Compare commits
221 Commits
Author | SHA1 | Date |
---|---|---|
Andreas Schneider | 42e489e3b5 | |
Günther Deschner | 39f5652863 | |
Andreas Schneider | 438d84812e | |
Pavel Filipenský | 299323d641 | |
Andreas Schneider | 09b9bd7d72 | |
Andreas Schneider | 3f44a1d65c | |
Andreas Schneider | 823f4aaeb6 | |
Pavel Filipenský | 63931382e3 | |
Pavel Filipenský | 306ca4dd30 | |
Günther Deschner | 0ea99a3fc7 | |
Andreas Schneider | 54b4a4bb2b | |
Andreas Schneider | 0bcbb3c8e5 | |
Andreas Schneider | a7b63dff56 | |
Andreas Schneider | 2f030add8d | |
Andreas Schneider | 60713c3d38 | |
Pavel Filipenský | f57b4c25bd | |
Pavel Filipenský | f7094aca2e | |
Florian Weimer | bad5261747 | |
Florian Weimer | 5abeded564 | |
Pavel Filipenský | 8fdf7b3aef | |
Pavel Filipenský | f56b60cdb6 | |
Pavel Filipenský | f40435c960 | |
Günther Deschner | a96084a42d | |
Günther Deschner | b153e7b803 | |
Günther Deschner | c86f1a337e | |
Andreas Schneider | 690c51a74b | |
Andreas Schneider | 50546ea326 | |
Andreas Schneider | 11a3749088 | |
Pavel Filipenský | f969f3cc48 | |
Andreas Schneider | 17b8b1136f | |
Troy Dawson | cc6579cd6a | |
Anoop C S | 6972b697e0 | |
Andreas Schneider | 2085a17eb1 | |
Andreas Schneider | 9f5b114c77 | |
Andreas Schneider | 6efa166ea2 | |
Günther Deschner | a65fc8509e | |
Günther Deschner | 3ef6786900 | |
Adam Williamson | b7e914c6ce | |
Andreas Schneider | e289fdb0c9 | |
Andreas Schneider | 7bc49ae772 | |
Andreas Schneider | a762660a51 | |
Pavel Filipenský | 1f9d145336 | |
Kalev Lember | ffcfd9ef88 | |
Günther Deschner | 9f943749c7 | |
Andreas Schneider | 9c22397379 | |
Andreas Schneider | ce3b414c6d | |
Günther Deschner | 8380904ad8 | |
František Zatloukal | a74bd638b7 | |
Günther Deschner | b41f002876 | |
Fedora Release Engineering | 8939f84a48 | |
Andreas Schneider | 9a15eb02f2 | |
Andreas Schneider | 33e4d19298 | |
Python Maint | 58b6aadb0f | |
Günther Deschner | 85e1d4b7c6 | |
Andreas Schneider | dfb88d92d4 | |
Andreas Schneider | ae63a4dca1 | |
Jitka Plesnikova | 035f4717dd | |
Pavel Filipenský | 8ccc18dc13 | |
Pavel Filipenský | 1d4eb827d1 | |
Pavel Filipenský | 737293fe2b | |
Pavel Filipenský | 0b31575a45 | |
Pavel Filipenský | 1fa286fd00 | |
Andreas Schneider | 331fe971e6 | |
Tomas Popela | bec19658c4 | |
Pavel Filipenský | 93ea8c0806 | |
Pavel Filipenský | 766f1be02d | |
Andreas Schneider | 5533ff7a7c | |
Sandro Mani | 92f6ae3986 | |
Günther Deschner | d6e74e716f | |
Günther Deschner | da81e5cf5b | |
Pavel Filipenský | 48556cdf37 | |
Andreas Schneider | 0d2a366cce | |
Pavel Filipenský | 08f90048f5 | |
Günther Deschner | 626bbcbaac | |
Pavel Filipenský | 4ee87cc214 | |
Pavel Filipenský | fae36af2f3 | |
Pavel Filipenský | b935fbcb7d | |
Pavel Filipenský | c8ac21e6f1 | |
Pavel Filipenský | c1f9bec1db | |
Pavel Filipenský | 6da37eb4ca | |
Andreas Schneider | 13dfbb0767 | |
Pavel Filipenský | 8a81633e9a | |
Andreas Schneider | 3314e8e15a | |
Pavel Filipenský | 6bc60bb396 | |
Andreas Schneider | a4093f41f0 | |
Andreas Schneider | 73757dc8a3 | |
Andreas Schneider | 6f2c200320 | |
Günther Deschner | 2ee30bad8f | |
Günther Deschner | 2eedc4de19 | |
Günther Deschner | af2d47413b | |
Günther Deschner | f0333fc6d6 | |
Günther Deschner | 56ca6af06a | |
Günther Deschner | 3c2c163325 | |
Günther Deschner | 331ea7c567 | |
Günther Deschner | bc51ea8a5e | |
Günther Deschner | 2efb445c94 | |
Günther Deschner | c6ac21963a | |
Günther Deschner | 29bd82541a | |
Andreas Schneider | eae8b04784 | |
Andreas Schneider | a7a77b0af0 | |
Günther Deschner | 0a04de2534 | |
Günther Deschner | a184099345 | |
Günther Deschner | fe6291ff86 | |
Anoop C S | 6410d154eb | |
Anoop C S | cffce0ef3e | |
Adam Williamson | 376ef2f0e0 | |
Andreas Schneider | 713db3d972 | |
Anoop C S | 68140d413f | |
Andreas Schneider | 47c27ed2c1 | |
Andreas Schneider | b904ff11a5 | |
Andreas Schneider | 58450895a0 | |
Anoop C S | db523c32da | |
Anoop C S | cc8c80c04b | |
Günther Deschner | 03a37fd80f | |
Fedora Release Engineering | 0f02de3867 | |
Günther Deschner | ab92045b9b | |
Günther Deschner | c7152a7598 | |
Günther Deschner | 30df8220b4 | |
Günther Deschner | 8e500051bc | |
Günther Deschner | dc0913c8f2 | |
Günther Deschner | 15c3d6dc9d | |
Günther Deschner | 869e9c50a6 | |
Günther Deschner | daabe96f8e | |
Andreas Schneider | 5e4f3ca118 | |
Andreas Schneider | b0ce351e1d | |
Andreas Schneider | 7be6ccad7b | |
Andreas Schneider | e17d2fbe11 | |
Andreas Schneider | e37c5c8b5b | |
Python Maint | 4e6773440b | |
Günther Deschner | a42aaa69c3 | |
Andreas Schneider | 2f7e875944 | |
Jitka Plesnikova | d08addb413 | |
Pete Walter | eb93f258dc | |
Pete Walter | 249389209b | |
Pete Walter | aa94f9dec1 | |
Andreas Schneider | 4e19062fc1 | |
Andreas Schneider | 06f8e7b2d9 | |
Andreas Schneider | f08374c6d4 | |
Andreas Schneider | b69385bc2d | |
Andreas Schneider | 554a3330e3 | |
Andreas Schneider | 3356311a17 | |
Andreas Schneider | d3d2a031b7 | |
Andreas Schneider | 8fae59d7cc | |
Andreas Schneider | 7f443ad2e8 | |
Andreas Schneider | 0f1369ca59 | |
Andreas Schneider | 9d2d741749 | |
Andreas Schneider | f6040f38cd | |
Andreas Schneider | d47396691c | |
Günther Deschner | 7f81bed73e | |
Anoop C S | 1520f9620f | |
Andreas Schneider | b88dfc7eaa | |
Andreas Schneider | 4249254548 | |
Günther Deschner | fba068844e | |
Andreas Schneider | 3627144822 | |
Andreas Schneider | 2ae69028bf | |
Andreas Schneider | 4651019383 | |
Richard W.M. Jones | e68a8ba5b9 | |
Alexander Bokovoy | d08e5bf692 | |
Günther Deschner | b05e4ed148 | |
Günther Deschner | e5dda56658 | |
Günther Deschner | f931b17773 | |
Zbigniew Jędrzejewski-Szmek | 18faec13bc | |
Günther Deschner | 45765aba68 | |
Günther Deschner | 83436d8564 | |
Andreas Schneider | 6cddc6448b | |
Andreas Schneider | 8f1e592d6a | |
Günther Deschner | e267c837dc | |
Andreas Schneider | 5e5dc1ede5 | |
Günther Deschner | 95450ee5f8 | |
Günther Deschner | 12217d454e | |
Alexander Bokovoy | 254400b459 | |
Tom Stellard | 8fff4f7c11 | |
Günther Deschner | ee8f8c2cd1 | |
Alexander Bokovoy | 0526d5b25f | |
Alexander Bokovoy | bcc551eafa | |
Alexander Bokovoy | 1d03aa069e | |
Alexander Bokovoy | 13eed773b0 | |
Andreas Schneider | 061477b3e7 | |
Andreas Schneider | 772e0d9aa6 | |
Andreas Schneider | 0867e962ba | |
Andreas Schneider | f88d234f14 | |
Andreas Schneider | 8316f0ac99 | |
Andreas Schneider | 0d567d3ab9 | |
Andreas Schneider | a324d7bf6f | |
Andreas Schneider | f3b2e2942f | |
Günther Deschner | c6b149506e | |
Günther Deschner | 19efd0180f | |
Günther Deschner | 5f0457d042 | |
Günther Deschner | b44802fb9c | |
Andreas Schneider | efa876d95a | |
Andreas Schneider | 04e828d22a | |
Andreas Schneider | 586addaaf8 | |
Andreas Schneider | 5856c50271 | |
Andreas Schneider | 36b4604ec1 | |
Andreas Schneider | f6c5528ad0 | |
Andreas Schneider | b1b788374b | |
Andreas Schneider | 7feea33409 | |
Andreas Schneider | a72748f232 | |
Andreas Schneider | f172c59a67 | |
Andreas Schneider | a04dd9958d | |
Andreas Schneider | cab0cecf58 | |
Andreas Schneider | 89d751d1bf | |
Andreas Schneider | 0ac733db9b | |
Andreas Schneider | a31119d9e4 | |
Alexander Bokovoy | 92693f66e9 | |
Alexander Bokovoy | 1e29c417eb | |
Isaac Boukris | a172510646 | |
Günther Deschner | b62fe79160 | |
Günther Deschner | c0da1c5303 | |
Günther Deschner | 0a5021c37e | |
Günther Deschner | 2804f931d0 | |
Günther Deschner | a2f88f217f | |
Neal Gompa | 41ab0cd76d | |
Günther Deschner | 692491a456 | |
Günther Deschner | a31354402a | |
Anoop C S | 57015c72af | |
Günther Deschner | 3f3c9ecde9 | |
Andreas Schneider | 67ed8f8f78 | |
Fedora Release Engineering | 0e393ad6d6 | |
Andreas Schneider | a000c31c78 | |
Tom Stellard | 2659a5f9b5 |
|
@ -211,3 +211,113 @@ samba-3.6.0pre1.tar.gz
|
|||
/samba-4.12.5.tar.asc
|
||||
/samba-4.13.0rc1.tar.xz
|
||||
/samba-4.13.0rc1.tar.asc
|
||||
/samba-4.13.0rc2.tar.xz
|
||||
/samba-4.13.0rc2.tar.asc
|
||||
/samba-4.13.0rc3.tar.xz
|
||||
/samba-4.13.0rc3.tar.asc
|
||||
/samba-4.13.0rc4.tar.xz
|
||||
/samba-4.13.0rc4.tar.asc
|
||||
/samba-4.13.0rc5.tar.xz
|
||||
/samba-4.13.0rc5.tar.asc
|
||||
/samba-4.13.0rc6.tar.xz
|
||||
/samba-4.13.0rc6.tar.asc
|
||||
/samba-4.13.0.tar.xz
|
||||
/samba-4.13.0.tar.asc
|
||||
/samba-4.13.1.tar.xz
|
||||
/samba-4.13.1.tar.asc
|
||||
/samba-4.13.2.tar.xz
|
||||
/samba-4.13.2.tar.asc
|
||||
/samba-4.13.3.tar.xz
|
||||
/samba-4.13.3.tar.asc
|
||||
/samba-4.13.4.tar.xz
|
||||
/samba-4.13.4.tar.asc
|
||||
/samba-4.14.0rc1.tar.xz
|
||||
/samba-4.14.0rc1.tar.asc
|
||||
/samba-4.14.0rc2.tar.xz
|
||||
/samba-4.14.0rc2.tar.asc
|
||||
/samba-4.14.0rc3.tar.xz
|
||||
/samba-4.14.0rc3.tar.asc
|
||||
/samba-4.14.0rc4.tar.xz
|
||||
/samba-4.14.0rc4.tar.asc
|
||||
/samba-4.14.0.tar.xz
|
||||
/samba-4.14.0.tar.asc
|
||||
/samba-4.14.1.tar.xz
|
||||
/samba-4.14.1.tar.asc
|
||||
/samba-4.14.2.tar.xz
|
||||
/samba-4.14.2.tar.asc
|
||||
/samba-4.14.3.tar.xz
|
||||
/samba-4.14.3.tar.asc
|
||||
/samba-4.14.4.tar.xz
|
||||
/samba-4.14.4.tar.asc
|
||||
/samba-4.14.5.tar.xz
|
||||
/samba-4.14.5.tar.asc
|
||||
/samba-4.14.6.tar.xz
|
||||
/samba-4.14.6.tar.asc
|
||||
/samba-4.15.0rc1.tar.xz
|
||||
/samba-4.15.0rc1.tar.asc
|
||||
/samba-4.15.0rc2.tar.xz
|
||||
/samba-4.15.0rc2.tar.asc
|
||||
/samba-4.15.0rc3.tar.xz
|
||||
/samba-4.15.0rc3.tar.asc
|
||||
/samba-4.15.0rc4.tar.xz
|
||||
/samba-4.15.0rc4.tar.asc
|
||||
/samba-4.15.0rc5.tar.xz
|
||||
/samba-4.15.0rc5.tar.asc
|
||||
/samba-4.15.0rc6.tar.xz
|
||||
/samba-4.15.0rc6.tar.asc
|
||||
/samba-4.15.0rc7.tar.xz
|
||||
/samba-4.15.0rc7.tar.asc
|
||||
/samba-4.15.0.tar.xz
|
||||
/samba-4.15.0.tar.asc
|
||||
/samba-4.15.1.tar.xz
|
||||
/samba-4.15.1.tar.asc
|
||||
/samba-4.15.2.tar.xz
|
||||
/samba-4.15.2.tar.asc
|
||||
/samba-4.15.3.tar.xz
|
||||
/samba-4.15.3.tar.asc
|
||||
/samba-4.15.4.tar.xz
|
||||
/samba-4.15.4.tar.asc
|
||||
/samba-4.16.0rc1.tar.xz
|
||||
/samba-4.16.0rc1.tar.asc
|
||||
/samba-4.16.0rc2.tar.xz
|
||||
/samba-4.16.0rc2.tar.asc
|
||||
/samba-4.16.0rc3.tar.xz
|
||||
/samba-4.16.0rc3.tar.asc
|
||||
/samba-4.16.0rc4.tar.xz
|
||||
/samba-4.16.0rc4.tar.asc
|
||||
/samba-4.16.0rc5.tar.xz
|
||||
/samba-4.16.0rc5.tar.asc
|
||||
/samba-4.16.0.tar.xz
|
||||
/samba-4.16.0.tar.asc
|
||||
/samba-4.16.1.tar.xz
|
||||
/samba-4.16.1.tar.asc
|
||||
/samba-4.16.2.tar.xz
|
||||
/samba-4.16.2.tar.asc
|
||||
/samba-4.16.3.tar.xz
|
||||
/samba-4.16.3.tar.asc
|
||||
/samba-4.16.4.tar.xz
|
||||
/samba-4.16.4.tar.asc
|
||||
/samba-4.17.0rc1.tar.xz
|
||||
/samba-4.17.0rc1.tar.asc
|
||||
/samba-4.17.0rc2.tar.xz
|
||||
/samba-4.17.0rc2.tar.asc
|
||||
/samba-4.17.0rc3.tar.asc
|
||||
/samba-4.17.0rc3.tar.xz
|
||||
/samba-4.17.0rc4.tar.xz
|
||||
/samba-4.17.0rc4.tar.asc
|
||||
/samba-4.17.0rc5.tar.xz
|
||||
/samba-4.17.0rc5.tar.asc
|
||||
/samba-4.17.0.tar.xz
|
||||
/samba-4.17.0.tar.asc
|
||||
/samba-4.17.1.tar.xz
|
||||
/samba-4.17.1.tar.asc
|
||||
/samba-4.17.2.tar.xz
|
||||
/samba-4.17.2.tar.asc
|
||||
/samba-4.17.3.tar.xz
|
||||
/samba-4.17.3.tar.asc
|
||||
/samba-4.17.4.tar.xz
|
||||
/samba-4.17.4.tar.asc
|
||||
/samba-4.17.5.tar.xz
|
||||
/samba-4.17.5.tar.asc
|
||||
/samba-4.17.6.tar.xz
|
||||
/samba-4.17.6.tar.asc
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
/usr/lib/rpm/perl.req $* | grep -E -v '(Net::LDAP|Crypt::SmbHash|CGI|Unicode::MapUTF8|smbldap_tools|Carp|Convert::ASN1|Getopt::Long|Getopt::Std|IO::Socket|POSIX|Time::Local|strict)'
|
Binary file not shown.
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
badfuncs:
|
||||
ignore:
|
||||
- /usr/bin/nmblookup
|
||||
- /usr/bin/smbtorture
|
||||
- /usr/lib*/libndr.so.*
|
||||
- /usr/lib*/libsmbconf.so.*
|
||||
- /usr/lib*/samba/libgse-samba4.so
|
||||
- /usr/lib*/samba/libsamba-sockets-samba4.so
|
||||
- /usr/lib*/samba/service/nbtd.so
|
||||
- /usr/libexec/ctdb/smnotify
|
||||
- /usr/sbin/nmbd
|
||||
|
||||
runpath:
|
||||
allowed_paths:
|
||||
- /usr/lib/samba
|
||||
- /usr/lib64/samba
|
||||
|
||||
abidiff:
|
||||
suppression_file: samba.abignore
|
||||
|
||||
debuginfo:
|
||||
ignore:
|
||||
- /usr/lib*/libdcerpc-samr.so.*
|
|
@ -0,0 +1,540 @@
|
|||
From a3e3d05f35d6082ea48450060b39084e3d0e4056 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schneider <asn@samba.org>
|
||||
Date: Mon, 10 Oct 2022 15:15:20 +0200
|
||||
Subject: [PATCH 1/5] s3:librpc: Improve GSE error message
|
||||
|
||||
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206
|
||||
|
||||
Signed-off-by: Andreas Schneider <asn@samba.org>
|
||||
Reviewed-by: Noel Power <noel.power@suse.com>
|
||||
---
|
||||
source3/librpc/crypto/gse.c | 21 +++++++++++++++++++--
|
||||
1 file changed, 19 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c
|
||||
index c50a8a036df..c2cac7abf82 100644
|
||||
--- a/source3/librpc/crypto/gse.c
|
||||
+++ b/source3/librpc/crypto/gse.c
|
||||
@@ -546,11 +546,28 @@ init_sec_context_done:
|
||||
goto done;
|
||||
case GSS_S_FAILURE:
|
||||
switch (gss_min) {
|
||||
- case (OM_uint32)KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN:
|
||||
- DBG_NOTICE("Server principal not found\n");
|
||||
+ case (OM_uint32)KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN: {
|
||||
+ gss_buffer_desc name_token = {
|
||||
+ .length = 0,
|
||||
+ };
|
||||
+
|
||||
+ gss_maj = gss_display_name(&gss_min,
|
||||
+ gse_ctx->server_name,
|
||||
+ &name_token,
|
||||
+ NULL);
|
||||
+ if (gss_maj == GSS_S_COMPLETE) {
|
||||
+ DBG_NOTICE("Server principal %.*s not found\n",
|
||||
+ (int)name_token.length,
|
||||
+ (char *)name_token.value);
|
||||
+ gss_release_buffer(&gss_maj, &name_token);
|
||||
+ } else {
|
||||
+ DBG_NOTICE("Server principal not found\n");
|
||||
+ }
|
||||
+
|
||||
/* Make SPNEGO ignore us, we can't go any further here */
|
||||
status = NT_STATUS_INVALID_PARAMETER;
|
||||
goto done;
|
||||
+ }
|
||||
case (OM_uint32)KRB5KRB_AP_ERR_TKT_EXPIRED:
|
||||
DBG_NOTICE("Ticket expired\n");
|
||||
/* Make SPNEGO ignore us, we can't go any further here */
|
||||
--
|
||||
2.37.3
|
||||
|
||||
|
||||
From d2e2e9acd717e45806f1b19378e09f39c8fe3da8 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schneider <asn@samba.org>
|
||||
Date: Fri, 7 Oct 2022 14:35:15 +0200
|
||||
Subject: [PATCH 2/5] s3:rpcclient: Pass salt down to
|
||||
init_samr_CryptPasswordAES()
|
||||
|
||||
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206
|
||||
|
||||
Signed-off-by: Andreas Schneider <asn@samba.org>
|
||||
Reviewed-by: Noel Power <noel.power@suse.com>
|
||||
---
|
||||
source3/rpc_client/init_samr.c | 15 ++++-----------
|
||||
source3/rpc_client/init_samr.h | 1 +
|
||||
source3/rpcclient/cmd_samr.c | 8 ++++++++
|
||||
source4/libnet/libnet_passwd.c | 13 +++++++------
|
||||
source4/torture/rpc/samr.c | 27 +++++++++++++++++++++++++++
|
||||
5 files changed, 47 insertions(+), 17 deletions(-)
|
||||
|
||||
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c
|
||||
index 68f42b602b3..52fa2f90d6e 100644
|
||||
--- a/source3/rpc_client/init_samr.c
|
||||
+++ b/source3/rpc_client/init_samr.c
|
||||
@@ -79,6 +79,7 @@ NTSTATUS init_samr_CryptPassword(const char *pwd,
|
||||
|
||||
NTSTATUS init_samr_CryptPasswordAES(TALLOC_CTX *mem_ctx,
|
||||
const char *password,
|
||||
+ DATA_BLOB *salt,
|
||||
DATA_BLOB *session_key,
|
||||
struct samr_EncryptedPasswordAES *ppwd_buf)
|
||||
{
|
||||
@@ -87,12 +88,6 @@ NTSTATUS init_samr_CryptPasswordAES(TALLOC_CTX *mem_ctx,
|
||||
.data = pw_data,
|
||||
.length = sizeof(pw_data),
|
||||
};
|
||||
- size_t iv_size = gnutls_cipher_get_iv_size(GNUTLS_CIPHER_AES_256_CBC);
|
||||
- uint8_t iv_data[iv_size];
|
||||
- DATA_BLOB iv = {
|
||||
- .data = iv_data,
|
||||
- .length = iv_size,
|
||||
- };
|
||||
DATA_BLOB ciphertext = data_blob_null;
|
||||
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
|
||||
bool ok;
|
||||
@@ -101,8 +96,6 @@ NTSTATUS init_samr_CryptPasswordAES(TALLOC_CTX *mem_ctx,
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
- generate_nonce_buffer(iv.data, iv.length);
|
||||
-
|
||||
ok = encode_pwd_buffer514_from_str(pw_data, password, STR_UNICODE);
|
||||
if (!ok) {
|
||||
return NT_STATUS_INTERNAL_ERROR;
|
||||
@@ -114,7 +107,7 @@ NTSTATUS init_samr_CryptPasswordAES(TALLOC_CTX *mem_ctx,
|
||||
session_key,
|
||||
&samr_aes256_enc_key_salt,
|
||||
&samr_aes256_mac_key_salt,
|
||||
- &iv,
|
||||
+ salt,
|
||||
&ciphertext,
|
||||
ppwd_buf->auth_data);
|
||||
BURN_DATA(pw_data);
|
||||
@@ -126,8 +119,8 @@ NTSTATUS init_samr_CryptPasswordAES(TALLOC_CTX *mem_ctx,
|
||||
ppwd_buf->cipher = ciphertext.data;
|
||||
ppwd_buf->PBKDF2Iterations = 0;
|
||||
|
||||
- SMB_ASSERT(iv.length == sizeof(ppwd_buf->salt));
|
||||
- memcpy(ppwd_buf->salt, iv.data, iv.length);
|
||||
+ SMB_ASSERT(salt->length == sizeof(ppwd_buf->salt));
|
||||
+ memcpy(ppwd_buf->salt, salt->data, salt->length);
|
||||
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
diff --git a/source3/rpc_client/init_samr.h b/source3/rpc_client/init_samr.h
|
||||
index 940534e7168..71b4c0e573d 100644
|
||||
--- a/source3/rpc_client/init_samr.h
|
||||
+++ b/source3/rpc_client/init_samr.h
|
||||
@@ -47,6 +47,7 @@ NTSTATUS init_samr_CryptPassword(const char *pwd,
|
||||
*/
|
||||
NTSTATUS init_samr_CryptPasswordAES(TALLOC_CTX *mem_ctx,
|
||||
const char *password,
|
||||
+ DATA_BLOB *salt,
|
||||
DATA_BLOB *session_key,
|
||||
struct samr_EncryptedPasswordAES *ppwd_buf);
|
||||
|
||||
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
|
||||
index 9ccd2f78a8d..8106ca90cf2 100644
|
||||
--- a/source3/rpcclient/cmd_samr.c
|
||||
+++ b/source3/rpcclient/cmd_samr.c
|
||||
@@ -3172,6 +3172,11 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
|
||||
uint8_t nt_hash[16];
|
||||
uint8_t lm_hash[16];
|
||||
DATA_BLOB session_key;
|
||||
+ uint8_t salt_data[16];
|
||||
+ DATA_BLOB salt = {
|
||||
+ .data = salt_data,
|
||||
+ .length = sizeof(salt_data),
|
||||
+ };
|
||||
uint8_t password_expired = 0;
|
||||
struct dcerpc_binding_handle *b = cli->binding_handle;
|
||||
TALLOC_CTX *frame = NULL;
|
||||
@@ -3198,6 +3203,8 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
|
||||
goto done;
|
||||
}
|
||||
|
||||
+ generate_nonce_buffer(salt.data, salt.length);
|
||||
+
|
||||
switch(level) {
|
||||
case 18:
|
||||
case 21:
|
||||
@@ -3220,6 +3227,7 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
|
||||
case 31:
|
||||
status = init_samr_CryptPasswordAES(frame,
|
||||
param,
|
||||
+ &salt,
|
||||
&session_key,
|
||||
&pwd_buf_aes);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c
|
||||
index 4f662110e55..a1672104824 100644
|
||||
--- a/source4/libnet/libnet_passwd.c
|
||||
+++ b/source4/libnet/libnet_passwd.c
|
||||
@@ -57,13 +57,13 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX *mem_ctx,
|
||||
struct samr_EncryptedPasswordAES pwd_buf = {
|
||||
.cipher_len = 0
|
||||
};
|
||||
- DATA_BLOB iv = {
|
||||
+ DATA_BLOB salt = {
|
||||
.data = pwd_buf.salt,
|
||||
.length = sizeof(pwd_buf.salt),
|
||||
};
|
||||
- gnutls_datum_t iv_datum = {
|
||||
- .data = iv.data,
|
||||
- .size = iv.length,
|
||||
+ gnutls_datum_t salt_datum = {
|
||||
+ .data = pwd_buf.salt,
|
||||
+ .size = sizeof(pwd_buf.salt),
|
||||
};
|
||||
uint64_t pbkdf2_iterations = generate_random_u64_range(5000, 1000000);
|
||||
NTSTATUS status;
|
||||
@@ -71,11 +71,11 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX *mem_ctx,
|
||||
|
||||
E_md4hash(old_password, old_nt_key_data);
|
||||
|
||||
- generate_nonce_buffer(iv.data, iv.length);
|
||||
+ generate_nonce_buffer(salt.data, salt.length);
|
||||
|
||||
rc = gnutls_pbkdf2(GNUTLS_MAC_SHA512,
|
||||
&old_nt_key,
|
||||
- &iv_datum,
|
||||
+ &salt_datum,
|
||||
pbkdf2_iterations,
|
||||
cek.data,
|
||||
cek.length);
|
||||
@@ -86,6 +86,7 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX *mem_ctx,
|
||||
|
||||
status = init_samr_CryptPasswordAES(mem_ctx,
|
||||
new_password,
|
||||
+ &salt,
|
||||
&cek,
|
||||
&pwd_buf);
|
||||
data_blob_clear(&cek);
|
||||
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
|
||||
index de354659067..0b1880efa18 100644
|
||||
--- a/source4/torture/rpc/samr.c
|
||||
+++ b/source4/torture/rpc/samr.c
|
||||
@@ -783,6 +783,11 @@ static bool test_SetUserPass_32(struct dcerpc_pipe *p, struct torture_context *t
|
||||
struct samr_SetUserInfo s;
|
||||
union samr_UserInfo u;
|
||||
DATA_BLOB session_key;
|
||||
+ uint8_t salt_data[16];
|
||||
+ DATA_BLOB salt = {
|
||||
+ .data = salt_data,
|
||||
+ .length = sizeof(salt_data),
|
||||
+ };
|
||||
char *newpass = NULL;
|
||||
struct dcerpc_binding_handle *b = p->binding_handle;
|
||||
struct samr_GetUserPwInfo pwp;
|
||||
@@ -818,8 +823,11 @@ static bool test_SetUserPass_32(struct dcerpc_pipe *p, struct torture_context *t
|
||||
return false;
|
||||
}
|
||||
|
||||
+ generate_nonce_buffer(salt.data, salt.length);
|
||||
+
|
||||
status = init_samr_CryptPasswordAES(tctx,
|
||||
newpass,
|
||||
+ &salt,
|
||||
&session_key,
|
||||
&u.info32.password);
|
||||
torture_assert_ntstatus_ok(tctx,
|
||||
@@ -852,6 +860,7 @@ static bool test_SetUserPass_32(struct dcerpc_pipe *p, struct torture_context *t
|
||||
|
||||
status = init_samr_CryptPasswordAES(tctx,
|
||||
newpass,
|
||||
+ &salt,
|
||||
&session_key,
|
||||
&u.info32.password);
|
||||
torture_assert_ntstatus_ok(tctx,
|
||||
@@ -896,6 +905,11 @@ static bool test_SetUserPass_31(struct dcerpc_pipe *p, struct torture_context *t
|
||||
union samr_UserInfo u;
|
||||
bool ret = true;
|
||||
DATA_BLOB session_key;
|
||||
+ uint8_t salt_data[16];
|
||||
+ DATA_BLOB salt = {
|
||||
+ .data = salt_data,
|
||||
+ .length = sizeof(salt_data),
|
||||
+ };
|
||||
char *newpass;
|
||||
struct dcerpc_binding_handle *b = p->binding_handle;
|
||||
struct samr_GetUserPwInfo pwp;
|
||||
@@ -931,8 +945,11 @@ static bool test_SetUserPass_31(struct dcerpc_pipe *p, struct torture_context *t
|
||||
return false;
|
||||
}
|
||||
|
||||
+ generate_nonce_buffer(salt.data, salt.length);
|
||||
+
|
||||
status = init_samr_CryptPasswordAES(tctx,
|
||||
newpass,
|
||||
+ &salt,
|
||||
&session_key,
|
||||
&u.info31.password);
|
||||
torture_assert_ntstatus_ok(tctx,
|
||||
@@ -959,6 +976,7 @@ static bool test_SetUserPass_31(struct dcerpc_pipe *p, struct torture_context *t
|
||||
|
||||
status = init_samr_CryptPasswordAES(tctx,
|
||||
newpass,
|
||||
+ &salt,
|
||||
&session_key,
|
||||
&u.info31.password);
|
||||
torture_assert_ntstatus_ok(tctx,
|
||||
@@ -1381,6 +1399,11 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
|
||||
union samr_UserInfo u;
|
||||
bool ret = true;
|
||||
DATA_BLOB session_key;
|
||||
+ uint8_t salt_data[16];
|
||||
+ DATA_BLOB salt = {
|
||||
+ .data = salt_data,
|
||||
+ .length = sizeof(salt_data),
|
||||
+ };
|
||||
char *newpass;
|
||||
struct dcerpc_binding_handle *b = p->binding_handle;
|
||||
struct samr_GetUserPwInfo pwp;
|
||||
@@ -1490,6 +1513,8 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
|
||||
return false;
|
||||
}
|
||||
|
||||
+ generate_nonce_buffer(salt.data, salt.length);
|
||||
+
|
||||
switch (level) {
|
||||
case 18:
|
||||
{
|
||||
@@ -1561,6 +1586,7 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
|
||||
case 31:
|
||||
status = init_samr_CryptPasswordAES(tctx,
|
||||
newpass,
|
||||
+ &salt,
|
||||
&session_key,
|
||||
&u.info31.password);
|
||||
|
||||
@@ -1568,6 +1594,7 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
|
||||
case 32:
|
||||
status = init_samr_CryptPasswordAES(tctx,
|
||||
newpass,
|
||||
+ &salt,
|
||||
&session_key,
|
||||
&u.info32.password);
|
||||
|
||||
--
|
||||
2.37.3
|
||||
|
||||
|
||||
From 1d630363c9b2497266e418aad89c55d5b51a63ad Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schneider <asn@samba.org>
|
||||
Date: Mon, 17 Oct 2022 09:02:28 +0200
|
||||
Subject: [PATCH 3/5] s4:libnet: If we successfully changed the password we are
|
||||
done
|
||||
|
||||
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206
|
||||
|
||||
Signed-off-by: Andreas Schneider <asn@samba.org>
|
||||
Reviewed-by: Noel Power <noel.power@suse.com>
|
||||
---
|
||||
source4/libnet/libnet_passwd.c | 32 ++++++++++++++++++--------------
|
||||
1 file changed, 18 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c
|
||||
index a1672104824..b17614bcd97 100644
|
||||
--- a/source4/libnet/libnet_passwd.c
|
||||
+++ b/source4/libnet/libnet_passwd.c
|
||||
@@ -101,7 +101,7 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX *mem_ctx,
|
||||
r.in.password = &pwd_buf;
|
||||
|
||||
status = dcerpc_samr_ChangePasswordUser4_r(h, mem_ctx, &r);
|
||||
- if (NT_STATUS_IS_OK(status)) {
|
||||
+ if (!NT_STATUS_IS_OK(status)) {
|
||||
goto done;
|
||||
}
|
||||
if (!NT_STATUS_IS_OK(r.out.result)) {
|
||||
@@ -112,6 +112,7 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX *mem_ctx,
|
||||
account->string,
|
||||
nt_errstr(status));
|
||||
status = r.out.result;
|
||||
+ goto done;
|
||||
}
|
||||
|
||||
done:
|
||||
@@ -424,20 +425,23 @@ static NTSTATUS libnet_ChangePassword_samr(struct libnet_context *ctx, TALLOC_CT
|
||||
r->samr.in.oldpassword,
|
||||
r->samr.in.newpassword,
|
||||
&(r->samr.out.error_string));
|
||||
- if (!NT_STATUS_IS_OK(status)) {
|
||||
- if (NT_STATUS_EQUAL(status,
|
||||
- NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE) ||
|
||||
- NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED) ||
|
||||
- NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
|
||||
- /*
|
||||
- * Don't fallback to RC4 based SAMR if weak crypto is not
|
||||
- * allowed.
|
||||
- */
|
||||
- if (lpcfg_weak_crypto(ctx->lp_ctx) ==
|
||||
- SAMBA_WEAK_CRYPTO_DISALLOWED) {
|
||||
- goto disconnect;
|
||||
- }
|
||||
+ if (NT_STATUS_IS_OK(status)) {
|
||||
+ goto disconnect;
|
||||
+ } else if (NT_STATUS_EQUAL(status,
|
||||
+ NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE) ||
|
||||
+ NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED) ||
|
||||
+ NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
|
||||
+ /*
|
||||
+ * Don't fallback to RC4 based SAMR if weak crypto is not
|
||||
+ * allowed.
|
||||
+ */
|
||||
+ if (lpcfg_weak_crypto(ctx->lp_ctx) ==
|
||||
+ SAMBA_WEAK_CRYPTO_DISALLOWED) {
|
||||
+ goto disconnect;
|
||||
}
|
||||
+ } else {
|
||||
+ /* libnet_ChangePassword_samr_aes is implemented and failed */
|
||||
+ goto disconnect;
|
||||
}
|
||||
|
||||
status = libnet_ChangePassword_samr_rc4(
|
||||
--
|
||||
2.37.3
|
||||
|
||||
|
||||
From 9a4a169ab34641afb87e7f81708c9a72b321879e Mon Sep 17 00:00:00 2001
|
||||
From: Noel Power <noel.power@suse.com>
|
||||
Date: Fri, 21 Oct 2022 17:40:36 +0100
|
||||
Subject: [PATCH 4/5] s4/rpc_server/sambr: don't mutate the return of
|
||||
samdb_set_password_aes
|
||||
|
||||
prior to this commit return of samdb_set_password_aes was set to
|
||||
NT_STATUS_WRONG_PASSWORD on failure. Useful status that should be
|
||||
returned such as NT_STATUS_PASSWORD_RESTRICTION are swallowed here
|
||||
otherwise (and in this case can be partially responsible for failures
|
||||
in test samba.tests.auth_log_pass_change (with later gnutls)
|
||||
|
||||
Signed-off-by: Noel Power <noel.power@suse.com>
|
||||
Reviewed-by: Andreas Schneider <asn@samba.org>
|
||||
---
|
||||
source4/rpc_server/samr/samr_password.c | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
|
||||
index 4691f9a47a9..b581be6361c 100644
|
||||
--- a/source4/rpc_server/samr/samr_password.c
|
||||
+++ b/source4/rpc_server/samr/samr_password.c
|
||||
@@ -250,7 +250,6 @@ NTSTATUS dcesrv_samr_ChangePasswordUser4(struct dcesrv_call_state *dce_call,
|
||||
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
ldb_transaction_cancel(sam_ctx);
|
||||
- status = NT_STATUS_WRONG_PASSWORD;
|
||||
goto done;
|
||||
}
|
||||
|
||||
--
|
||||
2.37.3
|
||||
|
||||
|
||||
From b8b36ecba0f22dbc203c12627ebd629c2437c635 Mon Sep 17 00:00:00 2001
|
||||
From: Noel Power <noel.power@suse.com>
|
||||
Date: Fri, 21 Oct 2022 17:14:44 +0100
|
||||
Subject: [PATCH 5/5] python/samba/tests: fix samba.tests.auth_log_pass_change
|
||||
for later gnutls
|
||||
|
||||
later gnutls that support GNUTLS_PBKDF2 currently fail,
|
||||
we need to conditionally switch test data to reflect use of
|
||||
'samr_ChangePasswordUser3' or 'samr_ChangePasswordUser4'
|
||||
depending on whether GNUTLS_PBKDF2 is supported or not
|
||||
|
||||
Signed-off-by: Noel Power <noel.power@suse.com>
|
||||
Reviewed-by: Andreas Schneider <asn@samba.org>
|
||||
---
|
||||
python/samba/tests/auth_log_pass_change.py | 20 ++++++++++++++++----
|
||||
source4/selftest/tests.py | 9 ++++++---
|
||||
2 files changed, 22 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/python/samba/tests/auth_log_pass_change.py b/python/samba/tests/auth_log_pass_change.py
|
||||
index 972af2158dd..1ca46c586b3 100644
|
||||
--- a/python/samba/tests/auth_log_pass_change.py
|
||||
+++ b/python/samba/tests/auth_log_pass_change.py
|
||||
@@ -72,6 +72,18 @@ class AuthLogPassChangeTests(samba.tests.auth_log_base.AuthLogTestBase):
|
||||
|
||||
# discard any auth log messages for the password setup
|
||||
self.discardMessages()
|
||||
+ gnutls_pbkdf2_support = samba.tests.env_get_var_value(
|
||||
+ 'GNUTLS_PBKDF2_SUPPORT',
|
||||
+ allow_missing=True)
|
||||
+ if gnutls_pbkdf2_support is None:
|
||||
+ gnutls_pbkdf2_support = '0'
|
||||
+ self.gnutls_pbkdf2_support = bool(int(gnutls_pbkdf2_support))
|
||||
+
|
||||
+ def _authDescription(self):
|
||||
+ if self.gnutls_pbkdf2_support:
|
||||
+ return "samr_ChangePasswordUser4"
|
||||
+ else:
|
||||
+ return "samr_ChangePasswordUser3"
|
||||
|
||||
def tearDown(self):
|
||||
super(AuthLogPassChangeTests, self).tearDown()
|
||||
@@ -83,7 +95,7 @@ class AuthLogPassChangeTests(samba.tests.auth_log_base.AuthLogTestBase):
|
||||
(msg["Authentication"]["serviceDescription"] ==
|
||||
"SAMR Password Change") and
|
||||
(msg["Authentication"]["authDescription"] ==
|
||||
- "samr_ChangePasswordUser3") and
|
||||
+ self._authDescription()) and
|
||||
(msg["Authentication"]["eventId"] ==
|
||||
EVT_ID_SUCCESSFUL_LOGON) and
|
||||
(msg["Authentication"]["logonType"] ==
|
||||
@@ -109,7 +121,7 @@ class AuthLogPassChangeTests(samba.tests.auth_log_base.AuthLogTestBase):
|
||||
(msg["Authentication"]["serviceDescription"] ==
|
||||
"SAMR Password Change") and
|
||||
(msg["Authentication"]["authDescription"] ==
|
||||
- "samr_ChangePasswordUser3") and
|
||||
+ self._authDescription()) and
|
||||
(msg["Authentication"]["eventId"] ==
|
||||
EVT_ID_UNSUCCESSFUL_LOGON) and
|
||||
(msg["Authentication"]["logonType"] ==
|
||||
@@ -141,7 +153,7 @@ class AuthLogPassChangeTests(samba.tests.auth_log_base.AuthLogTestBase):
|
||||
(msg["Authentication"]["serviceDescription"] ==
|
||||
"SAMR Password Change") and
|
||||
(msg["Authentication"]["authDescription"] ==
|
||||
- "samr_ChangePasswordUser3") and
|
||||
+ self._authDescription()) and
|
||||
(msg["Authentication"]["eventId"] ==
|
||||
EVT_ID_UNSUCCESSFUL_LOGON) and
|
||||
(msg["Authentication"]["logonType"] ==
|
||||
@@ -174,7 +186,7 @@ class AuthLogPassChangeTests(samba.tests.auth_log_base.AuthLogTestBase):
|
||||
(msg["Authentication"]["serviceDescription"] ==
|
||||
"SAMR Password Change") and
|
||||
(msg["Authentication"]["authDescription"] ==
|
||||
- "samr_ChangePasswordUser3") and
|
||||
+ self._authDescription()) and
|
||||
(msg["Authentication"]["eventId"] ==
|
||||
EVT_ID_UNSUCCESSFUL_LOGON) and
|
||||
(msg["Authentication"]["logonType"] ==
|
||||
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
|
||||
index a803d4704ea..c92105586a7 100755
|
||||
--- a/source4/selftest/tests.py
|
||||
+++ b/source4/selftest/tests.py
|
||||
@@ -1094,9 +1094,11 @@ if have_heimdal_support:
|
||||
environ={'CLIENT_IP': '10.53.57.11',
|
||||
'SOCKET_WRAPPER_DEFAULT_IFACE': 11})
|
||||
planoldpythontestsuite("ad_dc_smb1", "samba.tests.auth_log_pass_change",
|
||||
- extra_args=['-U"$USERNAME%$PASSWORD"'])
|
||||
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
|
||||
+ environ={'GNUTLS_PBKDF2_SUPPORT': gnutls_pbkdf2_support})
|
||||
planoldpythontestsuite("ad_dc_ntvfs", "samba.tests.auth_log_pass_change",
|
||||
- extra_args=['-U"$USERNAME%$PASSWORD"'])
|
||||
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
|
||||
+ environ={'GNUTLS_PBKDF2_SUPPORT': gnutls_pbkdf2_support})
|
||||
|
||||
# these tests use a NCA local RPC connection, so always run on the
|
||||
# :local testenv, and so don't need to fake a client connection
|
||||
@@ -1113,7 +1115,8 @@ if have_heimdal_support:
|
||||
"samba.tests.auth_log_winbind",
|
||||
extra_args=['-U"$DC_USERNAME%$DC_PASSWORD"'])
|
||||
planoldpythontestsuite("ad_dc", "samba.tests.audit_log_pass_change",
|
||||
- extra_args=['-U"$USERNAME%$PASSWORD"'])
|
||||
+ extra_args=['-U"$USERNAME%$PASSWORD"'],
|
||||
+ environ={'GNUTLS_PBKDF2_SUPPORT': gnutls_pbkdf2_support})
|
||||
planoldpythontestsuite("ad_dc", "samba.tests.audit_log_dsdb",
|
||||
extra_args=['-U"$USERNAME%$PASSWORD"'])
|
||||
planoldpythontestsuite("ad_dc", "samba.tests.group_audit",
|
||||
--
|
||||
2.37.3
|
||||
|
Binary file not shown.
|
@ -0,0 +1,2 @@
|
|||
#Type Name ID
|
||||
g printadmin -
|
|
@ -0,0 +1,2 @@
|
|||
#Type Name ID
|
||||
g usershares -
|
|
@ -0,0 +1,5 @@
|
|||
#################################################
|
||||
# This is a grouping library without any code
|
||||
#################################################
|
||||
[suppress_file]
|
||||
file_name_regexp=.*libdcerpc-samr\\.so.*
|
1852
samba.spec
1852
samba.spec
File diff suppressed because it is too large
Load Diff
|
@ -281,7 +281,7 @@
|
|||
|
||||
[printers]
|
||||
comment = All Printers
|
||||
path = /var/spool/samba
|
||||
path = /var/tmp
|
||||
browseable = no
|
||||
guest ok = no
|
||||
writable = no
|
||||
|
|
|
@ -2,6 +2,10 @@
|
|||
# read the smb.conf manpage.
|
||||
# Run 'testparm' to verify the config is correct after
|
||||
# you modified it.
|
||||
#
|
||||
# Note:
|
||||
# SMB1 is disabled by default. This means clients without support for SMB2 or
|
||||
# SMB3 are no longer able to connect to smbd (by default).
|
||||
|
||||
[global]
|
||||
workgroup = SAMBA
|
||||
|
@ -14,6 +18,9 @@
|
|||
load printers = yes
|
||||
cups options = raw
|
||||
|
||||
# Install samba-usershares package for support
|
||||
include = /etc/samba/usershares.conf
|
||||
|
||||
[homes]
|
||||
comment = Home Directories
|
||||
valid users = %S, %D%w%S
|
||||
|
|
4
sources
4
sources
|
@ -1,2 +1,2 @@
|
|||
SHA512 (samba-4.13.0rc1.tar.xz) = 3e6d431998907ad8c81f488ddf78dcef5fd6a4cdf8ca684e5ad0ce9bf7217d82fcca7501155446c83d804f939bea7012f1d37c1f738d8ec7bc769a9148a6592a
|
||||
SHA512 (samba-4.13.0rc1.tar.asc) = 6dfe9467fd7fd28db91ae15fa3314a7707cfeb88c8ecd2af532d57614bec311119546a2fd4ced71063df9b7d6879a62f9ba512ae05d494323e0362a5492d33fa
|
||||
SHA512 (samba-4.17.6.tar.xz) = 5c9341fc27ed9912de8da190f6b3464a46e4ad95b1edc8e1a4556d5da5fd17005873b22a26da9890b1537bf61d70c5e2de0d8243c361c71518959d99bb0790aa
|
||||
SHA512 (samba-4.17.6.tar.asc) = f666ebef32865e4d347ea78c2274742c07222f6539a2a8ec5db5c509b115490c2456243beab27c9c9054ad21a2375f15969787f01c2c269db19da3f5316ac166
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
[global]
|
||||
usershare max shares = 100
|
||||
usershare allow guests = yes
|
Loading…
Reference in New Issue