samba.git/source4/rpc_server, branch talloc-2.4.2 Unnamed repository; edit this file 'description' to name the repository. s4/rpc_server: return NULL dns_name for NT4 trusts 2024-01-20T13:20:37+00:00 Ralph Boehme slow@samba.org 2024-01-18T18:12:34+00:00 53ca19851dbfc3cab7345424c029a7c90745e24a That's what Windows returns for an NT4 trust: array: struct netr_DomainTrust netbios_name : * netbios_name : 'NT4TRUST' dns_name : NULL trust_flags : 0x00000020 (32) 0: NETR_TRUST_FLAG_IN_FOREST 0: NETR_TRUST_FLAG_OUTBOUND 0: NETR_TRUST_FLAG_TREEROOT 0: NETR_TRUST_FLAG_PRIMARY 0: NETR_TRUST_FLAG_NATIVE 1: NETR_TRUST_FLAG_INBOUND 0: NETR_TRUST_FLAG_MIT_KRB5 0: NETR_TRUST_FLAG_AES parent_index : 0x00000000 (0) trust_type : LSA_TRUST_TYPE_DOWNLEVEL (1) trust_attributes : 0x00000000 (0) 0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE 0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY 0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN 0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE 0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION 0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST 0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL 0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION 0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION 0: LSA_TRUST_ATTRIBUTE_PIM_TRUST 0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION sid : * sid : S-1-5-21-4267984555-3675415144-1682400025 guid : 00000000-0000-0000-0000-000000000000 Even though when creating the trust the DNS name must not be NULL and the trustPartner and name attributes are set to the flatName in the trustedDomain object: dn: CN=NT4TRUST,CN=System,DC=wdom2,DC=site objectClass: top objectClass: leaf objectClass: trustedDomain cn: NT4TRUST distinguishedName: CN=NT4TRUST,CN=System,DC=wdom2,DC=site instanceType: 4 whenCreated: 20240118175040.0Z whenChanged: 20240118175040.0Z uSNCreated: 4939915 uSNChanged: 4939916 showInAdvancedViewOnly: TRUE name: NT4TRUST objectGUID: c2273b74-19ff-4f5a-b528-9e5ae21960dd securityIdentifier: S-1-5-21-4267984555-3675415144-1682400025 trustDirection: 1 trustPartner: NT4TRUST trustPosixOffset: 0 trustType: 1 trustAttributes: 0 flatName: NT4TRUST objectCategory: CN=Trusted-Domain,CN=Schema,CN=Configuration,DC=wdom2,DC=site isCriticalSystemObject: TRUE dSCorePropagationData: 16010101000000.0Z BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> 
That's what Windows returns for an NT4 trust:

  array: struct netr_DomainTrust
      netbios_name             : *
          netbios_name             : 'NT4TRUST'
      dns_name                 : NULL
      trust_flags              : 0x00000020 (32)
             0: NETR_TRUST_FLAG_IN_FOREST
             0: NETR_TRUST_FLAG_OUTBOUND
             0: NETR_TRUST_FLAG_TREEROOT
             0: NETR_TRUST_FLAG_PRIMARY
             0: NETR_TRUST_FLAG_NATIVE
             1: NETR_TRUST_FLAG_INBOUND
             0: NETR_TRUST_FLAG_MIT_KRB5
             0: NETR_TRUST_FLAG_AES
      parent_index             : 0x00000000 (0)
      trust_type               : LSA_TRUST_TYPE_DOWNLEVEL (1)
      trust_attributes         : 0x00000000 (0)
             0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
             0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
             0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
             0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
             0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
             0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
             0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
             0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
             0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_NO_TGT_DELEGATION
             0: LSA_TRUST_ATTRIBUTE_PIM_TRUST
             0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION
      sid                      : *
          sid                      : S-1-5-21-4267984555-3675415144-1682400025
      guid                     : 00000000-0000-0000-0000-000000000000

Even though when creating the trust the DNS name must not be NULL and the
trustPartner and name attributes are set to the flatName in the trustedDomain
object:

  dn: CN=NT4TRUST,CN=System,DC=wdom2,DC=site
  objectClass: top
  objectClass: leaf
  objectClass: trustedDomain
  cn: NT4TRUST
  distinguishedName: CN=NT4TRUST,CN=System,DC=wdom2,DC=site
  instanceType: 4
  whenCreated: 20240118175040.0Z
  whenChanged: 20240118175040.0Z
  uSNCreated: 4939915
  uSNChanged: 4939916
  showInAdvancedViewOnly: TRUE
  name: NT4TRUST
  objectGUID: c2273b74-19ff-4f5a-b528-9e5ae21960dd
  securityIdentifier: S-1-5-21-4267984555-3675415144-1682400025
  trustDirection: 1
  trustPartner: NT4TRUST
  trustPosixOffset: 0
  trustType: 1
  trustAttributes: 0
  flatName: NT4TRUST
  objectCategory: CN=Trusted-Domain,CN=Schema,CN=Configuration,DC=wdom2,DC=site
  isCriticalSystemObject: TRUE
  dSCorePropagationData: 16010101000000.0Z

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15533

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
lsa4: Fix Coverity ID 1499410 2023-11-21T17:34:36+00:00 Volker Lendecke vl@samba.org 2023-11-15T13:39:33+00:00 0bc329a3430a91357e7062df4c0f8ac5cbde95da It complains about uninitialized access, and I'm not sure it isn't right. Just initialize the structure. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
It complains about uninitialized access, and I'm not sure it isn't
right. Just initialize the structure.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
samr4: Fix Coverity ID 1499378 2023-11-21T17:34:36+00:00 Volker Lendecke vl@samba.org 2023-11-15T13:36:20+00:00 a5c2134cc2349e849b89c33dd91b25cc6bf2dd11 Coverity isn't smart enough to see this is initialized. As it's good practice to initialize vars, just do it. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
Coverity isn't smart enough to see this is initialized. As it's good
practice to initialize vars, just do it.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
s4:rpc_server: Implement dcesrv_lsa_OpenPolicy3() 2023-11-21T11:16:37+00:00 Andreas Schneider asn@samba.org 2023-08-30T12:48:23+00:00 15cecaaf0f14e049cfc464665de2fe8734307397 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 lsa.idl: Backport changes from wireshark 2023-11-21T11:16:37+00:00 Stefan Metzmacher metze@samba.org 2022-03-18T14:46:09+00:00 f5275ae3dcca0546ae73dcc16f3e68f314646915 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 lsa.idl: Add new functions and types 2023-11-21T11:16:37+00:00 Stefan Metzmacher metze@samba.org 2022-03-18T12:34:38+00:00 5c72df15a87b38c0734297d90949a4e57e7b4703 [MS-LSAD] got new functions in order to use AES encryption and other security related features. For our servers we still pretent we don't know about the new functions and return DCERPC_FAULT_OP_RNG_ERROR. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
[MS-LSAD] got new functions in order to use AES encryption
and other security related features.

For our servers we still pretent we don't
know about the new functions and return DCERPC_FAULT_OP_RNG_ERROR.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
s4:rpc_server: Remove trailing white spaces from lsa_init.c 2023-11-21T11:16:37+00:00 Andreas Schneider asn@samba.org 2023-08-30T07:24:06+00:00 80ba5456d8cb9623c9b5a54571791dc4ac88571d Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 s4-winreg: fix dcesrv_winreg_EnumValue behavior 2023-11-20T04:50:00+00:00 Günther Deschner gd@samba.org 2023-11-16T20:05:12+00:00 5119d5540de6fa56cb92c82a2bf719c6656a2988 When returning WERR_MORE_DATA the winreg server needs to indicate the required buffer size. Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Nov 20 04:50:00 UTC 2023 on atb-devel-224 
When returning WERR_MORE_DATA the winreg server needs to indicate the
required buffer size.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 20 04:50:00 UTC 2023 on atb-devel-224
s4:rpc_server: Properly initialize ‘lsa_CreateTrustedDomainEx2’ structure (CID 1499404) 2023-11-02T04:04:49+00:00 Joseph Sutton josephsutton@catalyst.net.nz 2023-10-30T23:14:27+00:00 1372ef0ef46f6eee615c2fffd5286e96aeb8417a dcesrv_lsa_CreateTrustedDomain_base() invokes DCESRV_PULL_HANDLE(), which invokes DCESRV_PULL_HANDLE_RETVAL(), which invokes DCESRV_CHECK_HANDLE(), which might invoke DCESRV_FAULT(), which accesses r2.out.result, which is uninitialized — invoking undefined behaviour. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Nov 2 04:04:49 UTC 2023 on atb-devel-224 
dcesrv_lsa_CreateTrustedDomain_base() invokes DCESRV_PULL_HANDLE(),
which invokes DCESRV_PULL_HANDLE_RETVAL(), which invokes
DCESRV_CHECK_HANDLE(), which might invoke DCESRV_FAULT(), which accesses
r2.out.result, which is uninitialized — invoking undefined behaviour.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov  2 04:04:49 UTC 2023 on atb-devel-224
s4:rpc_server: Properly initialize ‘lsa_CreateTrustedDomainEx2’ structure (CID 1499407) 2023-11-02T03:08:37+00:00 Joseph Sutton josephsutton@catalyst.net.nz 2023-10-30T23:11:37+00:00 fa25793ebff92bee2bb1bf0b437b5f705ee8a1dc dcesrv_lsa_CreateTrustedDomain_base() invokes DCESRV_PULL_HANDLE(), which invokes DCESRV_PULL_HANDLE_RETVAL(), which invokes DCESRV_CHECK_HANDLE(), which might invoke DCESRV_FAULT(), which accesses r2.out.result, which is uninitialized — invoking undefined behaviour. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
dcesrv_lsa_CreateTrustedDomain_base() invokes DCESRV_PULL_HANDLE(),
which invokes DCESRV_PULL_HANDLE_RETVAL(), which invokes
DCESRV_CHECK_HANDLE(), which might invoke DCESRV_FAULT(), which accesses
r2.out.result, which is uninitialized — invoking undefined behaviour.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>