The Samba-Bugzilla – Attachment 17098 Details for
Bug 14935
Can't connect to Windows shares not requiring authentication using KDE/Gnome
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches for v4-15-test
tmp415.diff.txt (text/plain), 9.06 KB, created by
Stefan Metzmacher
on 2022-01-17 14:18:45 UTC
(
hide
)
Description:
Patches for v4-15-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2022-01-17 14:18:45 UTC
Size:
9.06 KB
patch
obsolete
>From e69fc50bd818b8b08812cd59ef014a405dd0333d Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 21 Dec 2021 14:39:25 +0100 >Subject: [PATCH 1/4] selftest/Samba3: enable SMB1 for maptoguest > >guest authentication is an old school concept, >so we should make sure it also works with SMB1. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=14935 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >(cherry picked from commit 648b476dcdb6f378b627266cb787fd8f38fba56a) >--- > selftest/knownfail.d/smb1-tests | 10 ++++------ > selftest/target/Samba3.pm | 1 + > 2 files changed, 5 insertions(+), 6 deletions(-) > >diff --git a/selftest/knownfail.d/smb1-tests b/selftest/knownfail.d/smb1-tests >index 4790ef0f46c6..28a74863c6a3 100644 >--- a/selftest/knownfail.d/smb1-tests >+++ b/selftest/knownfail.d/smb1-tests >@@ -1,9 +1,7 @@ >-^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient anonymous.badpassword.NT1NEW.guest\(maptoguest\) >-^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient baduser.badpassword.NT1NEW.guest\(maptoguest\) >-^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient username.password.NT1OLD\((ad_member|fl2000dc|maptoguest|nt4_member)\) >-^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient username.password.NT1NEW\((ad_member|fl2000dc|maptoguest|nt4_member)\) >-^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient anonymous.nopassword.NT1OLD\((ad_member|fl2000dc|maptoguest|nt4_member)\) >-^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient anonymous.nopassword.NT1NEW\((ad_member|fl2000dc|maptoguest|nt4_member)\) >+^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient username.password.NT1OLD\((ad_member|fl2000dc|nt4_member)\) >+^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient username.password.NT1NEW\((ad_member|fl2000dc|nt4_member)\) >+^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient anonymous.nopassword.NT1OLD\((ad_member|fl2000dc|nt4_member)\) >+^samba3.blackbox.smbclient_ntlm.plain.*NT1.smbclient anonymous.nopassword.NT1NEW\((ad_member|fl2000dc|nt4_member)\) > ^samba3.blackbox.smbclient_s3.NT1.(plain|sign).member_creds.smbclient -L.*\((ad_member|nt4_member)\) > ^samba3.blackbox.smbclient_s3.NT1.(plain|sign).member_creds.smbclient -L LOCALADMEMBER -I.*\((ad_member|nt4_member)\) > ^samba3.blackbox.smbclient_s3.NT1.(plain|sign).member_creds.noninteractive smbclient does not prompt\((ad_member|nt4_member)\) >diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm >index d1ac5c16c264..84903b87d3e2 100755 >--- a/selftest/target/Samba3.pm >+++ b/selftest/target/Samba3.pm >@@ -2091,6 +2091,7 @@ sub setup_maptoguest > my $options = " > map to guest = bad user > ntlm auth = yes >+server min protocol = LANMAN1 > > [force_user_error_inject] > path = $share_dir >-- >2.25.1 > > >From a48c7f227333471917bc30306cd5a6a4c1652a31 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 21 Dec 2021 12:04:30 +0100 >Subject: [PATCH 2/4] s4:torture/libsmbclient: add libsmbclient.noanon_list > test > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=14935 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >(cherry picked from commit 59e436297b0a4baa01e4e8a4bbb9c0bc9d7e1f29) >--- > source4/torture/libsmbclient/libsmbclient.c | 50 +++++++++++++++++++++ > 1 file changed, 50 insertions(+) > >diff --git a/source4/torture/libsmbclient/libsmbclient.c b/source4/torture/libsmbclient/libsmbclient.c >index 669189d77851..fd770e5002ff 100644 >--- a/source4/torture/libsmbclient/libsmbclient.c >+++ b/source4/torture/libsmbclient/libsmbclient.c >@@ -1255,6 +1255,54 @@ static bool torture_libsmbclient_utimes(struct torture_context *tctx) > return true; > } > >+static bool torture_libsmbclient_noanon_list(struct torture_context *tctx) >+{ >+ const char *smburl = torture_setting_string(tctx, "smburl", NULL); >+ struct smbc_dirent *dirent = NULL; >+ SMBCCTX *ctx = NULL; >+ int dhandle = -1; >+ bool ok = true; >+ >+ if (smburl == NULL) { >+ torture_fail(tctx, >+ "option --option=torture:smburl=" >+ "smb://user:password@server missing\n"); >+ } >+ >+ ok = torture_libsmbclient_init_context(tctx, &ctx); >+ torture_assert_goto(tctx, >+ ok, >+ ok, >+ out, >+ "Failed to init context"); >+ torture_comment(tctx, >+ "Testing smbc_setOptionNoAutoAnonymousLogin\n"); >+ smbc_setOptionNoAutoAnonymousLogin(ctx, true); >+ smbc_set_context(ctx); >+ >+ torture_comment(tctx, "Listing: %s\n", smburl); >+ dhandle = smbc_opendir(smburl); >+ torture_assert_int_not_equal_goto(tctx, >+ dhandle, >+ -1, >+ ok, >+ out, >+ "Failed to open smburl"); >+ >+ while((dirent = smbc_readdir(dhandle)) != NULL) { >+ torture_comment(tctx, "DIR: %s\n", dirent->name); >+ torture_assert_not_null_goto(tctx, >+ dirent->name, >+ ok, >+ out, >+ "Failed to read name"); >+ } >+ >+out: >+ smbc_closedir(dhandle); >+ return ok; >+} >+ > NTSTATUS torture_libsmbclient_init(TALLOC_CTX *ctx) > { > struct torture_suite *suite; >@@ -1276,6 +1324,8 @@ NTSTATUS torture_libsmbclient_init(TALLOC_CTX *ctx) > torture_libsmbclient_readdirplus2); > torture_suite_add_simple_test( > suite, "utimes", torture_libsmbclient_utimes); >+ torture_suite_add_simple_test( >+ suite, "noanon_list", torture_libsmbclient_noanon_list); > > suite->description = talloc_strdup(suite, "libsmbclient interface tests"); > >-- >2.25.1 > > >From 2ee36b1e0d5e18b4da03026983d28e301bd806cf Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 21 Dec 2021 12:05:13 +0100 >Subject: [PATCH 3/4] s4:selftest: run libsmbclient.noanon_list against > maptoguest > >This demonstrates the problem with guest access being rejected >by default. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=14935 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >(cherry picked from commit 0a808f6b53f50f426bd706f5327f610bb9e5967d) >--- > selftest/knownfail.d/libsmbclient.noanon_list | 1 + > source4/selftest/tests.py | 16 ++++++++++++++++ > 2 files changed, 17 insertions(+) > create mode 100644 selftest/knownfail.d/libsmbclient.noanon_list > >diff --git a/selftest/knownfail.d/libsmbclient.noanon_list b/selftest/knownfail.d/libsmbclient.noanon_list >new file mode 100644 >index 000000000000..1901166f3fc3 >--- /dev/null >+++ b/selftest/knownfail.d/libsmbclient.noanon_list >@@ -0,0 +1 @@ >+^samba4.libsmbclient.noanon_list.baduser >diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py >index 61cbca43132d..1e4b2ae6dd3c 100755 >--- a/source4/selftest/tests.py >+++ b/source4/selftest/tests.py >@@ -408,6 +408,22 @@ for t in libsmbclient: > [ "--option=torture:clientprotocol=%s" % proto], > "samba4.%s.%s" % (t, proto)) > >+url = "smb://baduser:invalidpw@$SERVER/tmpguest" >+t = "libsmbclient.noanon_list" >+libsmbclient_testargs = [ >+ '//$SERVER/tmpguest', >+ '-U$USERNAME%$PASSWORD', >+ "--option=torture:smburl=" + url, >+ "--option=torture:replace_smbconf=" >+ "%s/testdata/samba3/smb_new.conf" % srcdir() >+ ] >+for proto in protocols: >+ plansmbtorture4testsuite(t, >+ "maptoguest", >+ libsmbclient_testargs + >+ [ "--option=torture:clientprotocol=%s" % proto], >+ "samba4.%s.baduser.%s" % (t, proto)) >+ > plansmbtorture4testsuite("raw.qfileinfo.ipc", "ad_dc_ntvfs", '//$SERVER/ipc\$ -U$USERNAME%$PASSWORD') > > for t in smbtorture4_testsuites("rap."): >-- >2.25.1 > > >From ab982299794bc2df0374a82b7d077174b8b34d0a Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 21 Dec 2021 11:19:40 +0100 >Subject: [PATCH 4/4] s3:libsmb: fix signing regression SMBC_server_internal() > >commit d0062d312cbbf80afd78143ca5c0be68f2d72b03 introduced >SMBC_ENCRYPTLEVEL_DEFAULT as default, but the logic to enforce >signing wasn't adjusted, so we required smb signing by default. > >That broke guest authentication for libsmbclient using applications. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=14935 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> > >Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> >Autobuild-Date(master): Mon Dec 27 16:38:11 UTC 2021 on sn-devel-184 > >(cherry picked from commit 9d2bf015378c5bc630c92618e034c5eba95cc6b4) >--- > selftest/knownfail.d/libsmbclient.noanon_list | 1 - > source3/libsmb/libsmb_server.c | 2 +- > 2 files changed, 1 insertion(+), 2 deletions(-) > delete mode 100644 selftest/knownfail.d/libsmbclient.noanon_list > >diff --git a/selftest/knownfail.d/libsmbclient.noanon_list b/selftest/knownfail.d/libsmbclient.noanon_list >deleted file mode 100644 >index 1901166f3fc3..000000000000 >--- a/selftest/knownfail.d/libsmbclient.noanon_list >+++ /dev/null >@@ -1 +0,0 @@ >-^samba4.libsmbclient.noanon_list.baduser >diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c >index 5a1055ba773c..d5c9fac6f055 100644 >--- a/source3/libsmb/libsmb_server.c >+++ b/source3/libsmb/libsmb_server.c >@@ -498,7 +498,7 @@ SMBC_server_internal(TALLOC_CTX *ctx, > > status = NT_STATUS_UNSUCCESSFUL; > >- if (context->internal->smb_encryption_level != SMBC_ENCRYPTLEVEL_NONE) { >+ if (context->internal->smb_encryption_level > SMBC_ENCRYPTLEVEL_NONE) { > signing_state = SMB_SIGNING_REQUIRED; > } > >-- >2.25.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=17098">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
asn
:
review+
Actions:
View
Attachments on
bug 14935
:
17063
|
17065
|
17066
| 17098 |
17099