The Samba-Bugzilla – Attachment 18232 Details for
Bug 15533
winbindd crashes when listing trusted domains that contain an NT domain without DNS name
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for 4.18 backported from master
bug15533-v418.patch (text/plain), 48.14 KB, created by
Ralph Böhme
on 2024-01-22 07:25:03 UTC
(
hide
)
Description:
Patch for 4.18 backported from master
Filename:
MIME Type:
Creator:
Ralph Böhme
Created:
2024-01-22 07:25:03 UTC
Size:
48.14 KB
patch
obsolete
>From c95c6632244555916c3ff7a972346250cdf8ca82 Mon Sep 17 00:00:00 2001 >From: Andreas Schneider <asn@samba.org> >Date: Fri, 8 Dec 2023 13:07:19 +0100 >Subject: [PATCH 01/16] selftest: Add DOMAIN_ADMIN and DOMAIN_USER variables > >We should start using those in future. So we can distinguish which >privileges we want. Currently DC_USERNAME is the Administrator. Whatever >possible should use DOMIAN_USER instead. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15532 > >Signed-off-by: Andreas Schneider <asn@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 56d0c3a0263ed166452c129219e7a391ba4d014c) >--- > selftest/target/Samba.pm | 4 ++++ > selftest/target/Samba3.pm | 24 ++++++++++++++++++++++++ > selftest/target/Samba4.pm | 8 ++++++++ > 3 files changed, 36 insertions(+) > >diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm >index a2018a040587..057b43b38ee4 100644 >--- a/selftest/target/Samba.pm >+++ b/selftest/target/Samba.pm >@@ -941,6 +941,10 @@ my @exported_envvars = ( > "PASSWORD", > "DC_USERNAME", > "DC_PASSWORD", >+ "DOMAIN_ADMIN", >+ "DOMAIN_ADMIN_PASSWORD", >+ "DOMAIN_USER", >+ "DOMAIN_USER_PASSWORD", > > # UID/GID for rfc2307 mapping tests > "UID_RFC2307TEST", >diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm >index acee7dc68f08..d9afcb139837 100755 >--- a/selftest/target/Samba3.pm >+++ b/selftest/target/Samba3.pm >@@ -1006,6 +1006,10 @@ sub provision_ad_member > $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{PASSWORD}; >+ $ret->{DOMAIN_ADMIN} = $dcvars->{DOMAIN_ADMIN}; >+ $ret->{DOMAIN_ADMIN_PASSWORD} = $dcvars->{DOMAIN_ADMIN_PASSWORD}; >+ $ret->{DOMAIN_USER} = $dcvars->{DOMAIN_USER}; >+ $ret->{DOMAIN_USER_PASSWORD} = $dcvars->{DOMAIN_USER_PASSWORD}; > > # forest trust > $ret->{TRUST_F_BOTH_SERVER} = $trustvars_f->{SERVER}; >@@ -1171,6 +1175,10 @@ sub setup_ad_member_rfc2307 > $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{PASSWORD}; >+ $ret->{DOMAIN_ADMIN} = $dcvars->{DOMAIN_ADMIN}; >+ $ret->{DOMAIN_ADMIN_PASSWORD} = $dcvars->{DOMAIN_ADMIN_PASSWORD}; >+ $ret->{DOMAIN_USER} = $dcvars->{DOMAIN_USER}; >+ $ret->{DOMAIN_USER_PASSWORD} = $dcvars->{DOMAIN_USER_PASSWORD}; > > return $ret; > } >@@ -1267,6 +1275,10 @@ sub setup_admem_idmap_autorid > $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{PASSWORD}; >+ $ret->{DOMAIN_ADMIN} = $dcvars->{DOMAIN_ADMIN}; >+ $ret->{DOMAIN_ADMIN_PASSWORD} = $dcvars->{DOMAIN_ADMIN_PASSWORD}; >+ $ret->{DOMAIN_USER} = $dcvars->{DOMAIN_USER}; >+ $ret->{DOMAIN_USER_PASSWORD} = $dcvars->{DOMAIN_USER_PASSWORD}; > > return $ret; > } >@@ -1365,6 +1377,10 @@ sub setup_ad_member_idmap_rid > $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{PASSWORD}; >+ $ret->{DOMAIN_ADMIN} = $dcvars->{DOMAIN_ADMIN}; >+ $ret->{DOMAIN_ADMIN_PASSWORD} = $dcvars->{DOMAIN_ADMIN_PASSWORD}; >+ $ret->{DOMAIN_USER} = $dcvars->{DOMAIN_USER}; >+ $ret->{DOMAIN_USER_PASSWORD} = $dcvars->{DOMAIN_USER_PASSWORD}; > > return $ret; > } >@@ -1464,6 +1480,10 @@ sub setup_ad_member_idmap_ad > $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{PASSWORD}; >+ $ret->{DOMAIN_ADMIN} = $dcvars->{DOMAIN_ADMIN}; >+ $ret->{DOMAIN_ADMIN_PASSWORD} = $dcvars->{DOMAIN_ADMIN_PASSWORD}; >+ $ret->{DOMAIN_USER} = $dcvars->{DOMAIN_USER}; >+ $ret->{DOMAIN_USER_PASSWORD} = $dcvars->{DOMAIN_USER_PASSWORD}; > > $ret->{TRUST_SERVER} = $dcvars->{TRUST_SERVER}; > $ret->{TRUST_USERNAME} = $dcvars->{TRUST_USERNAME}; >@@ -1556,6 +1576,10 @@ sub setup_ad_member_oneway > $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{PASSWORD}; >+ $ret->{DOMAIN_ADMIN} = $dcvars->{DOMAIN_ADMIN}; >+ $ret->{DOMAIN_ADMIN_PASSWORD} = $dcvars->{DOMAIN_ADMIN_PASSWORD}; >+ $ret->{DOMAIN_USER} = $dcvars->{DOMAIN_USER}; >+ $ret->{DOMAIN_USER_PASSWORD} = $dcvars->{DOMAIN_USER_PASSWORD}; > > $ret->{TRUST_SERVER} = $dcvars->{TRUST_SERVER}; > $ret->{TRUST_USERNAME} = $dcvars->{TRUST_USERNAME}; >diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm >index 5687d2a85872..11974e454fe8 100755 >--- a/selftest/target/Samba4.pm >+++ b/selftest/target/Samba4.pm >@@ -587,6 +587,10 @@ sub provision_raw_prepare($$$$$$$$$$$$$$) > $ctx->{realm} = uc($realm); > $ctx->{dnsname} = lc($realm); > $ctx->{samsid} = $samsid; >+ $ctx->{domain_admin} = "Administrator"; >+ $ctx->{domain_admin_password} = $password; >+ $ctx->{domain_user} = "alice"; >+ $ctx->{domain_user_password} = "Secret007"; > > $ctx->{functional_level} = $functional_level; > >@@ -903,6 +907,10 @@ nogroup:x:65534:nobody > DOMAIN => $ctx->{domain}, > USERNAME => $ctx->{username}, > DC_USERNAME => $ctx->{username}, >+ DOMAIN_ADMIN => $ctx->{domain_admin}, >+ DOMAIN_ADMIN_PASSWORD => $ctx->{domain_admin_password}, >+ DOMAIN_USER => $ctx->{domain_user}, >+ DOMAIN_USER_PASSWORD => $ctx->{domain_user_password}, > REALM => $ctx->{realm}, > DNSNAME => $ctx->{dnsname}, > SAMSID => $ctx->{samsid}, >-- >2.43.0 > > >From 5b5317ab01cc8f8ee1a069f91f5cbef9085d8b2a Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Wed, 10 Jan 2024 15:03:49 +0100 >Subject: [PATCH 02/16] net: remove a newline > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 340753a2554ce9a842a6c90d684fb0510def81a1) >--- > source3/utils/net_rpc.c | 1 - > 1 file changed, 1 deletion(-) > >diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c >index 1405f773838e..6973d73fb835 100644 >--- a/source3/utils/net_rpc.c >+++ b/source3/utils/net_rpc.c >@@ -6555,7 +6555,6 @@ static int rpc_trustdom_establish(struct net_context *c, int argc, > TALLOC_CTX *mem_ctx; > NTSTATUS nt_status, result; > struct dom_sid *domain_sid; >- > char* domain_name; > char* acct_name; > fstring pdc_name; >-- >2.43.0 > > >From 1f73de0fa56a2b22663eec05bd119e9d3f779329 Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Wed, 10 Jan 2024 15:06:14 +0100 >Subject: [PATCH 03/16] net: fix credentials in trustdom establish > >This was broken by ea071d278a614f17b5417d3ff98e1b8d1fd8970d. I guess the whole >opt_user_specified dance should be ripped out, but that's a fix for another day. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 15c07723765c6863a0ada9dfbaaa204604500907) >--- > source3/utils/net_rpc.c | 9 +++++---- > 1 file changed, 5 insertions(+), 4 deletions(-) > >diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c >index 6973d73fb835..b16123c49476 100644 >--- a/source3/utils/net_rpc.c >+++ b/source3/utils/net_rpc.c >@@ -6557,6 +6557,7 @@ static int rpc_trustdom_establish(struct net_context *c, int argc, > struct dom_sid *domain_sid; > char* domain_name; > char* acct_name; >+ const char *pwd = NULL; > fstring pdc_name; > union lsa_PolicyInformation *info = NULL; > struct dcerpc_binding_handle *b; >@@ -6587,6 +6588,7 @@ static int rpc_trustdom_establish(struct net_context *c, int argc, > SAFE_FREE(acct_name); > return -1; > } >+ cli_credentials_set_username(c->creds, acct_name, CRED_SPECIFIED); > > /* > * opt_workgroup will be used by connection functions further, >@@ -6596,9 +6598,6 @@ static int rpc_trustdom_establish(struct net_context *c, int argc, > c->opt_workgroup = smb_xstrdup(domain_name); > }; > >- c->opt_user_name = acct_name; >- c->opt_user_specified = true; >- > /* find the domain controller */ > if (!net_find_pdc(&server_ss, pdc_name, domain_name)) { > DEBUG(0, ("Couldn't find domain controller for domain %s\n", domain_name)); >@@ -6704,7 +6703,9 @@ static int rpc_trustdom_establish(struct net_context *c, int argc, > * Store the password in secrets db > */ > >- if (!pdb_set_trusteddom_pw(domain_name, c->opt_password, domain_sid)) { >+ pwd = cli_credentials_get_password(c->creds); >+ >+ if (!pdb_set_trusteddom_pw(domain_name, pwd, domain_sid)) { > DEBUG(0, ("Storing password for trusted domain failed.\n")); > cli_shutdown(cli); > talloc_destroy(mem_ctx); >-- >2.43.0 > > >From 3c7c24974a55544ca0d6ee1adcfa0f087574f8a3 Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Sat, 13 Jan 2024 08:51:48 +0100 >Subject: [PATCH 04/16] net: support NT4 trusts in "net rpc trust create" > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 449a968d3d18633e05db7d00ab76c7a52b04a54c) >--- > source3/utils/net_rpc_trust.c | 26 +++++++++++++++++++------- > 1 file changed, 19 insertions(+), 7 deletions(-) > >diff --git a/source3/utils/net_rpc_trust.c b/source3/utils/net_rpc_trust.c >index 9cfce005e560..1d77c7500403 100644 >--- a/source3/utils/net_rpc_trust.c >+++ b/source3/utils/net_rpc_trust.c >@@ -116,6 +116,18 @@ static NTSTATUS create_trust(TALLOC_CTX *mem_ctx, > struct lsa_CreateTrustedDomainEx2 r; > struct lsa_TrustDomainInfoInfoEx trustinfo; > struct policy_handle trustdom_handle; >+ bool is_nt4 = trust_name_dns == NULL; >+ >+ if (!is_nt4) { >+ fprintf(stdout, "Creating AD trust\n"); >+ trustinfo.trust_type = LSA_TRUST_TYPE_UPLEVEL; >+ trustinfo.trust_attributes = LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE; >+ } else { >+ fprintf(stdout, "Creating NT4 trust\n"); >+ trustinfo.trust_type = LSA_TRUST_TYPE_DOWNLEVEL; >+ trustinfo.trust_attributes = 0; >+ trust_name_dns = trust_name; >+ } > > trustinfo.sid = domsid; > trustinfo.netbios_name.string = trust_name; >@@ -124,10 +136,6 @@ static NTSTATUS create_trust(TALLOC_CTX *mem_ctx, > trustinfo.trust_direction = LSA_TRUST_DIRECTION_INBOUND | > LSA_TRUST_DIRECTION_OUTBOUND; > >- trustinfo.trust_type = LSA_TRUST_TYPE_UPLEVEL; >- >- trustinfo.trust_attributes = LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE; >- > r.in.policy_handle = pol_hnd; > r.in.info = &trustinfo; > r.in.auth_info_internal = authinfo; >@@ -404,7 +412,7 @@ static void print_trust_usage(void) > "\totheruser=Admin user in other domain\n" > "\totherdomainsid=SID of other domain\n" > "\tother_netbios_domain=NetBIOS/short name of other domain\n" >- "\totherdomain=Full/DNS name of other domain\n" >+ "\totherdomain=Full/DNS name of other domain (if not used, create an NT4 trust)\n" > "\ttrustpw=Trust password\n" > "\nExamples:\n" > "\tnet rpc trust create otherserver=oname otheruser=ouser -S lname -U luser\n" >@@ -484,10 +492,14 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc, > dom_data[1].domain_name = other_dom_data->domain_name; > dom_data[1].dns_domain_name = other_dom_data->dns_domain_name; > >+ if (dom_data[1].dns_domain_name == NULL) { >+ fprintf(stdout, "No DNS domain name passed, " >+ "assuming NT4 trust!\n"); >+ } >+ > if (dom_data[1].domsid == NULL || > (op == TRUST_CREATE && >- (dom_data[1].domain_name == NULL || >- dom_data[1].dns_domain_name == NULL))) { >+ (dom_data[1].domain_name == NULL))) { > DEBUG(0, ("Missing required argument.\n")); > usage(); > goto done; >-- >2.43.0 > > >From b7b4d65fac355c1c4f176680a1f709c39629135e Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Sun, 14 Jan 2024 08:34:17 +0100 >Subject: [PATCH 05/16] net: create creds for other domain > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 9b2920fd367d26cfbf6f6f442a5c01fae4734abd) >--- > source3/utils/net_rpc_trust.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > >diff --git a/source3/utils/net_rpc_trust.c b/source3/utils/net_rpc_trust.c >index 1d77c7500403..2a8e9875df1f 100644 >--- a/source3/utils/net_rpc_trust.c >+++ b/source3/utils/net_rpc_trust.c >@@ -484,8 +484,10 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc, > } > > other_net_ctx->opt_host = other_dom_data->host; >- other_net_ctx->opt_user_name = other_dom_data->user_name; >- other_net_ctx->opt_user_specified = true; >+ other_net_ctx->creds = cli_credentials_init(other_net_ctx); >+ cli_credentials_parse_string(other_net_ctx->creds, >+ other_dom_data->user_name, >+ CRED_SPECIFIED); > } else { > dom_data[1].domsid = dom_sid_parse_talloc(mem_ctx, > other_dom_data->domain_sid_str); >-- >2.43.0 > > >From 4b724aa989b2c27097816761d1b4d03746a14f02 Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Tue, 16 Jan 2024 15:36:01 +0100 >Subject: [PATCH 06/16] winbindd: also apply schannel logic as an NT4 DC > >This applies the same logic we already added in >06601b3a9293db35feda1b033fa864dc1a764164 for AD DCs wrt to IPC authentication >when running as an NT4 DC in cm_prepare_connection(). Similarily adjust the >check in cm_connect_lsa() added in 3e17a3b7cd4083299037ba9377931bea792b2d18 and >in cm_connect_netlogon_transport() added by >532a14dc684e7a6d8c584d5671a4ebbad00aa4fc for cm_connect_netlogon_transport(). > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 95bb2acbf066049f92c16836a2cdaea3aae829cc) >--- > source3/winbindd/winbindd_cm.c | 12 ++++++------ > 1 file changed, 6 insertions(+), 6 deletions(-) > >diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c >index 0d0d4d416013..65b48fa462aa 100644 >--- a/source3/winbindd/winbindd_cm.c >+++ b/source3/winbindd/winbindd_cm.c >@@ -701,7 +701,7 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain, > > enum smb_signing_setting smb_sign_client_connections = lp_client_ipc_signing(); > >- if (IS_AD_DC) { >+ if (IS_DC) { > if (domain->secure_channel_type == SEC_CHAN_NULL) { > /* > * Make sure we don't even try to >@@ -805,7 +805,7 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain, > try_ipc_auth = true; > } > >- if (IS_AD_DC) { >+ if (IS_DC) { > /* > * As AD DC we only use netlogon and lsa > * using schannel over an anonymous transport >@@ -2863,7 +2863,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, > > TALLOC_FREE(conn->lsa_pipe); > >- if (IS_AD_DC) { >+ if (IS_DC) { > /* > * Make sure we only use schannel as AD DC. > */ >@@ -2989,7 +2989,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, > goto done; > } > >- if (IS_AD_DC) { >+ if (IS_DC) { > /* > * Make sure we only use schannel as AD DC. > */ >@@ -3003,7 +3003,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, > > anonymous: > >- if (IS_AD_DC) { >+ if (IS_DC) { > /* > * Make sure we only use schannel as AD DC. > */ >@@ -3122,7 +3122,7 @@ static NTSTATUS cm_connect_netlogon_transport(struct winbindd_domain *domain, > > *cli = NULL; > >- if (IS_AD_DC) { >+ if (IS_DC) { > if (domain->secure_channel_type == SEC_CHAN_NULL) { > /* > * Make sure we don't even try to >-- >2.43.0 > > >From 6b8c5f98140430ff84e8420e07d06fc4f031f5d8 Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Thu, 18 Jan 2024 15:38:10 +0100 >Subject: [PATCH 07/16] winbindd: make add_trusted_domains_dc() public > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 60ac5b03ef15de73744e0f86507849fb4b55d96f) >--- > source3/winbindd/winbindd_proto.h | 1 + > source3/winbindd/winbindd_util.c | 4 +--- > 2 files changed, 2 insertions(+), 3 deletions(-) > >diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h >index bfa114c32916..082493680e89 100644 >--- a/source3/winbindd/winbindd_proto.h >+++ b/source3/winbindd/winbindd_proto.h >@@ -353,6 +353,7 @@ void winbindd_msg_reload_services_parent(struct messaging_context *msg, > NTSTATUS winbindd_reinit_after_fork(const struct winbindd_child *myself, > const char *logfilename); > struct winbindd_domain *wb_child_domain(void); >+bool add_trusted_domains_dc(void); > > /* The following definitions come from winbindd/winbindd_group.c */ > bool fill_grent(TALLOC_CTX *mem_ctx, struct winbindd_gr *gr, >diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c >index b4c53ba971c5..7f02081a41c8 100644 >--- a/source3/winbindd/winbindd_util.c >+++ b/source3/winbindd/winbindd_util.c >@@ -47,8 +47,6 @@ > * Winbind daemon for NT domain authentication nss module. > **/ > >-static bool add_trusted_domains_dc(void); >- > /* The list of trusted domains. Note that the list can be deleted and > recreated using the init_domain_list() function so pointers to > individual winbindd_domain structures cannot be made. Keep a copy of >@@ -853,7 +851,7 @@ static bool migrate_secrets_tdb_to_ldb(struct winbindd_domain *domain) > return true; > } > >-static bool add_trusted_domains_dc(void) >+bool add_trusted_domains_dc(void) > { > struct winbindd_domain *domain = NULL; > struct pdb_trusted_domain **domains = NULL; >-- >2.43.0 > > >From 221ba1be4877aec397a831d3c010f856d248ed4c Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Thu, 18 Jan 2024 15:38:45 +0100 >Subject: [PATCH 08/16] winbindd: call add_trusted_domains_dc() in smbcontrol > reload-config handler > >This allows reloading trust info on an NT4 DC without restarting winbindd. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(backported from commit 9d933abd9e578de74bd4c5a8bcfcf6924262a8e2) >[slow@samba.org: changed context] >--- > source3/winbindd/winbindd_dual.c | 6 ++++++ > 1 file changed, 6 insertions(+) > >diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c >index d053977033f7..40339a9ba7b2 100644 >--- a/source3/winbindd/winbindd_dual.c >+++ b/source3/winbindd/winbindd_dual.c >@@ -944,6 +944,7 @@ void winbindd_msg_reload_services_parent(struct messaging_context *msg, > .msg_type = msg_type, > .data = data, > }; >+ bool ok; > > DBG_DEBUG("Got reload-config message\n"); > >@@ -952,6 +953,11 @@ void winbindd_msg_reload_services_parent(struct messaging_context *msg, > > winbindd_reload_services_file((const char *)private_data); > >+ ok = add_trusted_domains_dc(); >+ if (!ok) { >+ DBG_ERR("add_trusted_domains_dc() failed\n"); >+ } >+ > forall_children(winbind_msg_relay_fn, &state); > } > >-- >2.43.0 > > >From 9c6e32d4f802b5778a7d76551e0561544b6db671 Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Wed, 10 Jan 2024 18:13:46 +0100 >Subject: [PATCH 09/16] selftest: fix domain name of nt4_dc_smb1 environment > >It had the same workgroup as the nt4_dc environment: > >$ grep workgroup st/nt4_dc/lib/server.conf st/nt4_dc_smb1/lib/server.conf >st/nt4_dc/lib/server.conf: workgroup = SAMBA-TEST >st/nt4_dc_smb1/lib/server.conf: workgroup = SAMBA-TEST > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit d0cdc81aa99031b0c067c7f8cf2ec0dc99d57da5) >--- > selftest/target/Samba3.pm | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) > >diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm >index d9afcb139837..dec6ba7b7f73 100755 >--- a/selftest/target/Samba3.pm >+++ b/selftest/target/Samba3.pm >@@ -262,7 +262,7 @@ sub check_env($$) > > sub setup_nt4_dc > { >- my ($self, $path, $more_conf, $server) = @_; >+ my ($self, $path, $more_conf, $domain, $server) = @_; > > print "PROVISIONING NT4 DC..."; > >@@ -312,12 +312,15 @@ sub setup_nt4_dc > if (defined($more_conf)) { > $nt4_dc_options = $nt4_dc_options . $more_conf; > } >+ if (!defined($domain)) { >+ $domain = "SAMBA-TEST"; >+ } > if (!defined($server)) { > $server = "LOCALNT4DC2"; > } > my $vars = $self->provision( > prefix => $path, >- domain => "SAMBA-TEST", >+ domain => $domain, > server => $server, > password => "localntdc2pass", > extra_options => $nt4_dc_options); >@@ -352,7 +355,7 @@ sub setup_nt4_dc_smb1 > client min protocol = CORE > server min protocol = LANMAN1 > "; >- return $self->setup_nt4_dc($path, $conf, "LCLNT4DC2SMB1"); >+ return $self->setup_nt4_dc($path, $conf, "NT4SMB1", "LCLNT4DC2SMB1"); > } > > sub setup_nt4_dc_smb1_done >-- >2.43.0 > > >From 7283bf81d4a1b3fcd8077ba14b7b076a73b3d59d Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Thu, 11 Jan 2024 12:02:43 +0100 >Subject: [PATCH 10/16] selftest: do early exit in setup_fl2008r2dc() if > provision_fl2008r2dc() fails > >No change in behaviour. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 5420af6942307e045be1317edc323ee3ff9f379b) >--- > selftest/target/Samba4.pm | 22 +++++++++++----------- > 1 file changed, 11 insertions(+), 11 deletions(-) > >diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm >index 11974e454fe8..52d2b56b43ed 100755 >--- a/selftest/target/Samba4.pm >+++ b/selftest/target/Samba4.pm >@@ -2563,22 +2563,22 @@ sub setup_fl2008r2dc > > my $env = $self->provision_fl2008r2dc($path); > >- if (defined $env) { >- if (not defined($self->check_or_start($env, "standard"))) { >- return undef; >- } >+ if (!defined $env) { >+ return $env; >+ } > >- my $upn_array = ["$env->{REALM}.upn"]; >- my $spn_array = ["$env->{REALM}.spn"]; >+ if (not defined($self->check_or_start($env, "standard"))) { >+ return undef; >+ } > >- if ($self->setup_namespaces($env, $upn_array, $spn_array) != 0) { >- return undef; >- } >+ my $upn_array = ["$env->{REALM}.upn"]; >+ my $spn_array = ["$env->{REALM}.spn"]; > >- $env = $self->setup_trust($env, $dc_vars, "forest", ""); >+ if ($self->setup_namespaces($env, $upn_array, $spn_array) != 0) { >+ return undef; > } > >- return $env; >+ return $self->setup_trust($env, $dc_vars, "forest", ""); > } > > sub setup_vampire_dc >-- >2.43.0 > > >From f379cfb316708cf0cd07265a54d2aee0d991ff0e Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Thu, 18 Jan 2024 16:04:34 +0100 >Subject: [PATCH 11/16] selftest: rename a variable in setup_fl2008r2dc() > >Prepares for adding another variable with a similar name. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 9725aa932e24622566baf208586d1fe03885da9f) >--- > selftest/target/Samba4.pm | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm >index 52d2b56b43ed..07409bf8173a 100755 >--- a/selftest/target/Samba4.pm >+++ b/selftest/target/Samba4.pm >@@ -2559,7 +2559,7 @@ sub setup_fl2003dc > > sub setup_fl2008r2dc > { >- my ($self, $path, $dc_vars) = @_; >+ my ($self, $path, $ad_dc_vars) = @_; > > my $env = $self->provision_fl2008r2dc($path); > >@@ -2578,7 +2578,7 @@ sub setup_fl2008r2dc > return undef; > } > >- return $self->setup_trust($env, $dc_vars, "forest", ""); >+ return $self->setup_trust($env, $ad_dc_vars, "forest", ""); > } > > sub setup_vampire_dc >-- >2.43.0 > > >From 66952c32ce8db1fe63fded900ebe01bf58c7e7cb Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Sat, 13 Jan 2024 08:48:54 +0100 >Subject: [PATCH 12/16] selftest: create trust between fl2008r2dc and nt4_dc > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 645a725603ca03f27c1347b1e2ed9fea94a6319d) >--- > selftest/target/Samba.pm | 7 +++++ > selftest/target/Samba4.pm | 57 ++++++++++++++++++++++++++++++++++++--- > 2 files changed, 61 insertions(+), 3 deletions(-) > >diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm >index 057b43b38ee4..5b07981e8d0c 100644 >--- a/selftest/target/Samba.pm >+++ b/selftest/target/Samba.pm >@@ -913,6 +913,13 @@ my @exported_envvars = ( > "TRUST_E_BOTH_DOMAIN", > "TRUST_E_BOTH_REALM", > >+ # stuff related to a trusted NT4 domain, >+ # used for one-way trust fl2008r2dc <- nt4_dc >+ "NT4_TRUST_SERVER", >+ "NT4_TRUST_SERVER_IP", >+ "NT4_TRUST_DOMAIN", >+ "NT4_TRUST_DOMSID", >+ > # domain controller stuff > "DC_SERVER", > "DC_SERVER_IP", >diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm >index 07409bf8173a..411d5828215b 100755 >--- a/selftest/target/Samba4.pm >+++ b/selftest/target/Samba4.pm >@@ -2355,7 +2355,7 @@ sub check_env($$) > ad_dc_no_nss => ["dns_hub"], > ad_dc_no_ntlm => ["dns_hub"], > >- fl2008r2dc => ["ad_dc"], >+ fl2008r2dc => ["ad_dc", "nt4_dc"], > fl2003dc => ["ad_dc"], > fl2000dc => ["ad_dc"], > >@@ -2559,7 +2559,7 @@ sub setup_fl2003dc > > sub setup_fl2008r2dc > { >- my ($self, $path, $ad_dc_vars) = @_; >+ my ($self, $path, $ad_dc_vars, $nt4_dc_vars) = @_; > > my $env = $self->provision_fl2008r2dc($path); > >@@ -2578,7 +2578,58 @@ sub setup_fl2008r2dc > return undef; > } > >- return $self->setup_trust($env, $ad_dc_vars, "forest", ""); >+ $env = $self->setup_trust($env, $ad_dc_vars, "forest", ""); >+ if (!defined $env) { >+ return undef; >+ } >+ >+ my $net = Samba::bindir_path($self, "net"); >+ my $smbcontrol = Samba::bindir_path($self, "smbcontrol"); >+ >+ my $trustpw = "TrUsTpW"; >+ $trustpw .= "$env->{SOCKET_WRAPPER_DEFAULT_IFACE}"; >+ $trustpw .= "$nt4_dc_vars->{SOCKET_WRAPPER_DEFAULT_IFACE}"; >+ >+ my $cmd = ""; >+ $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; >+ $cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$env->{SELFTEST_WINBINDD_SOCKET_DIR}\" "; >+ $cmd .= "$net rpc trust create "; >+ $cmd .= "otherdomainsid=$nt4_dc_vars->{SAMSID} "; >+ $cmd .= "otherdomain=$nt4_dc_vars->{DOMAIN} "; >+ $cmd .= "other_netbios_domain=$nt4_dc_vars->{DOMAIN} "; >+ $cmd .= "trustpw=$trustpw "; >+ $cmd .= "$env->{CONFIGURATION} "; >+ $cmd .= "-U $env->{DOMAIN}/$env->{USERNAME}\%$env->{PASSWORD} "; >+ >+ if (system($cmd) != 0) { >+ warn("net rpc trust create failed\n$cmd"); >+ return undef; >+ } >+ >+ $cmd = ""; >+ $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$nt4_dc_vars->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; >+ $cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$nt4_dc_vars->{SELFTEST_WINBINDD_SOCKET_DIR}\" "; >+ $cmd .= "$net rpc trustdom establish $env->{DOMAIN} -U/%$trustpw $nt4_dc_vars->{CONFIGURATION}"; >+ >+ if (system($cmd) != 0) { >+ warn("add failed\n$cmd"); >+ return undef; >+ } >+ >+ # Reload trusts >+ $cmd = "$smbcontrol winbindd reload-config $nt4_dc_vars->{CONFIGURATION}"; >+ >+ if (system($cmd) != 0) { >+ warn("add failed\n$cmd"); >+ return undef; >+ } >+ >+ $env->{NT4_TRUST_SERVER} = $nt4_dc_vars->{SERVER}; >+ $env->{NT4_TRUST_SERVER_IP} = $nt4_dc_vars->{SERVER_IP}; >+ $env->{NT4_TRUST_DOMAIN} = $nt4_dc_vars->{DOMAIN}; >+ $env->{NT4_TRUST_DOMSID} = $nt4_dc_vars->{DOMSID}; >+ >+ return $env; > } > > sub setup_vampire_dc >-- >2.43.0 > > >From bd5609187f513cd486ca720311ae0fed66ce4d94 Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Wed, 10 Jan 2024 14:50:05 +0100 >Subject: [PATCH 13/16] selftest: add a test for NT4 trusts > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(backported from commit 3a95e135472a495a90637e5dc0f9e3c8de052ff9) >[slow@samba.org: changed context] >--- > source3/script/tests/test_nt4_trust.sh | 31 ++++++++++++++++++++++++++ > source3/selftest/tests.py | 4 ++++ > 2 files changed, 35 insertions(+) > create mode 100755 source3/script/tests/test_nt4_trust.sh > >diff --git a/source3/script/tests/test_nt4_trust.sh b/source3/script/tests/test_nt4_trust.sh >new file mode 100755 >index 000000000000..b3d6ca60dc75 >--- /dev/null >+++ b/source3/script/tests/test_nt4_trust.sh >@@ -0,0 +1,31 @@ >+#!/bin/sh >+ >+incdir=$(dirname $0)/../../../testprogs/blackbox >+. $incdir/subunit.sh >+. $incdir/common_test_fns.inc >+ >+failed=0 >+ >+wbinfo="$BINDIR/wbinfo" >+smbclient="$BINDIR/smbclient" >+ >+test_trust_wbinfo_m() { >+ i=0 >+ # Give the server some time to list trusted domains >+ while [ $i -lt 10 ] ; do >+ $wbinfo -m | grep SAMBA-TEST && return 0 >+ sleep 2 >+ i=$((i + 1)) >+ done >+ return 1 >+} >+ >+test_trust_smbclient() { >+ $smbclient //$NT4_TRUST_SERVER_IP/tmp -U "$DOMAIN/$DOMAIN_USER%$DOMAIN_USER_PASSWORD" -c quit || return 1 >+ return 0 >+} >+ >+testit "nt4trust_wbinfo_m" test_trust_wbinfo_m || failed=$(expr $failed + 1) >+testit "nt4trust_smbclient" test_trust_smbclient || failed=$(expr $failed + 1) >+ >+testok $0 $failed >diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py >index 72828c73f143..656f6ea7da10 100755 >--- a/source3/selftest/tests.py >+++ b/source3/selftest/tests.py >@@ -1798,6 +1798,10 @@ plantestsuite("samba3.blackbox.force-user-unlink", > [os.path.join(samba3srcdir, > "script/tests/test_force_user_unlink.sh")]) > >+plantestsuite("samba3.blackbox.nt4_trusts", >+ "fl2008r2dc", >+ [os.path.join(samba3srcdir, "script/tests/test_nt4_trust.sh")]) >+ > def planclusteredmembertestsuite(tname, prefix): > '''Define a clustered test for the clusteredmember environment''' > >-- >2.43.0 > > >From def90d39ae0973c6e8ee0f0e738547cbae7c46a4 Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Thu, 18 Jan 2024 19:12:34 +0100 >Subject: [PATCH 14/16] s4/rpc_server: return NULL dns_name for NT4 trusts > >That's what Windows returns for an NT4 trust: > > array: struct netr_DomainTrust > netbios_name : * > netbios_name : 'NT4TRUST' > dns_name : NULL > trust_flags : 0x00000020 (32) > 0: NETR_TRUST_FLAG_IN_FOREST > 0: NETR_TRUST_FLAG_OUTBOUND > 0: NETR_TRUST_FLAG_TREEROOT > 0: NETR_TRUST_FLAG_PRIMARY > 0: NETR_TRUST_FLAG_NATIVE > 1: NETR_TRUST_FLAG_INBOUND > 0: NETR_TRUST_FLAG_MIT_KRB5 > 0: NETR_TRUST_FLAG_AES > parent_index : 0x00000000 (0) > trust_type : LSA_TRUST_TYPE_DOWNLEVEL (1) > trust_attributes : 0x00000000 (0) > 0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE > 0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY > 0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN > 0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE > 0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION > 0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST > 0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL > 0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION > 0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION > 0: LSA_TRUST_ATTRIBUTE_PIM_TRUST > 0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION > sid : * > sid : S-1-5-21-4267984555-3675415144-1682400025 > guid : 00000000-0000-0000-0000-000000000000 > >Even though when creating the trust the DNS name must not be NULL and the >trustPartner and name attributes are set to the flatName in the trustedDomain >object: > > dn: CN=NT4TRUST,CN=System,DC=wdom2,DC=site > objectClass: top > objectClass: leaf > objectClass: trustedDomain > cn: NT4TRUST > distinguishedName: CN=NT4TRUST,CN=System,DC=wdom2,DC=site > instanceType: 4 > whenCreated: 20240118175040.0Z > whenChanged: 20240118175040.0Z > uSNCreated: 4939915 > uSNChanged: 4939916 > showInAdvancedViewOnly: TRUE > name: NT4TRUST > objectGUID: c2273b74-19ff-4f5a-b528-9e5ae21960dd > securityIdentifier: S-1-5-21-4267984555-3675415144-1682400025 > trustDirection: 1 > trustPartner: NT4TRUST > trustPosixOffset: 0 > trustType: 1 > trustAttributes: 0 > flatName: NT4TRUST > objectCategory: CN=Trusted-Domain,CN=Schema,CN=Configuration,DC=wdom2,DC=site > isCriticalSystemObject: TRUE > dSCorePropagationData: 16010101000000.0Z > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 53ca19851dbfc3cab7345424c029a7c90745e24a) >--- > source4/rpc_server/netlogon/dcerpc_netlogon.c | 12 ++++++++++-- > 1 file changed, 10 insertions(+), 2 deletions(-) > >diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c >index 3f312f1549f2..04fcbf0ff9ee 100644 >--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c >+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c >@@ -3952,8 +3952,6 @@ static WERROR fill_trusted_domains_array(TALLOC_CTX *mem_ctx, > ldb_dn_get_linearized(dom_res[i]->dn))); > } > >- trusts->array[n].dns_name = talloc_steal(trusts->array, ldb_msg_find_attr_as_string(dom_res[i], "trustPartner", NULL)); >- > trusts->array[n].trust_flags = flags; > if ((trust_flags & NETR_TRUST_FLAG_IN_FOREST) && > !(flags & NETR_TRUST_FLAG_TREEROOT)) { >@@ -3968,6 +3966,16 @@ static WERROR fill_trusted_domains_array(TALLOC_CTX *mem_ctx, > ldb_msg_find_attr_as_uint(dom_res[i], > "trustAttributes", 0); > >+ if (trusts->array[n].trust_type != LSA_TRUST_TYPE_DOWNLEVEL) { >+ trusts->array[n].dns_name = talloc_steal( >+ trusts->array, >+ ldb_msg_find_attr_as_string(dom_res[i], >+ "trustPartner", >+ NULL)); >+ } else { >+ trusts->array[n].dns_name = NULL; >+ } >+ > if ((trusts->array[n].trust_type == LSA_TRUST_TYPE_MIT) || > (trusts->array[n].trust_type == LSA_TRUST_TYPE_DCE)) { > struct dom_sid zero_sid; >-- >2.43.0 > > >From e148da5007c40130c3572a5f0f50baa2d7aca551 Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Thu, 18 Jan 2024 17:42:33 +0100 >Subject: [PATCH 15/16] selftest: test listing trusted domains that includes an > NT4 domain > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 000bbede59e4ca78427fa57b56fa251d4d779adb) >--- > .../samba3.blackbox.list_nt4_trusts | 1 + > selftest/target/Samba3.pm | 1 + > source3/script/tests/test_list_nt4_trust.sh | 25 +++++++++++++++++++ > source3/selftest/tests.py | 4 +++ > 4 files changed, 31 insertions(+) > create mode 100644 selftest/knownfail.d/samba3.blackbox.list_nt4_trusts > create mode 100755 source3/script/tests/test_list_nt4_trust.sh > >diff --git a/selftest/knownfail.d/samba3.blackbox.list_nt4_trusts b/selftest/knownfail.d/samba3.blackbox.list_nt4_trusts >new file mode 100644 >index 000000000000..546e087b250d >--- /dev/null >+++ b/selftest/knownfail.d/samba3.blackbox.list_nt4_trusts >@@ -0,0 +1 @@ >+^samba3.blackbox.list_nt4_trusts.nt4trust_wbinfo_m\(ad_member_idmap_ad\) >diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm >index dec6ba7b7f73..e1eceb5bcf74 100755 >--- a/selftest/target/Samba3.pm >+++ b/selftest/target/Samba3.pm >@@ -1413,6 +1413,7 @@ sub setup_ad_member_idmap_ad > idmap config $dcvars->{TRUST_DOMAIN} : backend = ad > idmap config $dcvars->{TRUST_DOMAIN} : range = 2000000-2999999 > gensec_gssapi:requested_life_time = 5 >+ winbind scan trusted domains = yes > "; > > my $ret = $self->provision( >diff --git a/source3/script/tests/test_list_nt4_trust.sh b/source3/script/tests/test_list_nt4_trust.sh >new file mode 100755 >index 000000000000..03ee7fc7063a >--- /dev/null >+++ b/source3/script/tests/test_list_nt4_trust.sh >@@ -0,0 +1,25 @@ >+#!/bin/sh >+ >+incdir=$(dirname $0)/../../../testprogs/blackbox >+. $incdir/subunit.sh >+. $incdir/common_test_fns.inc >+ >+failed=0 >+ >+wbinfo="$BINDIR/wbinfo" >+smbclient="$BINDIR/smbclient" >+ >+test_trust_wbinfo_m() { >+ i=0 >+ # Give the server some time to list trusted domains >+ while [ $i -lt 10 ] ; do >+ $wbinfo -m --verbose | grep "SAMBA-TEST" && return 0 >+ sleep 2 >+ i=$((i + 1)) >+ done >+ return 1 >+} >+ >+testit "nt4trust_wbinfo_m" test_trust_wbinfo_m || failed=$(expr $failed + 1) >+ >+testok $0 $failed >diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py >index 656f6ea7da10..476d881f6a85 100755 >--- a/source3/selftest/tests.py >+++ b/source3/selftest/tests.py >@@ -1802,6 +1802,10 @@ plantestsuite("samba3.blackbox.nt4_trusts", > "fl2008r2dc", > [os.path.join(samba3srcdir, "script/tests/test_nt4_trust.sh")]) > >+plantestsuite("samba3.blackbox.list_nt4_trusts", >+ "ad_member_idmap_ad", >+ [os.path.join(samba3srcdir, "script/tests/test_list_nt4_trust.sh")]) >+ > def planclusteredmembertestsuite(tname, prefix): > '''Define a clustered test for the clusteredmember environment''' > >-- >2.43.0 > > >From e2df2f4763fb610bcd95f306b175b823561f8c2e Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Sat, 13 Jan 2024 11:40:55 +0100 >Subject: [PATCH 16/16] winbindd: fix listing trusted domains with NT trusts > >Commit e07f8901ec95aab8c36965000de185d99e642644 broke handling of NT4 domains >which lack a DNS domain names. As the dns_name is NULL, talloc_steal(dns_name) >returns NULL, which causes _wbint_ListTrustedDomains to return >NT_STATUS_NO_MEMORY. > >To make things worse, at that point the new struct netr_DomainTrust is not yet >initialized correctly and the "out->count = n + 1" already increased the array >counter at the start of the loop without initializing it. > >Later when NDR-pushing the result in dcesrv_call_dispatch_local(), the ndr_push() can >crash when accesssing the ununitialized values: > >2023-12-08T14:07:42.759691+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: =============================================================== >2023-12-08T14:07:42.759702+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: INTERNAL ERROR: Signal 11: Segmentation fault in winbindd (wb[ADDOMAIN]) (domain child [ADDOMAIN]) pid 157227 (4.20.0pre1-DEVELOPERBUILD) >2023-12-08T14:07:42.759712+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting >2023-12-08T14:07:42.759723+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: =============================================================== >2023-12-08T14:07:42.759730+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: PANIC (pid 157227): Signal 11: Segmentation fault in 4.20.0pre1-DEVELOPERBUILD >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: BACKTRACE: 36 stack frames: >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #0 bin/shared/private/libgenrand-samba4.so(log_stack_trace+0x1f) [0x7f1396acd441] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #1 bin/shared/private/libgenrand-samba4.so(smb_panic_log+0x20f) [0x7f1396acd3d5] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #2 bin/shared/private/libgenrand-samba4.so(smb_panic+0x18) [0x7f1396acd3f0] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #3 bin/shared/private/libgenrand-samba4.so(+0x2eb5) [0x7f1396acceb5] >92023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #4 bin/shared/private/libgenrand-samba4.so(+0x2eca) [0x7f1396acceca] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #5 /lib64/libc.so.6(+0x3dbb0) [0x7f139687abb0] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #6 bin/shared/private/libsamba-security-samba4.so(ndr_push_dom_sid2+0x2a) [0x7f13977e5437] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #7 bin/shared/libndr-standard.so.0(ndr_push_netr_DomainTrust+0x4ad) [0x7f1396deb64c] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #8 bin/shared/libndr-standard.so.0(ndr_push_netr_DomainTrustList+0x204) [0x7f1396dec7a9] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #9 bin/shared/private/libndr-samba4.so(+0x239bf9) [0x7f1397639bf9] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #10 winbindd: domain child [ADDOMAIN](winbind__op_ndr_push+0x5a) [0x55741e6857a8] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #11 bin/shared/libdcerpc-server-core.so.0(dcesrv_call_dispatch_local+0x49b) [0x7f1397be6219] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #12 winbindd: domain child [ADDOMAIN](winbindd_dual_ndrcmd+0x375) [0x55741e67a204] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #13 winbindd: domain child [ADDOMAIN](+0x9cf0d) [0x55741e674f0d] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #14 winbindd: domain child [ADDOMAIN](+0x9f792) [0x55741e677792] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #15 bin/shared/private/libtevent-samba4.so(tevent_common_invoke_fd_handler+0x121) [0x7f139802f816] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #16 bin/shared/private/libtevent-samba4.so(+0x19cef) [0x7f139803bcef] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #17 bin/shared/private/libtevent-samba4.so(+0x1a3dc) [0x7f139803c3dc] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #18 bin/shared/private/libtevent-samba4.so(+0x15b52) [0x7f1398037b52] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #19 bin/shared/private/libtevent-samba4.so(_tevent_loop_once+0x113) [0x7f139802e1db] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #20 winbindd: domain child [ADDOMAIN](+0xa03ca) [0x55741e6783ca] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #21 winbindd: domain child [ADDOMAIN](+0x9ba9c) [0x55741e673a9c] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #22 bin/shared/private/libtevent-samba4.so(_tevent_req_notify_callback+0xba) [0x7f139803194a] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #23 bin/shared/private/libtevent-samba4.so(+0xfadb) [0x7f1398031adb] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #24 bin/shared/private/libtevent-samba4.so(_tevent_req_done+0x25) [0x7f1398031b07] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #25 bin/shared/private/libtevent-samba4.so(+0xf125) [0x7f1398031125] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #26 bin/shared/private/libtevent-samba4.so(+0xe9cf) [0x7f13980309cf] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #27 bin/shared/private/libtevent-samba4.so(tevent_common_invoke_immediate_handler+0x207) [0x7f1398030343] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #28 bin/shared/private/libtevent-samba4.so(tevent_common_loop_immediate+0x37) [0x7f13980304b5] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #29 bin/shared/private/libtevent-samba4.so(+0x1a332) [0x7f139803c332] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #30 bin/shared/private/libtevent-samba4.so(+0x15b52) [0x7f1398037b52] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #31 bin/shared/private/libtevent-samba4.so(_tevent_loop_once+0x113) [0x7f139802e1db] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #32 winbindd: domain child [ADDOMAIN](main+0x1689) [0x55741e6b210a] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #33 /lib64/libc.so.6(+0x27b8a) [0x7f1396864b8a] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #34 /lib64/libc.so.6(__libc_start_main+0x8b) [0x7f1396864c4b] >2023-12-08T14:07:42.760443+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: #35 winbindd: domain child [ADDOMAIN](_start+0x25) [0x55741e63a045] >2023-12-08T14:07:42.760685+00:00 localadmember.addom.samba.example.com log.winbindd[157227]: smb_panic(): calling panic action [cd /data/git/samba/scratch3 && /data/git/samba/scratch3/selftest/gdb_backtrace 157227 ./bin/winbindd] > >Deferring assignment of r->out.domains->array and r->out.domains->count to the >end of the function ensures we don't return inconsistent state in case of an >error. > >Also, r->out.domains is already set by the NDR layer, no need to create and >assign a struct netr_DomainTrustList object. > >Using talloc_move() ensures we don't leave dangling pointers. Better to crash >reliably on accessing NULL, then accessing some unknown memory via a wild >pointer. As talloc_move() can't fail, there's no need to check the return value. > >And using a struct initializer ensures all members are properly initialized. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> > >Autobuild-User(master): Stefan Metzmacher <metze@samba.org> >Autobuild-Date(master): Sat Jan 20 14:23:51 UTC 2024 on atb-devel-224 > >(cherry picked from commit 201edcb5c6138488959e54e7df88007d010f1cfb) >--- > .../samba3.blackbox.list_nt4_trusts | 1 - > source3/winbindd/winbindd_dual_srv.c | 58 ++++++++----------- > 2 files changed, 25 insertions(+), 34 deletions(-) > delete mode 100644 selftest/knownfail.d/samba3.blackbox.list_nt4_trusts > >diff --git a/selftest/knownfail.d/samba3.blackbox.list_nt4_trusts b/selftest/knownfail.d/samba3.blackbox.list_nt4_trusts >deleted file mode 100644 >index 546e087b250d..000000000000 >--- a/selftest/knownfail.d/samba3.blackbox.list_nt4_trusts >+++ /dev/null >@@ -1 +0,0 @@ >-^samba3.blackbox.list_nt4_trusts.nt4trust_wbinfo_m\(ad_member_idmap_ad\) >diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c >index aaa78a9cb6e6..d80886e127d8 100644 >--- a/source3/winbindd/winbindd_dual_srv.c >+++ b/source3/winbindd/winbindd_dual_srv.c >@@ -2011,10 +2011,11 @@ NTSTATUS _wbint_ListTrustedDomains(struct pipes_struct *p, > struct wbint_ListTrustedDomains *r) > { > struct winbindd_domain *domain = wb_child_domain(); >- uint32_t i, n; >+ uint32_t i; > NTSTATUS result; > struct netr_DomainTrustList trusts; >- struct netr_DomainTrustList *out = NULL; >+ uint32_t count = 0; >+ struct netr_DomainTrust *array = NULL; > pid_t client_pid; > > if (domain == NULL) { >@@ -2038,53 +2039,44 @@ NTSTATUS _wbint_ListTrustedDomains(struct pipes_struct *p, > return result; > } > >- out = talloc_zero(p->mem_ctx, struct netr_DomainTrustList); >- if (out == NULL) { >- return NT_STATUS_NO_MEMORY; >- } >- >- r->out.domains = out; >- > for (i=0; i<trusts.count; i++) { >- if (trusts.array[i].sid == NULL) { >+ struct netr_DomainTrust *st = &trusts.array[i]; >+ struct netr_DomainTrust *dt = NULL; >+ >+ if (st->sid == NULL) { > continue; > } >- if (dom_sid_equal(trusts.array[i].sid, &global_sid_NULL)) { >+ if (dom_sid_equal(st->sid, &global_sid_NULL)) { > continue; > } > >- n = out->count; >- out->array = talloc_realloc(out, out->array, >- struct netr_DomainTrust, >- n + 1); >- if (out->array == NULL) { >+ array = talloc_realloc(r->out.domains, array, >+ struct netr_DomainTrust, >+ count + 1); >+ if (array == NULL) { > return NT_STATUS_NO_MEMORY; > } >- out->count = n + 1; > >- out->array[n].netbios_name = talloc_steal( >- out->array, trusts.array[i].netbios_name); >- if (out->array[n].netbios_name == NULL) { >- return NT_STATUS_NO_MEMORY; >- } >+ dt = &array[count]; > >- out->array[n].dns_name = talloc_steal( >- out->array, trusts.array[i].dns_name); >- if (out->array[n].dns_name == NULL) { >- return NT_STATUS_NO_MEMORY; >- } >+ *dt = (struct netr_DomainTrust) { >+ .trust_flags = st->trust_flags, >+ .trust_type = st->trust_type, >+ .trust_attributes = st->trust_attributes, >+ .netbios_name = talloc_move(array, &st->netbios_name), >+ .dns_name = talloc_move(array, &st->dns_name), >+ }; > >- out->array[n].sid = dom_sid_dup(out->array, >- trusts.array[i].sid); >- if (out->array[n].sid == NULL) { >+ dt->sid = dom_sid_dup(array, st->sid); >+ if (dt->sid == NULL) { > return NT_STATUS_NO_MEMORY; > } > >- out->array[n].trust_flags = trusts.array[i].trust_flags; >- out->array[n].trust_type = trusts.array[i].trust_type; >- out->array[n].trust_attributes = trusts.array[i].trust_attributes; >+ count++; > } > >+ r->out.domains->array = array; >+ r->out.domains->count = count; > return NT_STATUS_OK; > } > >-- >2.43.0 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
slow
:
review?
(
metze
)
Actions:
View
Attachments on
bug 15533
:
18231
| 18232