 +0100 - Log - samba: tag release samba-4.20.0rc3 -BEGIN PGP SIGNATURE- iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmXcebEACgkQqplEL7aA tiAxEA//fMA8BYN8paS1sG1eaT6JwPajvPfvBbnAUwJvV/A/vtFOV5CzSeugKuY1 a1FEC+4Bd22ClgJ/WB57Qs6nZQWIOx5G57uu1EjrwZDAeX2aN0rotBGSb0uJU/f7 RUoEzqQ8jWtBE/NhE3F1DHhEEV0p1PLk7EmCY0glQgCPIa4Qd21LG88Drrx/TrrC G8ZApFunYRgErvmXpiv1cJEYfr4HiBig2+s55rwrQZ+xJnPw3BQmuvrlE0KfWE1X aX8NGTYw86nyuGwRepDeFHSV8Lx/VhHBufWnvXqkBbI46OwpgV5bLf3xUu/LWdh2 TXcqul/X0IYck/kO9Zrw+Yn/3BOSmlo65fsIE68EOVqLH+xGBINEC67VWYy5+UaI FnLfVD4JBvJ31L1AoCAc6vmYe1jlQ3aQNnU5w8O7IiiTeGtFVkcJGZPs1zl5uRfl yCpuA3LE81P9A5wJXkZSlNF/0pghFap9kD4EpVSlXOheZ+eyhZ+P5ZXGTUIPe9e0 l9b8yTdA4kMkOdabu7Mds7X0rgB6zdExFImWzZ8SrxpxUBuk5cn/O32y/GFatS3t qjA/OnPxp7XsteK6PqxsvhNBjOObvRNB4Bvaa+fs9klAPiECTH4+XqYgy0AAq5dG i5RaU+0ng2wvuJ4cfQ7o8EKMzwa1B4sTm1QSow4DdvA8zWsMCjQ= =6xip -END PGP SIGNATURE- Jo Sutton (1): python: Remove ‘typing.Final’ Jule Anger (3): VERSION: Bump version up to Samba 4.20.0rc3... WHATSNEW: Add release notes for Samba 4.20.0rc3. VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc3 release. Martin Schwenke (1): ctdb-protocol: Add missing push support for new controls Noel Power (7): s3/rpc_client: change type of offset to uint64_t s3/rpc_client: Remove stray unnecessary comment s3/utils: use full 64 bit address for getrows (with 64bit offsets) s3/rpc_client: cleanup unmarshalling of variant types from row columns idl: Add constant for max rows buffer size s3/rpc_client: Ensure max possible row buffer size is not exceeded s3/rpc_client: Fix array offset check Rob van der Linde (1): python: do not make use of typing.Final for python 3.6 Stefan Metzmacher (7): ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script ctdb/events: add 47.samba-dcerpcd.script s3:utils: fix help string for 'net witness force-response' docs-xml: add details for 'net witness' smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-20-test updated
The branch, v4-20-test has been updated via a09d0ba6eb2 VERSION: Bump version up to Samba 4.20.0rc4... via 17bab5c0774 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc3 release. via f3da62a2bba WHATSNEW: Add release notes for Samba 4.20.0rc3. from 253c5585c91 s3/rpc_client: Fix array offset check https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-test - Log - commit a09d0ba6eb2a7303a9186af202bd52c16724a737 Author: Jule Anger Date: Mon Feb 26 12:36:59 2024 +0100 VERSION: Bump version up to Samba 4.20.0rc4... and re-enable GIT_SNAPSHOT. Signed-off-by: Jule Anger commit 17bab5c077450626e90331d38e4b6b8586a1c80b Author: Jule Anger Date: Mon Feb 26 12:36:25 2024 +0100 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc3 release. Signed-off-by: Jule Anger commit f3da62a2bba94b883c24384631077504f5089561 Author: Jule Anger Date: Mon Feb 26 12:35:56 2024 +0100 WHATSNEW: Add release notes for Samba 4.20.0rc3. Signed-off-by: Jule Anger --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 23 ++- 2 files changed, 23 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 486a47b8f52..efb4d171a6f 100644 --- a/VERSION +++ b/VERSION @@ -89,7 +89,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=3 +SAMBA_VERSION_RC_RELEASE=4 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index de3b0f03d49..f540dc555c0 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the second release candidate of Samba 4.20. This is *not* +This is the third release candidate of Samba 4.20. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -214,6 +214,27 @@ smb.conf changes acl claims evaluation new AD DC only +CHANGES SINCE 4.20.0rc2 +=== + +o Rob van der Linde + * BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6. + +o Stefan Metzmacher + * BUG 15577: Additional witness backports for 4.20.0. + +o Noel Power + * BUG 15579: Error output with wspsearch. + +o Martin Schwenke + * BUG 15580: Packet marshalling push support missing for + CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and + CTDB_CONTROL_TCP_CLIENT_PASSED. + +o Jo Sutton + * BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6. + + CHANGES SINCE 4.20.0rc1 === -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-20-test updated
The branch, v4-20-test has been updated via 253c5585c91 s3/rpc_client: Fix array offset check via 1ab3de6f46e s3/rpc_client: Ensure max possible row buffer size is not exceeded via 3e226dd1cd5 idl: Add constant for max rows buffer size via c1016224041 s3/rpc_client: cleanup unmarshalling of variant types from row columns via 77cbdf342ca s3/utils: use full 64 bit address for getrows (with 64bit offsets) via ec239d16a97 s3/rpc_client: Remove stray unnecessary comment via 3d47cae71d9 s3/rpc_client: change type of offset to uint64_t from 7107b233346 ctdb-protocol: Add missing push support for new controls https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-test - Log - commit 253c5585c91172ebe5cca9ca59ff30a82fbf3fd3 Author: Noel Power Date: Thu Feb 8 14:05:43 2024 + s3/rpc_client: Fix array offset check Previous to this commit we were modifying the offset before the array offset check. This was causing a spurious debug message indicating the offset was out of bounds. An second problem is that upon detecting the error we don't exit the loop. A third problem was that when reading the offset the check didn't cater for the size of the integer address about to be read. This commit moves the offset check to before the first read, additionally when an error is detected now we actually exit the loop and the offset have been corrected to include the size of the integer to be read BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Sat Feb 17 17:58:43 UTC 2024 on atb-devel-224 (cherry picked from commit 885850b6aaabf089f422b1b015481a0ccff4f90e) Autobuild-User(v4-20-test): Jule Anger Autobuild-Date(v4-20-test): Mon Feb 26 10:37:37 UTC 2024 on atb-devel-224 commit 1ab3de6f46e61281348f9275e0ae490b53591845 Author: Noel Power Date: Wed Feb 14 11:19:39 2024 + s3/rpc_client: Ensure max possible row buffer size is not exceeded The max buf size of rows buffer should not exceed 0x4000. Ensuring this value is within limits means we can safely use uint32_t offsets. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke (cherry picked from commit f487211706a74d516bf447ed393222b4c0dce7b0) commit 3e226dd1cd531dd070c866757e5f79492ce2b664 Author: Noel Power Date: Wed Feb 14 12:01:28 2024 + idl: Add constant for max rows buffer size BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579 Signed-off-by: Noel Power Reviewed-by: Volker Lendecke (cherry picked from commit 01e901ef869a1a87fba0e67bce311dbeb199b717) commit c1016224041060419f26a88e457fa8ac71e5bc12 Author: Noel Power Date: Wed Jan 10 14:43:58 2024 + s3/rpc_client: cleanup unmarshalling of variant types from row columns Prior to this change fn 'extract_variant_addresses' actually returns offsets to the variant stored not the addresses, additionally the param in the signature of the method is named offset where the param in reality is a base address. This change makes fn 'extract_variant_addresses' actually return addresses instead of offsets and also changes the name of the incoming param. The resulting changes are propaged to callers which hopefully makes what the code is actually doing a little clearer Signed-off-by: Noel Power Reviewed-by: Andrew Bartlett Autobuild-User(master): Noel Power Autobuild-Date(master): Tue Jan 30 17:22:37 UTC 2024 on atb-devel-224 (cherry picked from commit 9b2f2302ee4828ae54f5903a3bf649ffd255fb4a) commit 77cbdf342ca05a8f21c316e58395576e954d857b Author: Noel Power Date: Mon Jan 8 15:56:38 2024 + s3/utils: use full 64 bit address for getrows (with 64bit offsets) if 64bit offsets are used the hi 32-bits of address are stored in the ulreserved2 member of the message header field and the low 32-bits are stored in the ulclientbase member of the cpmgetrows message Signed-off-by: Noel Power Reviewed-by: Andrew Bartlett (cherry picked from commit 6ecb614b8ec6953ba15e8061fce9b395615b035a) commit ec239d16a970daae26acadb0c4a732e349e3435d Author: Noel Power Date: Wed Jan 10 10:59:23 2024 + s3/rpc_client: Remove stray unnecessary comment Signed-off-by: Noel Power Reviewed-by: Andrew Bartlett (cherry picked from commit efa60ff3105ac806d2a5d82dd0615ddb7578) commit 3d47cae71d953e05e793ca5dd392fa6e260e23e0 Author: Noel Power Date: Mon Jan 8 15:12:35 2024 + s3/rpc_client: change type of offset to uint64_t Offset can be a 32 or 64 bit address depending on the indexing
[SCM] Samba Shared Repository - branch v4-19-test updated
The branch, v4-19-test has been updated via eebe6d8c890 ctdb-protocol: Add missing push support for new controls from 19e7ea8ffa8 VERSION: Bump version up to Samba 4.19.6... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-19-test - Log - commit eebe6d8c890bb6a6cc35657e38ddde0319c1f4a6 Author: Martin Schwenke Date: Fri Feb 9 17:29:46 2024 +1100 ctdb-protocol: Add missing push support for new controls CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and CTDB_CONTROL_TCP_CLIENT_PASSED were added in commits c6602b686b4e50d93272667ef86d3904181fb1ab and 037e8e449deb136ad5ed5e4de05439411b545b6d. They were missing test support for the packet push/pull. While adding the testing (for completeness, before adding another new control) I noticed that the push functionality was absent. This adds that, along with the test support. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15580 Signed-off-by: Martin Schwenke Reviewed-by: Volker Lendecke Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Mon Feb 19 10:21:48 UTC 2024 on atb-devel-224 (cherry picked from commit dd9b11acbc4fbde1941719968aeb463b853b0ffb) Autobuild-User(v4-19-test): Jule Anger Autobuild-Date(v4-19-test): Mon Feb 26 09:59:42 UTC 2024 on atb-devel-224 --- Summary of changes: ctdb/protocol/protocol_control.c | 8 ctdb/tests/src/protocol_common_ctdb.c | 33 + ctdb/tests/src/protocol_ctdb_test.c | 2 +- 3 files changed, 42 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/ctdb/protocol/protocol_control.c b/ctdb/protocol/protocol_control.c index 83ed6cb4ee1..e4491159937 100644 --- a/ctdb/protocol/protocol_control.c +++ b/ctdb/protocol/protocol_control.c @@ -693,6 +693,14 @@ static void ctdb_req_control_data_push(struct ctdb_req_control_data *cd, case CTDB_CONTROL_ECHO_DATA: ctdb_echo_data_push(cd->data.echo_data, buf, &np); break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + ctdb_connection_push(cd->data.conn, buf, &np); + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + ctdb_connection_push(cd->data.conn, buf, &np); + break; } *npush = np; diff --git a/ctdb/tests/src/protocol_common_ctdb.c b/ctdb/tests/src/protocol_common_ctdb.c index 384076824a4..8a8e114f67a 100644 --- a/ctdb/tests/src/protocol_common_ctdb.c +++ b/ctdb/tests/src/protocol_common_ctdb.c @@ -593,6 +593,19 @@ void fill_ctdb_req_control_data(TALLOC_CTX *mem_ctx, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + cd->data.conn = talloc(mem_ctx, struct ctdb_connection); + assert(cd->data.conn != NULL); + fill_ctdb_connection(mem_ctx, cd->data.conn); + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + cd->data.conn = talloc(mem_ctx, struct ctdb_connection); + assert(cd->data.conn != NULL); + fill_ctdb_connection(mem_ctx, cd->data.conn); + break; + } } @@ -982,6 +995,14 @@ void verify_ctdb_req_control_data(struct ctdb_req_control_data *cd, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + verify_ctdb_connection(cd->data.conn, cd2->data.conn); + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + verify_ctdb_connection(cd->data.conn, cd2->data.conn); + break; } } @@ -1378,6 +1399,12 @@ void fill_ctdb_reply_control_data(TALLOC_CTX *mem_ctx, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + break; } } @@ -1715,6 +1742,12 @@ void verify_ctdb_reply_control_data(struct ctdb_reply_control_data *cd, case CTDB_CONTROL_ENABLE_NODE: break; + + case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED: + break; + + case CTDB_CONTROL_TCP_CLIENT_PASSED: + break; } } diff --git a/ctdb/tests/src/protocol_ctdb_test.c b/ctdb/tests/src/protocol_ctdb_test.c index f6fb5134a00..840d465ae30 100644 --- a/ctdb/tests/src/protocol_ctdb_test.c +++ b/ctdb/tests/src/protocol_ctdb_test.c @@ -277,7 +277,7 @@ PROTOCOL_CTDB4_TEST(struct ctdb_req_dmaster, ctdb_req_dmaster, PROTOCOL_CTDB4_TEST(struct ctdb_reply_dmaster, ctdb_reply_dmaster, CTDB_REPLY_DMASTER); -#define NUM_CONTROLS 159 +#define NUM_CONTROLS 161 PROTOCOL_CTDB2_TEST(struct ctdb_req_control_data, ctdb_req_control_da
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e4c3c61302b python:gp: Implement client site lookup in site_dn_for_machine() via e7584258697 librpc:idl: Make netlogon_samlogon_response public from bdd739c1adb s3: winbindd: assign rangenum member after NULL check https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e4c3c61302b12419f041867b58350f11dc800318 Author: Andreas Schneider Date: Wed Feb 21 09:10:47 2024 +0100 python:gp: Implement client site lookup in site_dn_for_machine() This is [MS-GPOL] 3.2.5.1.4 Site Search. The netr_DsRGetSiteName() needs to run over local rpc, however we do not have the call implemented in our rpc_server. What netr_DsRGetSiteName() actually does is an ldap query to get the sitename, we can just do the same. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15588 Signed-off-by: Andreas Schneider Reviewed-by: Andrew Bartlett Autobuild-User(master): Andreas Schneider Autobuild-Date(master): Mon Feb 26 08:06:08 UTC 2024 on atb-devel-224 commit e758425869729a43136ae51e6baecb2061d1525b Author: Andreas Schneider Date: Wed Feb 21 08:56:06 2024 +0100 librpc:idl: Make netlogon_samlogon_response public This is required that we can use it with ndrdump or in python to decode a NETLOGON_SAM_LOGON_RESPONSE_EX ldap response. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15588 Signed-off-by: Andreas Schneider Pair-Programmed-With: Guenther Deschner Reviewed-by: Andrew Bartlett --- Summary of changes: librpc/idl/nbt.idl | 2 +- librpc/ndr/ndr_nbt.c | 2 +- librpc/ndr/ndr_nbt.h | 2 +- python/samba/gp/gpclass.py | 68 ++ 4 files changed, 48 insertions(+), 26 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/nbt.idl b/librpc/idl/nbt.idl index 11814e7970e..46be2eae7e2 100644 --- a/librpc/idl/nbt.idl +++ b/librpc/idl/nbt.idl @@ -490,7 +490,7 @@ interface nbt [case(NETLOGON_NT_VERSION_5EX)] NETLOGON_SAM_LOGON_RESPONSE_EX nt5_ex; } netlogon_samlogon_response_union; - typedef [nopush,nopull] struct { + typedef [nopush,nopull,noprint,public] struct { uint32 ntver; [switch_is(ntver)] netlogon_samlogon_response_union data; } netlogon_samlogon_response; diff --git a/librpc/ndr/ndr_nbt.c b/librpc/ndr/ndr_nbt.c index eb186810785..6f54198ffbc 100644 --- a/librpc/ndr/ndr_nbt.c +++ b/librpc/ndr/ndr_nbt.c @@ -392,7 +392,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netlogon_samlogon_response(struct ndr_pull * return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_netlogon_samlogon_response(struct ndr_print *ndr, const char *name, struct netlogon_samlogon_response *r) +_PUBLIC_ void ndr_print_netlogon_samlogon_response(struct ndr_print *ndr, const char *name, const struct netlogon_samlogon_response *r) { ndr_print_struct(ndr, name, "netlogon_samlogon_response"); if (r == NULL) { ndr_print_null(ndr); return; } diff --git a/librpc/ndr/ndr_nbt.h b/librpc/ndr/ndr_nbt.h index c38422fff6b..00ee8a17364 100644 --- a/librpc/ndr/ndr_nbt.h +++ b/librpc/ndr/ndr_nbt.h @@ -37,6 +37,6 @@ enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX_with_flags(struct ndr_ uint32_t nt_version_flags); enum ndr_err_code ndr_push_netlogon_samlogon_response(struct ndr_push *ndr, ndr_flags_type ndr_flags, const struct netlogon_samlogon_response *r); enum ndr_err_code ndr_pull_netlogon_samlogon_response(struct ndr_pull *ndr, ndr_flags_type ndr_flags, struct netlogon_samlogon_response *r); -void ndr_print_netlogon_samlogon_response(struct ndr_print *ndr, const char *name, struct netlogon_samlogon_response *r); +void ndr_print_netlogon_samlogon_response(struct ndr_print *ndr, const char *name, const struct netlogon_samlogon_response *r); #endif /* _LIBRPC_NDR_NDR_NBT_H */ diff --git a/python/samba/gp/gpclass.py b/python/samba/gp/gpclass.py index 26c2386847e..08be472e707 100644 --- a/python/samba/gp/gpclass.py +++ b/python/samba/gp/gpclass.py @@ -49,7 +49,7 @@ from samba.dsdb import UF_WORKSTATION_TRUST_ACCOUNT, UF_SERVER_TRUST_ACCOUNT, GP from samba.auth import AUTH_SESSION_INFO_DEFAULT_GROUPS, AUTH_SESSION_INFO_AUTHENTICATED, AUTH_SESSION_INFO_SIMPLE_PRIVILEGES from samba.dcerpc import security import samba.security -from samba.dcerpc import netlogon +from samba.dcerpc import nbt from datetime import datetime @@ -611,12 +611,6 @@ def get_dc_hostname(creds, lp): nbt.NBT_SERVER_DS)) return cldap_ret.pdc_dns_name -def get_dc_netbios_hostname(creds, lp): -net = Net(creds=creds, lp=lp) -cldap_ret