[SCM] Samba Shared Repository - branch master updated - 9a3be6f0f8e120797a02fa1be60b51812cfd86f5
The branch, master has been updated
via 9a3be6f0f8e120797a02fa1be60b51812cfd86f5 (commit)
via 738271fc2026b2911b7d20a73496989641714df3 (commit)
via 9da3101e449649f0614240f13157ac81e17b2e90 (commit)
via 4a322398c5ffaf238eba1e7bfbe47e2d093c7c4d (commit)
via 599707c87a739811ba426e44b11189e1ddba078e (commit)
from 6a627b440e8b3f42db2a8a27047dd3482bad0d28 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9a3be6f0f8e120797a02fa1be60b51812cfd86f5
Author: Volker Lendecke [EMAIL PROTECTED]
Date: Sat Nov 8 16:48:20 2008 +0100
Move cli_trans_oob to lib/util.c
Rename it to trans_oob, it will be used in the server routines.
commit 738271fc2026b2911b7d20a73496989641714df3
Author: Volker Lendecke [EMAIL PROTECTED]
Date: Sat Nov 8 16:14:12 2008 +0100
Remove the variable size from reply_nttrans
This converts the range checks for the setup[] array to rely on req-wct
being
set correctly in init_smb_request. As that already verifies the vwv array
to be
in the range of the smb_request inbuf, we don't have to do overflow checks
here
anymore.
Jeremy, please check thoroughly! :-)
Thanks,
Volker
commit 9da3101e449649f0614240f13157ac81e17b2e90
Author: Volker Lendecke [EMAIL PROTECTED]
Date: Sat Nov 8 16:14:12 2008 +0100
Remove the variable size from reply_trans
This converts the range checks for the setup[] array to rely on req-wct
being
set correctly in init_smb_request. As that already verifies the vwv array
to be
in the range of the smb_request inbuf, we don't have to do overflow checks
here
anymore.
Jeremy, please check thoroughly! :-)
Thanks,
Volker
commit 4a322398c5ffaf238eba1e7bfbe47e2d093c7c4d
Author: Volker Lendecke [EMAIL PROTECTED]
Date: Sat Nov 8 16:03:07 2008 +0100
Remove an unused variable
commit 599707c87a739811ba426e44b11189e1ddba078e
Author: Volker Lendecke [EMAIL PROTECTED]
Date: Sat Nov 8 15:44:20 2008 +0100
Remove two direct inbuf references from reply_sesssetup_and_X_spnego()
---
Summary of changes:
source3/include/proto.h |1 +
source3/lib/util.c| 19 +++
source3/libsmb/clitrans.c | 21 -
source3/smbd/ipc.c| 28
source3/smbd/nttrans.c| 23 +--
source3/smbd/sesssetup.c |4 ++--
source3/smbd/trans2.c |2 --
7 files changed, 55 insertions(+), 43 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 73be87b..71f12a6 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1251,6 +1251,7 @@ char *procid_str_static(const struct server_id *pid);
bool procid_valid(const struct server_id *pid);
bool procid_is_local(const struct server_id *pid);
int this_is_smp(void);
+bool trans_oob(uint32_t bufsize, uint32_t offset, uint32_t length);
bool is_offset_safe(const char *buf_base, size_t buf_len, char *ptr, size_t
off);
char *get_safe_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t
off);
char *get_safe_str_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t
off);
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 5007fb7..074b523 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -2879,6 +2879,25 @@ int this_is_smp(void)
}
/
+ Check if offset/length fit into bufsize. Should probably be
+ merged with is_offset_safe, but this would require a rewrite
+ of lanman.c. Later :-)
+/
+
+bool trans_oob(uint32_t bufsize, uint32_t offset, uint32_t length)
+{
+ if ((offset + length offset) || (offset + length length)) {
+ /* wrap */
+ return true;
+ }
+ if ((offset bufsize) || (offset + length bufsize)) {
+ /* overflow */
+ return true;
+ }
+ return false;
+}
+
+/
Check if an offset into a buffer is safe.
If this returns True it's safe to indirect into the byte at
pointer ptr+off.
diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c
index c929f0b..bbdfb75 100644
--- a/source3/libsmb/clitrans.c
+++ b/source3/libsmb/clitrans.c
@@ -978,19 +978,6 @@ static void cli_trans_ship_rest(struct async_req *req,
}
}
-static bool cli_trans_oob(uint32_t bufsize, uint32_t offset, uint32_t length)
-{
- if ((offset + length offset) || (offset + length length)) {
- /* wrap */
- return true;
- }
- if ((offset bufsize) || (offset + length bufsize)) {
- /* overflow */
-
[SCM] Samba Shared Repository - branch master updated - 2719216d60088eb3f10a2e3e968f15e8089b5491
The branch, master has been updated
via 2719216d60088eb3f10a2e3e968f15e8089b5491 (commit)
from 9a3be6f0f8e120797a02fa1be60b51812cfd86f5 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2719216d60088eb3f10a2e3e968f15e8089b5491
Author: Volker Lendecke [EMAIL PROTECTED]
Date: Sat Nov 8 17:08:57 2008 +0100
Consolidate the buffer checks for the reply_trans style functions
This is the one where I found the problem that led to 3.2.5. So if there is
one
checkin in the last year that I would like others to review and
*understand*,
it is this one :-)
Volker
---
Summary of changes:
source3/smbd/ipc.c | 73 +++---
source3/smbd/nttrans.c | 75 +++
source3/smbd/trans2.c | 75 +++
3 files changed, 54 insertions(+), 169 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index bf9b1d8..649ead4 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -503,7 +503,6 @@ void reply_trans(struct smb_request *req)
unsigned int pscnt;
struct trans_state *state;
NTSTATUS result;
- unsigned int av_size;
START_PROFILE(SMBtrans);
@@ -513,7 +512,6 @@ void reply_trans(struct smb_request *req)
return;
}
- av_size = smb_len(req-inbuf);
dsoff = SVAL(req-vwv+12, 0);
dscnt = SVAL(req-vwv+11, 0);
psoff = SVAL(req-vwv+10, 0);
@@ -559,6 +557,12 @@ void reply_trans(struct smb_request *req)
goto bad_param;
if (state-total_data) {
+
+ if (trans_oob(state-total_data, 0, dscnt)
+ || trans_oob(smb_len(req-inbuf), dsoff, dscnt)) {
+ goto bad_param;
+ }
+
/* Can't use talloc here, the core routines do realloc on the
* params and data. Out of paranoia, 100 bytes too many. */
state-data = (char *)SMB_MALLOC(state-total_data+100);
@@ -573,21 +577,16 @@ void reply_trans(struct smb_request *req)
/* null-terminate the slack space */
memset(state-data[state-total_data], 0, 100);
- if (dscnt state-total_data ||
- dsoff+dscnt dsoff) {
- goto bad_param;
- }
-
- if (dsoff av_size ||
- dscnt av_size ||
- dsoff+dscnt av_size) {
- goto bad_param;
- }
-
memcpy(state-data,smb_base(req-inbuf)+dsoff,dscnt);
}
if (state-total_param) {
+
+ if (trans_oob(state-total_param, 0, pscnt)
+ || trans_oob(smb_len(req-inbuf), psoff, pscnt)) {
+ goto bad_param;
+ }
+
/* Can't use talloc here, the core routines do realloc on the
* params and data. Out of paranoia, 100 bytes too many */
state-param = (char *)SMB_MALLOC(state-total_param+100);
@@ -603,17 +602,6 @@ void reply_trans(struct smb_request *req)
/* null-terminate the slack space */
memset(state-param[state-total_param], 0, 100);
- if (pscnt state-total_param ||
- psoff+pscnt psoff) {
- goto bad_param;
- }
-
- if (psoff av_size ||
- pscnt av_size ||
- psoff+pscnt av_size) {
- goto bad_param;
- }
-
memcpy(state-param,smb_base(req-inbuf)+psoff,pscnt);
}
@@ -696,7 +684,6 @@ void reply_transs(struct smb_request *req)
connection_struct *conn = req-conn;
unsigned int pcnt,poff,dcnt,doff,pdisp,ddisp;
struct trans_state *state;
- unsigned int av_size;
START_PROFILE(SMBtranss);
@@ -729,8 +716,6 @@ void reply_transs(struct smb_request *req)
if (SVAL(req-vwv+1, 0) state-total_data)
state-total_data = SVAL(req-vwv+1, 0);
- av_size = smb_len(req-inbuf);
-
pcnt = SVAL(req-vwv+2, 0);
poff = SVAL(req-vwv+3, 0);
pdisp = SVAL(req-vwv+4, 0);
@@ -747,41 +732,19 @@ void reply_transs(struct smb_request *req)
goto bad_param;
if (pcnt) {
- if (pdisp state-total_param ||
- pcnt state-total_param ||
- pdisp+pcnt state-total_param ||
- pdisp+pcnt pdisp) {
- goto bad_param;
- }
-
- if (poff av_size ||
-
svn commit: samba-web r1250 - in trunk: .
Author: kseeger Date: 2008-11-28 09:21:26 + (Fri, 28 Nov 2008) New Revision: 1250 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1250 Log: Fix links after moving the rc from pre/ to rc/ Karolin Modified: trunk/index.html Changeset: Modified: trunk/index.html === --- trunk/index.html2008-11-27 16:22:05 UTC (rev 1249) +++ trunk/index.html2008-11-28 09:21:26 UTC (rev 1250) @@ -27,18 +27,18 @@ a href=https://bugzilla.samba.org/;report any bugs that you find/a. The final 3.3.0 release is planned for December 15. Please read the changes in the -a href=/samba/ftp/pre/WHATSNEW-3-3-0rc1.txtRelease Notes/a +a href=/samba/ftp/rc/WHATSNEW-3-3-0rc1.txtRelease Notes/a for details on new features and difference in behavior from previous releases./p -pThe a href=/samba/ftp/pre/samba-3.3.0rc1.tar.gzSamba 3.3.0rc1 +pThe a href=/samba/ftp/rc/samba-3.3.0rc1.tar.gzSamba 3.3.0rc1 source code/a can be downloaded now. The a -href=/samba/ftp/pre/samba-3.3.0rc1.tar.ascGnuPG +href=/samba/ftp/rc/samba-3.3.0rc1.tar.ascGnuPG signature is for the for the emun/emcompressed tarball/a. If you prefer, the a -href=/samba/ftp/pre/patch-3.3.0pre2-3.3.0rc1.diffs.gzpatch +href=/samba/ftp/rc/patch-3.3.0pre2-3.3.0rc1.diffs.gzpatch file against Samba 3.3.0pre2/a -(a href=/samba/ftp/pre/patch-3.3.0pre2-3.3.0rc1.diffs.ascGnuPG +(a href=/samba/ftp/rc/patch-3.3.0pre2-3.3.0rc1.diffs.ascGnuPG signature/a) is also available for download. Please read these a href=/samba/download/instructions on how to verify the gpg signature/a. Precompiled packages will
[SCM] Samba Shared Repository - branch master updated - 2bb90b7a88518844c1fcb8177cefcbc5b8ecda99
The branch, master has been updated
via 2bb90b7a88518844c1fcb8177cefcbc5b8ecda99 (commit)
via a790dcbc4ec2f3b29045ab9919cca5a9ca038e26 (commit)
from 2719216d60088eb3f10a2e3e968f15e8089b5491 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2bb90b7a88518844c1fcb8177cefcbc5b8ecda99
Author: Volker Lendecke [EMAIL PROTECTED]
Date: Sun Nov 9 17:25:40 2008 +0100
Remove conn parameter from np_open, smb_request contains it
commit a790dcbc4ec2f3b29045ab9919cca5a9ca038e26
Author: Volker Lendecke [EMAIL PROTECTED]
Date: Sun Nov 9 12:07:57 2008 +0100
Remove inbuf references from the trans2ioctl code
---
Summary of changes:
source3/include/proto.h |4 ++--
source3/rpc_server/srv_pipe_hnd.c |5 +++--
source3/smbd/nttrans.c|2 +-
source3/smbd/pipes.c |2 +-
source3/smbd/trans2.c |8
5 files changed, 11 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 71f12a6..59df098 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -6996,8 +6996,8 @@ pipes_struct *get_next_internal_pipe(pipes_struct *p);
void init_rpc_pipe_hnd(void);
bool fsp_is_np(struct files_struct *fsp);
-NTSTATUS np_open(struct smb_request *smb_req, struct connection_struct *conn,
-const char *name, struct files_struct **pfsp);
+NTSTATUS np_open(struct smb_request *smb_req, const char *name,
+struct files_struct **pfsp);
NTSTATUS np_write(struct files_struct *fsp, const uint8_t *data, size_t len,
ssize_t *nwritten);
NTSTATUS np_read(struct files_struct *fsp, uint8_t *data, size_t len,
diff --git a/source3/rpc_server/srv_pipe_hnd.c
b/source3/rpc_server/srv_pipe_hnd.c
index 03a0f72..1cff95d 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -1078,9 +1078,10 @@ static struct np_proxy_state
*make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
return NULL;
}
-NTSTATUS np_open(struct smb_request *smb_req, struct connection_struct *conn,
-const char *name, struct files_struct **pfsp)
+NTSTATUS np_open(struct smb_request *smb_req, const char *name,
+struct files_struct **pfsp)
{
+ struct connection_struct *conn = smb_req-conn;
NTSTATUS status;
struct files_struct *fsp;
const char **proxy_list;
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index fe2029e..18dd7d5 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -284,7 +284,7 @@ static void nt_open_pipe(char *fname, connection_struct
*conn,
/* Strip \\ off the name. */
fname++;
- status = np_open(req, conn, fname, fsp);
+ status = np_open(req, fname, fsp);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c
index b52b1b0..261f12c 100644
--- a/source3/smbd/pipes.c
+++ b/source3/smbd/pipes.c
@@ -78,7 +78,7 @@ void reply_open_pipe_and_X(connection_struct *conn, struct
smb_request *req)
}
#endif
- status = np_open(req, conn, fname, fsp);
+ status = np_open(req, fname, fsp);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index cc8c611..4dc2001 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -7269,8 +7269,8 @@ static void call_trans2ioctl(connection_struct *conn,
return;
}
- if ((SVAL(req-inbuf,(smb_setup+4)) == LMCAT_SPL)
-(SVAL(req-inbuf,(smb_setup+6)) == LMFUNC_GETJOBID)) {
+ if ((SVAL(req-vwv+16, 0) == LMCAT_SPL)
+(SVAL(req-vwv+17, 0) == LMFUNC_GETJOBID)) {
*ppdata = (char *)SMB_REALLOC(*ppdata, 32);
if (*ppdata == NULL) {
reply_nterror(req, NT_STATUS_NO_MEMORY);
@@ -7613,8 +7613,8 @@ void reply_trans2(struct smb_request *req)
*/
if ( (state-setup_count == 4)
(tran_call == TRANSACT2_IOCTL)
- (SVAL(req-inbuf,(smb_setup+4)) == LMCAT_SPL)
- (SVAL(req-inbuf,(smb_setup+6)) == LMFUNC_GETJOBID)) {
+ (SVAL(req-vwv+16, 0) == LMCAT_SPL)
+ (SVAL(req-vwv+17, 0) == LMFUNC_GETJOBID)) {
DEBUG(2,(Got Trans2 DevIOctl jobid\n));
} else {
DEBUG(2,(Invalid smb_sucnt in trans2
[SCM] Samba Shared Repository - branch master updated - 296fae7561bf1ec425b884bd7d1f914b7faac36a
The branch, master has been updated
via 296fae7561bf1ec425b884bd7d1f914b7faac36a (commit)
via 4d7485df96b45054aa8f4fcac38b25847f34ca87 (commit)
via 408cd5b09d5079d73f0ea8819a4505a04e40f8ea (commit)
via 1be5be5b83d860372cf6b7aedfd6511b44d092e9 (commit)
from 2bb90b7a88518844c1fcb8177cefcbc5b8ecda99 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 296fae7561bf1ec425b884bd7d1f914b7faac36a
Author: Günther Deschner [EMAIL PROTECTED]
Date: Thu Nov 27 17:45:01 2008 +0100
s4-samr: fix samr passwdord_expired callers.
Guenther
commit 4d7485df96b45054aa8f4fcac38b25847f34ca87
Author: Günther Deschner [EMAIL PROTECTED]
Date: Mon Nov 24 18:49:37 2008 +0100
s3-samr: fix init_samr_user_info{23,24} callers.
Guenther
commit 408cd5b09d5079d73f0ea8819a4505a04e40f8ea
Author: Günther Deschner [EMAIL PROTECTED]
Date: Mon Nov 24 16:32:18 2008 +0100
s3-build: re-run make samba3-idl.
Guenther
commit 1be5be5b83d860372cf6b7aedfd6511b44d092e9
Author: Günther Deschner [EMAIL PROTECTED]
Date: Mon Nov 24 16:31:49 2008 +0100
samr: fix samr_UserInfo24 and samr_UserInfo26.
Guenther
---
Summary of changes:
librpc/idl/samr.idl |4 ++--
source3/include/proto.h |7 +++
source3/libnet/libnet_join.c |3 ++-
source3/librpc/gen_ndr/ndr_samr.c | 12 ++--
source3/librpc/gen_ndr/samr.h |4 ++--
source3/rpc_client/init_samr.c| 13 ++---
source3/utils/net_rpc.c |2 +-
source3/utils/net_rpc_join.c |3 ++-
source4/libnet/libnet_passwd.c|5 ++---
source4/torture/rpc/samba3rpc.c |8 ++--
source4/torture/rpc/samr.c|5 ++---
source4/torture/rpc/testjoin.c|2 +-
12 files changed, 35 insertions(+), 33 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl
index 6ef069a..140782c 100644
--- a/librpc/idl/samr.idl
+++ b/librpc/idl/samr.idl
@@ -971,7 +971,7 @@ import misc.idl, lsa.idl, security.idl;
typedef struct {
samr_CryptPassword password;
- uint8 pw_len;
+ uint8 password_expired;
} samr_UserInfo24;
typedef [flag(NDR_PAHEX)] struct {
@@ -985,7 +985,7 @@ import misc.idl, lsa.idl, security.idl;
typedef struct {
samr_CryptPasswordEx password;
- uint8 pw_len;
+ uint8 password_expired;
} samr_UserInfo26;
typedef [switch_type(uint16)] union {
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 59df098..0087b5b 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -5733,11 +5733,10 @@ void init_samr_user_info23(struct samr_UserInfo23 *r,
uint8_t nt_password_set,
uint8_t lm_password_set,
uint8_t password_expired,
- uint8_t data[516],
- uint8_t pw_len);
+ struct samr_CryptPassword *pwd_buf);
void init_samr_user_info24(struct samr_UserInfo24 *r,
- uint8_t data[516],
- uint8_t pw_len);
+ struct samr_CryptPassword *pwd_buf,
+ uint8_t password_expired);
void init_samr_CryptPasswordEx(const char *pwd,
DATA_BLOB *session_key,
struct samr_CryptPasswordEx *pwd_buf);
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index bd127f8..498c7af 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -941,7 +941,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX
*mem_ctx,
cli-user_session_key,
crypt_pwd);
- init_samr_user_info24(user_info.info24, crypt_pwd.data, 24);
+ init_samr_user_info24(user_info.info24, crypt_pwd,
+ PASS_DONT_CHANGE_AT_NEXT_LOGON);
status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
user_pol,
diff --git a/source3/librpc/gen_ndr/ndr_samr.c
b/source3/librpc/gen_ndr/ndr_samr.c
index 52b8c72..40082e7 100644
--- a/source3/librpc/gen_ndr/ndr_samr.c
+++ b/source3/librpc/gen_ndr/ndr_samr.c
@@ -3014,7 +3014,7 @@ static enum ndr_err_code ndr_push_samr_UserInfo24(struct
ndr_push *ndr, int ndr_
if (ndr_flags NDR_SCALARS) {
NDR_CHECK(ndr_push_align(ndr, 1));
NDR_CHECK(ndr_push_samr_CryptPassword(ndr, NDR_SCALARS,
r-password));
- NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r-pw_len));
+
[SCM] Samba Shared Repository - branch master updated - bd95b6b4160760b33bedb14b247fa302507962a4
The branch, master has been updated
via bd95b6b4160760b33bedb14b247fa302507962a4 (commit)
via 206375c8cf802582eec94bc9fb5f71f9b89650f1 (commit)
from 296fae7561bf1ec425b884bd7d1f914b7faac36a (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bd95b6b4160760b33bedb14b247fa302507962a4
Author: Günther Deschner [EMAIL PROTECTED]
Date: Fri Nov 28 12:04:09 2008 +0100
s4-smbtorture: add test_SetUserPass_level_ex.
Guenther
commit 206375c8cf802582eec94bc9fb5f71f9b89650f1
Author: Günther Deschner [EMAIL PROTECTED]
Date: Fri Nov 28 01:56:09 2008 +0100
s4-smbtorture: add samr_rand_pass_silent.
Guenther
---
Summary of changes:
source4/torture/rpc/samr.c | 140 +++-
1 files changed, 139 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 6115c0c..02124e6 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -508,12 +508,19 @@ static bool test_SetUserInfo(struct dcerpc_pipe *p,
struct torture_context *tctx
/*
generate a random password for password change tests
*/
-static char *samr_rand_pass(TALLOC_CTX *mem_ctx, int min_len)
+static char *samr_rand_pass_silent(TALLOC_CTX *mem_ctx, int min_len)
{
size_t len = MAX(8, min_len) + (random() % 6);
char *s = generate_random_str(mem_ctx, len);
+ return s;
+}
+
+static char *samr_rand_pass(TALLOC_CTX *mem_ctx, int min_len)
+{
+ char *s = samr_rand_pass_silent(mem_ctx, min_len);
printf(Generated password '%s'\n, s);
return s;
+
}
/*
@@ -839,6 +846,137 @@ static bool test_SetUserPass_25(struct dcerpc_pipe *p,
struct torture_context *t
return ret;
}
+static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
+ struct torture_context *tctx,
+ struct policy_handle *handle,
+ uint16_t level,
+ uint32_t fields_present,
+ char **password, uint8_t password_expired,
+ bool use_setinfo2, NTSTATUS
expected_error)
+{
+ NTSTATUS status;
+ struct samr_SetUserInfo s;
+ struct samr_SetUserInfo2 s2;
+ union samr_UserInfo u;
+ bool ret = true;
+ DATA_BLOB session_key;
+ DATA_BLOB confounded_session_key = data_blob_talloc(tctx, NULL, 16);
+ struct MD5Context ctx;
+ uint8_t confounder[16];
+ char *newpass;
+ struct samr_GetUserPwInfo pwp;
+ struct samr_PwInfo info;
+ int policy_min_pw_len = 0;
+ pwp.in.user_handle = handle;
+ pwp.out.info = info;
+
+ status = dcerpc_samr_GetUserPwInfo(p, tctx, pwp);
+ if (NT_STATUS_IS_OK(status)) {
+ policy_min_pw_len = pwp.out.info-min_password_length;
+ }
+ newpass = samr_rand_pass_silent(tctx, policy_min_pw_len);
+
+ if (use_setinfo2) {
+ s2.in.user_handle = handle;
+ s2.in.info = u;
+ s2.in.level = level;
+ } else {
+ s.in.user_handle = handle;
+ s.in.info = u;
+ s.in.level = level;
+ }
+
+ ZERO_STRUCT(u);
+
+ switch (level) {
+ case 21:
+ u.info21.fields_present = fields_present;
+ u.info21.password_expired = password_expired;
+
+ break;
+ case 23:
+ u.info23.info.fields_present = fields_present;
+ u.info23.info.password_expired = password_expired;
+
+ encode_pw_buffer(u.info23.password.data, newpass, STR_UNICODE);
+
+ break;
+ case 24:
+ u.info24.password_expired = password_expired;
+
+ encode_pw_buffer(u.info24.password.data, newpass, STR_UNICODE);
+
+ break;
+ case 25:
+ u.info25.info.fields_present = fields_present;
+ u.info25.info.password_expired = password_expired;
+
+ encode_pw_buffer(u.info25.password.data, newpass, STR_UNICODE);
+
+ break;
+ case 26:
+ u.info26.password_expired = password_expired;
+
+ encode_pw_buffer(u.info26.password.data, newpass, STR_UNICODE);
+
+ break;
+ }
+
+ status = dcerpc_fetch_session_key(p, session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf(SetUserInfo level %u - no session key - %s\n,
+ s.in.level, nt_errstr(status));
+ return false;
+ }
+
+ generate_random_buffer((uint8_t *)confounder, 16);
+
+ MD5Init(ctx);
+ MD5Update(ctx, confounder, 16);
+ MD5Update(ctx,
[SCM] Samba Shared Repository - branch master updated - 580c2b3283cfa0f55a5c7e4632a2a101a036b364
The branch, master has been updated
via 580c2b3283cfa0f55a5c7e4632a2a101a036b364 (commit)
via 4b687944f382185fafccc41f3ec4737a72e55448 (commit)
via 465466e1afa70e0fa1076963ae67a96e9e5b4cbb (commit)
via 89ad20789cd3e3418cd22dd7b40f72fecf9f4c8d (commit)
from bd95b6b4160760b33bedb14b247fa302507962a4 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 580c2b3283cfa0f55a5c7e4632a2a101a036b364
Author: Günther Deschner [EMAIL PROTECTED]
Date: Thu Nov 27 17:25:13 2008 +0100
selftest: s4 does not have a pwdlastset implementation yet.
Guenther
commit 4b687944f382185fafccc41f3ec4737a72e55448
Author: Günther Deschner [EMAIL PROTECTED]
Date: Fri Nov 28 12:10:56 2008 +0100
s4-smbtorture: allow to disable full testing of all possible opcode
combinations.
Guenther
commit 465466e1afa70e0fa1076963ae67a96e9e5b4cbb
Author: Günther Deschner [EMAIL PROTECTED]
Date: Thu Nov 27 12:09:39 2008 +0100
s4-smbtorture: move test to SAMR-PASSWORDS-PWDLASTSET.
Guenther
commit 89ad20789cd3e3418cd22dd7b40f72fecf9f4c8d
Author: Günther Deschner [EMAIL PROTECTED]
Date: Tue Nov 25 02:46:25 2008 +0100
s4-smbtorture: add test for samr password_expired flag while setting
passwords.
Guenther
---
Summary of changes:
source4/selftest/skip |1 +
source4/torture/rpc/rpc.c |1 +
source4/torture/rpc/samr.c | 455 +++-
3 files changed, 456 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/selftest/skip b/source4/selftest/skip
index a3dfdbf..f1500ff 100644
--- a/source4/selftest/skip
+++ b/source4/selftest/skip
@@ -23,6 +23,7 @@ base.scan.maxfid
raw.hold.oplock# Not a test, but a way to block other clients
for a test
raw.ping.pong # Needs second server to test
rpc.samr_accessmask
+samba4.rpc.samr.passwords.pwdlastset # Not provided by Samba 4 yet
raw.scan.eamax
samba4.ntvfs.cifs.raw.qfileinfo.ipc
smb2.notify
diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c
index 7fe5827..7f6b06d 100644
--- a/source4/torture/rpc/rpc.c
+++ b/source4/torture/rpc/rpc.c
@@ -395,6 +395,7 @@ NTSTATUS torture_rpc_init(void)
torture_suite_add_simple_test(suite, SAMR, torture_rpc_samr);
torture_suite_add_simple_test(suite, SAMR-USERS,
torture_rpc_samr_users);
torture_suite_add_simple_test(suite, SAMR-PASSWORDS,
torture_rpc_samr_passwords);
+ torture_suite_add_simple_test(suite, SAMR-PASSWORDS-PWDLASTSET,
torture_rpc_samr_passwords_pwdlastset);
torture_suite_add_suite(suite, torture_rpc_netlogon(suite));
torture_suite_add_suite(suite, torture_rpc_remote_pac(suite));
torture_suite_add_simple_test(suite, SAMLOGON, torture_rpc_samlogon);
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 02124e6..86a959d 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -29,6 +29,8 @@
#include libcli/security/security.h
#include torture/rpc/rpc.h
+#include unistd.h
+
#define TEST_ACCOUNT_NAME samrtorturetest
#define TEST_ALIASNAME samrtorturetestalias
#define TEST_GROUPNAME samrtorturetestgroup
@@ -37,6 +39,7 @@
enum torture_samr_choice {
TORTURE_SAMR_PASSWORDS,
+ TORTURE_SAMR_PASSWORDS_PWDLASTSET,
TORTURE_SAMR_USER_ATTRIBUTES,
TORTURE_SAMR_OTHER
};
@@ -2270,6 +2273,416 @@ static bool test_TestPrivateFunctionsUser(struct
dcerpc_pipe *p, struct torture_
return true;
}
+static bool test_QueryUserInfo_pwdlastset(struct dcerpc_pipe *p,
+ struct torture_context *tctx,
+ struct policy_handle *handle,
+ bool use_info2,
+ NTTIME *pwdlastset)
+{
+ NTSTATUS status;
+ uint16_t levels[] = { /* 3, */ 5, 21 };
+ int i;
+ NTTIME pwdlastset3 = 0;
+ NTTIME pwdlastset5 = 0;
+ NTTIME pwdlastset21 = 0;
+
+ torture_comment(tctx, Testing QueryUserInfo%s level 5 and 21 call ,
+ use_info2 ? 2:);
+
+ for (i=0; iARRAY_SIZE(levels); i++) {
+
+ struct samr_QueryUserInfo r;
+ struct samr_QueryUserInfo2 r2;
+ union samr_UserInfo *info;
+
+ if (use_info2) {
+ r2.in.user_handle = handle;
+ r2.in.level = levels[i];
+ r2.out.info = info;
+ status = dcerpc_samr_QueryUserInfo2(p, tctx, r2);
+
+ } else {
+ r.in.user_handle = handle;
+ r.in.level = levels[i];
+ r.out.info = info;
+ status =
[SCM] Samba Shared Repository - branch master updated - 143097d71c15c1624446b56205639e0b863d35fe
The branch, master has been updated via 143097d71c15c1624446b56205639e0b863d35fe (commit) from 580c2b3283cfa0f55a5c7e4632a2a101a036b364 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 143097d71c15c1624446b56205639e0b863d35fe Author: Günther Deschner [EMAIL PROTECTED] Date: Fri Nov 28 11:15:29 2008 +0100 s3-samr: add init_samr_user_info25 and init_samr_user_info26. Guenther --- Summary of changes: source3/include/proto.h| 33 +++ source3/rpc_client/init_samr.c | 85 2 files changed, 118 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 0087b5b..2dd9b61 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -5737,6 +5737,39 @@ void init_samr_user_info23(struct samr_UserInfo23 *r, void init_samr_user_info24(struct samr_UserInfo24 *r, struct samr_CryptPassword *pwd_buf, uint8_t password_expired); +void init_samr_user_info25(struct samr_UserInfo25 *r, + NTTIME last_logon, + NTTIME last_logoff, + NTTIME last_password_change, + NTTIME acct_expiry, + NTTIME allow_password_change, + NTTIME force_password_change, + const char *account_name, + const char *full_name, + const char *home_directory, + const char *home_drive, + const char *logon_script, + const char *profile_path, + const char *description, + const char *workstations, + const char *comment, + struct lsa_BinaryString *parameters, + uint32_t rid, + uint32_t primary_gid, + uint32_t acct_flags, + uint32_t fields_present, + struct samr_LogonHours logon_hours, + uint16_t bad_password_count, + uint16_t logon_count, + uint16_t country_code, + uint16_t code_page, + uint8_t nt_password_set, + uint8_t lm_password_set, + uint8_t password_expired, + struct samr_CryptPasswordEx *pwd_buf); +void init_samr_user_info26(struct samr_UserInfo26 *r, + struct samr_CryptPasswordEx *pwd_buf, + uint8_t password_expired); void init_samr_CryptPasswordEx(const char *pwd, DATA_BLOB *session_key, struct samr_CryptPasswordEx *pwd_buf); diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c index 19dd0b3..473fae7 100644 --- a/source3/rpc_client/init_samr.c +++ b/source3/rpc_client/init_samr.c @@ -508,6 +508,91 @@ void init_samr_user_info24(struct samr_UserInfo24 *r, } /* + init_samr_user_info25 + */ + +void init_samr_user_info25(struct samr_UserInfo25 *r, + NTTIME last_logon, + NTTIME last_logoff, + NTTIME last_password_change, + NTTIME acct_expiry, + NTTIME allow_password_change, + NTTIME force_password_change, + const char *account_name, + const char *full_name, + const char *home_directory, + const char *home_drive, + const char *logon_script, + const char *profile_path, + const char *description, + const char *workstations, + const char *comment, + struct lsa_BinaryString *parameters, + uint32_t rid, + uint32_t primary_gid, + uint32_t acct_flags, + uint32_t fields_present, + struct samr_LogonHours logon_hours, + uint16_t bad_password_count, + uint16_t logon_count, + uint16_t country_code, + uint16_t code_page, + uint8_t nt_password_set, +
svn commit: samba-web r1251 - in trunk: .
Author: kseeger Date: 2008-11-28 11:46:51 + (Fri, 28 Nov 2008) New Revision: 1251 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=1251 Log: Add missing headline Karolin Modified: trunk/index.html Changeset: Modified: trunk/index.html === --- trunk/index.html2008-11-28 09:21:26 UTC (rev 1250) +++ trunk/index.html2008-11-28 11:46:51 UTC (rev 1251) @@ -19,6 +19,7 @@ h2Current Release/h2 +h427 November 2008/h4 p class=headlineSamba 3.3.0rc1 Available for Download/p pSamba 3.3.0rc1 is now available for download. This the first
[SCM] Samba Shared Repository - branch master updated - 1cf5c154aaab8b8c45145343e00ec452c6d0f5b5
The branch, master has been updated
via 1cf5c154aaab8b8c45145343e00ec452c6d0f5b5 (commit)
via fd2a15fa7813f5560bd7fdb9b5ed8e3880cae387 (commit)
from 143097d71c15c1624446b56205639e0b863d35fe (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1cf5c154aaab8b8c45145343e00ec452c6d0f5b5
Author: Günther Deschner [EMAIL PROTECTED]
Date: Fri Nov 28 22:01:18 2008 +0100
s4-smbtorture: add some more testcases to pwdlastset test.
Guenther
commit fd2a15fa7813f5560bd7fdb9b5ed8e3880cae387
Author: Günther Deschner [EMAIL PROTECTED]
Date: Fri Nov 28 21:58:25 2008 +0100
s4-smbtorture: fix RPC-SAMR-PASSWORDS-PWDLASTSET with samba3 option.
Guenther
---
Summary of changes:
source4/torture/rpc/samr.c | 149 ++-
1 files changed, 118 insertions(+), 31 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 86a959d..01ff016 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -870,6 +870,8 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
struct samr_GetUserPwInfo pwp;
struct samr_PwInfo info;
int policy_min_pw_len = 0;
+ const char *comment = NULL;
+
pwp.in.user_handle = handle;
pwp.out.info = info;
@@ -889,17 +891,23 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe
*p,
s.in.level = level;
}
+ if (fields_present SAMR_FIELD_COMMENT) {
+ comment = talloc_asprintf(tctx, comment: %d\n, time(NULL));
+ }
+
ZERO_STRUCT(u);
switch (level) {
case 21:
u.info21.fields_present = fields_present;
u.info21.password_expired = password_expired;
+ u.info21.comment.string = comment;
break;
case 23:
u.info23.info.fields_present = fields_present;
u.info23.info.password_expired = password_expired;
+ u.info23.info.comment.string = comment;
encode_pw_buffer(u.info23.password.data, newpass, STR_UNICODE);
@@ -913,6 +921,7 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
case 25:
u.info25.info.fields_present = fields_present;
u.info25.info.password_expired = password_expired;
+ u.info25.info.comment.string = comment;
encode_pw_buffer(u.info25.password.data, newpass, STR_UNICODE);
@@ -962,8 +971,16 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe
*p,
status = dcerpc_samr_SetUserInfo(p, tctx, s);
}
- if (NT_STATUS_IS_ERR(expected_error)) {
- torture_assert_ntstatus_equal(tctx, status, expected_error, );
+ if (!NT_STATUS_IS_OK(expected_error)) {
+ if (use_setinfo2) {
+ torture_assert_ntstatus_equal(tctx,
+ s2.out.result,
+ expected_error, SetUserInfo2 failed);
+ } else {
+ torture_assert_ntstatus_equal(tctx,
+ s.out.result,
+ expected_error, SetUserInfo failed);
+ }
return true;
}
@@ -2431,6 +2448,16 @@ static bool test_SetPassword_pwdlastset(struct
dcerpc_pipe *p,
.password_expired_nonzero = 1,
.fields_present =
SAMR_FIELD_LAST_PWD_CHANGE,
.set_error =
NT_STATUS_ACCESS_DENIED
+ },{
+ .level = 21,
+ .password_expired_nonzero = 1,
+ .fields_present = 0,
+ .set_error =
NT_STATUS_INVALID_PARAMETER
+ },{
+ .level = 21,
+ .password_expired_nonzero = 1,
+ .fields_present = SAMR_FIELD_COMMENT,
+
#if 0
/* FIXME */
},{
@@ -2478,7 +2505,16 @@ static bool test_SetPassword_pwdlastset(struct
dcerpc_pipe *p,
.level = 23,
.password_expired_nonzero = 1,
.fields_present = SAMR_FIELD_PASSWORD |
- SAMR_FIELD_PASSWORD2
+ SAMR_FIELD_PASSWORD2,
+ },{
+ .level = 23,
+ .password_expired_nonzero = 1,
+
[SCM] Samba Shared Repository - branch master updated - 28099876f9a39f56a54fd2540532309c0d1e2877
The branch, master has been updated
via 28099876f9a39f56a54fd2540532309c0d1e2877 (commit)
via 42adfd1be2237bbe5430fe972143b548b42f6edb (commit)
from 1cf5c154aaab8b8c45145343e00ec452c6d0f5b5 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 28099876f9a39f56a54fd2540532309c0d1e2877
Author: Günther Deschner [EMAIL PROTECTED]
Date: Sat Nov 29 00:12:26 2008 +0100
s3-libnetjoin: Fix bug #5749. Re-set acctflags while joining. fix from
metze.
Guenther
commit 42adfd1be2237bbe5430fe972143b548b42f6edb
Author: Günther Deschner [EMAIL PROTECTED]
Date: Sat Nov 29 00:10:18 2008 +0100
s3-libnetjoin: remove unused md4_trust_password, found by metze.
Guenther
---
Summary of changes:
source3/libnet/libnet_join.c | 50 -
1 files changed, 29 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 498c7af..908fb78 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -762,7 +762,6 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX
*mem_ctx,
struct lsa_String lsa_acct_name;
uint32_t user_rid;
uint32_t acct_flags = ACB_WSTRUST;
- uchar md4_trust_password[16];
struct samr_Ids user_rids;
struct samr_Ids name_types;
union samr_UserInfo user_info;
@@ -898,14 +897,6 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX
*mem_ctx,
goto done;
}
- /* Create a random machine account password and generate the hash */
-
- E_md4hash(r-in.machine_password, md4_trust_password);
-
- init_samr_CryptPasswordEx(r-in.machine_password,
- cli-user_session_key,
- crypt_pwd_ex);
-
/* Fill in the additional account flags now */
acct_flags |= ACB_PWNOEXP;
@@ -916,23 +907,40 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX
*mem_ctx,
;;
}
- /* Set password and account flags on machine account */
-
- ZERO_STRUCT(user_info.info25);
-
- user_info.info25.info.fields_present = ACCT_NT_PWD_SET |
- ACCT_LM_PWD_SET |
- SAMR_FIELD_ACCT_FLAGS;
-
- user_info.info25.info.acct_flags = acct_flags;
- memcpy(user_info.info25.password.data, crypt_pwd_ex.data,
- sizeof(crypt_pwd_ex.data));
+ /* Set account flags on machine account */
+ ZERO_STRUCT(user_info.info16);
+ user_info.info16.acct_flags = acct_flags;
status = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx,
user_pol,
-25,
+16,
user_info);
+ if (!NT_STATUS_IS_OK(status)) {
+
+ rpccli_samr_DeleteUser(pipe_hnd, mem_ctx,
+ user_pol);
+
+ libnet_join_set_error_string(mem_ctx, r,
+ Failed to set account flags for machine account
(%s)\n,
+ nt_errstr(status));
+ goto done;
+ }
+
+ /* Set password on machine account - first try level 26 */
+
+ init_samr_CryptPasswordEx(r-in.machine_password,
+ cli-user_session_key,
+ crypt_pwd_ex);
+
+ init_samr_user_info26(user_info.info26, crypt_pwd_ex,
+ PASS_DONT_CHANGE_AT_NEXT_LOGON);
+
+ status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+ user_pol,
+ 26,
+ user_info);
+
if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) {
/* retry with level 24 */
--
Samba Shared Repository
Build status as of Sat Nov 29 00:00:02 2008
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2008-11-28 00:00:45.0 + +++ /home/build/master/cache/broken_results.txt 2008-11-29 00:00:39.0 + @@ -1,4 +1,4 @@ -Build status as of Fri Nov 28 00:00:01 2008 +Build status as of Sat Nov 29 00:00:02 2008 Build counts: Tree Total Broken Panic @@ -7,16 +7,16 @@ ctdb 0 0 0 distcc 1 0 0 ldb 32 32 0 -libreplace 31 12 0 +libreplace 30 12 0 lorikeet-heimdal 29 20 0 pidl 19 2 0 ppp 13 0 0 rsync32 13 0 samba-docs 0 0 0 samba-gtk5 5 0 -samba_3_X_devel 28 19 1 +samba_3_X_devel 28 18 1 samba_3_X_test 28 16 0 -samba_4_0_test 31 28 1 +samba_4_0_test 30 30 1 smb-build30 7 0 talloc 32 32 0 tdb 32 13 0
