[Pkg-samba-maint] [Git][samba-team/samba][pam_winbind-try_authok] 3085 commits: VERSION: Bump version up to 4.9.0pre1...
Mathieu Parent
gitlab at salsa.debian.org
Tue Oct 9 09:08:59 BST 2018
Mathieu Parent pushed to branch pam_winbind-try_authok at Debian Samba Team / samba
Commits:
0d62579a by Karolin Seeger at 2018-01-15T01:51:51Z
VERSION: Bump version up to 4.9.0pre1...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Mon Jan 15 02:51:51 CET 2018 on sn-devel-144
- - - - -
264249db by Andreas Schneider at 2018-01-15T16:48:18Z
s3:winbindd: Improve logic so it is easier to understand
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
00d176c6 by Andreas Schneider at 2018-01-15T16:48:18Z
s3:winbind: Use a goto for cleaning up at the end
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
bfc727f0 by Andreas Schneider at 2018-01-15T16:48:18Z
s3:winbind: Use a stackframe and cleanup when leaving
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
05ebafd9 by Andreas Schneider at 2018-01-15T21:16:13Z
s3:rpc_client: Clenup copy_netr_SamInfo3() code
This gets rid of some strange macro and makes sure we clenaup at the
end.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Jan 15 22:16:13 CET 2018 on sn-devel-144
- - - - -
6aa0cc25 by Volker Lendecke at 2018-01-15T21:17:08Z
rpc_server: Improve a debug message
A client sending us a bind with an unknown interface should not spam
syslog by default. Also, show what interface the client tried to connect
to.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a63aafb0 by Volker Lendecke at 2018-01-16T01:43:03Z
srcctl3: Improve debug messages
A customer's syslog was filled with
_svcctl_OpenServiceW: Failed to get a valid security descriptor
messages. This improves the messages to give info about which service failed
with which error code. Also, it makes OpenServiceW fail with the same error
message Windows fails with for unknown services.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jan 16 02:43:03 CET 2018 on sn-devel-144
- - - - -
7a3f97f2 by Jamie McClymont at 2018-01-16T06:12:01Z
selftest: fix envvars for creation of default user in wait_for_start
Resolves failure of ad_member to start up under ad_dc (if
the user is determined to be needed).
Signed-off-by: Jamie McClymont <jamiemcclymont at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13225
Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Tue Jan 16 07:12:01 CET 2018 on sn-devel-144
- - - - -
11293887 by Günther Deschner at 2018-01-16T15:38:23Z
python: fix the build with python3.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13221
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
8224a3d6 by Günther Deschner at 2018-01-16T20:02:28Z
packaging: fix default systemd-dir path.
https://bugzilla.samba.org/show_bug.cgi?id=13227
By default we should not end up with a
/usr/usr/lib/systemd/system path.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Tue Jan 16 21:02:28 CET 2018 on sn-devel-144
- - - - -
e77f8e46 by Christof Schmitt at 2018-01-17T00:31:53Z
Remove file system sharemode before calling unlink
GPFS implements the DENY_DELETE sharemode, which prevents unlink() from
deleting the file.. This causes the problem that deleting a file through
"delete on close" fails, as the code in close.c first calls unlink() and
only later removes the file system sharemode.
Fix this by removing the file system sharemode before calling unlink().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13217
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Wed Jan 17 01:31:53 CET 2018 on sn-devel-144
- - - - -
0edce86e by Sachin Prabhu at 2018-01-17T05:09:29Z
vfs_glusterfs: Add fallocate support for vfs_glusterfs
Adds fallocate support to the vfs glusterfs plugin.
v2: Add check for glusterfs-api version.
RHBZ: 1478875
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan 17 06:09:29 CET 2018 on sn-devel-144
- - - - -
e4f62d4e by Volker Lendecke at 2018-01-17T18:24:11Z
pdb: Fix CID 1427624 Resource leak
It's not exactly a resource leak (we only really realloc if we shrink
dramatically), but assigning the result from tdb_realloc looks nicer.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
92131d08 by Volker Lendecke at 2018-01-17T18:24:11Z
winbind: Fix CID 1427626 Uninitialized scalar variable
Likely a false positive, but Coverity can't follow all the paths leading
to line 2030
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4e5c9427 by Volker Lendecke at 2018-01-17T18:24:11Z
pdb: Fix CID 1427620 Resource leak
It's not exactly a resource leak (we only really realloc if we shrink
dramatically), but assigning the result from tdb_realloc looks nicer.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
3be1e68c by Volker Lendecke at 2018-01-17T22:58:34Z
winbind: Fix CID 1427626 Uninitialized scalar variable
Likely a false positive, but Coverity can't follow all the paths leading
to line 1598.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Jan 17 23:58:34 CET 2018 on sn-devel-144
- - - - -
7c1c8c68 by Alexander Bokovoy at 2018-01-19T00:36:22Z
mit-kdb: support MIT Kerberos 1.16 KDB API changes
MIT Kerberos 1.16 adds ability to audit local and remote addresses
during AS_REQ processing. As result, audit_as_req callback signature
was changed to include the addresses and KDB API version was increased.
Change mit-kdb code to properly expose audit_as_req signature KDC
expects in 1.16 version. Also update #ifdefs to account for the new
KDB API version.
This commit does not add actual audit of the local and remote IP
addresses, it only makes it possible to compile against MIT Kerberos
1.16.
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jan 19 01:36:22 CET 2018 on sn-devel-144
- - - - -
3904c26a by Puran Chand at 2018-01-21T06:08:23Z
Added smbc_SetConfiguration which lets the user set the smb.conf for libsmbclient code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13229
Signed-off-by: Puran Chand <pchand at vmware.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c6999a24 by Volker Lendecke at 2018-01-21T06:08:23Z
vfs_fileid: Fix the 32-bit build
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ac9d528b by Volker Lendecke at 2018-01-21T10:48:01Z
docs: Remove prog_guide4.txt
Move the still relevant parts elsewhere
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Sun Jan 21 11:48:01 CET 2018 on sn-devel-144
- - - - -
33c0f559 by Amitay Isaacs at 2018-01-22T05:24:21Z
ctdb-tests: Avoid race condition in sock_daemon test 5
This test fails when it takes more than 10s to run. This can occur
when the system is loaded and socket-wrapper is used.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
9daf40c5 by Martin Schwenke at 2018-01-22T10:11:37Z
talloc: Fix documentation typo
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Mon Jan 22 11:11:38 CET 2018 on sn-devel-144
- - - - -
c34c2dd5 by Stefan Metzmacher at 2018-01-22T11:26:19Z
testprogs:blackbox: add regression test for unsorted links in tombstones-expunge.sh
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a25c99c9 by Stefan Metzmacher at 2018-01-22T11:26:19Z
repl_meta_data: fix linked attribute corruption on databases with unsorted links on expunge
This is really critical bug, it removes valid linked attributes.
When a DC was provisioned/joined with a Samba version older than 4.7
is upgraded to 4.7 (or later), it can happen that the garbage collection
(dsdb_garbage_collect_tombstones()), triggered periodically by the 'kcc' task
of 'samba' or my 'samba-tool domain tombstones expunge' corrupt the linked attributes.
This is similar to Bug #13095 - Broken linked attribute handling,
but it's not triggered by an originating change.
The bug happens in replmd_modify_la_delete()
were get_parsed_dns_trusted() generates a sorted array of
struct parsed_dn based on the values in old_el->values.
If the database doesn't support the sortedLinks compatibleFeatures
in the @SAMBA_DSDB record, it's very likely that
the array of old_dns is sorted differently than the values
in old_el->values.
The problem is that struct parsed_dn has just a pointer
'struct ldb_val *v' that points to the corresponding
value in old_el->values.
Now if vanish_links is true the damage happens here:
if (vanish_links) {
unsigned j = 0;
for (i = 0; i < old_el->num_values; i++) {
if (old_dns[i].v != NULL) {
old_el->values[j] = *old_dns[i].v;
j++;
}
}
old_el->num_values = j;
}
old_el->values[0] = *old_dns[0].v;
can change the value old_dns[1].v is pointing at!
That means that some values can get lost while others
are stored twice, because the LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK
allows it to be stored.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
850a8027 by Stefan Metzmacher at 2018-01-22T11:26:20Z
dbcheck: disable fixing duplicate linked attributes until we can recover lost forward links
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ca5eaf0c by Andreas Schneider at 2018-01-22T11:26:20Z
s3:waf: Move HAVE_NETGROUP to wscript
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
c29d087e by Andreas Schneider at 2018-01-22T11:26:20Z
include: Create system/nis.h in libreplace
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
ee0be7eb by Günther Deschner at 2018-01-22T11:26:20Z
build: deal with recent glibc sunrpc header removal
We need to rely on libtirpc or libntirpc to be around in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10976
Guenther
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
87f105d7 by Andreas Schneider at 2018-01-22T11:26:20Z
wafsamba: Allow passing 'lib' to CHECK_STRUCTURE_MEMBER
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
We need to be able to point it to the right header location, so we need
to be able to pass the 'lib' that it gets set.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
39a6ea76 by Andreas Schneider at 2018-01-22T16:26:52Z
waf: Fix NFS quota support with libtirpc
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Jan 22 17:26:52 CET 2018 on sn-devel-144
- - - - -
c404d588 by Volker Lendecke at 2018-01-23T00:49:22Z
libsmb: Give unexpected.c its own header
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e8e09d72 by Volker Lendecke at 2018-01-23T00:49:23Z
libnmb: Remove a pointless struct member
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e4dc85b6 by Volker Lendecke at 2018-01-23T00:49:23Z
libnmb: tsocket_address_unix_from_path deals fine with NULL
Other callers use NULL instead of "". Streamline it a bit
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0050d1b9 by Volker Lendecke at 2018-01-23T00:49:23Z
libnmb: Fix two signed/unsigned hickups
Two warnings less
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
89933429 by Volker Lendecke at 2018-01-23T00:49:23Z
dsgetdcname: Fix a signed/unsigned hickup
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ca3745db by Volker Lendecke at 2018-01-23T00:49:23Z
libcli/resolve: Fix typos
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
30ff05c6 by Volker Lendecke at 2018-01-23T00:49:23Z
libcli/resolve: Make functions static
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c57cce1b by Volker Lendecke at 2018-01-23T05:36:36Z
libcli/resolve: Make functions static
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jan 23 06:36:36 CET 2018 on sn-devel-144
- - - - -
45aec7d3 by Volker Lendecke at 2018-01-23T23:58:17Z
libnmb: Add "parse_packet_talloc"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6a609703 by Volker Lendecke at 2018-01-23T23:58:17Z
libnmb: Make nb_packet_read_recv return a talloc'ed pkt
This saves a few explicit destructors only doing free_packet()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7ea5d38a by Volker Lendecke at 2018-01-24T04:48:19Z
libnmb: Move "read_packet" to nmbd
It's only used there
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan 24 05:48:19 CET 2018 on sn-devel-144
- - - - -
da3aaf97 by Martin Schwenke at 2018-01-24T04:49:55Z
ctdb-tests: Add timeout for individual tests, default is 10 minutes
This will cause a hung test to time out and fail rather than letting a
test run hang indefinitely. Some tests can take 5 minutes to run, so
10 minutes should be plenty.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e17d02d4 by Martin Schwenke at 2018-01-24T04:49:55Z
ctdb-tests: Only use socket-wrapper for simple, local daemon tests
The run_tests.sh -S option now takes the path to the socker-wrapper
shared library.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
50150d75 by Martin Schwenke at 2018-01-24T04:49:55Z
ctdb-tests: Add a UNIT pseudo-test-suite
This runs all of the unit tests.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8b82d108 by Martin Schwenke at 2018-01-24T09:28:52Z
ctdb-tests: Fix a typo
This typo causes the script to be run with the default shell. If this
is not bash then the shell will fail to parse integration.bash.
This is a regression caused by commit
c607989d91b64d837253aae794b1a3d6013eb3e0. Clearly nobody has run this
test on Debian for a long time. :-(
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Wed Jan 24 10:28:52 CET 2018 on sn-devel-144
- - - - -
70d7f7d0 by Trever L. Adams at 2018-01-24T09:29:46Z
Samba-VirusFilter: memcache changes.
Signed-off-by: Trever L. Adams <trever.adams at gmail.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b1e69edd by Trever L. Adams at 2018-01-24T09:29:46Z
Samba-VirusFilter: common headers and sources.
Samba-VirusFilter Contributors:
SATOH Fumiyasu @ OSS Technology Corp., Japan
Module creator/maintainer
Luke Dixon luke.dixon at zynstra.com
Samba 4 support
Trever L. Adams
Documentation
Code contributions
Samba-master merge work
With many thanks to the Samba Team.
Signed-off-by: Trever L. Adams <trever.adams at gmail.com>
Signed-off-by: SATOH Fumiyasu <fumiyas at osstech.co.jp>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0b25089e by Trever L. Adams at 2018-01-24T09:29:46Z
Samba-VirusFilter: Sophos VFS backend.
Signed-off-by: Trever L. Adams <trever.adams at gmail.com>
Signed-off-by: SATOH Fumiyasu <fumiyas at osstech.co.jp>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5970d68b by Trever L. Adams at 2018-01-24T09:29:46Z
Samba-VirusFilter: F-Secure AntiVirus (fsav) VFS and man page.
Signed-off-by: Trever L. Adams <trever.adams at gmail.com>
Signed-off-by: SATOH Fumiyasu <fumiyas at osstech.co.jp>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
cbf743d3 by Trever L. Adams at 2018-01-24T14:08:59Z
Samba-VirusFilter: clamav VFS and man page.
Signed-off-by: Trever L. Adams <trever.adams at gmail.com>
Signed-off-by: SATOH Fumiyasu <fumiyas at osstech.co.jp>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Jan 24 15:08:59 CET 2018 on sn-devel-144
- - - - -
d4f7d9e0 by Volker Lendecke at 2018-01-25T00:53:53Z
libnmb: Fix CID 1428474 Incorrect expression (COPY_PASTE_ERROR)
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Jan 25 01:53:53 CET 2018 on sn-devel-144
- - - - -
c890011a by Trever L. Adams at 2018-01-25T11:24:08Z
Samba-VirusFilter: fix virusfilter_vfs_close() crash
Signed-off-by: Trever L. Adams <trever.adams at gmail.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
- - - - -
e320c4c9 by Trever L. Adams at 2018-01-25T11:24:08Z
Samba-VirusFilter: clean up dir check vfs_close and vfs_open
Signed-off-by: Trever L. Adams <trever.adams at gmail.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
- - - - -
89c3a1eb by Volker Lendecke at 2018-01-25T11:24:08Z
libnet: Use talloc_zero instead of ZERO_STRUCTP
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
- - - - -
849169a7 by Swen Schillig at 2018-01-25T16:19:12Z
Fix wrong condition for error string assignment
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Thu Jan 25 17:19:12 CET 2018 on sn-devel-144
- - - - -
e7425bd5 by Jeremy Allison at 2018-01-26T01:25:20Z
s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here.
Thanks to Isaac Boukris <iboukris at gmail.com> for finding the
issue and testing this fix.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13244
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jan 26 02:25:20 CET 2018 on sn-devel-144
- - - - -
0766f066 by Volker Lendecke at 2018-01-30T12:27:51Z
libcli: Remove finddcs_nbt.c
This completes commit 06c90cb6f55701effa4cbafaf189a4de8471949b
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Jan 30 13:27:51 CET 2018 on sn-devel-144
- - - - -
f9150c5f by Swen Schillig at 2018-01-30T12:28:39Z
ctdb-common: Return if packet size is zero
Prevent further processing of sock_queue_process
if the received packet size is zero.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
eae2d35f by Swen Schillig at 2018-01-30T12:28:39Z
ctdb-common: Remove sock_queue_destructor
The sock_queue_destructor is not needed.
The performed tasks will be performed automatically.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
32d867cf by Swen Schillig at 2018-01-30T17:12:32Z
ctdb-common: Optimize sock_queue's memory managament
Make use of talloc pools for the sock_queue's memory requirements.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Tue Jan 30 18:12:32 CET 2018 on sn-devel-144
- - - - -
9fc47124 by Jeremy Allison at 2018-01-30T23:38:08Z
s3: librpc: Allow client to correctly report etype unsupported by KDC to caller.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13247
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Jan 31 00:38:09 CET 2018 on sn-devel-144
- - - - -
8a4409c9 by Volker Lendecke at 2018-01-30T23:40:01Z
vfs_virusfilter: Fix CID 1428739 Buffer not null terminated
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
734404bb by Volker Lendecke at 2018-01-30T23:40:01Z
vfs_virusfilter: Fix CID 1428740 Macro compares unsigned to 0
vsnprintf returns "int" and not "size_t"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
21eb5169 by Volker Lendecke at 2018-01-31T04:28:48Z
vfs_virusfilter: Fix CID 1428738 Macro compares unsigned to 0
vsnprintf returns "int" and not "size_t"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan 31 05:28:48 CET 2018 on sn-devel-144
- - - - -
925dc87a by Swen Schillig at 2018-01-31T23:33:34Z
talloc_zero libnet_context on init
Zero the libnet_context on initialization
preventing an uninitalized cli_credentials struct.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Feb 1 00:33:34 CET 2018 on sn-devel-144
- - - - -
83d42203 by Andrew Bartlett at 2018-02-01T02:20:26Z
WHATSNEW: Add section for "samba-tool visualize"
(text from the commit message by Douglas adding the feature)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13226
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
c90cf067 by David Mulder at 2018-02-01T02:20:26Z
gpo: Correct documentation
The doc still contains a reference to env var
policy (which isn't present in this release).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13223
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e10de35f by David Mulder at 2018-02-01T02:20:26Z
gpo: Correct WHATSNEW
The WHATSNEW incorrectly explains how to enable gpo.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13223
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b3673824 by Andrew Bartlett at 2018-02-01T06:57:54Z
WHATSNEW: Mention new option "apply group policies"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13223
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Feb 1 07:57:54 CET 2018 on sn-devel-144
- - - - -
4c857e08 by Ralph Boehme at 2018-02-03T17:41:08Z
selftest: run deltest20 against s3 as well
This marks the test as knownfail, the next commit fixes it.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
84f07a8d by Ralph Boehme at 2018-02-03T22:42:16Z
s3/smbd: fix handling of delete-on-close on directories
This implements a check to test the delete-on-close flag of a directory
for requests to create files in this directory.
Windows server implement this check, Samba doesn't as it has performance
implications.
This commit implements the check and a new option to control it. By
default the check is skipped, setting "check parent directory delete on
close = yes" enables it.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Sat Feb 3 23:42:16 CET 2018 on sn-devel-144
- - - - -
28fcf631 by Stefan Metzmacher at 2018-02-05T12:49:11Z
python/netcmd: implement __repr__ for class CommandError
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
681e0a17 by Stefan Metzmacher at 2018-02-05T12:49:11Z
python:tests: use TestCaseInTempDir for "samba.tests.common"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
1341780d by Stefan Metzmacher at 2018-02-05T12:49:11Z
python:tests: remove test_dsdb_Dn() to test_dsdb_Dn_binary()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c56eb491 by Stefan Metzmacher at 2018-02-05T12:49:11Z
python:tests: add test_dsdb_Dn_sorted() to "samba.tests.common"
Failing until dsdb_Dn implements the correct __cmp__() function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
55d46654 by Stefan Metzmacher at 2018-02-05T12:49:12Z
python/common: add __cmp__ function to dsdb_Dn similar to parsed_dn_compare()
Linked attribute values are sorted by objectGUID of the link target.
For C code we have parsed_dn_compare() to implement the logic,
the same is now available on python dsdb_Dn objects.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8c01acd5 by Ralph Boehme at 2018-02-05T12:49:12Z
Revert "dbcheck: disable fixing duplicate linked attributes until we can recover lost forward links"
This reverts commit 43e3f79d54c5aeaea820865d298d4249cf47af99.
The real fix will follow in the next commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
52bd0b09 by Ralph Boehme at 2018-02-05T12:49:12Z
selftest/dbcheck: add a test for corrupt forward links restoration
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
4a71394c by Ralph Boehme at 2018-02-05T12:49:12Z
dbcheck: rename and reorder err_orphaned_backlink arguments
In preperation of adding more arguments.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
6f775038 by Ralph Boehme at 2018-02-05T12:49:12Z
dbcheck: add forward_syntax argument to err_orphaned_backlink
Will be used in a subsequent commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
9f47fe6c by Stefan Metzmacher at 2018-02-05T12:49:12Z
dbcheck: only pass obj_dn to err_orphaned_backlink()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a651cc79 by Ralph Boehme at 2018-02-05T12:49:12Z
dbcheck: rename err_duplicate_links arguments
In preperation of adding more arguments.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
dc43d31c by Ralph Boehme at 2018-02-05T12:49:12Z
dbcheck: add link direction to error message for duplicate links
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ec433f85 by Ralph Boehme at 2018-02-05T12:49:12Z
dbcheck: rename err_duplicate_links() to err_recover_forward_links() and adjust the output message
It's really a fatal error to have duplicate values as it's very likely that
some forward links got lost.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
b0bc3f60 by Stefan Metzmacher at 2018-02-05T12:49:12Z
dbcheck: remove ldb.FLAG_MOD_REPLACE when replacing search results for forward links
Search results don't have an ldb.FLAG_MOD_* flags set.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7df17c0a by Stefan Metzmacher at 2018-02-05T12:49:12Z
dbcheck: store fixed forward link attributes with the correct sorting
The corruption we're trying to fix messed up the sorting,
so there's no point in keeping the current order.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
44a8782d by Ralph Boehme at 2018-02-05T12:49:12Z
dbcheck: split out check_duplicate_links from check_dn
Refactoring, no change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
e4cc062f by Ralph Boehme at 2018-02-05T12:49:13Z
dbcheck: add a dict where we remember attributes with duplicate links
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
e258b4fb by Ralph Boehme at 2018-02-05T12:49:13Z
dbcheck: add a helper function that checks is a value has duplicate links
Will be used in a subsequent commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
20598033 by Stefan Metzmacher at 2018-02-05T12:49:13Z
dbcheck: make sure we always ask for the objectGUID attribute explicitly
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
182fb3c4 by Stefan Metzmacher at 2018-02-05T12:49:13Z
dbcheck: make sure we ask for replPropertyMetaData if we need to process any forward link attributes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d59f2013 by Ralph Boehme at 2018-02-05T12:49:13Z
dbcheck: add find_missing_forward_links_from_backlinks()
find_missing_forward_links_from_backlinks() finds and returns missing forward-links by
searching all for all objects that link to the object in the backlink attribute.
This will be used in the next commit to restore forward links in a corrupted
forward link attribute by passing the missing backling objects to
err_recover_forward_links().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
5bf823d6 by Ralph Boehme at 2018-02-05T12:49:13Z
dbcheck: add support for restoring missing forward links
This recovers broken databases with duplicate and missing
forward links.
See commit a25c99c9f1fd1814c56c21848c748cd0e038eed7 for
the fix that prevents to problem from happening.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0c3348fe by Stefan Metzmacher at 2018-02-05T17:32:51Z
dbcheck: skip find_missing_forward_links_from_backlinks() if the db has the sortedLinks feature
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Feb 5 18:32:51 CET 2018 on sn-devel-144
- - - - -
859698d2 by Volker Lendecke at 2018-02-06T01:47:43Z
libads: Fix the build --without-ads
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Tue Feb 6 02:47:44 CET 2018 on sn-devel-144
- - - - -
a222b750 by Volker Lendecke at 2018-02-06T14:36:01Z
libgpo: Fix the build --without-ads
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Tue Feb 6 15:36:01 CET 2018 on sn-devel-144
- - - - -
0f577cd9 by Stefan Metzmacher at 2018-02-07T12:04:24Z
selftest: run "samba.tests.common"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0109b596 by Karolin Seeger at 2018-02-07T12:04:24Z
docs-xml: Add 'samba-tool visualize' to man samba-tool.8.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13226
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
701b2ed6 by Karolin Seeger at 2018-02-07T16:57:39Z
WHATSNEW: Start release notes for Samba 4.9.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Feb 7 17:57:39 CET 2018 on sn-devel-144
- - - - -
b96b51fa by Andrew Bartlett at 2018-02-07T22:45:23Z
lib/crypto: Update REQUIREMENTS for recent Samba changes
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a157091a by Gary Lockyer at 2018-02-07T22:45:23Z
samdb: Add tests for samdb tdb file creation.
The current defaults for SamDB are to create the database file if it
does not exist. Most of the uses of SamDB assume the database already
exists, and so auto-creation is not the desired behaviour.
Also TDB will overwrite an existing non TDB file with a newly created
TDB file. This becomes an issue when using alternate database file
formats i.e. lmdb.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
736e438b by Gary Lockyer at 2018-02-07T22:45:23Z
pyldb: Expose extra flags
Expose the SHOW_BINARY, ENABLE_TRACING and DONT_CREATE_DB flag constants
in the python api.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7009479b by Gary Lockyer at 2018-02-07T22:45:23Z
python SamDB: init default flags to FLG_DONT_CREATE_DB
The current defaults for SamDB are to create the database file if it does not
exist. Most of the uses of SamDB assume the database already exists, and so
auto-creation is not the desired behaviour.
TDB will overwrite an existing non TDB file with a newly created TDB file.
This becomes an issue when using alternate database file formats i.e. lmdb.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a3485c41 by Martin Schwenke at 2018-02-08T03:42:56Z
ctdb-tests: Set test timeout to an hour
The current 10 minute timeout is causing autobuild failures in some
environments.
This timeout is simply meant to stop a test run from hanging
indefinitely due to a broken test. A 1 hour timeout is better than no
timeout.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Feb 8 04:42:56 CET 2018 on sn-devel-144
- - - - -
cf338b82 by Björn Baumbach at 2018-02-08T03:58:09Z
pyldb: extend dn.is_child_of() test: dn is child of itself
Add this test so ensure that this (unclear) behaviour does
not change silently.
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0a88be83 by Björn Baumbach at 2018-02-08T03:58:09Z
python/samdb: add method normalize_dn_in_domain(): get full dn of an relative dn
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
3f022b2d by Andrew Bartlett at 2018-02-08T03:58:09Z
python/samdb: Allow samdb.normalize_dn_in_domain() to take an ldb.Dn()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f202b0ef by Andrew Bartlett at 2018-02-08T03:58:09Z
python/samdb: Improve function comment on normalize_dn_in_domain()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f973667f by Andrew Bartlett at 2018-02-08T03:58:09Z
selftest: Add tests for samdb.normalize_dn_in_domain()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
2e0f33d8 by Björn Baumbach at 2018-02-08T03:58:09Z
samba-tool: implement ou management commands
Available subcommands:
create - Create an organizational unit.
delete - Delete an organizational unit.
list - List all organizational units
listobjects - List all objects in an organizational unit.
move - Move an organizational unit.
rename - Rename an organizational unit.
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e3882f80 by Björn Baumbach at 2018-02-08T03:58:09Z
tests/samba-tool: add tests for new ou management commands
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
dbd29a01 by Björn Baumbach at 2018-02-08T03:58:09Z
docs-xml:samba-tool.8: document ou management commands
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
dc0fa33c by Björn Baumbach at 2018-02-08T03:58:09Z
samba-tool: implement user show command to display a user AD object
This command displays a user account and it's attributes in the
Active Directory domain.
The username specified on the command is the sAMAccountName.
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6fbfe84c by Björn Baumbach at 2018-02-08T03:58:10Z
docs-xml:samba-tool.8: document "user show" command
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
87ddbb67 by Björn Baumbach at 2018-02-08T03:58:10Z
tests/samba-tool: add test for samba-tool user show command
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4c1101d0 by Björn Baumbach at 2018-02-08T03:58:10Z
samba-tool user: fix some typos
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
62a8eecf by Björn Baumbach at 2018-02-08T03:58:10Z
samba-tool user: implement the user move command
This new command allows to move an user into an ou or container.
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b6b2eb8f by Björn Baumbach at 2018-02-08T03:58:10Z
docs-xml:samba-tool.8: document "user move" command
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
37b5195d by Björn Baumbach at 2018-02-08T03:58:10Z
tests/samba-tool: add tests for user move command
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6a2a5e61 by Björn Baumbach at 2018-02-08T03:58:10Z
samba-tool group: implement the group move command
This new command allows to move a a group into an ou or container.
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
8466323c by Björn Baumbach at 2018-02-08T03:58:10Z
docs-xml:samba-tool.8: document "group move" command
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c4bb546b by Björn Baumbach at 2018-02-08T03:58:10Z
tests/samba-tool: add tests for samba-tool group move command
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
178f8684 by Joe Guo at 2018-02-08T03:58:10Z
samba-tool: add dns cleanup cmd
1. Add new command to cleanup dns records for a dns host name
2. Add test to verify the command is working
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d82687e7 by Garming Sam at 2018-02-08T03:58:10Z
remove_dc: Allow remove_dns_references to ignore missing server names
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
97de384e by Garming Sam at 2018-02-08T03:58:10Z
tests/samba-tool: dns cleanup should work with a missing name
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
90e74fc1 by Garming Sam at 2018-02-08T03:58:10Z
samba-tool/dns: Clarify the cleanup subcommand
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c7d0e6f3 by Garming Sam at 2018-02-08T09:00:12Z
samba-tool/tests: Check that dns cleanup does not spuriously remove entries
This might happen in the multi-record case.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Feb 8 10:00:13 CET 2018 on sn-devel-144
- - - - -
3bc87a20 by Volker Lendecke at 2018-02-08T09:01:50Z
lib: Make g_lock_lock_send use TDB_DATA
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
bdeb7e7d by Volker Lendecke at 2018-02-08T09:01:50Z
lib: Make g_lock_lock use TDB_DATA
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a104e081 by Volker Lendecke at 2018-02-08T09:01:50Z
lib: Make g_lock_unlock use TDB_DATA
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ed3521d1 by Volker Lendecke at 2018-02-08T09:01:50Z
lib: Make g_lock_write_data use TDB_DATA
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a6c749e7 by Volker Lendecke at 2018-02-08T09:01:50Z
lib: Make g_lock_do use TDB_DATA
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
67fcc7db by Volker Lendecke at 2018-02-08T09:01:50Z
lib: Make g_lock_dump use TDB_DATA
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
be3c8d08 by Volker Lendecke at 2018-02-08T13:50:49Z
lib: Make g_lock_locks use TDB_DATA
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Feb 8 14:50:49 CET 2018 on sn-devel-144
- - - - -
5a483bc0 by Andrew Bartlett at 2018-02-09T06:59:20Z
lib/crypto/REQUIREMENTS: DRSUAPI replication replicated secrets was missing from the RC4 section
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
57784b41 by Douglas Bagnall at 2018-02-09T06:59:20Z
tests/samba-tool user_wdigest: avoid py3-incompatible md5 module
In Python3, the md5 and sha modules are gone, but the functions are
available via hashlib (which is also in python 2.5+).
The md5.hexdigest() does what binascii.hexlify(md5.digest()) does.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0e912a73 by Douglas Bagnall at 2018-02-09T06:59:20Z
tests/password_hash: avoid py3-incompatible md5 module
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a43dbb93 by Douglas Bagnall at 2018-02-09T06:59:20Z
tests/samba_tool user virtualCryptSHA: remove unused py3 incompatible import
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d8aa50b2 by Douglas Bagnall at 2018-02-09T06:59:20Z
python samdb.newuser(): use user DN not samaccountname to set password
This is noticably faster in cases (e.g. tests) where the same user
is added and deleted many times.
The rreason is samaccountname is retained for deleted objects, so the
search finds multiple objects that need to be filtered out internally.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
055b7308 by Douglas Bagnall at 2018-02-09T06:59:20Z
subunit.run: report failure in process return code
The protocol requires that the TestResult object remembers when it has failed, but
in subclassing unittest.TestResult we forgot to ensure this is true.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f6f19293 by Douglas Bagnall at 2018-02-09T06:59:20Z
samba-tool rodc: consistently use self.outf, not stdout
This increases the output of some commands from the point of view of
tests which read the outf, so we also need to change those tests a
bit.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cefb41b0 by Douglas Bagnall at 2018-02-09T11:34:06Z
sambatool drs showrepl: prefer self over ctx in python classes
and the line length too.
(Now only python/samba/join.py uses ctx for self, but at least it does
it consistently. This was the only ctx function in the class).
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Feb 9 12:34:06 CET 2018 on sn-devel-144
- - - - -
53484d0d by Stefan Metzmacher at 2018-02-10T07:35:15Z
winbindd: fix LSA connections via DCERPC_AUTH_SCHANNEL
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13231
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
1918a870 by Stefan Metzmacher at 2018-02-10T07:35:15Z
winbindd: remove useless calls to get_trust_credentials() before cli_rpc_pipe_open_schannel_with_creds()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13231
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9fef5d18 by Stefan Metzmacher at 2018-02-10T07:35:15Z
winbindd: add missing can_do_ncacn_ip_tcp initialisation
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13232
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9a613f4b by Ralph Boehme at 2018-02-10T07:35:15Z
winbindd: add routing_domain as parameter to add_trusted_domain
This also fixes the following CIDs:
CID 1427622: Null pointer dereferences (REVERSE_INULL)
CID 1427619: Null pointer dereferences (REVERSE_INULL)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13233
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
fe47041b by Stefan Metzmacher at 2018-02-10T07:35:15Z
s3:rpc_client: allow Netlogon{Network,Interactive}TransitiveInformation in rpccli_netlogon_password_logon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13234
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7329706a by Stefan Metzmacher at 2018-02-10T07:35:15Z
s3:rpc_client: allow passing NetlogonNetwork[Transitive]Information to rpccli_netlogon_network_logon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13234
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
70bb9c27 by Stefan Metzmacher at 2018-02-10T07:35:15Z
winbindd: use Netlogon{Interactive,Network}TransitiveInformation on transitive trusts
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13234
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c5bd18c0 by Stefan Metzmacher at 2018-02-10T07:35:16Z
winbindd: remove const from set_routing_domain()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13235
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
af9a37aa by Stefan Metzmacher at 2018-02-10T07:35:16Z
winbindd: prepare find_auth_domain() transitive trusts on a DC
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13235
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8b7bf6d4 by Stefan Metzmacher at 2018-02-10T07:35:16Z
winbindd: prepare find_lookup_domain_from_{name,sid}() transitive trusts on a DC
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13235
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7fc19747 by Stefan Metzmacher at 2018-02-10T07:35:16Z
s3:rpc_client: pass down lsa_LookupNamesLevel to dcerpc_lsa_lookup_sids_generic()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13236
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
728fb7c5 by Stefan Metzmacher at 2018-02-10T07:35:16Z
winbindd: don't force using LSA_LOOKUP_NAMES_ALL for non workstation trusts.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13236
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4274ef68 by Ralph Boehme at 2018-02-10T07:35:16Z
winbindd: move loading of trusted domains on a DC to a seperate function
This allows using the split out function in a subsequent commit in the
MSG_WINBIND_NEW_TRUSTED_DOMAIN message handler.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
d8e4e7ca by Ralph Boehme at 2018-02-10T07:35:16Z
winbindd: use add_trusted_domains_dc in wb_imsg_new_trusted_domain
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ffa9eb7d by Ralph Boehme at 2018-02-10T07:35:16Z
s4/rpc_server: remove unused data argument from MSG_WINBIND_NEW_TRUSTED_DOMAIN
winbindd doesn't use that data anymore.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
9f96ede6 by Ralph Boehme at 2018-02-10T07:35:16Z
winbindd: rename MSG_WINBIND_NEW_TRUSTED_DOMAIN to MSG_WINBIND_RELOAD_TRUSTED_DOMAINS
This reflects the new implementation in winbindd.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
6151909c by Ralph Boehme at 2018-02-10T07:35:16Z
s4/rpc_server: trigger trusts reload in winbindd after successfull trust info acquisition
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
b112cbc2 by Stefan Metzmacher at 2018-02-10T07:35:16Z
winbindd: fix debug message in find_default_route_domain() on a DC
As we don't support multiple domains in a forest yet,
we don't need to print a warning a log level 0.
This also adds a missing \n.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13255
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8b0e1a77 by Stefan Metzmacher at 2018-02-10T07:35:16Z
wbinfo: avoid segfault in wbinfo_auth_crap() if winbindd is not available
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13256
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
2ee25514 by Stefan Metzmacher at 2018-02-10T07:35:16Z
winbindd: add_trusted_domain_from_auth() should not use dns_name = ""
Check whether the DNS domain name in the info6 struct is actually more
then just an empty string. If it is we want to call add_trusted_domain()
with NULL as DNS domain name argument.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13257
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
be26a472 by Stefan Metzmacher at 2018-02-10T07:35:16Z
s3/rpc_client: add rpccli_netlogon_interactive_logon()
This will be used in a subsequent commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d1c36761 by Stefan Metzmacher at 2018-02-10T07:35:17Z
winbindd: separate plaintext given and interactive in winbind_samlogon_retry_loop()
We need to handle 4 cases:
plaintext_given=true interactive=true
plaintext_given=false interactive=true
plaintext_given=true interactive=false
plaintext_given=false interactive=false
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
2268f1c0 by Stefan Metzmacher at 2018-02-10T07:35:17Z
winbindd: add a comment to a parameter in _winbind_SamLogon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8c6c47ae by Stefan Metzmacher at 2018-02-10T07:35:17Z
winbindd: pass 'bool interactive' to winbind_dual_SamLogon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d76bcdb0 by Stefan Metzmacher at 2018-02-10T07:35:17Z
winbindd: handle interactive logons in _winbind_SamLogon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b60c6341 by Stefan Metzmacher at 2018-02-10T07:35:17Z
winbindd: introduce a cm_connect_netlogon_secure() which gives a valid netlogon_creds_ctx
At lot of callers require a valid schannel connection.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13259
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
60aa5e76 by Stefan Metzmacher at 2018-02-10T07:35:17Z
s3/rpc_client: add copy_netr_SamInfo6() and map_validation_to_info6()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13260
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
1a985736 by Stefan Metzmacher at 2018-02-10T07:35:17Z
winbindd: allow validation level 6 in winbind_SamLogon
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13260
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e1ba8199 by Stefan Metzmacher at 2018-02-10T07:35:17Z
s4/auth_winbind: ask for validation level 6
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13260
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d4ba23fd by Stefan Metzmacher at 2018-02-10T07:35:17Z
s3/auth: add create_info6_from_pac()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13261
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
2b018187 by Stefan Metzmacher at 2018-02-10T07:35:17Z
s3/rpc_client: add map_info6_to_validation()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13261
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
021d75fb by Stefan Metzmacher at 2018-02-10T07:35:17Z
winbindd: get netr_SamInfo6 out of winbindd_dual_pam_auth_kerberos()
This way we don't loose dns_domain_name and user principal.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13261
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
42e44539 by Stefan Metzmacher at 2018-02-10T07:35:17Z
winbindd: call add_trusted_domain_from_auth() in winbindd_pam_auth_crap_done()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5ce3cb2f by Stefan Metzmacher at 2018-02-10T07:35:18Z
winbindd: let winbindd_pam_auth_pac_send() compute info6 from PAC
This way we don't loose the DNS info and UPN. A subsequent commit will
let winbindd_pam_auth_pac_send() return the full validation info.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5444cc4e by Stefan Metzmacher at 2018-02-10T07:35:18Z
winbindd: complete WBFLAG_PAM_AUTH_PAC handling in winbindd_pam_auth_crap_send()
winbindd_pam_auth_crap_recv() should not have any real logic.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8422c001 by Stefan Metzmacher at 2018-02-10T07:35:18Z
winbindd: rename winbindd_pam_auth_pac_send and let it return validation
Just a preperational step. The next commit will update the caller to
make use of the validation info.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
597e7553 by Stefan Metzmacher at 2018-02-10T12:08:50Z
winbindd: WBFLAG_PAM_AUTH_PAC should call add_trusted_domain_from_auth() is the result is trusted
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Sat Feb 10 13:08:50 CET 2018 on sn-devel-144
- - - - -
72a81529 by Douglas Bagnall at 2018-02-11T23:50:25Z
tests: SambaToolCmdTest.assertMatch() indicates what was asserted
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cb920dd8 by Douglas Bagnall at 2018-02-12T04:21:01Z
tests/samba-tool user wdigest: fix a flapping test
The output of something like
samba-tool user getpassword $USER --attributes virtualWDigest01
contains an LDIF section with long strings folded on the 77th column.
To unfold this LDIF we were using:
result = re.sub(r"\n\s*", '', out)
which worked fine EXCEPT when a space in the output happened to land
immediately after the fold and got eaten by the \s*.
Instead we remove just a single space after the line break, because
that is always what fold_string() in lib/ldb/common/ldb_ldif.c
inserts, and for this simple replacement we don't need the re module.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Feb 12 05:21:01 CET 2018 on sn-devel-144
- - - - -
b4384b7f by Volker Lendecke at 2018-02-12T18:51:35Z
winbind: Improve child selection
This improves the situation when a client request blocks a winbind
child. This might be a slow samlogon or lookupnames to a domain that's
far away. With random selection of the child for new request coming in
we could end up with a long queue when other, non-blocked children
could serve those new requests. Choose the shortest queue.
This is an immediate and simple fix. Step two will be to have a
per-domain and not a per-child queue. Right now we're pre-selecting
the check-out queue at Fry's randomly without looking at the queue
length. With this change we're picking the shortest queue. The better
change will be what Fry's really does: One central queue and red/green
lights on the busy/free checkout counters.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Feb 12 19:51:35 CET 2018 on sn-devel-144
- - - - -
a5cd134e by Andreas Schneider at 2018-02-12T18:52:48Z
winbindd: Free memory before we exit the connect child
This will make valgrind happy.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
2abf47cf by Andreas Schneider at 2018-02-12T18:52:48Z
winbindd: Free is_parent before we terminate
This makes valgrind happy.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
1e8ad196 by Andreas Schneider at 2018-02-12T23:25:27Z
winbindd: Initialize the domain groups member
==9405== 4 errors in context 1 of 493:
==9405== Conditional jump or move depends on uninitialised value(s)
==9405== at 0x7507F71: vfprintf (in /lib64/libc-2.12.so)
==9405== by 0x75C515B: __vasprintf_chk (in /lib64/libc-2.12.so)
==9405== by 0x2A8728: dbgtext (stdio2.h:199)
==9405== by 0x22DCBB: winbindd_list_groups_done (winbindd_list_groups.c:127)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x3CDAE8: dcerpc_binding_handle_call_done (binding_handle.c:445)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x202701: wbint_bh_raw_call_done (winbindd_dual_ndr.c:139)
==9405== by 0x6C82C60: tevent_common_loop_timer_delay (tevent_timed.c:341)
==9405== by 0x6C83CA1: epoll_event_loop_once (tevent_epoll.c:911)
==9405== by 0x6C822D5: std_event_loop_once (tevent_standard.c:114)
==9405== by 0x6C7DC3C: _tevent_loop_once (tevent.c:533)
==9405== by 0x1D8A03: main (winbindd.c:1490)
==9405== Uninitialised value was created by a heap allocation
==9405== at 0x4A069EE: malloc (vg_replace_malloc.c:270)
==9405== by 0x6A71DCA: _talloc_array (in /usr/lib64/libtalloc.so.2.1.5)
==9405== by 0x22D959: winbindd_list_groups_send (winbindd_list_groups.c:69)
==9405== by 0x1D76BC: winbind_client_request_read (winbindd.c:647)
==9405== by 0x23AF2A: wb_req_read_done (wb_reqtrans.c:126)
==9405== by 0x6C83EA5: epoll_event_loop_once (tevent_epoll.c:728)
==9405== by 0x6C822D5: std_event_loop_once (tevent_standard.c:114)
==9405== by 0x6C7DC3C: _tevent_loop_once (tevent.c:533)
==9405== by 0x1D8A03: main (winbindd.c:1490)
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Feb 13 00:25:27 CET 2018 on sn-devel-144
- - - - -
e6187be1 by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Fix a signed/unsigned hickup
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f5191626 by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Pass "file_id" through share_entry_forall
It's also in the share_entry, but that is redundant and will go
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
786e307f by Volker Lendecke at 2018-02-12T23:26:43Z
srvsvc: Use the passed-in file id, not the one from share_mode_entry
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9487510e by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Pass in "file_id" into share_mode_str()
This used to directly access share_entry->id, which will go
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3434b32b by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Pass in "file_id" into validate_my_share_entries
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c1079e3d by Volker Lendecke at 2018-02-12T23:26:43Z
srvsvc: Use the passed-in file_id
The one in share_mode_entry will go
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bab8bf7a by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Use "share_mode_data->id", not "share_mode_entry->id"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5fdc62b2 by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Remove a redundant check
The file ids in all share modes match the share_mode_data's one
We don't have a paranoia check for this, but the share mode is per inode.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fc424b28 by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Pass "file_id" explicitly into share_mode_entry_to_message()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b7e29d04 by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Pass "file_id" explicitly to message_to_share_mode_entry()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ddb15246 by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Avoid a dependency on share_mode_entry->id
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d9e51484 by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Avoid a dependency on share_mode_entry->id
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9d7701c9 by Volker Lendecke at 2018-02-12T23:26:43Z
srvsvc: Avoid a dependency on share_mode_entry->id
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1e2659e9 by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Pass "file_id" explicitly to send_break_message()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f7e65719 by Volker Lendecke at 2018-02-12T23:26:43Z
smbd: Pass "file_id" explicitly to send_break_to_none
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3bbc5756 by Volker Lendecke at 2018-02-13T04:01:38Z
smbd: remove "id" from share_mode_entry
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Feb 13 05:01:38 CET 2018 on sn-devel-144
- - - - -
d09bd976 by Andreas Schneider at 2018-02-13T15:25:33Z
docs: Fix smbpasswd manpage about password storage
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Tue Feb 13 16:25:33 CET 2018 on sn-devel-144
- - - - -
494dc70f by Volker Lendecke at 2018-02-13T15:42:22Z
libnbt: Use TALLOC_FREE
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
6f236159 by Volker Lendecke at 2018-02-13T15:42:22Z
libnbt: Apply some const
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
44dcd5d0 by Volker Lendecke at 2018-02-13T15:42:22Z
nbt_server: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
77c1df57 by Volker Lendecke at 2018-02-13T15:42:22Z
net: Add some {}
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f7cc3db3 by Volker Lendecke at 2018-02-13T15:42:22Z
libcli: Fix a cut&paste typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
aa29a695 by Volker Lendecke at 2018-02-13T15:42:22Z
libsmb: Fix destructor setup in unexpected.c
The destructor does DLIST_REMOVE, so better make sure "client" is in fact
member of that list when the destructor fires
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
3781dba9 by Volker Lendecke at 2018-02-13T15:42:22Z
libsmb: Fix an error path memleak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
093871d9 by Volker Lendecke at 2018-02-13T15:42:22Z
dsgetdcname: Add some const
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
46148e65 by Volker Lendecke at 2018-02-13T15:42:22Z
net: Slightly simplify net_lookup_dsgetdcname()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
36bb685a by Volker Lendecke at 2018-02-13T20:07:17Z
libsocket: Avoid an unnecessary else branch
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Feb 13 21:07:17 CET 2018 on sn-devel-144
- - - - -
ebd88eb4 by Andreas Schneider at 2018-02-14T19:32:18Z
docs: Add a not that 'wbinfo --user-groups' may be incomplete
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Feb 14 20:32:18 CET 2018 on sn-devel-144
- - - - -
298d812c by Andreas Schneider at 2018-02-14T23:18:28Z
python: Generate random test usernames
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a45e70bf by Andreas Schneider at 2018-02-14T23:18:28Z
python: Convert base64 encoded password to utf-8
Pair-Programmed-With: Alexander Bokovoy <ab at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7ee74f66 by Lumir Balhar at 2018-02-14T23:18:28Z
python: Port dsdb_dns module to Python 3 compatible form.
Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cb15e32f by Lumir Balhar at 2018-02-14T23:18:29Z
python: Add `text_type` Python 2/3 compatible function name.
This compatible function name represents `str` in Python 3
and `unicode` in Python 2.
Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bc7c6c15 by Lumir Balhar at 2018-02-14T23:18:29Z
python: Port samdb module to Python 3 compatible form
Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
dce18a07 by Lumir Balhar at 2018-02-14T23:18:29Z
python: Port dsdb module to Python 3 compatible form.
Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
70a85c16 by Lumir Balhar at 2018-02-14T23:18:29Z
python: tests: Make tests of dsdb Python module Python 3 compatible
Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
92ec01dc by Douglas Bagnall at 2018-02-14T23:18:29Z
python.subunit: add assertRegexpMatches for Python 2.6
This is used in python/samba/tests/samba_tool/provision_password_check.py
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cec3646c by Douglas Bagnall at 2018-02-14T23:18:29Z
tests: move samba-tool drs showrepl into its own suite
This is a simple copy of the sowrepl test to the new file, making room
to expand the test and (soon) to test JSON output.
pep-8 intentionally ignored to show this is a copy.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
48248b7a by Douglas Bagnall at 2018-02-14T23:18:29Z
test samba-tool drs showrepl: fix formatting and unused imports
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2cd70978 by Douglas Bagnall at 2018-02-14T23:18:29Z
test samba-tool drs showrepl: test expected output more strictly
We try to ensure the output has all the expected information in the
expected order.
Soon we're going to add a JSON output mode, and we are strengthening
the tests here to ensure we don't break anything.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
90d0c638 by Douglas Bagnall at 2018-02-14T23:18:29Z
samba-tool drs showrepl: restructure in preparation for --json
Basically we just separate data extraction from printing.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ed15a452 by Douglas Bagnall at 2018-02-14T23:18:29Z
samba-tool drs showrepl: add --json option for JSON output
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a12925b6 by Douglas Bagnall at 2018-02-14T23:18:29Z
test samba-tool drs showrepl: test --json output
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8e54bc46 by Andrew Bartlett at 2018-02-14T23:18:29Z
selftest: Require jansson support for selftest of the AD DC
This avoids this code becoming untested if a package is not installed or
the configure test is accidentially broken.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
b415f920 by Andrew Bartlett at 2018-02-14T23:18:29Z
selftest: GnuTLS is already mandetory to build the AD DC
This change avoids the code behind 'if have_tls_support' becoming untested
if the configure logic changes. We already assert that we have GnuTLS
elsewhere in the AD DC build scripts.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
23ec3021 by Andreas Schneider at 2018-02-14T23:18:29Z
smbspool: Initialize empty_str on declaration
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
278ac393 by Andrew Bartlett at 2018-02-14T23:18:29Z
selftest: Avoid a build started around midnight failing (again)
This case most likely relates to Daylight Saving changes creating
a 23 hour day.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a485ac32 by Douglas Bagnall at 2018-02-14T23:18:30Z
samba-tool: convert 'except X, e' to 'except X as e' for all X
This is needed for Python 3 and is compatible with python 2.6
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
4885937b by Douglas Bagnall at 2018-02-14T23:18:30Z
samba python libs: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
28134d00 by Douglas Bagnall at 2018-02-14T23:18:30Z
samba python tests: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
20e38fbd by Douglas Bagnall at 2018-02-14T23:18:30Z
dsdb python tests: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f43cb7c3 by Douglas Bagnall at 2018-02-14T23:18:30Z
source4/scripting python: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bf2086e1 by Douglas Bagnall at 2018-02-14T23:18:30Z
drs torture python: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
16e173ad by Douglas Bagnall at 2018-02-14T23:18:30Z
selftest and autrobuild: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5fbb4714 by Douglas Bagnall at 2018-02-14T23:18:30Z
scripts/ python: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
578786c3 by Douglas Bagnall at 2018-02-15T04:40:55Z
buildtools python: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Feb 15 05:40:55 CET 2018 on sn-devel-144
- - - - -
19fcd872 by Garming Sam at 2018-02-15T04:42:03Z
tests/replica_sync: Add some additional replication in setUp
This should avoid some failures due to stale objects.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ff9e63f9 by Garming Sam at 2018-02-15T04:42:03Z
tests/drs_base: Allow the net drs replicate to try with a single object
This eventually passes down the replicate single object exop.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e694b8a1 by Garming Sam at 2018-02-15T04:42:03Z
selftest: Add RODC variables to list of those exported
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
45d19167 by Garming Sam at 2018-02-15T04:42:03Z
tests/replica_sync_rodc: Test conflict handling on an RODC
There are two cases we are interested in:
1) RODC receives two identical DNs which conflict
2) RODC receives a rename to a DN which already exists
Currently these issues are ignored, but the UDV and HWM are being
updated, leading to objects/updates being skipped.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
59fa9e7e by Garming Sam at 2018-02-15T04:42:03Z
repl_metadata: Avoid silent skipping an object during DRS (due to RODC name collisions)
No error code was being set in this case, and so, we would commit the
HWM and UDV without actually having all the updates.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9952eda7 by Garming Sam at 2018-02-15T09:18:42Z
repl_metadata: Avoid silent skipping an object during DRS (due to RODC rename collisions)
No error code was being set in this case, and so, we would commit the
HWM and UDV without actually having all the updates.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Thu Feb 15 10:18:42 CET 2018 on sn-devel-144
- - - - -
0e3c2c8b by Volker Lendecke at 2018-02-15T19:32:24Z
winbind: Don't explicitly send "server_id" for ONLINESTATUS
Messaging already provides the sender id
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f8313d71 by Volker Lendecke at 2018-02-15T23:56:36Z
winbind: Don't send "server_id" explicitly for DUMP_DOMAIN_LIST
messaging already provides the sender id
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Feb 16 00:56:36 CET 2018 on sn-devel-144
- - - - -
3450dd6a by Timur I. Bakeyev at 2018-02-19T06:36:23Z
Don't load LDB_MODULESDIR as a module file
We are setting modules directory here(LDB_MODULESDIR) so treat it this
way, no need to attempt to load it as a module file.
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
- - - - -
e2023e86 by Timur I. Bakeyev at 2018-02-19T06:36:23Z
Remove some bashisms from the test scripts
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
- - - - -
d35a22cc by Timur I. Bakeyev at 2018-02-19T11:31:38Z
Fix incorrect `ldbsearch` invocation
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Autobuild-User(master): Uri Simchoni <uri at samba.org>
Autobuild-Date(master): Mon Feb 19 12:31:38 CET 2018 on sn-devel-144
- - - - -
7b45dc68 by Garming Sam at 2018-02-19T18:17:12Z
subnet: Avoid a segfault when renaming subnet objects
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13031
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9c9c2754 by Douglas Bagnall at 2018-02-19T18:17:12Z
python/tests/sites: ensure we can't manipulate subnets as non-admin
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13031
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c96dc78a by Andreas Schneider at 2018-02-19T18:17:12Z
s3:tldap: Fix parsing LDAPv2 escaped strings
Yes, this is outdated, but the missing 'break' produces a compiler
warning.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Simo Sorce <idra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
654b7673 by Andreas Schneider at 2018-02-19T18:17:12Z
s3:tldap: Comment code for to LDAP escaping version
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7573b2a9 by Andreas Schneider at 2018-02-19T22:47:08Z
tests: Add tests for parsing LDAPv3 and LDAPv2 filter strings
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Feb 19 23:47:08 CET 2018 on sn-devel-144
- - - - -
a6eac8f6 by Andreas Schneider at 2018-02-20T20:46:38Z
smbspool: Improve URI handling code
This also checks that the URI given via the environment variables
starts with smb://
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Feb 20 21:46:38 CET 2018 on sn-devel-144
- - - - -
9abe9728 by Volker Lendecke at 2018-02-20T20:55:13Z
tldap: Dump unnecessary includes
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b2aec11c by Andreas Schneider at 2018-02-20T20:55:13Z
s3:auth: Pass a mem_ctx to make_new_session_info_guest()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7f47cec2 by Andreas Schneider at 2018-02-20T20:55:13Z
s3:auth: Pass mem_ctx to init_guest_session_info()
Use a mem_ctx which gets freed if possible.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6f9c6d36 by Andreas Schneider at 2018-02-21T01:46:40Z
s3:auth: Pass mem_ctx to init_system_session_info()
We have a stackframe we can use for the lifetime of the session.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Feb 21 02:46:40 CET 2018 on sn-devel-144
- - - - -
41085ad3 by Jamie McClymont at 2018-02-21T01:47:15Z
selftest: remove prototypes from some subroutine templates
Rationale, as sent to samba-technical:
> Why do you remove the explicit argument declarations for so many functions?
> These declarations help catch usage errors, i.e. wrong number of calling
> arguments, especially when you add arguments to functions.
My understanding is that because these are object methods, the prototypes
actually were not providing the checking benefits [see PERLSUB(1) (section
"Prototypes")] -- this is evidenced by the fact that some of the prototypes I
removed actually had the wrong number of arguments!
Now that the subroutines are being dynamically called by function references,
the checking also appears not to apply [see the same source].
There was also a more concrete reason: the setup code will automatically set
up multiple environment dependencies and pass each of their vars as an
individual parameter. Accomplishing this was [seemingly] impossible with the
prototypes in place.
Additionally, there seems to be a consensus among perl devs that prototypes
are generally harmful: see this post (by my colleague) for example:
http://www.perlmonks.org/?node_id=406231
Signed-off-by: Jamie McClymont <jamiemcclymont at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
962e8a0e by Jamie McClymont at 2018-02-21T01:47:15Z
selftest: move to declaratively specifying environments and their dependencies
This removes the tangle of code for starting up dependencies, and allows
selftest.pl to query dependencies (hence it can know when things can be shut
down early and how to order environments for optimal memory usage - that patch
not yet submitted).
It also removes the slightly hacky special-casing of the ad_members, and sets
$target->{vars} centrally (so each setup_ function does not need to).
Signed-off-by: Jamie McClymont <jamiemcclymont at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0b63f26b by Jamie McClymont at 2018-02-21T06:47:58Z
selftest: change technique for running specific envs
Currently testsuites excluded with --exclude/--include-env are skipped when
encountered in the middle of a run, so they are included in progress reporting,
and the @todo list does not accurately show what will be done.
This change skips them earlier, preventing them from being added to @todo, as is
done with pattern-based including/excluding.
As well as making the progress indicator more accurate, this means that
selftest.pl can use @todo to determine when we are finished with an environment.
Signed-off-by: Jamie McClymont <jamiemcclymont at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Feb 21 07:47:58 CET 2018 on sn-devel-144
- - - - -
14f798cb by Björn Jacke at 2018-02-21T13:19:17Z
s3: remove dead already commented code
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
29aa5c93 by Björn Jacke at 2018-02-21T13:19:17Z
wscript: drop checks for setnetgrent/endnetgrent/getnetgrent
we don't use setnetgrent/endnetgrent/getnetgrent since security share passed
away.
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
86e63d25 by Björn Jacke at 2018-02-21T13:19:17Z
replace: remove some duplicate checks
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
17c48f26 by Stefan Metzmacher at 2018-02-21T13:19:17Z
winbindd: don't split the rid for SID_NAME_DOMAIN sids in wb_lookupsids
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13279
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b5ffa0e2 by Stefan Metzmacher at 2018-02-21T13:19:17Z
winbindd: initialize type = SID_NAME_UNKNOWN in wb_lookupsids_single_done()
We check for !NT_STATUS_LOOKUP_ERR(), but wb_lookupsid_recv()
only initializes the results together with NT_STATUS_OK.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13280
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5cae7da1 by Stefan Metzmacher at 2018-02-21T13:19:17Z
s3:cli_lsarpc: use talloc_zero_array() in dcerpc_lsa_lookup_sids_generic()
It just feels better for such a complex function.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13281
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
569c910b by Stefan Metzmacher at 2018-02-21T13:19:17Z
s3:cli_lsarpc: use talloc_zero_array() in dcerpc_lsa_lookup_names_generic()
It just feels better for such a complex function.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13281
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c376ab29 by Stefan Metzmacher at 2018-02-21T13:19:17Z
winbindd: make use of talloc_zero_array() in wb_lookupsids*()
It just feels better for such a complex function.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13281
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7b86b94c by Stefan Metzmacher at 2018-02-21T13:19:17Z
s4:torture: zero initialize variables in test_LookupSidsReply()
This avoids crashes if the server returns unexpected results. The test
should just report the failure in that case.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13282
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
da784305 by Stefan Metzmacher at 2018-02-21T13:19:17Z
nsswitch: fix double free errors in nsstest.c
We need to zero out static pointers on free.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13283
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
1a258b6b by Stefan Metzmacher at 2018-02-21T13:19:18Z
traffic_packets.py: let Lookup{Sids,Names}() work against a sane server
In order to resolve predefined sids or names we need to use
level = LSA_LOOKUP_NAMES_ALL (1).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13284
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b02de5ad by Stefan Metzmacher at 2018-02-21T13:19:18Z
provision: fix the 'dnsdomain' for the local sam of a domain member
A member has a local AD database, which should not use the 'dnsdomain'
as the one on domain controllers.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13285
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9ccc6eef by Ralph Boehme at 2018-02-21T13:19:18Z
rpcclient: fix variable initialisation and add parenthesis to if clauses
Just a few README.Coding fixes.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
76868818 by Stefan Metzmacher at 2018-02-21T13:19:18Z
rpcclient: add lookupsids_level command
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
3909f8fc by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: use LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES/LSA_CLIENT_REVISION_1 in compat code
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f6e60d2c by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: make sure dcesrv_lsa_LookupSids_common() gets prepared [ref] pointers
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
3339a1c5 by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: expect prepared [ref] pointers in dcesrv_lsa_LookupNames_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
fe43dd86 by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: make sure dcesrv_lsa_LookupNames2() gets prepared [ref] pointers
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e8a02236 by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: remove unused 'status' variable in dcesrv_lsa_LookupSids_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5d868fd8 by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: simplify [ref] pointer handling in dcesrv_lsa_LookupSids()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7c1c9bf5 by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: simplify [ref] pointer handling in dcesrv_lsa_LookupNames()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c0f6103d by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupSids_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c78c17dc by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupSids2()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ec55c18c by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupNames2()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
37cb34d1 by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: base dcesrv_lsa_LookupNames() on dcesrv_lsa_LookupNames_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e6c9984b by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: base dcesrv_lsa_LookupNames2() on dcesrv_lsa_LookupNames_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ab7988aa by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: prepare dcesrv_lsa_LookupSids* for async processing
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9b6a0b1a by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:rpc_server/lsa: prepare dcesrv_lsa_LookupNames* for async processing
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e9ace185 by Stefan Metzmacher at 2018-02-21T13:19:18Z
s4:dsdb: add dsdb_trust_domain_by_{sid,name}()
This gets the lsa_ForestTrustDomainInfo for the searched
domain as well as the lsa_TrustDomainInfoInfoEx for the
direct trust (which might be the same for external trust or
the forest root domain).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d7780c66 by Stefan Metzmacher at 2018-02-21T13:19:19Z
libcli/security: add dom_sid_lookup_predefined_{sid,name}()
This basically implements [MS-LSAT] 3.1.1.1.1 Predefined Translation Database
and Corresponding View.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
475a7616 by Stefan Metzmacher at 2018-02-21T13:19:19Z
test_trust_ntlm.sh: add lookup name tests
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
3801c417 by Stefan Metzmacher at 2018-02-21T13:19:19Z
s4:rpc_server/lsa: rewrite lookup sids/names code to honor the given lookup level
[MS-LSAT] 2.2.16 LSAP_LOOKUP_LEVEL defines the which views each level should
consult.
Up to now we support some wellknown sids, the builtin domain and our
account domain, but all levels query all views.
This commit implements 3 views (predefined, builtin, account domain)
+ a dummy winbind view (which will later be used to implement the
gc, forest and trust views)..
Depending on the level we select the required views.
This might not be perfect in all details, but it's enough
to pass all existing tests, which already revealed bugs
during the development of this patch.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
3ffebee3 by Stefan Metzmacher at 2018-02-21T13:19:19Z
winbindd: implement wb_irpc_lsa_{LookupNames4,LookupSids3}()
This will be used by the LSA Server on an AD DC to request remote views
from trusts.
In future we should implement wb_lookupnames_send/recv similar to
wb_lookupsids_send/recv, but for now using wb_lookupname_send/recv in a loop
works as a first step.
We also need to make use of req->in.level and req->in.client_revision
once we want to support more than one domain within our own forest.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e9d5b8b6 by Stefan Metzmacher at 2018-02-21T13:19:19Z
s4:rpc_server/lsa: implement forwarding lsa_Lookup{Sids,Names}() requests to winbindd
This might not be perfect yet, but it's enough to allow names from trusted
forests/domain to be resolved, which is very important for samba based
domain members.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
3a7ebd0e by Bjoern Jacke at 2018-02-21T13:19:19Z
heimdal_build: use closefrom from libreplace
this silences a lot of "... has been redefined" compiler warnings on
platforms that don't have closefrom
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
65e8edb3 by Stefan Metzmacher at 2018-02-21T13:19:19Z
tests:dcerpc/raw_protocol: reproduce call_id truncation bug
We need to make sure the server handles call_id values > UINT16_MAX.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13289
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5d113f80 by Stefan Metzmacher at 2018-02-21T18:02:56Z
s4:rpc_server: fix call_id truncation in dcesrv_find_fragmented_call()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13289
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Feb 21 19:02:56 CET 2018 on sn-devel-144
- - - - -
7d79575d by Douglas Bagnall at 2018-02-22T00:04:18Z
selftest: subunithelper needs to follow the subunit spec more closely
In particular allow ]\n without \n]\n as used by cmocka
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cb5f1f3b by Douglas Bagnall at 2018-02-22T00:04:18Z
unittests.lib_util_modules: test module probe with "skel", not "unix"
The unix module is not available as a module on some systems.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
33ef0e57 by Douglas Bagnall at 2018-02-22T00:04:18Z
selftest/tests.py: remove always-needed, never-set with_cmocka flag
We have cmocka in third_party, so we are never without it.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6ef6ddce by Douglas Bagnall at 2018-02-22T00:04:18Z
shift read_hex_bytes() and parse_guid_string() into lib/util
read_hex_bytes() is going to be used in lib/util/rfc1738.c.
parse_guid_string() is shifted for two reasons: Firstly, it is called
very often in some operations, sometimes constituting a few percent of
the CPU load, and it makes several calls to read_hex_bytes(). We want
the compiler to be able to inline those calls if it thinks that is
wise. Secondly, there are other places that could do with fast GUID
parsing.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a4c853a7 by Douglas Bagnall at 2018-02-22T00:04:18Z
util/rfc1738_unescape(): return end pointer or NULL on error
At present we don't detect errors, but when we do we'll return NULL.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9f3e20d9 by Douglas Bagnall at 2018-02-22T00:04:18Z
util/tests: add rfc1738 cmocka tests
These don't pass yet.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c20a3699 by Douglas Bagnall at 2018-02-22T00:04:18Z
util/rfc1738: simplify and fix rfc1738_unescape()
Improvements:
* NULL is returned when the string is incorrectly formed.
* Badly formed escapes like "% b" that were accepted by sscanf() are now
rejected.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d99a0752 by Douglas Bagnall at 2018-02-22T00:04:18Z
util/rfc1738: remove unused versions of rfc1738_escape
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7a06cfa2 by Douglas Bagnall at 2018-02-22T00:04:18Z
util/rfc1738: simplify and fix rfc1738_escape_part()
We now encode according to RFC 3986 (section 2.1 - 2.3).
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8c833470 by Douglas Bagnall at 2018-02-22T05:13:49Z
util/rfc1738: update preamble
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Feb 22 06:13:49 CET 2018 on sn-devel-144
- - - - -
6a596198 by Günther Deschner at 2018-02-22T18:30:12Z
build: fix libceph-common detection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13277
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Thu Feb 22 19:30:12 CET 2018 on sn-devel-144
- - - - -
0786a65c by Stefan Metzmacher at 2018-02-22T22:15:16Z
s3:libsmb: allow -U"\\administrator" to work
cli_credentials_get_principal() returns NULL in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e039e9b0 by Stefan Metzmacher at 2018-02-22T22:15:16Z
s3:cliconnect.c: remove useless ';'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5c625eae by Garming Sam at 2018-02-22T22:15:16Z
tests/py_creds: Add a SamLogonEx test with an empty string domain
This test passes against 4.6, but failed against 4.7.5 and master.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
2e49a977 by Garming Sam at 2018-02-22T22:15:17Z
tests/bind.py: Add a bind test with NTLMSSP with no domain
Confirmed to pass against Windows 2012 R2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
57762229 by Stefan Metzmacher at 2018-02-23T03:08:26Z
s4:auth_sam: allow logons with an empty domain name
It turns out that an empty domain name maps to the local SAM.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Feb 23 04:08:26 CET 2018 on sn-devel-144
- - - - -
88d6703b by Stefan Metzmacher at 2018-02-23T03:09:17Z
tevent: improve documentation of tevent_queue_add_optimize_empty()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
5c6f3169 by Stefan Metzmacher at 2018-02-23T03:09:18Z
tevent: add tevent_queue_entry_untrigger()
Pair-Programmed-With: Volker Lendecke <vl at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Volker Lendecke <vl at samba.org>
- - - - -
f00c7cf9 by Stefan Metzmacher at 2018-02-23T03:09:18Z
tevent: version 0.9.36
* improve documentation of tevent_queue_add_optimize_empty()
* add tevent_queue_entry_untrigger()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
d29dda14 by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: use tevent_queue_wait_send/recv in wb_child_request_*()
We need a way to keep the child->queue blocked without relying on
the current 'req' (wb_child_request_state).
The next commit will make use of this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13290
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
43af57d8 by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: protect a pending wb_child_request against a talloc_free()
If the (winbind) client gave up we call TALLOC_FREE(state->mem_ctx)
in remove_client(). This triggers a recursive talloc_free() for all
in flight requests.
In order to maintain the winbindd parent-child protocol, we need
to keep the orphaned wb_simple_trans request until the parent
got the response from the child.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13290
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
6548b82b by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: call lp_winbind_enum_{users,groups}() already in set{pw,gr}ent()
This way we don't keep winbindd_cli_state->{pw,gr}ent_state arround forever,
if the client forgets an explicit end{pw,gr}ent().
This allows client_is_idle() return true in more cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13293
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
b7789da8 by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: cleanup winbindd_cli_state->grent_state if winbindd_getgrent_recv() returns an error
A client may skip the explicit endgrent() if getgrent() fails.
This allows client_is_idle() return true in more cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13293
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
b158d4e4 by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: cleanup winbindd_cli_state->pwent_state if winbindd_getpwent_recv() returns an error
A client may skip the explicit endpwent() if getgrent() fails.
This allows client_is_idle() return true in more cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13293
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
d73e3d45 by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection
domain->dcname was converted from fstring to char * by commit
14bae61ba36814ea5eca7c51cf1cc039e9e6803f.
Luckily this was only ever called with an empty string in
state->request->data.init_conn.dcname.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13294
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
4d804f5f by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: use state->{ev,request} in wb_domain_request_send()
This will reduce the diff for the following changes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13295
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
1f41193e by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: improve wb_domain_request_send() to use wb_dsgetdcname_send() for a foreign domain
Commit ed3bc614cccec6167c64ac58d78344b6426cd019 got the logic wrong while
trying to implement the logic we had in init_child_connection(),
which was removed by commit d61f3626b79e0523beadff355453145aa7b0195c.
Instead of doing a WINBINDD_GETDCNAME request (which would caused an error
because the implementation was removed in commit
958fdaf5c3ba17969a5110e6b2b08babb9096d7e), we sent the callers request
and interpreted the result as WINBINDD_GETDCNAME response, which
led to an empty dcname variable. As result the domain child
opened a connection to the primary domain in order to lookup
a dc.
If we want to connect the primary domain from the parent via
a domain child of the primary domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13295
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
c2d78a0a by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: add idmap_child_handle() and use it instead of child->binding_handle
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
44ebaaac by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: add locator_child_handle() and use it instead of child->binding_handle
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
5116aff2 by Stefan Metzmacher at 2018-02-23T03:09:18Z
winbind: make choose_domain_child() static
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
b518cb05 by Volker Lendecke at 2018-02-23T03:09:18Z
winbind: Maintain a binding handle per domain and always go via wb_domain_request_send()
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Volker Lendecke <vl at samba.org>
- - - - -
7f2d45a6 by Stefan Metzmacher at 2018-02-23T08:04:23Z
winbind: Use one queue for all domain children
If we have multiple domain children, it's important
that the first idle child takes over the next waiting request.
Before we had the problem that a request could get stuck in the
queue of a busy child, while later requests could get served fine by
other children.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Feb 23 09:04:23 CET 2018 on sn-devel-144
- - - - -
f9e2cb13 by Ralph Boehme at 2018-02-23T11:47:25Z
vfs_fruit: use off_t, not size_t for TM size calculations
size_t is only a 32-bit integer on 32-bit platforms. We must use off_t
for file sizes.
https://bugzilla.samba.org/show_bug.cgi?id=13296
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
07844a9a by Stefan Metzmacher at 2018-02-23T11:47:25Z
dsdb/encrypted_secrets: remove dependency to libnettle and use our own aes_gcm_128_*()
We already rely on gnutls in order to implement SSL/TLS, so using that
to speed up crypto like aes gcm 128 is fine, but as we already have
code for that algorithm, we should use that instead of adding a new
dependency to libnettle.
Some (I guess newer versions) of gnutls use nettle internally, so
we may end up using that code, but we should not have a direct dependency.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13276
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c58f8c3c by Stefan Metzmacher at 2018-02-23T11:47:25Z
s3:smb_macros.h: add IS_AD_DC as addition to IS_DC
In the long run we should remove this again (as well as IS_DC).
But for now this makes some code changes in winbindd easier to
follow.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
3e17a3b7 by Stefan Metzmacher at 2018-02-23T11:47:25Z
winbind: force the usage of schannel in cm_connect_lsa() as AD DC
This makes sure we only talk to direct trusts.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
532a14dc by Stefan Metzmacher at 2018-02-23T11:47:25Z
winbind: let cm_connect_netlogon_transport() only work against direct trust as AD DC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
32a63e3e by Stefan Metzmacher at 2018-02-23T11:47:25Z
winbind: make sure we don't contact trusted domains via SAMR as AD DC
This is not needed for the normal operation of an AD DC.
Administrators should just use other tools instead of
wbinfo to list and query users and groups.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
18f27b53 by Stefan Metzmacher at 2018-02-23T11:47:25Z
winbind: make sure we don't contact trusted domains via LDAP as AD DC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
55c3af89 by Stefan Metzmacher at 2018-02-23T11:47:25Z
winbind: set_dc_type_and_flags() is not needed on a DC
On a DC we load the trusts in the parent in add_trusted_domains_dc()
from our local configuration. There's no need to find out the trust details
via network calls.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
06601b3a by Stefan Metzmacher at 2018-02-23T16:58:23Z
winbind: don't try to do an authenticated SMB connection as AD DC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Feb 23 17:58:23 CET 2018 on sn-devel-144
- - - - -
5ad5e796 by Jeremy Allison at 2018-02-23T21:56:35Z
s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
HPUX has this problem.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13270
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Feb 23 22:56:35 CET 2018 on sn-devel-144
- - - - -
3b0a940c by Jamie McClymont at 2018-02-24T09:54:07Z
selftest: Fail testsuite on unknown environment
The status quo was that tests in typo'd/unknown environments would be skipped.
This was a side effect of the mechanism by which samba3 tests were run, which
has now been changed.
For an example of this being a problem in the past, see commit 523bd03f (which
fixes an issue I noticed when reading subunit logs, and which did not fail the
test).
Signed-off-by: Jamie McClymont <jamiemcclymont at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6368af82 by Andreas Schneider at 2018-02-24T09:54:07Z
tests: Authenticate again so make sure we are not locked out
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bc569132 by Douglas Bagnall at 2018-02-24T09:54:07Z
repl_md: avoid returning LDB_SUCCESS on failure
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
02581225 by Andreas Schneider at 2018-02-24T09:54:07Z
s3:selftest: Run the smbtorture3 TLDAP test
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
72d780ef by Andreas Schneider at 2018-02-24T09:54:07Z
s4:lib:com: Fix function declartions
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1ed69342 by Gary Lockyer at 2018-02-24T14:50:35Z
ldb tests: fix null test on incorrect variable
Fix up tests that were performing a null check on the wrong variable
after a call to ldb_msg_new
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat Feb 24 15:50:35 CET 2018 on sn-devel-144
- - - - -
be96147e by Douglas Bagnall at 2018-02-24T17:20:14Z
text/python/blackbox: allow optional message in ProcessError
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4a3954ad by Douglas Bagnall at 2018-02-24T17:20:14Z
tests/blackbox/smbcontrol: ping tests names ping target upon failure
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
106ea7a1 by Swen Schillig at 2018-02-24T22:19:05Z
Minor cleanup to libnet_join_member
Prevent code duplication by consolidating cleanup task
at the end of the function.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Feb 24 23:19:05 CET 2018 on sn-devel-144
- - - - -
c5a14306 by Andrew Bartlett at 2018-02-26T01:32:09Z
ldb_debug: Fix binary data in debug log
When duplicate objects were added, the GUID was printed in the debug log
The GUID was not escaped and therefore displayed as binary content.
This patch splits out the duplicate DN creation error and the duplicate
GIUD error. Duplicate DN's are a normal event and don't require debug
logging.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13185
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
2a85bcb3 by Gary Lockyer at 2018-02-26T06:29:49Z
ldb_debug tests: Fix binary data in debug log
Tests to ensure:
When duplicate objects are added, the GUID was printed in the debug log
are passed through the escape function.
And that duplicate DN's do not generate debug log entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13185
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Feb 26 07:29:49 CET 2018 on sn-devel-144
- - - - -
46e6626f by Poornima G at 2018-02-26T19:17:50Z
vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13297
Pair-Programmed-With: Anoop C S <anoopcs at redhat.com>
Signed-off-by: Poornima G <pgurusid at redhat.com>
Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Mon Feb 26 20:17:50 CET 2018 on sn-devel-144
- - - - -
5f4b71d2 by Volker Lendecke at 2018-02-26T21:30:14Z
winbindd: Remove "DUMP_EVENT_LIST" message
This was no longer implemented, remove it completely
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
35082686 by Andreas Schneider at 2018-02-27T02:23:37Z
replace: Only warn if rpc/rpc.h haven't been found
This is also used by talloc, tevent, etc. Those libs don't need or use
rpc.h
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Feb 27 03:23:37 CET 2018 on sn-devel-144
- - - - -
d88f826c by Volker Lendecke at 2018-02-27T08:14:17Z
libsocket: Add "mem_ctx" to socket_create()
Every caller did a talloc_steal() after socket_create(). Just pass in the
correct memory context.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
92580b3f by Volker Lendecke at 2018-02-27T08:14:17Z
libdgram: Remove an unused parameter
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
5ec14fd9 by Volker Lendecke at 2018-02-27T08:14:17Z
libdgram: Remove an unused parameter
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
4897f860 by Volker Lendecke at 2018-02-27T08:14:17Z
nbt_server: Remove some unused parameters
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
f604c98a by Volker Lendecke at 2018-02-27T08:14:17Z
nbt_server: Remove a pointless assignment
I don't see how data.msg.dest_name.type is accessed further down
dgram_mailslot_netlogon_reply only accesses packet->src_addr, packet->src_port
and packet->data.msg.source_name, *not* data.msg.dest_name. Also, "packet" is
thrown away after this call.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
72434909 by Volker Lendecke at 2018-02-27T08:14:17Z
nbt_server: Factor out dgram sending from reply construction
Separation of concerns. Only one call to dgram_mailslot_netlogon_reply, which
does the UDP send.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
211a6072 by Volker Lendecke at 2018-02-27T08:14:17Z
nbt_server: Make nbtd_mailslot_netlogon_handler a bit more idiomatic
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
7de96133 by Volker Lendecke at 2018-02-27T08:14:17Z
nbt_server: Centralize a consistency check
This is a "should NEVER happen" and applies to both
LOGON_PRIMARY_QUERY and LOGON_SAM_LOGON_REQUEST
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
e49e3470 by Volker Lendecke at 2018-02-27T08:14:17Z
nbt_server: nbtd_netlogon_getdc needs the nbtsrv, not the interface
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
d673ca0c by Volker Lendecke at 2018-02-27T08:14:17Z
nbt_server: nbtd_netlogon_samlogon needs the nbtsrv, not the inteface
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
28f7a1f7 by Volker Lendecke at 2018-02-27T08:14:17Z
nbt_server: Fix a typo ("domian->domain")
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
33991e5c by Volker Lendecke at 2018-02-27T08:14:17Z
nbt_server: nbtd_netlogon_getdc needs just the dst_name
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
5f9a0903 by Volker Lendecke at 2018-02-27T08:14:18Z
nbt_server: nbtd_netlogon_samlogon needs the dst_name, not the packet
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
16557019 by Volker Lendecke at 2018-02-27T08:14:18Z
nbt_server: Avoid an "else" branch
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
7b06eacd by Volker Lendecke at 2018-02-27T08:14:18Z
nbt_server: Avoid a talloc call
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
39827b75 by Volker Lendecke at 2018-02-27T08:14:18Z
nbt_server: nbtd_netlogon_getdc doesn't need "src"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
4da56e9f by Volker Lendecke at 2018-02-27T13:10:14Z
nbt_server: Factor out packet generation for netlogon reply
This also fixes an inaccuracy (or even a bug?):
The previous code pulled the reply mailslot always through
req.logon.mailslot_name, which is the union for
LOGON_SAM_LOGON_REQUESTs. The LOGON_PRIMARY_QUERY must be referenced by
req.pdc.mailslot_name. It might have worked by chance, but this should
be more correct.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Feb 27 14:10:14 CET 2018 on sn-devel-144
- - - - -
c9888d4f by Rowland Penny at 2018-02-27T19:31:39Z
samba-tool: user setexpiry: Fix incorrect Example2
Signed-off-by: Rowland Penny <rpenny at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Feb 27 20:31:39 CET 2018 on sn-devel-144
- - - - -
cb58e188 by Stefan Metzmacher at 2018-02-28T03:54:21Z
ldb: version 1.3.2
* Expose the SHOW_BINARY, ENABLE_TRACING and DONT_CREATE_DB flag constants
in the python api.
* Extend dn.is_child_of() test.
* Don't load LDB_MODULESDIR as a module file.
* Fix binary data in debug log (bug #13185).
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Feb 28 04:54:21 CET 2018 on sn-devel-144
- - - - -
afd97e72 by Stefan Metzmacher at 2018-02-28T13:33:19Z
winbindd: disable support for CROSS_ORGANIZATION domains
We don't support selective authentication yet,
so we shouldn't silently allow domain wide authentication
for such a trust.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
274209f5 by Stefan Metzmacher at 2018-02-28T13:33:19Z
s4:kdc: make use of dsdb_trust_parse_tdo_info() in samba_kdc_trust_message2entry()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d0a813a1 by Stefan Metzmacher at 2018-02-28T13:33:19Z
s4:kdc: only support LSA_TRUST_TYPE_UPLEVEL domains in samba_kdc_trust_message2entry()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
31b5328c by Stefan Metzmacher at 2018-02-28T18:45:13Z
s4:kdc: disable support for CROSS_ORGANIZATION domains
We don't support selective authentication yet,
so we shouldn't silently allow domain wide authentication
for such a trust.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Feb 28 19:45:13 CET 2018 on sn-devel-144
- - - - -
f531c951 by Noel Power at 2018-02-28T22:01:39Z
samba-tool: convert octal 'O1234' format to python3 compatible '0o1234'
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
15c72e0d by Noel Power at 2018-02-28T22:01:40Z
samba python libs: convert 'O1234' format to python3 compatible '0o1234'
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
efad2731 by Noel Power at 2018-02-28T22:01:40Z
python tests: convert oct 'O1234' format to python3 compatible '0o1234'
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
91a5941f by Noel Power at 2018-02-28T22:01:40Z
samba python libs: convert 'except X, (tuple)' to 'except X as e'
In addition to converting the except line another line is also added
for each except to extract the tuple contents.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
52729d35 by Noel Power at 2018-02-28T22:01:40Z
samba-tool: convert 'except X, (tuple)' to 'except X as e'
In addition to converting the except line another line is also added
for each except to extract the tuple contents.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0de23d27 by Noel Power at 2018-02-28T22:01:40Z
samba python tests: convert 'except X, (tuple)' to 'except X as e'
In addition to converting the except line another line is also added
for each except to extract the tuple contents.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9f61bf11 by Noel Power at 2018-02-28T22:01:41Z
drs torture python: convert 'except X, (tuple)' to 'except X as e'
In addition to converting the except line another line is also added
for each except to extract the tuple contents.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0c31d387 by Noel Power at 2018-02-28T22:01:41Z
dsdb python tests: convert 'except X, (tuple)' to 'except X as e'
In addition to converting the except line another line is also added
for each except to extract the tuple contents.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c21d4bc0 by Douglas Bagnall at 2018-03-01T03:36:15Z
py3compat: add strings describing bytes/unicode in both versions
What Python 3 calls "bytes", Python 2 calls "string";
What Python 3 calls "string", Python 2 calls "unicode".
This can cause confusion in e.g. help strings where the precise type
matters. These macros can be used to construct accurate messages for
both versions.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Mar 1 04:36:15 CET 2018 on sn-devel-144
- - - - -
d31a8cd8 by Andreas Schneider at 2018-03-01T03:37:40Z
s4:lib:com: Fix function declartions
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
76535df3 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:texpect: Avoid some compiler warnings
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
05dae361 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:replace: Add FALL_THROUGH support
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a5104e6a by Andreas Schneider at 2018-03-01T03:37:41Z
lib:replace: Add FALL_THROUGH statements in strptime.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2b01bd04 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:ldb: Add FALL_THROUGH statements in common/ldb_dn.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3429e9d9 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:ldb: Add FALL_THROUGH statements in ldb_map/ldb_map_inbound.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9d2296e0 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:ldb: Add FALL_THROUGH statements in ldb_map/ldb_map.c
- - - - -
7adf4974 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:ldb: Add FALL_THROUGH statements in ldb_map/ldb_map_outbound.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
26831406 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:param: Add FALL_THROUGH statements in loadparm.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
37c63776 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:util: Add FALL_THROUGH statements in substitute.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8da568ef by Andreas Schneider at 2018-03-01T03:37:41Z
lib:util: Add FALL_THROUGH statements in charset/charset_macosxfs.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a3fffd97 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:util: Add FALL_THROUGH statements in util_file.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d78d1a71 by Andreas Schneider at 2018-03-01T03:37:41Z
s3:lib: Add FALL_THROUGH statements in substitute_generic.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9fed4562 by Andreas Schneider at 2018-03-01T03:37:41Z
s3:lib: Add FALL_THROUGH statements in util_path.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
16d14fa8 by Andreas Schneider at 2018-03-01T03:37:41Z
s3:lib: Add FALL_THROUGH statements in util_str.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
20e3a93c by Andreas Schneider at 2018-03-01T03:37:41Z
lib:tdb: Add FALL_THROUGH statements in hash.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bdd1de17 by Andreas Schneider at 2018-03-01T03:37:41Z
lib:tdb: Add FALL_THROUGH statements in tdbtool.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
17410725 by Andreas Schneider at 2018-03-01T03:37:42Z
lib:tdb: Add FALL_THROUGH statements in common/summary.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
72172191 by Andreas Schneider at 2018-03-01T03:37:42Z
libgpo: Add FALL_THROUGH statements in gpo_sec.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
64c9ca3a by Andreas Schneider at 2018-03-01T03:37:42Z
librpc:ndr: Add FALL_THROUGH statements in ndr_cab.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6744e8c7 by Andreas Schneider at 2018-03-01T03:37:42Z
s3:auth: Add FALL_THROUGH statements in auth_sam.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
03ed979e by Andreas Schneider at 2018-03-01T03:37:42Z
s3:auth: Add FALL_THROUGH statements in pampass.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3f1a4b74 by Andreas Schneider at 2018-03-01T03:37:42Z
s3:lib: Add FALL_THROUGH statements in cbuf.c
- - - - -
feeb49f4 by Andreas Schneider at 2018-03-01T03:37:42Z
s3:lib: Add FALL_THROUGH statements in sysacls.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3b9aa1c6 by Andreas Schneider at 2018-03-01T03:37:42Z
s3:lib: Add FALL_THROUGH statements in util_sd.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2cc13068 by Andreas Schneider at 2018-03-01T03:37:42Z
s3:libsmb: Add FALL_THROUGH statements in dsgetdcname.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
4744b777 by Andreas Schneider at 2018-03-01T03:37:42Z
s3:modules: Add FALL_THROUGH statements in vfs_acl_common.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a4623fac by Andreas Schneider at 2018-03-01T03:37:42Z
s3:smbd: Add FALL_THROUGH statements in nttrans.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
964b2d4a by Andreas Schneider at 2018-03-01T03:37:42Z
s3:smbd: Add FALL_THROUGH statements in trans2.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
273ef597 by Andreas Schneider at 2018-03-01T03:37:42Z
s3:utils: Add FALL_THROUGH statements in regedit.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
36315769 by Andreas Schneider at 2018-03-01T03:37:42Z
s3:utils: Add FALL_THROUGH statements in net_conf.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7b946e34 by Andreas Schneider at 2018-03-01T03:37:42Z
s3:utils: Add FALL_THROUGH statements in net_rpc_conf.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d17cb7ce by Andreas Schneider at 2018-03-01T03:37:42Z
s3:rpc_server: Add FALL_THROUGH statements in rpc_server.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
94d69cd4 by Andreas Schneider at 2018-03-01T03:37:42Z
s4:samdb: Add FALL_THROUGH statements in cracknames.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
487bd0a1 by Andreas Schneider at 2018-03-01T03:37:42Z
s4:samdb: Add FALL_THROUGH statements in linked_attributes.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ef3ac405 by Andreas Schneider at 2018-03-01T03:37:43Z
s4:auth: Add FALL_THROUGH statements in auth_util.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
69fa5ecb by Andreas Schneider at 2018-03-01T03:37:43Z
s4:auth: Add FALL_THROUGH statements in auth_sam.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e2f12558 by Andreas Schneider at 2018-03-01T03:37:43Z
s4:auth: Add FALL_THROUGH statements in gensec_krb5.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1508ff9c by Andreas Schneider at 2018-03-01T03:37:43Z
s4:rpc_server: Add FALL_THROUGH statements in dcesrv_srvsvc.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
50d3a9e7 by Andreas Schneider at 2018-03-01T03:37:43Z
s4:torture: Add FALL_THROUGH statements in basic/misc.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
856cda10 by Andreas Schneider at 2018-03-01T03:37:43Z
s4:torture: Add FALL_THROUGH statements in rpc/spoolss.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d123638a by Andreas Schneider at 2018-03-01T03:37:43Z
auth:credentials: Add FALL_THROUGH statements in credentials_secrets.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2a646a74 by Andreas Schneider at 2018-03-01T03:37:43Z
auth:gensec: Add FALL_THROUGH statements in spnego.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
00defe71 by Andreas Schneider at 2018-03-01T03:37:43Z
nsswitch: Add FALL_THROUGH statements in pam_winbind.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f5d69d71 by Andreas Schneider at 2018-03-01T03:37:43Z
s3:libnet: Add FALL_THROUGH statements in libnet_join.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
824fa2c4 by Andreas Schneider at 2018-03-01T03:37:43Z
s3:modules: Add FALL_THROUGH statements in getdate.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cafe8ac9 by Andreas Schneider at 2018-03-01T03:37:43Z
s3:lsa: Add FALL_THROUGH statements in srv_lsa_nt.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3e2e4096 by Andreas Schneider at 2018-03-01T03:37:43Z
s3:rpcclient: Add FALL_THROUGH statements in rpcclient.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
29b5de26 by Andreas Schneider at 2018-03-01T03:37:43Z
s3:smbd: Add FALL_THROUGH statements in reply.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
45153120 by Andreas Schneider at 2018-03-01T03:37:43Z
s3:utils: Add FALL_THROUGH statements in net_registry_check.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5ba0b72f by Andreas Schneider at 2018-03-01T03:37:43Z
s3:utils: Add FALL_THROUGH statements in ntlm_auth.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7619442a by Andreas Schneider at 2018-03-01T03:37:43Z
s3:winbindd: Add FALL_THROUGH statements in idmap_autorid.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1563f392 by Andreas Schneider at 2018-03-01T03:37:44Z
s4:dsdb: Add FALL_THROUGH statements in password_hash.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a31147d6 by Andreas Schneider at 2018-03-01T03:37:44Z
s4:lib: Add FALL_THROUGH statements in http.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d4ccca2d by Andreas Schneider at 2018-03-01T03:37:44Z
s3:spoolss: Remove incorrect fall through comment in srv_spoolss_nt.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1aabfff8 by Andreas Schneider at 2018-03-01T08:52:37Z
libsmb: Remove incorrect fall through comment in trusts_util.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Mar 1 09:52:37 CET 2018 on sn-devel-144
- - - - -
43ca89b4 by Garming Sam at 2018-03-01T08:53:45Z
tests/dbcheck: Provision using the old schema and ignore displayName
These tests are currently not run on Ubuntu due to bashisms in the test.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
79d70d98 by Timur I. Bakeyev at 2018-03-01T08:53:45Z
Remove some bashisms from the test scripts
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
ea3a80e6 by Garming Sam at 2018-03-01T08:53:45Z
domain.py: Give some advice if the schema upgrade command fails
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0cf640a2 by Andreas Schneider at 2018-03-01T08:53:45Z
third_party: Update pam_wrapper to version 1.0.5
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
6a65ea90 by Andreas Schneider at 2018-03-01T08:53:45Z
third_party: Add missing config.h in libpamtest
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4f76a1de by Volker Lendecke at 2018-03-01T08:53:45Z
winbind: Implement forall_children()
Step 0 in removing winbindd_children as a variable: We have access to
all children via our domain list and the two explicit children. There's
no need to separately maintain a list of winbind children. Maintaining
child->pid != 0 is sufficient to make sure we only walk active children.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
94c02211 by Volker Lendecke at 2018-03-01T08:53:45Z
winbind: Use forall_children in winbind_child_died()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
723560ae by Volker Lendecke at 2018-03-01T08:53:45Z
winbind: "internal" children never have a domain set
Look at setup_domain_child(): There we always set child->domain. The only other
two children are the idmap and locator children, which don't have a domain set.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
815bdc65 by Volker Lendecke at 2018-03-01T08:53:45Z
winbind: Remove unused winbindd_internal_child()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0c58fb36 by Volker Lendecke at 2018-03-01T08:53:45Z
winbind: Use forall_domain_children in winbind_msg_offline()
Note that we only walk the domain children, which all have
child->domain != NULL. So we don't need that check anymore.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
dba9a12e by Volker Lendecke at 2018-03-01T08:53:45Z
winbind: Use forall_domain_children in winbind_msg_online
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0e6d3a59 by Volker Lendecke at 2018-03-01T08:53:45Z
winbind: Use forall_children in winbind_msg_ip_dropped_parent()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
09677053 by Volker Lendecke at 2018-03-01T08:53:45Z
winbind: Use forall_children in reinit_after_fork()
This removes the special handling for idmap_child() after the "This is
a little tricky" comment. I believe this was not required at all, the
idmap_child is part of the winbindd_children list.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
33f5f5c4 by Volker Lendecke at 2018-03-01T08:53:46Z
winbind: Remove the "winbindd_children" global
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
49adb5ac by Volker Lendecke at 2018-03-01T08:53:46Z
winbind: Fix a race between the sigchld and 0-sized socket read
Fix a bug when a child dies when a request is pending in the child. If the
signal handler fires before epoll finds out the other end of the parent-child
socket is closed, we close the socket on our side without taking care of the
pending request. This causes two problems: First, that one pending request
never is replied to properly, and secondly, we might end up with EPOLL_DEL on a
wrong file descriptor. This causes all sorts of trouble if we hit an active
one.
The fix for this problem is not to close the socket in winbind_child_died().
This however stops an idle child that dies hard from being properly cleaned up.
The fix for that is to add the child->monitor_fde that is set pending only when
no child request is active. This way we can remove the close(sock) in the
signal handler.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c3806260 by Volker Lendecke at 2018-03-01T13:48:19Z
winbind: Fix --ping-dc error handling
If the child dies at the wrong moment, we get an error in the "req" itself.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13309
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Mar 1 14:48:19 CET 2018 on sn-devel-144
- - - - -
9a971bcd by Andreas Schneider at 2018-03-01T13:49:45Z
auth:credentials: Add FALL_THROUGH statements in credentials.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
654a66b7 by Andreas Schneider at 2018-03-01T13:49:45Z
auth:credentials: Avoid an 'else' branch
This moves the 'return' statement to the end of the 'case' and makes clear
we leave here.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
33fa6778 by Andreas Schneider at 2018-03-01T18:38:12Z
wafsamba: Build with -Wimplicit-fallthrough if supported
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Mar 1 19:38:12 CET 2018 on sn-devel-144
- - - - -
1e18edc7 by Martin Schwenke at 2018-03-01T18:39:14Z
ctdb-packaging: Make the ctdb package own more directories
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
61a0ae91 by Martin Schwenke at 2018-03-01T18:39:14Z
ctdb-packaging: Package event scripts via a wildcard
This avoids churn as event scripts are renamed and moved about.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0519c513 by Martin Schwenke at 2018-03-01T18:39:14Z
ctdb-scripts: Do not use ctdb_service_reconfigure() for policy routing
This is an unconditional reconfiguration so skip the unnecessary
logic.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
c8dfd4fe by Martin Schwenke at 2018-03-01T18:39:14Z
ctdb-scripts: Add default for public addresses file where missing
This makes it consistent with the rest of the script code.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1c2361a5 by Martin Schwenke at 2018-03-01T18:39:14Z
ctdb-tests: Fix a double-typo bug
Amazingly, the code actually works! Understanding why is homework for
real shell experts, who are not necessarily created ==!
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bb03532c by Martin Schwenke at 2018-03-01T18:39:14Z
ctdb-tests: Use consistent NAT gateway nodes file
Using a different file each time causes the event script to believe
that the configuration has changed even though only the node states
have changed. Change this to stop the tests from doing something
unexpected.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
5537b368 by Martin Schwenke at 2018-03-01T18:39:14Z
ctdb-tests: Drop unneccessary unset of variable
The comment is incorrect. This is only set when running simple tests
on local daemons.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
99350c18 by Martin Schwenke at 2018-03-01T18:39:14Z
ctdb-tests: Clean up PATH setting for stubs/ subdirectory
Drop unnecessary PATH setting in rc.local. The functions file no
longer sets PATH so setting it here is unnecessary. Fix a comment
referencing this PATH setting.
Given EVENTSCRIPTS_PATH is no longer used, use a more obvious variable
name and fail on missing stubs/ subdirectory.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e0e6e40d by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tests: Check for errors when adding stubs/ subdirectory to PATH
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
86f6481e by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tests: Avoid creating files in /tmp.
Temporary test data should all go somewhere under TEST_VAR_DIR instead
of in the global /tmp. The existing mktemp could be changed so the
data goes into the test directory but mktemp is overkill in this case.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ca315203 by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-common: Drop debugging variable CTDB_EXTERNAL_TRACE
This was an attempt to debug an unexpected situation. It never
triggered, so delete it and all supporting code.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9260ca21 by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tools: Change onnode to use ONNODE_SSH and ONNODE_SSH_OPTS
Instead of more generic SSH and EXTRA_SSH_OPTS.
Quietly drop reference to rsh in case it gives anyone ideas.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
248c3741 by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tools: Introduce a variable to hold the ssh command
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
254a1842 by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tools: Revisit stray file descriptor avoidance in onnode
Commit 635da189dccef6516d490c228407b9987986c578 fixed a problem where
a stray file descriptor leaked into a subshell.
Explicitly close the file descriptor at the outermost possible point
rather than relying on fakessh() to do it.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d1ff9468 by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tests: Add fake ssh command for local daemons tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
53fea36b by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tests: Use fake ssh script for onnode in local daemons tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8f9ac941 by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tools: Remove test hooks from onnode
CTDB_NODES_SOCKETS is no longer used. The test code uses ONNODE_SSH
to run a fake ssh client.
Leave indenting sloppy and fix it in the next commit so that this
change is clear.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9a12d6af by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tools: Reindent parts of onnode
No functional changes. Best viewed with diff/show -w to avoid
whitespace differences.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
2ad1604c by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-scripts: Avoid no-op "ctdb ptrans" call
This causes unnecessary g_lock activity and overhead.
This could be optimised in ctdb.c:control_ptrans(). However, that
makes the code more complex. Let's only do that if we get more
potentially no-op uses.
Note no optimisation is needed in the "notify" case because there is
already an early exit if there are no items.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
11c4bb11 by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tests: Exit on statd-callout sub-test failure
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
95888c8e by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-scripts: Clean up statd-callout
This means there will be 2 loops reading the data but the code flow is
much more obvious.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4bb8a622 by Martin Schwenke at 2018-03-01T18:39:15Z
ctdb-tests: Generalise SM_NOTIFY output format in statd-callout tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
426e4a5a by Amitay Isaacs at 2018-03-01T23:38:52Z
ctdb-pmda: Use modified API in pcp library 4.0
Support backward compatibility by checking for __pmID_int type, which
was previously in <pcp/impl.h>. In the new version, this type is not
defined anymore and there is no need to include <pcp/impl.h>.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Mar 2 00:38:52 CET 2018 on sn-devel-144
- - - - -
b67ffaf5 by Dan Robertson at 2018-03-01T23:39:58Z
libsmb: Use smb2 tcon if conn_protocol >= SMB2_02
When the connection protocol is SMB2 the tid from the smb1 member is
used instead of smb2 in cli_state_set_tid which often results in a null
deref.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13310
Signed-off-by: Dan Robertson <drobertson at tripwire.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a89a7146 by Andreas Schneider at 2018-03-01T23:39:59Z
s3:smbd: Do not crash if we fail to init the session table
This should the following segfault with SMB1:
#6 sig_fault (sig=<optimized out>) at ../lib/util/fault.c:94
#7 <signal handler called>
#8 smbXsrv_session_create (conn=conn at entry=0x5654d3512af0, now=now at entry=131594481900356690, _session=_session at entry=0x7ffc93a778e8)
at ../source3/smbd/smbXsrv_session.c:1212
#9 0x00007f7618aa21ef in reply_sesssetup_and_X (req=req at entry=0x5654d35174b0) at ../source3/smbd/sesssetup.c:961
#10 0x00007f7618ae17b0 in switch_message (type=<optimized out>, req=req at entry=0x5654d35174b0) at ../source3/smbd/process.c:1726
#11 0x00007f7618ae3550 in construct_reply (deferred_pcd=0x0, encrypted=false, seqnum=0, unread_bytes=0, size=140, inbuf=0x0, xconn=0x5654d35146d0)
at ../source3/smbd/process.c:1762
#12 process_smb (xconn=xconn at entry=0x5654d3512af0, inbuf=<optimized out>, nread=140, unread_bytes=0, seqnum=0, encrypted=<optimized out>,
deferred_pcd=deferred_pcd at entry=0x0) at ../source3/smbd/process.c:2008
#13 0x00007f7618ae4c41 in smbd_server_connection_read_handler (xconn=0x5654d3512af0, fd=40) at ../source3/smbd/process.c:2608
#14 0x00007f761587eedb in epoll_event_loop_once () from /lib64/libtevent.so.0
Inspection the core shows that:
conn->client-session_table is NULL
conn->protocol is PROTOCOL_NONE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13315
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f59f6cef by Ralph Boehme at 2018-03-02T04:49:18Z
nsswitch: fix wbinfo -m --verbose trust type "Local"
Remove wrong "Local" strcmp(), there's another one, the correct one, a few lines
below. Since commit 95e3307917b5731ab883ee5fce530c5b559b4934
WBC_DOMINFO_TRUSTTYPE_NONE, which corresponded to the string "None" in the
winbindd response, is not used anymore.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13313
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Mar 2 05:49:18 CET 2018 on sn-devel-144
- - - - -
f3b650fc by Christof Schmitt at 2018-03-02T09:49:08Z
Fix autobuild for user names starting with c
This is similar to the fix from commit 0b1ba00: Now commit 475a7616 introduced
tests that create user names in the form DOMAIN\USER and pass them through
shell functions. There "echo" is used to print he username, resulting in
/bin/dash on sn-devel to interpret e.g. \c which skips any further output. The
result are test exceptions like:
failure: samba4.blackbox.trust_ntlm.Test01 rpcclient lookupnames with LOCALADMEMBER\cs(ad_member:local) [
Exception: Exception: LOCALADMEMBER
]
time: 2018-02-26 23:00:46.688800Z
Fix this by replacing the echo with printf %s. This surfaced for
test_rpcclient_grep, but apply the same change to all functions in
common_test_fns.inc for consistency.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Fri Mar 2 10:49:09 CET 2018 on sn-devel-144
- - - - -
ea893be3 by Andreas Schneider at 2018-03-02T13:07:14Z
util: Fix the logic in ms_fnmatch_protocol()
Make sure we always pass a valid max_n pointer to ms_fnmatch_core().
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
- - - - -
ba6a8257 by David Disseldorp at 2018-03-02T13:07:14Z
tests: Add basic ms_fnmatch unit test
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: David Disseldorp <ddiss at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
- - - - -
2dd94e41 by Noel Power at 2018-03-02T13:07:14Z
s3:libads: ads_get_dnshostname & ads_get_samaccountname don't use param
Both ads_get_dnshostname() & ads_get_samaccountname() are passed
a param machinename as a argument. Instead of using 'machinename' these
functions are erroneously using lp_netbiosname() instead.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
d9593803 by Noel Power at 2018-03-02T13:07:14Z
s3:libads: Clean up code a little rename 'ads_get_samaccountname()'
Function 'ads_get_samaccountname()' basically returns the machine_name passed
as an input param (appended with '$') if it exists on the ad. The function
really is testing for the existence of the samaccountname and is not really
'getting' it. This is also the way it is used. Renaming this function to
'ads_has_samaccountname()' better reflects what it is actually doing and how
clients calling the code use it. It also makes the client code using calling
this function less confusing.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
cf0823fb by Noel Power at 2018-03-02T13:07:14Z
s3:libads: Add a basic Windows SPN parser.
(see https://social.technet.microsoft.com/wiki/contents/articles/717.service-principal-names-spns-setspn-syntax-setspn-exe.aspx)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
1400ab70 by Noel Power at 2018-03-02T13:07:14Z
s3:libads: change ads_add_service_principal_name implementation
Previously the function 'ads_add_service_principal_name' created
the SPNs based on the machine_name and dns name passed to the function.
In order to prepare for a future patch that will also need to write
SPN(s) to the AD computer account, the function implementation will
need to be changed. Instead of the function creating the SPN(s) it
will now take the list SPN(s) to write to the AD 'machine_name' account
as an input param instead.
The name of the function has been changed to
'ads_add_service_principal_names' to reflect this. Additionally client
code now needs to construct the SPNs to be passed into the function.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
65ef044b by Noel Power at 2018-03-02T13:07:14Z
s3:utils: add new 'net ads setspn list' subcommand
This patch adds basic functionality not unlike the setspn.exe
command that is provided by windows for adminsistering SPN on
the AD. (see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc731241(v=ws.11)
Only the basic list operation (that corresponds to the -l
switch for setspn.exe is implemented)
Usage:
net ads setspn list <computer>
Note: <computer> is optional, if not specified the computer account
associated with value returned by lp_netbios_name() is used instead.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
8a6c3c5a by Noel Power at 2018-03-02T13:07:14Z
s3:utils: add new 'net ads setspn add' subcommand
This patch adds 'add' to the 'net ads setspn' subcommand
(see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc731241(v=ws.11)
Usage:
net ads setspn add <computer> <SPN>
Note: <computer> is optional, if not specified the computer account
associated with value returned by lp_netbios_name() is used instead.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
5fa82263 by Noel Power at 2018-03-02T13:07:14Z
s3:utils: add new 'net ads setspn delete' subcommand
This patch adds 'delete' to the 'net ads setspn' subcommand
(see https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc731241(v=ws.11)
Usage:
net ads setspn delete <computer> <SPN>
Note: <computer> is optional, if not specified the computer account
associated with value returned by lp_netbios_name() is used instead.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
21889ca2 by Noel Power at 2018-03-02T13:07:14Z
testprocs/blackbox: Add tests for net ads setspn (add|delete|list)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
efabfb1c by Noel Power at 2018-03-02T13:07:14Z
s3:libads: Allow 'net ads keytab add' handle Windows SPN(s) part 1
This patch addresses how the windows SPN is converted into a kerberos
priniciple to be written to the keytab file. A followup patch will
deal with writing Window SPN(s) to the AD.
Before this change 'net ads keytab add' handled three scenarios
a) 'net ads keytab add param' is passed a fully qualified kerberos principal
(identified by the presence of '@' in param) In this scenario the keytab
file alone is updated with the principal contained in 'param'.
b) 'net ads keytab add param'; is passed a machine name (identified by
the paramater ending with '$'). In this case the machine name
is converted to a kerberos principal with according to the recipe
'param at realm' where realm is determined by lp_realm().
c) 'net ads keytab add param' is passed a service (e.g. nfs, http etc.)
In this scenario the param containing the service is first converted to
into 2 kerberos principals (long and short forms) according to the
following recipe
i) long form: 'param/fully_qualified_dns at realm'
ii) short form: 'param/netbios_name at realm'
where 'fully_qualified_dns is retrieved from 'dNSHostName' attribute of
'this' machines computer account on the AD.
The principals are written to the keytab file
Secondly 2 windows SPNs are generated from 'param' as follows
i) long form 'param/full_qualified_dns'
ii) short form 'param/netbios_name'
These SPNs are written to the AD computer account object
After this change a) & b) & c) will retain legacy behaviour except
in the case of c) where if the 'param' passed to c) is a Windows SPN
(e.g. conforming to format 'serviceclass/host:port'
i) 'param' will get converted to a kerberos principal (just a single one)
with the following recipe: 'serviceclass/host at realm' which will
be written to the keytab file. The SPN written to the AD is created
as before and the legacy behaviour is preserved.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6cac9a47 by Noel Power at 2018-03-02T13:07:15Z
s3:libads: Allow 'net ads keytab add' handle Windows SPN(s) part 2
This patch addresses how the windows SPN is written to the AD.
If a legacy service (e.g. cifs, http etc.) is passed as param to
'net ads keytab add param' then windows SPNs are generated from
'param' as follows
i) long form 'param/full_qualified_dns'
ii) short form 'param/netbios_name'
If the SPN is a is a Windows SPN (e.g. conforming to format
'serviceclass/host:port') then this is the SPN that is passed to
the AD.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
53190e9a by Noel Power at 2018-03-02T13:07:15Z
testprogs:: Add blackbox tests for 'net ads keytab add'
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
4e518ecd by Noel Power at 2018-03-02T13:07:15Z
s3:libads: add param to prevent writing spn(s) to ads
'net ads keytab add' currently in addition to adding to the
keytab file this command also can update AD computer objects
via ldap. This behaviour isn't very intuitive or expected given
the command name. By default we shouldn't write to the ADS.
Prepare to change the default behaviour by modifying the function
'ads_keytab_add_entry' to take a paramater to modify the existing
behaviour to optionally update the AD (or not).
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
5adb29f2 by Noel Power at 2018-03-02T13:07:15Z
s3:utils: Modify default behaviour of 'net ads keytab add'
This change modifies the behaviour of 'net ads keytab add' such
that only the keytab file is modified.
A new command 'net ads keytab add_update_ads' has been added that
preserves the legacy behaviour which can update the AD computer
object with Winows SPN(s) as appropriate. Alternatively the new
command 'net ads setspn add' can be used to manually add the
windows SPN(s) that previously would have been added.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
284f5508 by Noel Power at 2018-03-02T13:07:15Z
testprogs: Switch expected failure tests to expected pass
Following the commit to change the behaviour of 'net ads keytab add' and
new 'keytab add_update_ads' some tests previously failing should now
pass.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0af66455 by Noel Power at 2018-03-02T13:07:15Z
s3:libads: 'net ads keytab create' shouldn't write SPN(s)
Modify default behaviour of 'net ads keytab create'
The change modifies the behaviour of 'net ads keytab create' such
that only the keytab file is modified. The current behaviour doesn't
make sense, existing SPN(s) pulled from the computer AD object have
the format 'serviceclass/host:port/servicename'.
'ads_keytab_create_default' calls ads_keytab_add_entry passing
'serviceclass' for each SPN retrieved from the AD. For each
serviceclass passed in a new pair of SPN(s) is generated as follows
i) long form 'param/full_qualified_dns'
ii) short form 'param/netbios_name'
This doesn't make sense as we are creating a new SPN(s) from an existing
one probably replacing the existing host with the 'client' machine.
If the keytab file exists then additionally each kerberos principal in the
keytab file is parsed to strip out the primary, then 'ads_keytab_add_entry'
is called which then tries by default to generate a SPN from any primary
that doesn't end in '$'. By default those SPNs are then added to the AD
computer account for the client running the command.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
ebe9a86e by Noel Power at 2018-03-02T13:07:15Z
testprogs: 'net ads keytab create' expected failures should now pass
Following the commit to change the behaviour of 'net ads keytab create'
some tests previously failing should now pass.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
f542749a by Noel Power at 2018-03-02T13:07:15Z
docs: Add manpage for 'net ads keytab' subcommand
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0a19e8b4 by Noel Power at 2018-03-02T13:07:15Z
docs: Add manpage for new 'net ads setspn' subcommand
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6ba24260 by Noel Power at 2018-03-02T18:12:08Z
WHATSNEW: Add info for 'net ads keytab' and 'net ads setspn' changes
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Mar 2 19:12:08 CET 2018 on sn-devel-144
- - - - -
14f83ff8 by Swen Schillig at 2018-03-02T18:13:52Z
Zero libnet_LookupName out struct before using
Zero libnet_LookupName out struct before setting results,
preventing false result interpretation.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
- - - - -
6d0b6e93 by Swen Schillig at 2018-03-02T18:13:52Z
Minor cleanup of libnet_LookupName_recv
Reduce indentation level and comply with 80 column rule.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
- - - - -
e01d7d9d by Swen Schillig at 2018-03-02T23:00:34Z
Replace NT_STATUS_HAVE_NO_MEMORY macro
Replaced NT_STATUS_HAVE_NO_MEMORY macro and fixed
memory leaking error-path.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Sat Mar 3 00:00:34 CET 2018 on sn-devel-144
- - - - -
c5857f10 by Andreas Schneider at 2018-03-02T23:01:23Z
s3:tests: Skip smbd error test if we do not log to stdout
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlet <abartlet at samba.org>
- - - - -
782358a7 by Andreas Schneider at 2018-03-02T23:01:23Z
testprogs: Return the correct error status code
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlet <abartlet at samba.org>
- - - - -
ffb836f3 by Andreas Schneider at 2018-03-03T04:19:38Z
selftest: Impove test names for samba.wbinfo_simple
This simplifies selecting a specific test to run.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlet <abartlet at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Sat Mar 3 05:19:38 CET 2018 on sn-devel-144
- - - - -
0bfbcdb6 by Gary Lockyer at 2018-03-03T04:20:35Z
ldb_tdb: Add support for an option to restrict the key length
Allow the setting of the maximum key length, this allows the testing of
index key truncation code. Index key truncation is required to allow
the samba indexing scheme to be used with backends that enforce a
maximum key length.
This will allow emulation of a length-limited key DB for testing.
This is a testing-only feature, as the index format changes
based on this value.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5c1504b9 by Gary Lockyer at 2018-03-03T04:20:35Z
ldb_tdb: Do not fail in GUID index mode if there is a duplicate attribute
It is not the job of the index code to enforce this, but do give a
a warning given it has been detected.
However, now that we do allow it, we must never return the same
object twice to the caller, so filter for it in ltdb_index_filter().
The GUID list is sorted, which makes this cheap to handle, thankfully.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
09180689 by Gary Lockyer at 2018-03-03T04:20:35Z
ldb_tdb: Cope with key truncation
Modify the indexing code to handle a maximum key length, index keys
greater than the maximum length will be truncated to the maximum length.
And the unuque index code has been altered to handle multiple records
for the same index key.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1d86a089 by Gary Lockyer at 2018-03-03T04:20:35Z
ldb_tdb: Do not give the warning of duplicate attributes in truncation
In the truncation case a duplicate is perfectly expected.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ee74d4bb by Gary Lockyer at 2018-03-03T04:20:35Z
ldb_tdb: Refuse to store a value in a unique index that is too long
Rather than add many special cases, over-long unique values are simply banned.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9a4fd234 by Gary Lockyer at 2018-03-03T04:20:35Z
ldb_tdb: Combine identical not GUID index and special DN cases
Fold together two identical cases to simplify the code.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
4c0c888b by Gary Lockyer at 2018-03-03T08:58:40Z
ldb_tdb: Add tests for truncated index keys
Tests for the index truncation code as well as the GUID index
format in general.
Covers truncation of both the DN and equality search keys.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat Mar 3 09:58:40 CET 2018 on sn-devel-144
- - - - -
ffcc3671 by Douglas Bagnall at 2018-03-05T00:33:46Z
tests/smbcontrol: reduce ping test false positive rate
The ping test was failing when a transient ldap_server process died
between the time it was listed and the time it was pinged. We stop
treating that as failure.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Mar 5 01:33:46 CET 2018 on sn-devel-144
- - - - -
db4d72d2 by Andreas Schneider at 2018-03-05T15:01:17Z
ldb: Directly return an error and do not fall through
Detected by -Wimplicit-fallthrough.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlet <abartlet at samba.org>
- - - - -
b4aa16b9 by David Disseldorp at 2018-03-05T15:01:17Z
ctdb/pmda: fix num_recoveries metric store
The num_recoveries metric is declared as PM_TYPE_U32, so should be
used accordingly.
Suggested-by: Nathan Scott <nathans at redhat.com>
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c59d5e11 by David Disseldorp at 2018-03-05T19:49:51Z
build: fix standalone ctdb build --with-systemd
For standalone ctdb builds, a samba-util-core dependency is added,
without corresponding systemd libraries, which are needed when
become_daemon.c is built --with-systemd. This results in:
default/lib/util/become_daemon_20.o: In function `daemon_status':
become_daemon.c:(.text+0x456): undefined reference to `sd_notifyf'
collect2: error: ld returned 1 exit status
Fix this by moving the systemd library dependencies from samba-util to
samba-util-core, the become_daemon.c base build target.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Mar 5 20:49:51 CET 2018 on sn-devel-144
- - - - -
1265346f by Andrew Bartlett at 2018-03-05T19:50:14Z
partition: Use a transaction to write and a read lock to read the LDB_METADATA_SEQ_NUM
This is critical as otherwise we can read a sequence number in advance
of the data that it represents and so have a false cache.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
8caf84a8 by Garming Sam at 2018-03-05T19:50:14Z
schema: Do not read different schema sequence values during a read transaction
During a read lock, we find ourselves seeing an unchanged schema, but
reading any updates to the metadata.tdb (in the case of lmdb, where
reads do not block writes).
The alternative is to read-lock the entire metadata.tdb, however, this
allows more concurrency by allowing reads not to block writes.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
242cf337 by Garming Sam at 2018-03-05T19:50:14Z
partition: Leave metadata.tdb unlocking until last
With the lmdb patches, I have cleanly observed the database being read
in between the commit of the metadata.tdb and the eventual commits of
the individual partitions.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c4c64ff5 by Gary Lockyer at 2018-03-05T19:50:14Z
ldb_mod_op_test: Fix core dump on ldb_case_attrs_index_test_teardown
With no schema syntax, this would occasionally crash as it dereferenced
some possibly NULL sequence of memory.
Note: Removing all tests except this one, made it crash reliably.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bca8ac02 by Gary Lockyer at 2018-03-05T19:50:15Z
remove_dc.py: Abort transaction before throwing an exception
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
313b0c60 by Garming Sam at 2018-03-05T19:50:15Z
schema_set: Add a missing newline between functions
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8ac1646e by Bob Campbell at 2018-03-05T19:50:15Z
samdb/schema_load: do schema loading with one search
It appears that there was a race condition between searching for the
attribute & class definitions, and searching for the schema object, if
the schema was changed in-between the two searches.
This is likely the cause of ldap_schema being flapping.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12889
Signed-off-by: Bob Campbell <bobcampbell at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2a0e0227 by Garming Sam at 2018-03-05T19:50:15Z
dsdb: The schema should be reloaded during the transaction
Reload the schema just after getting the tranaction lock
but before the transaction counter is bumped.
This ensures we reload the schema exactly once but with
the DB locked.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9c8f00aa by Garming Sam at 2018-03-05T19:50:15Z
ldb_tdb: Begin abstracting out the base key value operations
This will allow us to change the backend from tdb to lmdb.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e33fb2c6 by Garming Sam at 2018-03-05T19:50:15Z
ldb_tdb: Replace exists, name and error_map with key value ops
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
448101a3 by Garming Sam at 2018-03-05T19:50:15Z
ldb_tdb: Replace tdb transaction code with generic key value ones
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e21a476c by Garming Sam at 2018-03-05T19:50:15Z
ldb_tdb: Add lock_read and unlock_read to key value ops
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c66a0054 by Garming Sam at 2018-03-05T19:50:15Z
ldb_tdb: Remove tdb_get_seqnum and use a generic 'has_changed'
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
141148ed by Gary Lockyer at 2018-03-05T19:50:15Z
ldb_tdb: Add errorstr to the key value ops
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
68423e9f by Garming Sam at 2018-03-05T19:50:15Z
ldb_tdb: factor out the (to be) common init code
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c9f2ff27 by Garming Sam at 2018-03-05T19:50:15Z
ldb_tdb: Use key value ops for fetch command
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
4d5180e4 by Garming Sam at 2018-03-05T19:50:15Z
ldb_tdb: Implement a traversal function in key value ops
This can handle both read-only and writable traverses.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e3d364a9 by Garming Sam at 2018-03-05T19:50:16Z
partition: Allow a different backend store from @PARTITION
By default, use tdb, but otherwise read the value from backendStore.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
4014499b by Garming Sam at 2018-03-06T00:39:16Z
ldb_tdb: Build a key value operation library
This allows sharing of the originally ldb_tdb operations to the new
ldb_mdb backend.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Mar 6 01:39:16 CET 2018 on sn-devel-144
- - - - -
0009a12b by Gary Lockyer at 2018-03-06T22:30:26Z
ldb: Remove python warning in tests/python/index.py
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7b8f540b by Gary Lockyer at 2018-03-06T22:30:26Z
selftest: Change name to sam.ldb to align with new partition module assumptions
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
87708c3f by Gary Lockyer at 2018-03-06T22:30:26Z
ldb_mod_op_test: Add new nested transactions test
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7f625f9b by Gary Lockyer at 2018-03-07T03:38:02Z
ldb_mod_op_test: Make sure that closing the database frees locks
Without the destructor firing, this test used to pass, but now we show
that we must be able to open a new ldb handle.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Mar 7 04:38:02 CET 2018 on sn-devel-144
- - - - -
e9059c7b by Jeremy Allison at 2018-03-07T22:11:21Z
s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
019a1bc4 by Jeremy Allison at 2018-03-07T22:11:21Z
s3: vfs_fruit: Ensure we operate on a copy of the incoming security descriptor.
This will allow us to modify it in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8edad37e by Jeremy Allison at 2018-03-07T22:11:21Z
s3: vfs_fruit. If the security descriptor was modified, ensure we set the flags correctly to reflect the ACE's left.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e0b147f6 by Jeremy Allison at 2018-03-08T03:09:38Z
s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's generated by fruit_fget_nt_acl().
Ensures they don't get stored in the underlying ACL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Mar 8 04:09:38 CET 2018 on sn-devel-144
- - - - -
f0bebcc4 by Garming Sam at 2018-03-08T13:14:37Z
ldb_tdb: Remove unnecessary call to tdb_get_seqnum
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Mar 8 14:14:37 CET 2018 on sn-devel-144
- - - - -
f70164d6 by Amitay Isaacs at 2018-03-09T06:08:23Z
ctdb-ib: Avoid fall through case statements
This is clearly unintended. Noticed with gcc 7.3.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
376e9794 by Amitay Isaacs at 2018-03-09T06:08:23Z
ctdb-client: Client code should never free the client context
This should never have been done.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
35cc786d by Amitay Isaacs at 2018-03-09T06:08:23Z
ctdb-tools: Wait for ctdb daemon to go away in shutdown
This can only be done on the local node. For remote node, exit as
soon as the control returns.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
efe3a727 by Amitay Isaacs at 2018-03-09T06:08:23Z
ctdb-tools: Drop ipiface command from ctdb tool
This command is not used anywhere and also does not work for IPv6
addresses.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
53c550d8 by Amitay Isaacs at 2018-03-09T06:08:23Z
ctdb-common: Drop unused function ctdb_sys_find_ifname()
The ioctl SIOCGIFCONF does not return IPv6 addresses, so this function
does not work for IPv6 addresses.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
8053f652 by Amitay Isaacs at 2018-03-09T06:08:23Z
ctdb-tools: Event script commands cannot be run without daemon
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
ba712302 by Amitay Isaacs at 2018-03-09T06:08:23Z
ctdb-tools: Fix documentation for ctdb ping command
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
20899613 by Martin Schwenke at 2018-03-09T06:08:23Z
ctdb-scripts: Move script state to its own directory
Don't use the same directory as temporary databases.
Make associated test consistent.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
fac6d23d by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Factor out function ctdb_setup_state_dir()
This allows state directories for scripts other than services.
ctdb_setup_state_dir() takes 2 mandatory arguments.
Unlike ctdb_setup_service_state_dir(), this does not print the
directory name but sets a global variable. The intention is to go
back to a more sensible style of usage.
This will require a shellcheck directive before the first use, such
as:
# Set by ctdb_setup_state_dir
# shellcheck disable=SC2154
foo="${script_state_dir}/bar"
An alternative would be something like the following, which tricks
shellcheck into believing the variable is set:
ctdb_setup_state_dir "service" "foo"
# Shellcheck
script_state_dir="$script_state_dir"
However, this is more cryptic.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
eed0e3f6 by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Use ctdb_setup_state_dir()
Replace all uses of ctdb_setup_service_state_dir() by
ctdb_setup_state_dir().
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ef0962ac by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Drop unused function ctdb_setup_service_state_dir()
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e6aae12b by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Move the reconfigure flag to the script state directory
Scripts that use these functions must call ctdb_setup_state_dir().
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bcadab71 by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Move failure counters to the service state directory
Scripts that use these counters must call ctdb_setup_state_dir().
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b416ed72 by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Simplify the names of NFS fail counter files
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
5a99835c by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-packaging: Use RPM's local state directory
Instead of fixed /var.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
914c8778 by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-tests: Rework simple tests daemon start/stop
Separate stopping and starting of daemons during restart
This allows actions to be taken after stopping and allows the init
testcase to be clearer about what it is doing.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a821306e by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Drop broken wrapper code that uses PID
The code has been broken since commit
4b652c1527afe7eff4075c95946abfa114d74015.
If ctdbd isn't all the way up in time just make a basic attempt to
shut it down.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bf250fe5 by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Drop unnecessary complexity from wrapper
All of this logic was necessary when ctdbd did poor PID file and
socket handling. Those things are now solid, so remove this
unnecessary logic.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9fe85f4c by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-packaging: Package up relevant /var subdirectories
They're already created at installation time. This way they don't
need to be created at startup.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0e5d5373 by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Don't create directory for PID file
This is already created by installation and/or packaging.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a2c6c983 by Martin Schwenke at 2018-03-09T06:08:24Z
ctdb-scripts: Drop init script PID directory backward compatibility
This tries to be backward compatible with very old versions of CTDB,
so don't bother.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6a547385 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-daemon: Provide default location for ctdbd PID file
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b0d892b9 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-daemon: CTDB_PIDFILE environment variable overrides default
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
52cdb03c by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-scripts: Drop PID file argument from wrapper
Use the default compile-time PID file.
Use a CTDB_PIDFILE environment variable when testing.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b1c87b26 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: Factor out setup of fake CTDB_BASE
Several test suites need the CTDB_BASE directory to contain a subset
of the regular contents of that subdirectory. In some cases there are
symbolic links in the test directory (or a subdirectory) and these
symbolic links need to be fixed at installation time.
Instead, add new function setup_ctdb_base() to set CTDB_BASE, create
the directory and populate it as specified. This relies on
script_install_paths.sh so it can copy the specified targets. It also
copies any files from the test directory's etc-ctdb/ subdirectory.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
258e1e04 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: Use setup_ctdb_base() for eventscript unit tests
There is currently a directory of symlinks that are copied during test
setup. These symlinks are updated during installation so they point
to the right place when copied.
Instead, use setup_ctdb_base() during test setup.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
2b38b823 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: Use setup_ctdb_base() for onnode unit tests
The nodes file is now in the CTDB_BASE directory so no CTDB_NODES_FILE
variable is needed.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ee9051b7 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: New directory for simple test state
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
2b09dc9d by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: Use SIMPLE_TESTS_VAR_DIR for data for local daemons tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
670668f4 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: Clean up nodes and public address file setup
Untangle a single loop into two separate, clear functions. Create a
separate, empty file for the node with no public IPs instead of
pointing the configuration at /dev/null.
Leave the indentation in setup_ctdb() in the old style to make this
commit comprehensible.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
caf6b1c6 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: Reindent setup_ctdb() function
This could have been done earlier but previous movement of lines out
to new functions has made the job easier.
Best viewed with show/diff -w.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a7a52169 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: Use setup_ctdb_base() for simple tests
The comment in local.bash is incorrect. CTDB_BASE will never be set
here because this script is not run under onnode. Instead, this where
CTDB_BASE needs to be set when running against a real cluster.
For local daemons, the check for CTDB_BASE being inconsistent with
node_dir is temporary.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
85598480 by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: Make fake ssh script set CTDB_BASE
The local daemons code puts the socket in the CTDB_BASE directory.
This means CTDB_NODES_SOCKETS can be replaced by CTDB_BASES, a list of
base directories. The fake ssh script can first determine the correct
CTDB_BASE directory and then use it to set CTDB_SOCKET and
CTDB_PIDFILE.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
98bd5b6a by Martin Schwenke at 2018-03-09T06:08:25Z
ctdb-tests: Depend on setup_ctdb_base() to install events.d/
This directory is only used by simple tests when running against local
daemons. Moving it to simple/etc-ctdb/events.d/ means that it is
automatically copied by setup_ctdb_base().
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bd66445e by Martin Schwenke at 2018-03-09T06:08:26Z
Revert "ctdb-doc: Fix monitoring bug in example NFS Ganesha call-out"
The check action should be there. It is used by 20.nfs_ganesha.check.
This reverts commit 4fa9026bbd9f67348d3203e0205c59ff4fb51d2d.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9e954bcb by Martin Schwenke at 2018-03-09T11:24:13Z
ctdb-tests: Don't use nc -d or -w options
nmap-ncat is used in some distributions to replace netcat. It has a
different meaning for these options.
We can get the same effect as the current combination of -d and -w by
piping a sleep process to nc. Subsequent use of $! works because it
gets the last process in pipeline.
Note that redirecting from /dev/null doesn't work with some versions
of nc. They just exit when they get EOF.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Mar 9 12:24:13 CET 2018 on sn-devel-144
- - - - -
b97d18f0 by Swen Schillig at 2018-03-12T19:39:16Z
s3: Fix max indentation and max column
Minor cleanup reducing the max indentation level and max column length.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
- - - - -
614f5a04 by Uri Simchoni at 2018-03-13T00:48:21Z
README.Coding: codify line splitting on function calls
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Mar 13 01:48:21 CET 2018 on sn-devel-144
- - - - -
fbd16473 by Ralph Boehme at 2018-03-13T09:24:26Z
CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty delete
Note that the request using the clearTextPassword attribute for the
password change is already correctly rejected by the server.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
b23bf04c by Ralph Boehme at 2018-03-13T09:24:26Z
CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for LDB_FLAG_MOD_TYPE
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c653e51a by Ralph Boehme at 2018-03-13T09:24:26Z
CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for passwordAttr->num_values
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
2fea9ee7 by Ralph Boehme at 2018-03-13T09:24:26Z
CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl in acl_check_password_rights()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
39e689aa by Ralph Boehme at 2018-03-13T09:24:26Z
CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password_rights()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0e15ce12 by Ralph Boehme at 2018-03-13T09:24:26Z
CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checks
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
766ab4c5 by Ralph Boehme at 2018-03-13T09:24:26Z
CVE-2018-1057: s4:dsdb/acl: add check for DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
9dd7dd9e by Ralph Boehme at 2018-03-13T09:24:27Z
CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in acl_check_password_rights()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
3e6621fe by Ralph Boehme at 2018-03-13T09:24:27Z
CVE-2018-1057: s4/dsdb: correctly detect password resets
This change ensures we correctly treat the following LDIF
dn: cn=testuser,cn=users,...
changetype: modify
delete: userPassword
add: userPassword
userPassword: thatsAcomplPASS1
as a password reset. Because delete and add element counts are both
one, the ACL module wrongly treated this as a password change
request.
For a password change we need at least one value to delete and one value
to add. This patch ensures we correctly check attributes and their
values.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
407a34c7 by Ralph Boehme at 2018-03-13T09:24:27Z
CVE-2018-1057: s4:dsdb/acl: run password checking only once
This is needed, because a later commit will let the acl module add a
control to the change request msg and we must ensure that this is only
done once.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ab7dc210 by Ralph Boehme at 2018-03-13T09:24:27Z
CVE-2018-1057: s4:dsdb/samdb: define DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control
Will be used to pass "user password change" vs "password reset" from the
ACL to the password_hash module, ensuring both modules treat the request
identical.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c8045685 by Ralph Boehme at 2018-03-13T09:24:27Z
CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID
This is used to pass information about which password change operation (change
or reset) the acl module validated, down to the password_hash module.
It's very important that both modules treat the request identical.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
50e77886 by Ralph Boehme at 2018-03-13T09:24:27Z
CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a control
This is not strictly needed to fig bug 13272, but it makes sense to also
fix this while fixing the overall ACL checking logic.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c41895be by Jeremy Allison at 2018-03-13T15:06:10Z
CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11343
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Mar 13 16:06:10 CET 2018 on sn-devel-144
- - - - -
8497d209 by Ralph Boehme at 2018-03-13T17:59:17Z
libds: rename UF_MACHINE_ACCOUNT_MASK to UF_TRUST_ACCOUNT_MASK
The name UF_TRUST_ACCOUNT_MASK better reflects the use case and it's not
yet used.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5d36aa65 by Karolin Seeger at 2018-03-13T19:02:20Z
VERSION: Bump version up to 4.8.1...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
20609aa2 by Ralph Boehme at 2018-03-13T22:48:28Z
s4: dsdb/password_hash: use UF_TRUST_ACCOUNT_MASK
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Mar 13 23:48:28 CET 2018 on sn-devel-144
- - - - -
bffae418 by Volker Lendecke at 2018-03-15T14:46:09Z
utils: Add destroy_netlogon_creds_cli
This is a pure testing utility that will garble the netlogon_creds_cli
session_key. This creates a similar effect to our schannel credentials
as does a domain controller reboot.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0af88b98 by Volker Lendecke at 2018-03-15T14:46:09Z
winbind: Add smbcontrol disconnect-dc
Make a winbind child drop all DC connections
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4b7a9d56 by Volker Lendecke at 2018-03-15T14:46:09Z
winbind: Keep "force_reauth" in invalidate_cm_connection
Right now I don't see a way to actually force a re-serverauth
from the client side as long as an entry in netlogon_creds_cli.tdb
exists. cm_connect_netlogon goes through invalidate_cm_connection, and
this wipes our wish to force a reauthenticatoin. Keep this intact until
we actually did reauthenticate.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
a8d5e4d3 by Ralph Boehme at 2018-03-15T14:46:09Z
winbindd: add and use ldap_reconnect_need_retry() in winbindd_reconnect_ads.c
ldap_reconnect_need_retry() is a copy of reconnect_need_retry() minus
the RPC connection invalidation.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
a33c1d25 by Ralph Boehme at 2018-03-15T14:46:09Z
winbindd: check for NT_STATUS_IO_DEVICE_ERROR in reset_cm_connection_on_error()
reconnect_need_retry() already checks for this error, it surfaces up
from tstream_smbXcli_np as a mapping for EIO.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
17749a5d by Ralph Boehme at 2018-03-15T14:46:09Z
winbindd: make reset_cm_connection_on_error() public
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
2837b796 by Ralph Boehme at 2018-03-15T14:46:09Z
winbindd: call reset_cm_connection_on_error() from reconnect_need_retry()
This ensures we use the same disconnect logic in the reconnect backend,
which calls reconnect_need_retry(), and in the dual_srv frontend which
calls reset_cm_connection_on_error.
Both reset_cm_connection_on_error() and reconnect_need_retry() are very
similar, both return a bool indicating whether a retry should be
attempted, unfortunately the functions have a different default return,
so I don't dare unifying them, but instead just call one from the other.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
2d1f00cc by Ralph Boehme at 2018-03-15T14:46:09Z
winbindd: force netlogon reauth for certain errors in reset_cm_connection_on_error()
NT_STATUS_RPC_SEC_PKG_ERROR is returned by the server if the server
doesn't know the server-side netlogon credentials anymore, eg after a
reboot. If this happens we must force a full netlogon reauth.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <vl at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
966ff379 by Ralph Boehme at 2018-03-15T14:46:09Z
winbindd: call dcerpc_binding_handle_is_connected() from reset_cm_connection_on_error()
To consolidate the error handling for RPC calls, add the binding handle
as an additional argument to reset_cm_connection_on_error().
All callers pass NULL for now, so no change in behaviour up to here.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
08718af3 by Ralph Boehme at 2018-03-15T14:46:09Z
winbindd: fix logic calling dcerpc_binding_handle_is_connected()
The calls were missing the negation operator, a retry should be
attempted is the binding handle got somehow disconnected behind the
scenes and is NOT connected.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
6244a2be by Ralph Boehme at 2018-03-15T14:46:10Z
winbindd: use reset_cm_connection_on_error() instead of dcerpc_binding_handle_is_connected()
This catches more errors and triggers retry as appropriate.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
c2cd2d3f by Ralph Boehme at 2018-03-15T14:46:10Z
winbindd: add retry to _wbint_LookupSids()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
fcf8edf9 by Ralph Boehme at 2018-03-15T14:46:10Z
winbindd: add retry to _wbint_DsGetDcName
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
e608f058 by Ralph Boehme at 2018-03-15T14:46:10Z
winbindd: add retry to _winbind_DsrUpdateReadOnlyServerDnsRecords
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
c37fbfcb by Ralph Boehme at 2018-03-15T19:57:43Z
winbindd: add retry to _winbind_SendToSam
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Mar 15 20:57:44 CET 2018 on sn-devel-144
- - - - -
82d8aa3b by Stefan Metzmacher at 2018-03-15T20:54:16Z
s3:torture: add SMB2-ANONYMOUS which asserts no GUEST bit for anonymous
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
bf707a1e by Stefan Metzmacher at 2018-03-15T20:54:16Z
s3:selftest: run SMB2-ANONYMOUS
This fails against a non AD DC smbd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f564847c by Ralph Boehme at 2018-03-15T20:54:16Z
libcli/security: only announce a session as GUEST if 'Builtin\Guests' is there without 'Authenticated User'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
28ad1306 by Stefan Metzmacher at 2018-03-15T20:54:16Z
s3:auth: remove unused auth_serversupplied_info->system
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f3ca3e71 by Stefan Metzmacher at 2018-03-15T20:54:16Z
s3:auth: add the "Unix Groups" sid for the primary gid
The primary gid might not be in the gid array.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
df3d2788 by Stefan Metzmacher at 2018-03-15T20:54:16Z
s3:auth: move add_local_groups() out of finalize_local_nt_token()
finalize_local_nt_token() will be used in another place,
were we don't want to add local groups in a following commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
efdc617c by Stefan Metzmacher at 2018-03-15T20:54:16Z
s3:passdb: handle dom_sid=NULL in create_builtin_{users,administrators}()
We should not crash if we're called with NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c2ffbf9f by Stefan Metzmacher at 2018-03-15T20:54:16Z
s3:auth: only call secrets_fetch_domain_sid() once in finalize_local_nt_token()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e8dc55d2 by Stefan Metzmacher at 2018-03-15T20:54:16Z
s3:auth: add add_builtin_guests() handling to finalize_local_nt_token()
We should add Builtin_Guests depending on the current token
not based on 'is_guest'. Even authenticated users can be member
a guest related group and therefore get Builtin_Guests.
Sadly we still need to use 'is_guest' within create_local_nt_token()
as we only have S-1-22-* SIDs there and still need to
add Builtin_Guests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4f81ef93 by Stefan Metzmacher at 2018-03-15T20:54:16Z
s3:auth: don't try to expand system or anonymous tokens in finalize_local_nt_token()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d3aae5ba by Stefan Metzmacher at 2018-03-15T20:54:17Z
s3:auth: pass AUTH_SESSION_INFO_* flags to finalize_local_nt_token()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7f47f9e1 by Stefan Metzmacher at 2018-03-15T20:54:17Z
s3:auth: remove static from finalize_local_nt_token()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
6ff89119 by Stefan Metzmacher at 2018-03-15T20:54:17Z
auth: add auth_user_info_copy() function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
af4bc135 by Stefan Metzmacher at 2018-03-15T20:54:17Z
s3:auth: add auth3_user_info_dc_add_hints() and auth3_session_info_create()
These functions make it possible to construct a full auth_session_info
from the information available from an auth_user_info_dc structure.
This has all the logic from create_local_token() that is used
to transform a auth_serversupplied_info to a full auth_session_info.
In order to workarround the restriction that auth_user_info_dc
doesn't contain hints for the unix token/name, we use
the special S-1-5-88 (Unix_NFS) sids:
- S-1-5-88-1-Y gives the uid=Y
- S-1-5-88-2-Y gives the gid=Y
- S-1-5-88-3-Y gives flags=Y AUTH3_UNIX_HINT_*
The currently implemented flags are:
- AUTH3_UNIX_HINT_QUALIFIED_NAME
unix_name = DOMAIN+ACCOUNT
- AUTH3_UNIX_HINT_ISLOLATED_NAME
unix_name = ACCOUNT
- AUTH3_UNIX_HINT_DONT_TRANSLATE_FROM_SIDS
Don't translate the nt token SIDS into uid/gids
using sid mapping.
- AUTH3_UNIX_HINT_DONT_TRANSLATE_TO_SIDS
Don't translate the unix token uid/gids to S-1-22-X-Y SIDS
- AUTH3_UNIX_HINT_DONT_EXPAND_UNIX_GROUPS
The unix token won't get expanded gid values
from getgroups_unix_user()
By using the hints it is possible to keep the current logic
where an authentication backend provides uid/gid values and
the unix name.
Note the S-1-5-88-* SIDS never appear in the final security_token.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e8402ec0 by Stefan Metzmacher at 2018-03-15T20:54:17Z
s3:auth: base make_new_session_info_system() on auth_system_user_info_dc() and auth3_create_session_info()
The changes in the resulting token look like this:
unix_token : *
unix_token: struct security_unix_token
uid : 0x0000000000000000 (0)
gid : 0x0000000000000000 (0)
- ngroups : 0x00000000 (0)
- groups: ARRAY(0)
+ ngroups : 0x00000001 (1)
+ groups: ARRAY(1)
+ groups : 0x0000000000000000 (0)
...
domain_name : *
domain_name : 'NT AUTHORITY'
dns_domain_name : NULL
- full_name : NULL
- logon_script : NULL
- profile_path : NULL
- home_directory : NULL
- home_drive : NULL
- logon_server : NULL
+ full_name : *
+ full_name : 'System'
+ logon_script : *
+ logon_script : ''
+ profile_path : *
+ profile_path : ''
+ home_directory : *
+ home_directory : ''
+ home_drive : *
+ home_drive : ''
+ logon_server : *
+ logon_server : 'SLOWSERVER'
last_logon : NTTIME(0)
last_logoff : NTTIME(0)
acct_expiry : NTTIME(0)
last_password_change : NTTIME(0)
allow_password_change : NTTIME(0)
force_password_change : NTTIME(0)
logon_count : 0x0000 (0)
bad_password_count : 0x0000 (0)
- acct_flags : 0x00000000 (0)
+ acct_flags : 0x00000010 (16)
authenticated : 0x01 (1)
unix_info : *
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a2a289d0 by Stefan Metzmacher at 2018-03-15T20:54:17Z
s3:auth: pass the whole auth_session_info from copy_session_info_serverinfo_guest() to create_local_token()
We only need to adjust sanitized_username in order to keep the same behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
6afb6b67 by Stefan Metzmacher at 2018-03-15T20:54:17Z
s3:auth: add make_{server,session}_info_anonymous()
It's important to have them separated from make_{server,session}_info_guest(),
because there's a fundamental difference between anonymous (the client requested
no authentication) and guest (the server lies about the authentication failure).
The following is the difference between guest and anonymous token:
security_token: struct security_token
- num_sids : 0x0000000a (10)
- sids: ARRAY(10)
- sids : S-1-5-21-3793881525-3372187982-3724979742-501
- sids : S-1-5-21-3793881525-3372187982-3724979742-514
- sids : S-1-22-2-65534
- sids : S-1-22-2-65533
+ num_sids : 0x00000009 (9)
+ sids: ARRAY(9)
+ sids : S-1-5-7
sids : S-1-1-0
sids : S-1-5-2
- sids : S-1-5-32-546
sids : S-1-22-1-65533
+ sids : S-1-22-2-65534
+ sids : S-1-22-2-100004
sids : S-1-22-2-100002
sids : S-1-22-2-100003
+ sids : S-1-22-2-65533
privilege_mask : 0x0000000000000000 (0)
...
unix_token : *
unix_token: struct security_unix_token
uid : 0x000000000000fffd (65533)
gid : 0x000000000000fffe (65534)
- ngroups : 0x00000004 (4)
- groups: ARRAY(4)
+ ngroups : 0x00000005 (5)
+ groups: ARRAY(5)
groups : 0x000000000000fffe (65534)
- groups : 0x000000000000fffd (65533)
+ groups : 0x00000000000186a4 (100004)
groups : 0x00000000000186a2 (100002)
groups : 0x00000000000186a3 (100003)
+ groups : 0x000000000000fffd (65533)
info: struct auth_user_info
account_name : *
- account_name : 'nobody'
+ account_name : 'ANONYMOUS LOGON'
user_principal_name : NULL
user_principal_constructed: 0x00 (0)
domain_name : *
- domain_name : 'SAMBA-TEST'
+ domain_name : 'NT AUTHORITY'
dns_domain_name : NULL
- full_name : NULL
- logon_script : NULL
- profile_path : NULL
- home_directory : NULL
- home_drive : NULL
- logon_server : NULL
+ full_name : *
+ full_name : 'Anonymous Logon'
+ logon_script : *
+ logon_script : ''
+ profile_path : *
+ profile_path : ''
+ home_directory : *
+ home_directory : ''
+ home_drive : *
+ home_drive : ''
+ logon_server : *
+ logon_server : 'LOCALNT4DC2'
last_logon : NTTIME(0)
last_logoff : NTTIME(0)
acct_expiry : NTTIME(0)
last_password_change : NTTIME(0)
allow_password_change : NTTIME(0)
force_password_change : NTTIME(0)
logon_count : 0x0000 (0)
bad_password_count : 0x0000 (0)
- acct_flags : 0x00000000 (0)
+ acct_flags : 0x00000010 (16)
authenticated : 0x00 (0)
security_token: struct security_token
num_sids : 0x00000006 (6)
sids: ARRAY(6)
+ sids : S-1-5-7
+ sids : S-1-1-0
+ sids : S-1-5-2
sids : S-1-22-1-65533
sids : S-1-22-2-65534
sids : S-1-22-2-65533
- sids : S-1-1-0
- sids : S-1-5-2
- sids : S-1-5-32-546
privilege_mask : 0x0000000000000000 (0)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0ee9a550 by Stefan Metzmacher at 2018-03-15T20:54:17Z
s3:rpc_server: make use of make_session_info_anonymous()
For unauthenticated connections we should default to a
session info with an anonymous nt token.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
1957bf11 by Stefan Metzmacher at 2018-03-16T02:03:31Z
s3:auth: make use of make_{server,session}_info_anonymous()
It's important to have them separated from make_{server,session}_info_guest(),
because there's a fundamental difference between anonymous (the client requested
no authentication) and guest (the server lies about the authentication failure).
When it's really an anonymous connection, we should reflect that in the
resulting session info.
This should fix a problem where Windows 10 tries to join
a Samba hosted NT4 domain and has SMB2/3 enabled.
We no longer return SMB_SETUP_GUEST or SMB2_SESSION_FLAG_IS_GUEST
for true anonymous connections.
The commit message from a few commit before shows the resulting
auth_session_info change.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Mar 16 03:03:31 CET 2018 on sn-devel-144
- - - - -
98623129 by Anton Nefedov via samba-technical at 2018-03-16T02:04:58Z
s3:smbd: map nterror on smb2_flush errorpath
smbd_smb2_flush_recv() expects nterror in tevent_req, and otherwise
aborts in tevent_req_is_nterror()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13338
Signed-off-by: Anton Nefedov <anton.nefedov at virtuozzo.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
26e75cf6 by Ralph Boehme at 2018-03-16T06:48:37Z
s3: gse: use "gensec_gssapi:requested_life_time"
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Mar 16 07:48:37 CET 2018 on sn-devel-144
- - - - -
a27db0b6 by Björn Baumbach at 2018-03-16T08:46:16Z
ms_schema: fix python2.6 incompatibility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13337
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
03617480 by Andreas Schneider at 2018-03-16T13:46:43Z
wbinfo: Improve the wording for --online-status
Currently it displays if a domain is online or offline which is wrong.
It tells us if we maintain an active connection to the domain or not.
Users are confused if they read offline because the think winbind is not
functional with that domain.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Mar 16 14:46:43 CET 2018 on sn-devel-144
- - - - -
3056e24a by Stefan Metzmacher at 2018-03-16T13:47:37Z
test_smbclient_s3.sh: force LANG=C during test_utimes()
This makes the test independent from the developers environment.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
da39e74c by Stefan Metzmacher at 2018-03-16T18:47:15Z
libcli/security: fix some SID values in comments
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Mar 16 19:47:15 CET 2018 on sn-devel-144
- - - - -
ef091e2c by Jeremy Allison at 2018-03-16T22:07:09Z
s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
Not yet used, will be used to tidyup existing code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a3c925d8 by Jeremy Allison at 2018-03-16T22:07:09Z
s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
875ff257 by Jeremy Allison at 2018-03-16T22:07:09Z
s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
013aaffe by Ralph Boehme at 2018-03-16T22:07:09Z
selftest: run vfs.fruit_netatalk test against seperate share
These tests require a fs with xattr support. This allows adding
xattr_tdb to all other shares in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
49996ca9 by Ralph Boehme at 2018-03-16T22:07:09Z
selftest: vfs.fruit: add xattr_tdb where possible
This makes the tests indepent from fs xattr support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a6054c01 by Jeremy Allison at 2018-03-17T03:04:32Z
s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Mar 17 04:04:32 CET 2018 on sn-devel-144
- - - - -
689259be by Martin Schwenke at 2018-03-19T01:23:17Z
ctdb-ib: Drop a bit-rotted test example from the README
This hasn't worked as advertised for a long time.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0ee7b8a6 by Martin Schwenke at 2018-03-19T01:23:17Z
ctdb-scripts: Drop CTDB_PIDFILE configuration option
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
32fade2f by Martin Schwenke at 2018-03-19T01:23:17Z
ctdb-daemon: Drop ctdbd --pidfile option
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3df36781 by Martin Schwenke at 2018-03-19T01:23:17Z
ctdb-scripts: Drop CTDB_EVENT_SCRIPT_DIR configuration option
Event scripts live in a standard place.
For testing, CTDB_BASE is modified.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
aa961e88 by Martin Schwenke at 2018-03-19T01:23:17Z
ctdb-tests: Drop ctdbd --event-script-dir option
Event scripts live in a standard place.
For testing, CTDB_BASE is modified.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
70fb005d by Martin Schwenke at 2018-03-19T01:23:17Z
ctdb-tests: Use CTDB_SOCKET environment variable to specify socket
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b05dc0bb by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-daemon: Allow CTDB_SOCKET environment variable to be used
Use environment variables for test-only options.
Switch to using a local variable. This simplifies both the logic and
the ability to later drop the command-line option.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1f4fd308 by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-tests: Use environment variable for specifying socket
Use environment variables for test-only options. Don't put them in
the configuration file.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
de44df26 by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-tools: Drop a couple of unnecessary exports of CTDB_SOCKET
These were necessary because CTDB_SOCKET was not already exported via
test setup.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
81b57fa5 by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-scripts: Drop CTDB_SOCKET configuration option
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
49617116 by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-daemon: Drop ctdbd --socket option
Use environment variables for test-only options.
The setenv() can be dropped because the socket location is either the
compile-time default or the already set environment variable.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0045a7cf by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-tools: Move handling of CTDB_SOCKET to process_command()
options.socket will go away in future. This moves processing of
CTDB_SOCKET close to where it is used.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7e08c1d2 by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-tools: Drop ctdb --socket option
Use environment variables for test-only options.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bdfc8b7e by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-tests: Add some options to setup_ctdb()
These provide special-purpose setups for particular testcases.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
5615bdf7 by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb_tests: Reconfigure the cluster when restarting CTDB
The previous test might have made configuration changes, so call
setup_ctdb() to cause the configuration to be rewritten. This is only
really useful in local daemons tests.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4328f4a5 by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-tests: Update some tests to use setup_ctdb() options
Don't use environment variables for test-local configuration
variations.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e0ed9b30 by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-tests: Don't allow simple tests to use environment for config
This was a mistake.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1dcc0adf by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-daemon: Provide a default location for public addresses file
If the specified file or the default does not exist then log a
warning.
This is done in the takeover code to localise the handling of the
public addresses file. Soon the daemon command-line option will go
away and the takeover code will be replaced in the not too distant
future.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3d85488e by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-tests: Use default public addresses file in local daemon tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a0aa735d by Martin Schwenke at 2018-03-19T01:23:18Z
ctdb-tests: Use default public addresses file for event script tests
Just use the default location in event script tests.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a7571821 by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-scripts: Drop 10.external event script
This was added for a vendor who decided not to use it. It is almost
certainly unused by anyone. If anyone really needs it then it is in
the git history.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b6127a63 by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-tests: Allow tests access to CTDB_BASE
On the node where the tests are run, CTDB_BASE is always set. This
applies to local daemons too. However, when tests are being run
against a real cluster, there may be a need to access configuration
files. However, CTDB_BASE will not be set in this case.
So, provide a function to get CTDB_BASE, if set, or a real cluster
node's configuration directory, if CTDB_BASE is not set.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6ecddd4f by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-scripts: Drop CTDB_PUBLIC_ADDRESSES configuration option
This option adds a lot of unnecessary complexity to scripts.
Configuration should go in $CTDB_BASE, either directly or via a
symlink, so simplify by using the default location.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
346c28d0 by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-tests: Remove unused function get_ctdbd_command_line_option()
This was a bad idea.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
482ff4bd by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-daemon: Drop ctdbd --public-addresses option
Use the default location.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b1fcb0a1 by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-scripts: Drop CTDB_PUBLIC_INTERFACE configuration option
The interface must always be specified in the public addresses file.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f6d6f222 by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-daemon: Drop ctdbd --public-interface option
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
c8c944d6 by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-tests: Use default location for nodes file
Create the file and then copy it to CTDB_BASE for each node.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
16a93d76 by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-tools: Drop onnode CTDB_NODES_FILE environment variable
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d55e7d8a by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-tests: Drop an orphaned comment
The relevant code was removed long ago.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
10354438 by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-tests: Use setup_base() in tool unit tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
78248ada by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-tests: Improve setting of helper paths
Make use of variables provided by script_install_paths.sh instead of
reinventing the logic.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3a7c49df by Martin Schwenke at 2018-03-19T01:23:19Z
ctdb-tests: Put configuration, socket and PID file in CTDB_BASE
setup_ctdb_base() makes this a convenient temporary directory.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
480c586c by Martin Schwenke at 2018-03-19T01:23:20Z
ctdb-tests: Simplify nodes file handling in tool tests
Instead of using an intermediate environment variable for nodes files,
just create "node" or "nodes.<pnn>" in CTDB_BASE. This makes the
nodes file loading in fake_ctdb slightly repetitive but simplifies the
test scripts a lot. It also remove several instance of the CTDB_NODES
variable from the code base, so it is no longer found by "git grep".
Use an empty nodes file to indicate that fake_ctdbd should fail to
read it.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a1eac09d by Martin Schwenke at 2018-03-19T01:23:20Z
ctdb-tools: Drop testing hook from ctdb tool
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6cf861a5 by Martin Schwenke at 2018-03-19T01:23:20Z
ctdb-scripts: Drop CTDB_NODES configuration option
Tests now deviate from the compile-time default by setting CTDB_BASE.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
dedc9eab by Martin Schwenke at 2018-03-19T01:23:20Z
ctdb-tools: No longer honour CTDB_NODES environment variable
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
db7e4aa3 by Martin Schwenke at 2018-03-19T01:23:20Z
ctdb-daemon: Drop ctdbd --nlist option
Tests now deviate from the compile-time default by setting CTDB_BASE.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
85a43757 by Martin Schwenke at 2018-03-19T01:23:20Z
ctdb-tests: Use onnode to start/stop local daemons
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ebd25890 by Martin Schwenke at 2018-03-19T01:23:20Z
ctdb-tests: Use CTDB_BASE instead of node_dir
Simple test configuration is all relative to CTDB_BASE and node_dir is
redundant. Make this explicit by dropping most uses of node_dir.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1d7f86a8 by Martin Schwenke at 2018-03-19T01:23:20Z
ctdb-tests: Construct values for CTDB_BASES by hand
setup_ctdb_base() and node_dir() duplicate the construction of
CTDB_BASE. Drop the use of node_dir() and construct the values for
CTDB_BASES by hand.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
02a942ea by Martin Schwenke at 2018-03-19T01:23:20Z
ctdb-tests: Drop unused functions
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3451a036 by Martin Schwenke at 2018-03-19T06:32:22Z
ctdb-scripts: Drop CTDBD_CONF internal test variable
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Mon Mar 19 07:32:22 CET 2018 on sn-devel-144
- - - - -
8e605058 by Andrej Gessel at 2018-03-19T06:33:44Z
bugfix memory leak. partition_dn is only used to search and compare and is not freed at the function end.
Signed-off-by: Andrej Gessel <Andrej.Gessel at janztec.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
7ab4ceff by Matt Selsky at 2018-03-19T06:33:44Z
auth/kerberos: Fix typo in error message regarding fetching PAC using Heimdal
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13311
Signed-off-by: Matt Selsky <matthew.selsky at twosigma.com>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f092ac5b by Jonathan Hunter at 2018-03-19T11:39:12Z
Update help text for dbcheck
Update the help text for dbcheck, to make its behaviour clear (in
particular with reference to the difference between specifying "--yes"
on the command line, and answering "yes"/"all" to each individual
question)
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Mar 19 12:39:12 CET 2018 on sn-devel-144
- - - - -
3e8c5090 by Simo Sorce at 2018-03-19T14:34:32Z
Use "localhost" to be ipv6 only friendly
Signed-off-by: Simo Sorce <idra at samba.org>
- - - - -
01319b6e by Simo Sorce at 2018-03-19T14:34:32Z
Revert "Use "localhost" to be ipv6 only friendly"
This reverts commit 54548f6dde3cf74f0e90ef577a55fd720dca6d93.
- - - - -
f5e3b1e9 by Simo Sorce at 2018-03-19T19:29:28Z
Remove dead code
Signed-off-by: Simo Sorce <idra at samba.org>
Autobuild-User(master): Simo Sorce <idra at samba.org>
Autobuild-Date(master): Mon Mar 19 20:29:28 CET 2018 on sn-devel-144
- - - - -
c2480b96 by Stefan Metzmacher at 2018-03-19T19:30:49Z
s3:auth: rename "guest" methods to "anonymous"
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c5874b9b by Stefan Metzmacher at 2018-03-19T19:30:49Z
s3:passdb: add create_builtin_guests()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6c8cf7b6 by Stefan Metzmacher at 2018-03-19T19:30:49Z
s3:libnet_join: make use of create_builtin_guests()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0b261dc4 by Stefan Metzmacher at 2018-03-19T19:30:49Z
s3:auth: make use of create_builtin_guests() in finalize_local_nt_token()
This makes the Builtin_Guests handling more dynamic,
by having a persistent storage for the memberships.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a0c091eb by Stefan Metzmacher at 2018-03-19T19:30:49Z
s3:auth: support AUTH_SESSION_INFO_NTLM in finalize_local_nt_token()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
2f1ba314 by Stefan Metzmacher at 2018-03-19T19:30:49Z
drsuapi.idl: add DN/fpo-enabled attributes as DRSUAPI_ATTID_* values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c406ecce by Stefan Metzmacher at 2018-03-19T19:30:49Z
dsdb:extended_dn_store: ignore DRSUAPI_ATTID_distinguishedName attributes
We have several tests which already test that, we can avoid doing
searches at all in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
be52754b by Stefan Metzmacher at 2018-03-19T19:30:50Z
dsdb:extended_dn_store: we need to pass down our altered request down on NO_SUCH_OBJECT
It's quite likely that there're more than one attribute and we may
already altered values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
551f54e0 by Stefan Metzmacher at 2018-03-19T19:30:50Z
dsdb:extended_dn_store: pass the full 'struct dsdb_attribute' to extended_store_replace()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
18d98022 by Stefan Metzmacher at 2018-03-19T19:30:50Z
dsdb:extended_dn_store: We need to ignore self references on add operation
We have several schema related tests, which already prove
that for the defaultObjectCategory attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
18f40cef by Stefan Metzmacher at 2018-03-19T19:30:50Z
dsdb:extended_dn_store: rename extended_replace_dn to extended_replace_callback
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
21b17e75 by Stefan Metzmacher at 2018-03-19T19:30:50Z
dsdb:extended_dn_store: split out a extended_replace_dn() function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
b040d328 by Stefan Metzmacher at 2018-03-19T19:30:50Z
tests/dsdb.py: prove the difference between linked and non-linked DN references
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
3f357ad8 by Stefan Metzmacher at 2018-03-19T19:30:50Z
dsdb:extended_dn_store: make sure reject storing references to deleted objects in linked attributes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13307
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
470044be by Stefan Metzmacher at 2018-03-19T19:30:50Z
provision: use the provision control when adding foreignSecurityPrincipals
The next commits will require this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
856504ca by Stefan Metzmacher at 2018-03-19T19:30:50Z
tests/dsdb.py: verify that foreignSecurityPrincipal objects require the provision control
Windows rejects creating foreignSecurityPrincipal objects directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a0813b2a by Stefan Metzmacher at 2018-03-19T19:30:50Z
dsdb:samldb: require as_system or provision control to create foreignSecurityPrincipal objects
Windows rejects creating foreignSecurityPrincipal objects directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
799c9d1c by Stefan Metzmacher at 2018-03-19T19:30:50Z
tests/dsdb.py: test creation of foreignSecurityPrincipal via 'attr: <SID=...>'
[MS-ADTS] 3.1.1.5.2.3 Special Classes and Attributes claims:
FPO-enabled attributes:
member, msDS-MembersForAzRole, msDS-NeverRevealGroup,
msDS-NonMembers, msDS-RevealOnDemandGroup, msDS-ServiceAccount.
'msDS-NonMembers' always generates NOT_SUPPORTED.
'msDS-ServiceAccount' is not defined in any schema
(only msDS-HostServiceAccount).
'msDS-HostServiceAccount' is not an FPO-enabled attribute
and behaves as the 'manager' attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
fb03f9a1 by Stefan Metzmacher at 2018-03-19T19:30:51Z
dsdb:extended_dn_store: add support for FPO (foreignSecurityPrincipal) enabled attributes
This implements the handling for FPO-enabled attributes, see
[MS-ADTS] 3.1.1.5.2.3 Special Classes and Attributes:
FPO-enabled attributes: member, msDS-MembersForAzRole,
msDS-NeverRevealGroup, msDS-NonMembers, msDS-RevealOnDemandGroup,
msDS-ServiceAccount.
Note there's no msDS-ServiceAccount in any schema (only
msDS-HostServiceAccount and that's not an FPO-enabled attribute
at least not in W2008R2)
msDS-NonMembers always generates NOT_SUPPORTED against W2008R2.
See also [MS-SAMR] 3.1.1.8.9 member.
We now create foreignSeurityPrincipal objects on the fly (as needed).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a70c929e by Stefan Metzmacher at 2018-03-19T19:30:51Z
dsdb:repl_meta_data: improve error message in get_parsed_dns()
We may have a dn in '<SID=...>' form and ldb_dn_get_linearized()
just gives in empty string.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6415d6fc by Stefan Metzmacher at 2018-03-19T19:30:51Z
selftest/Samba4: use DOMAIN/REALM from the dcvars instead of using hardcoded values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
94bbcb0e by Stefan Metzmacher at 2018-03-19T19:30:51Z
selftest: generate a ramdon domain sid during provision and export as SAMSID/[TRUST_]DOMSID
This will be useful for future tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6a0fe7b0 by Stefan Metzmacher at 2018-03-19T19:30:51Z
samba-tool: allow sid strings for 'group {add,remove}members'
This makes it possible to add foreign SIDS as group members.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
7b3a9880 by Stefan Metzmacher at 2018-03-19T19:30:51Z
selftest/Samba4: create add ${TRUST_DOMSID}-513 to a local group
This will allow testing expanding groups on the trust boundary.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
b4dadcfb by Stefan Metzmacher at 2018-03-19T19:30:51Z
testprogs/blackbox: add test_trust_token.sh
This demonstrates, which SID we expect in a token of
an user of a trusted domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
ef447434 by Stefan Metzmacher at 2018-03-19T19:30:51Z
s4:selftest: run samba4.blackbox.trust_token against fl2003dc and fl2008r2dc
This fails currently as we don't expand groups on the trust boundary.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
d6ee0651 by Stefan Metzmacher at 2018-03-19T19:30:51Z
s4:auth: split out a authsam_domain_group_filter() function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
4565ac59 by Stefan Metzmacher at 2018-03-19T19:30:51Z
s4:auth: add authsam_update_user_info_dc() that implements SID expanding for the local domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
fd7c9182 by Stefan Metzmacher at 2018-03-19T19:30:51Z
s4:auth_winbind: only call authsam_logon_success_accounting() for local users
There's no need to do a crack_name_to_nt4_name(), as the authentication
already provides the nt4 domain and account names.
This should only happen on an RODC, that we use the winbind auth module
for local users. So we should make sure we only try to reset
the badPwdCount for users of our own domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0f9a09bd by Stefan Metzmacher at 2018-03-19T19:30:51Z
s4:auth_winbind: make sure we expand group memberships of the local domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
396fd8f4 by Stefan Metzmacher at 2018-03-19T19:30:52Z
s4:kdc: remember is_krbtgt, is_rodc and is_trust samba_kdc_entry
This can later be used for sid filtering and similar things.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a5f803e9 by Stefan Metzmacher at 2018-03-19T19:30:52Z
s4:kdc: pass krbtgt and server to samba_kdc_update_pac_blob()
This will be used for SID expanding and filtering.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
63de04c0 by Stefan Metzmacher at 2018-03-19T19:30:52Z
s4:kdc: make sure we expand group memberships of the local domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
1f1e221a by Stefan Metzmacher at 2018-03-19T19:30:52Z
s3:libsmb/samlogon_cache: zero session keys before storing the info3 structure
The samlogon_cache is only used to get group memberships of the account
without asking the dc.
But for authentication we always ask the dc.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
8a1c930e by Stefan Metzmacher at 2018-03-19T19:30:52Z
libcli/security: add dom_sid_is_valid_account_domain()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c9c6fa45 by Stefan Metzmacher at 2018-03-19T19:30:52Z
s4:rpc_server/lsa: make use of dom_sid_is_valid_account_domain()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
9bbabf62 by Stefan Metzmacher at 2018-03-20T00:29:40Z
pdb_samba_dsdb: make use of dom_sid_is_valid_account_domain()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Mar 20 01:29:40 CET 2018 on sn-devel-144
- - - - -
618c714b by Noel Power at 2018-03-20T15:07:05Z
lib:replace: Fix linking when libtirpc-devel overwrites system headers
Some systems (like SUSE currently) install the new tirpc headers by
overwritting the existing system location used by gcc. This patch will
detect if the headers in the system location belong to tirpc or not.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13341
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Mar 20 16:07:05 CET 2018 on sn-devel-144
- - - - -
ebc21376 by Stefan Metzmacher at 2018-03-20T20:28:29Z
s3:torture: add SMB2-ANONYMOUS which asserts no GUEST bit for anonymous
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 82d8aa3b9cb15512d29a97b5a7e55ea1a052734f)
- - - - -
8227b0a6 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:selftest: run SMB2-ANONYMOUS
This fails against a non AD DC smbd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit bf707a1eba39e996bb19457b63ddb658cc4183c2)
- - - - -
abffcb81 by Ralph Boehme at 2018-03-20T20:28:30Z
libcli/security: only announce a session as GUEST if 'Builtin\Guests' is there without 'Authenticated User'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit f564847c8e9d31fe07dd3cbf435986b36f097fa3)
- - - - -
a67e3d00 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: remove unused auth_serversupplied_info->system
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 28ad1306b880a44824ee956a19656ac29581a1b9)
- - - - -
88c8499c by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: add the "Unix Groups" sid for the primary gid
The primary gid might not be in the gid array.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit f3ca3e71cc35876df47e31ec9c3643308add2405)
- - - - -
253f0d18 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: move add_local_groups() out of finalize_local_nt_token()
finalize_local_nt_token() will be used in another place,
were we don't want to add local groups in a following commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit df3d278853ec097df27c221369dfb3ed0297d6c8)
- - - - -
03b4684e by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:passdb: handle dom_sid=NULL in create_builtin_{users,administrators}()
We should not crash if we're called with NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit efdc617c76d9043286e33b961f45ad4564232102)
- - - - -
8557994f by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: only call secrets_fetch_domain_sid() once in finalize_local_nt_token()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit c2ffbf9f764a94ef1dc1280741884cf63a017308)
- - - - -
2c148eb8 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: add add_builtin_guests() handling to finalize_local_nt_token()
We should add Builtin_Guests depending on the current token
not based on 'is_guest'. Even authenticated users can be member
a guest related group and therefore get Builtin_Guests.
Sadly we still need to use 'is_guest' within create_local_nt_token()
as we only have S-1-22-* SIDs there and still need to
add Builtin_Guests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit e8dc55d2b969b670322a913799d1af459a1000e7)
- - - - -
3adb292f by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: don't try to expand system or anonymous tokens in finalize_local_nt_token()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 4f81ef9353ad76390aa910c8c17456fec21916c6)
- - - - -
aee33186 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: pass AUTH_SESSION_INFO_* flags to finalize_local_nt_token()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit d3aae5ba65c7ed0d5e9f8389101cf1c8c1f0a25b)
- - - - -
05fad286 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: remove static from finalize_local_nt_token()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 7f47f9e1f220d2dd547cf77bbc292357a2173870)
- - - - -
df9ae9d7 by Stefan Metzmacher at 2018-03-20T20:28:30Z
auth: add auth_user_info_copy() function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 6ff891195855403bc485725aef8d43d4e3cabacb)
- - - - -
59cf56ee by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: add auth3_user_info_dc_add_hints() and auth3_session_info_create()
These functions make it possible to construct a full auth_session_info
from the information available from an auth_user_info_dc structure.
This has all the logic from create_local_token() that is used
to transform a auth_serversupplied_info to a full auth_session_info.
In order to workarround the restriction that auth_user_info_dc
doesn't contain hints for the unix token/name, we use
the special S-1-5-88 (Unix_NFS) sids:
- S-1-5-88-1-Y gives the uid=Y
- S-1-5-88-2-Y gives the gid=Y
- S-1-5-88-3-Y gives flags=Y AUTH3_UNIX_HINT_*
The currently implemented flags are:
- AUTH3_UNIX_HINT_QUALIFIED_NAME
unix_name = DOMAIN+ACCOUNT
- AUTH3_UNIX_HINT_ISLOLATED_NAME
unix_name = ACCOUNT
- AUTH3_UNIX_HINT_DONT_TRANSLATE_FROM_SIDS
Don't translate the nt token SIDS into uid/gids
using sid mapping.
- AUTH3_UNIX_HINT_DONT_TRANSLATE_TO_SIDS
Don't translate the unix token uid/gids to S-1-22-X-Y SIDS
- AUTH3_UNIX_HINT_DONT_EXPAND_UNIX_GROUPS
The unix token won't get expanded gid values
from getgroups_unix_user()
By using the hints it is possible to keep the current logic
where an authentication backend provides uid/gid values and
the unix name.
Note the S-1-5-88-* SIDS never appear in the final security_token.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit af4bc135e486e17164da0ea918281fbf689892c3)
- - - - -
e811adb1 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: base make_new_session_info_system() on auth_system_user_info_dc() and auth3_create_session_info()
The changes in the resulting token look like this:
unix_token : *
unix_token: struct security_unix_token
uid : 0x0000000000000000 (0)
gid : 0x0000000000000000 (0)
- ngroups : 0x00000000 (0)
- groups: ARRAY(0)
+ ngroups : 0x00000001 (1)
+ groups: ARRAY(1)
+ groups : 0x0000000000000000 (0)
...
domain_name : *
domain_name : 'NT AUTHORITY'
dns_domain_name : NULL
- full_name : NULL
- logon_script : NULL
- profile_path : NULL
- home_directory : NULL
- home_drive : NULL
- logon_server : NULL
+ full_name : *
+ full_name : 'System'
+ logon_script : *
+ logon_script : ''
+ profile_path : *
+ profile_path : ''
+ home_directory : *
+ home_directory : ''
+ home_drive : *
+ home_drive : ''
+ logon_server : *
+ logon_server : 'SLOWSERVER'
last_logon : NTTIME(0)
last_logoff : NTTIME(0)
acct_expiry : NTTIME(0)
last_password_change : NTTIME(0)
allow_password_change : NTTIME(0)
force_password_change : NTTIME(0)
logon_count : 0x0000 (0)
bad_password_count : 0x0000 (0)
- acct_flags : 0x00000000 (0)
+ acct_flags : 0x00000010 (16)
authenticated : 0x01 (1)
unix_info : *
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit e8402ec0486ced6ac2adb640c61a9e5abc77d4e4)
- - - - -
07091cd7 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: pass the whole auth_session_info from copy_session_info_serverinfo_guest() to create_local_token()
We only need to adjust sanitized_username in order to keep the same behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit a2a289d0446fedb4ea40834b5b5b190fdca30906)
- - - - -
a6ecafa7 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:auth: add make_{server,session}_info_anonymous()
It's important to have them separated from make_{server,session}_info_guest(),
because there's a fundamental difference between anonymous (the client requested
no authentication) and guest (the server lies about the authentication failure).
The following is the difference between guest and anonymous token:
security_token: struct security_token
- num_sids : 0x0000000a (10)
- sids: ARRAY(10)
- sids : S-1-5-21-3793881525-3372187982-3724979742-501
- sids : S-1-5-21-3793881525-3372187982-3724979742-514
- sids : S-1-22-2-65534
- sids : S-1-22-2-65533
+ num_sids : 0x00000009 (9)
+ sids: ARRAY(9)
+ sids : S-1-5-7
sids : S-1-1-0
sids : S-1-5-2
- sids : S-1-5-32-546
sids : S-1-22-1-65533
+ sids : S-1-22-2-65534
+ sids : S-1-22-2-100004
sids : S-1-22-2-100002
sids : S-1-22-2-100003
+ sids : S-1-22-2-65533
privilege_mask : 0x0000000000000000 (0)
...
unix_token : *
unix_token: struct security_unix_token
uid : 0x000000000000fffd (65533)
gid : 0x000000000000fffe (65534)
- ngroups : 0x00000004 (4)
- groups: ARRAY(4)
+ ngroups : 0x00000005 (5)
+ groups: ARRAY(5)
groups : 0x000000000000fffe (65534)
- groups : 0x000000000000fffd (65533)
+ groups : 0x00000000000186a4 (100004)
groups : 0x00000000000186a2 (100002)
groups : 0x00000000000186a3 (100003)
+ groups : 0x000000000000fffd (65533)
info: struct auth_user_info
account_name : *
- account_name : 'nobody'
+ account_name : 'ANONYMOUS LOGON'
user_principal_name : NULL
user_principal_constructed: 0x00 (0)
domain_name : *
- domain_name : 'SAMBA-TEST'
+ domain_name : 'NT AUTHORITY'
dns_domain_name : NULL
- full_name : NULL
- logon_script : NULL
- profile_path : NULL
- home_directory : NULL
- home_drive : NULL
- logon_server : NULL
+ full_name : *
+ full_name : 'Anonymous Logon'
+ logon_script : *
+ logon_script : ''
+ profile_path : *
+ profile_path : ''
+ home_directory : *
+ home_directory : ''
+ home_drive : *
+ home_drive : ''
+ logon_server : *
+ logon_server : 'LOCALNT4DC2'
last_logon : NTTIME(0)
last_logoff : NTTIME(0)
acct_expiry : NTTIME(0)
last_password_change : NTTIME(0)
allow_password_change : NTTIME(0)
force_password_change : NTTIME(0)
logon_count : 0x0000 (0)
bad_password_count : 0x0000 (0)
- acct_flags : 0x00000000 (0)
+ acct_flags : 0x00000010 (16)
authenticated : 0x00 (0)
security_token: struct security_token
num_sids : 0x00000006 (6)
sids: ARRAY(6)
+ sids : S-1-5-7
+ sids : S-1-1-0
+ sids : S-1-5-2
sids : S-1-22-1-65533
sids : S-1-22-2-65534
sids : S-1-22-2-65533
- sids : S-1-1-0
- sids : S-1-5-2
- sids : S-1-5-32-546
privilege_mask : 0x0000000000000000 (0)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(similar to commit 6afb6b67a198c88ab8fa3fee931729c43605716d)
- - - - -
f9d850d3 by Stefan Metzmacher at 2018-03-20T20:28:30Z
s3:rpc_server: make use of make_session_info_anonymous()
For unauthenticated connections we should default to a
session info with an anonymous nt token.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 0ee9a550944034718ea188b277cca4b6fc5fbc5c)
- - - - -
62c3a7a6 by Swen Schillig at 2018-03-20T22:16:14Z
s3: Fix possible mem leak
The call to full_path_tos() might allocate memory which needs to be free'd
once processign is done.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
72979d1d by Andreas Schneider at 2018-03-20T22:16:14Z
heimdal: Fix size types
This fixes compilation with -Wstrict-overflow=2
Upstream pull request:
https://github.com/heimdal/heimdal/pull/354
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
717976ac by Andreas Schneider at 2018-03-20T22:16:14Z
s4:ntvfs: Fix size type in pvfs functions
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bbbe675a by Andreas Schneider at 2018-03-20T22:16:14Z
s3:libads: Fix size types in kerberos functions
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
19e62155 by Andreas Schneider at 2018-03-20T22:16:15Z
s4:dns_server: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1bd4a0cf by Andreas Schneider at 2018-03-20T22:16:15Z
s4:rpc_server: Fix size types in dcerpc dnsserver
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
84388978 by Andreas Schneider at 2018-03-20T22:16:15Z
s4:ldap_server: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
939b4723 by Andreas Schneider at 2018-03-20T22:16:15Z
s4:cldap_server: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c63ed7b6 by Andreas Schneider at 2018-03-20T22:16:15Z
libcli:smb: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
87ebb195 by Andreas Schneider at 2018-03-20T22:16:15Z
s3:param: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b709b10e by Andreas Schneider at 2018-03-20T22:16:15Z
s4:utils: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a877018e by Andreas Schneider at 2018-03-20T22:16:15Z
s4:rpc_server: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
74fbc8ed by Andreas Schneider at 2018-03-20T22:16:15Z
s4:torture: Fix size types in qsinfo test
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
13540613 by Andreas Schneider at 2018-03-20T22:16:15Z
s4:torture: Fix size types in qfileinfo test
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d5a8c49c by Andreas Schneider at 2018-03-20T22:16:15Z
s3:torture: Fix size types in spoolss test
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ba3e21ce by Andreas Schneider at 2018-03-20T22:16:15Z
s3:libsmb: Fix size types in nmblib
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f5fd615c by Andreas Schneider at 2018-03-20T22:16:15Z
s4:torture: Fix size types in nss tests
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
4630e063 by Andreas Schneider at 2018-03-20T22:16:15Z
s4:client: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
75c28a26 by Andreas Schneider at 2018-03-20T22:16:15Z
s3:client: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
eb0bdefd by Andreas Schneider at 2018-03-20T22:16:15Z
s3:avahi: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
206bbec4 by Andreas Schneider at 2018-03-20T22:16:15Z
s3:printing: Fix size type in printing_db
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8a108f62 by Andreas Schneider at 2018-03-20T22:16:15Z
s3:winbindd: Fix size types in idmap_tdb_common
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b19a8102 by Andreas Schneider at 2018-03-20T22:16:16Z
s3:vfs_nettalk: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c2e9fb63 by Andreas Schneider at 2018-03-20T22:16:16Z
s3:rpc_server: Fix size types in srvsvc
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
dfb69482 by Andreas Schneider at 2018-03-20T22:16:16Z
s3:utils: Fix size type in log2pcaphex
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c6b5297b by Andreas Schneider at 2018-03-20T22:16:16Z
s3:nmbd: Fix size type in nmbd_browsesync.c
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
59b68947 by Andreas Schneider at 2018-03-20T22:16:16Z
s3:modules: Fix size type in getdate
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
db31156d by Andreas Schneider at 2018-03-20T22:16:16Z
s3:passdb: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e3483f95 by Andreas Schneider at 2018-03-20T22:16:16Z
s3:rpc_server: Fix size types in spoolss
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d0c88243 by Andreas Schneider at 2018-03-20T22:16:16Z
s3:rpcclient: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
dcd0a7f7 by Andreas Schneider at 2018-03-20T22:16:16Z
ldb: Fix size types in ldb_ldif functions
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
da68a1b2 by Andreas Schneider at 2018-03-20T22:16:16Z
lib:socket: Return early if we have only one interface
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f866844f by Andreas Schneider at 2018-03-20T22:16:16Z
s4:dsdb: Fix integer operations
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3a383038 by Andreas Schneider at 2018-03-20T22:16:16Z
s3:nmbd: Fix possible integer overflow
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9f6de82e by Andreas Schneider at 2018-03-20T22:16:16Z
s3:locking: Fix integer overflow check in posix_lock_in_range()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0f7a86c4 by Andreas Schneider at 2018-03-20T22:16:16Z
s3:vfs_preopen: Change to a do-while loop and fix the check
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cbbb6ef5 by Stefan Metzmacher at 2018-03-21T01:29:57Z
s3:auth: make use of make_{server,session}_info_anonymous()
It's important to have them separated from make_{server,session}_info_guest(),
because there's a fundamental difference between anonymous (the client requested
no authentication) and guest (the server lies about the authentication failure).
When it's really an anonymous connection, we should reflect that in the
resulting session info.
This should fix a problem where Windows 10 tries to join
a Samba hosted NT4 domain and has SMB2/3 enabled.
We no longer return SMB_SETUP_GUEST or SMB2_SESSION_FLAG_IS_GUEST
for true anonymous connections.
The commit message from a few commit before shows the resulting
auth_session_info change.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Mar 16 03:03:31 CET 2018 on sn-devel-144
(cherry picked from commit 1957bf11f127fc08c6622999cadc7dd580ac7d3b)
Autobuild-User(v4-8-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-8-test): Wed Mar 21 02:29:57 CET 2018 on sn-devel-144
- - - - -
e9d42e56 by Andreas Schneider at 2018-03-21T03:25:39Z
s3:registry: Fix size types and length calculations
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Mar 21 04:25:39 CET 2018 on sn-devel-144
- - - - -
245e1793 by Garming Sam at 2018-03-21T03:36:21Z
join.py: Add missing NTSTATUSError import
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
32a54319 by Garming Sam at 2018-03-21T03:36:21Z
kcc_utils: Add a routine for automatic site coverage
This allows double-coverage if two links exist with the same cost.
Administrators should only connect an DC-less site via a single site
link.
This also allows unnecessary coverage by all sites in the adjoining site
link (to be resolved in the later patches).
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
96340e1a by Garming Sam at 2018-03-21T03:36:22Z
kcc_utils: Keep a count of the DCs in each site
This is useful for ranking which sites are preferable within the same
site link.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f342d7e0 by Garming Sam at 2018-03-21T03:36:22Z
kcc_utils: Prevent multiple sites attached to a sitelink covering a site
This avoids trivial duplicates in a similar manner as mentioned in:
https://blogs.technet.microsoft.com/askds/2011/04/29/sites-sites-everywhere/
It prefers the largest sites then the earliest alphabetically, so that
only a single site ever covers an uncovered site (within a site link).
Note that this isn't applicable over multiple site links (like Windows
presumably) and is only a simple mechanism to avoid excessive
registering. DCs within the site will also still register for each.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ecf503ce by Garming Sam at 2018-03-21T03:36:22Z
kcc_utils: Use lower name in automatic sites covered
This allows easier testing, as well as some consistency in the DNS
record creation.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b71f897b by Garming Sam at 2018-03-21T03:36:22Z
tests/kcc_util: Add unit tests for automatic site coverage
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
79b640f8 by Garming Sam at 2018-03-21T03:36:22Z
tests/samba_dnsupdate: Add a trivial test of automatic site coverage
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
2b87bf8c by Garming Sam at 2018-03-21T03:36:22Z
samba_dnsupdate: Introduce automatic site coverage
This uses the underlying function in kcc_utils.py which already has
tests.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
bddf66c4 by Douglas Bagnall at 2018-03-21T03:36:22Z
samba-tool ldapcmp: remove duplicate takes_optiongroups attribute
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9312a1cd by Björn Baumbach at 2018-03-21T08:25:51Z
samba-tool visualize: fix python2.6 incompatibility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13337
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Wed Mar 21 09:25:51 CET 2018 on sn-devel-144
- - - - -
5c909ea4 by Jeremy Allison at 2018-03-21T12:11:14Z
s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4a7eaf90 by Andreas Schneider at 2018-03-21T12:11:14Z
talloc: Fix size type and checks in _vasprintf_tc
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
41b6810b by Stefan Metzmacher at 2018-03-21T12:11:14Z
talloc: use a library destructor instead of atexit() if available
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7587
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
80f9ec01 by Stefan Metzmacher at 2018-03-21T17:39:33Z
talloc: version 2.1.12
* Fix documentation typo
* Fix compilation with -Wstrict-overflow=2
* Use a library destructor instead of atexit() if available
(bug #7587)
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Mar 21 18:39:33 CET 2018 on sn-devel-144
- - - - -
5e62c1cb by Andreas Schneider at 2018-03-21T19:43:19Z
s3:printing: Fix size check in get_file_version()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
e64738b6 by Andreas Schneider at 2018-03-21T19:43:19Z
s3:lib: Fix size types in ms_fnmatch()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b70bb81a by Andreas Schneider at 2018-03-21T19:43:19Z
s3:lib: Fix size types in tldap_find_first_star()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e0cf35ae by Andreas Schneider at 2018-03-22T00:54:08Z
lib:param: Fix the size type in lp_do_parameter_parametric()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Mar 22 01:54:08 CET 2018 on sn-devel-144
- - - - -
8dabcf89 by Jeremy Allison at 2018-03-22T01:15:13Z
s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it.
Will allow easier smb2-specific debugging.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
- - - - -
cdde6d93 by Jeremy Allison at 2018-03-22T01:15:13Z
lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
- - - - -
ad973fdd by Jeremy Allison at 2018-03-22T01:15:13Z
s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
- - - - -
fc922bd2 by Jeremy Allison at 2018-03-22T01:15:13Z
s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
- - - - -
ac33b565 by Volker Lendecke at 2018-03-22T01:15:13Z
tdbdump: Avoid an int cast
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
df2a0363 by Volker Lendecke at 2018-03-22T01:15:14Z
tdb: Harden tdb_rec_read
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2c94093a by Volker Lendecke at 2018-03-22T01:15:14Z
tdb: Handle TDB_NEXT_LOCK_ERR in tdb_traverse_internal
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1b0fbdaf by Volker Lendecke at 2018-03-22T01:15:14Z
Harden tdb_check_used_record against overflow
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5f24fd68 by Volker Lendecke at 2018-03-22T01:15:14Z
tdb: Make sure the hash size fits
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6f45cbf4 by Volker Lendecke at 2018-03-22T01:15:14Z
tdb: Harden allocating the tdb recovery area
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2adbb1f7 by Volker Lendecke at 2018-03-22T01:15:14Z
tdb: Align a few integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7964b364 by Volker Lendecke at 2018-03-22T06:21:44Z
tdb: Fix a "increases alignment" warning
Many of those warnings are difficult to fix, but this one was easy :-)
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Mar 22 07:21:44 CET 2018 on sn-devel-144
- - - - -
d9505567 by Andrew Bartlett at 2018-03-22T07:00:25Z
autobuild: Move defaulttasks to one-per-line
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
87dac629 by Andrew Bartlett at 2018-03-22T07:00:25Z
travis-ci: Only un-shallow for PIDL
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c32fa9bb by Andrew Bartlett at 2018-03-22T07:00:25Z
travis-ci: Use Gold linker for faster builds
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0879be97 by Andrew Bartlett at 2018-03-22T07:00:25Z
libsmb: Use the same #ifdef for is_our_primary_domain() as the only caller
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
ef35fbfc by Andrew Bartlett at 2018-03-22T07:00:25Z
s3-libnet: move rpc_join label into HAVE_ADS block with only caller
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
3966342a by Jamie McClymont at 2018-03-22T07:00:25Z
selftest: Clear environment before provision
Currently, if an environment is being provisioned after a test which used
ad_member_rfc2307, the provisioning process has all of the following in its
environment:
{
'DC_NETBIOSNAME' => 'LOCALDC',
'DC_PASSWORD' => 'locDCpass1',
'DC_SERVER_IP' => '127.0.0.21',
'DC_SERVER_IPV6' => 'fd00:0000:0000:0000:0000:0000:5357:5f15',
'DC_SERVER' => 'localdc',
'DC_USERNAME' => 'Administrator',
'DOMAIN' => 'SAMBADOMAIN',
'LOCAL_PATH' => '/.../st/ad_member_rfc2307/share',
'LOCK_DIR' => '/.../st/ad_member_rfc2307/lockdir',
'NETBIOSNAME' => 'RFC2307MEMBER',
'NMBD_SOCKET_DIR' => '/.../st/ad_member_rfc2307/nmbd',
'NSS_WRAPPER_GROUP' => '/.../st/ad_member_rfc2307/private/group',
'NSS_WRAPPER_HOSTNAME' => 'rfc2307member.samba.example.com',
'NSS_WRAPPER_HOSTS' => '/.../st/hosts',
'NSS_WRAPPER_MODULE_FN_PREFIX' => 'winbind',
'NSS_WRAPPER_MODULE_SO_PATH' => '/.../bin/default/nsswitch/libnss-wrapper-winbind.so',
'NSS_WRAPPER_PASSWD' => '/.../st/ad_member_rfc2307/private/passwd',
'PASSWORD' => 'loCalMemberPass',
'REALM' => 'SAMBA.EXAMPLE.COM',
'RESOLV_WRAPPER_HOSTS' => '/.../st/dns_host_file',
'SELFTEST_WINBINDD_SOCKET_DIR' => '/.../st/ad_member_rfc2307/winbindd',
'SERVER_IP' => '127.0.0.34',
'SERVER_IPV6' => 'fd00:0000:0000:0000:0000:0000:5357:5f22',
'SERVER' => 'RFC2307MEMBER',
'USERID' => '55668',
'USERNAME' => 'jamiemcclymont',
}
Unsurprisingly, some of these can cause issues for the provisioning process, if
a reduced subset of tests is being run which causes the provision to encounter
never-before-seen pairs of adjacent environments.
For example, a run with only
TESTS='--include-env=vampire_dc --include-env=ad_member_rfc2307'
would fail to start up the vampire_dc with:
Could not find machine account in secrets database:
Failed to fetch machine account password from secrets.ldb:
Could not find entry to match filter:
'(&(flatname=SAMBADOMAIN)(objectclass=primaryDomain))' base: 'cn=Primary Domains': No such object: dsdb_search at ../source4/dsdb/common/util.c:4641
Signed-off-by: Jamie McClymont <jamiemcclymont at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
ba805dcd by Jamie McClymont at 2018-03-22T07:00:25Z
s4:selftest: explicitly set NSS/RESOLV_WAPPER_* in wait_for_start
These variables were previously set directly on the selftest process
for the purpose of making this ldbsearch call, allowing them to leak
into other environments.
Signed-off-by: Jamie McClymont <jamiemcclymont at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
dd1f8cdf by Jamie McClymont at 2018-03-22T12:26:44Z
selftest: consistently produce high-res UTC time
Currently some subunit reporters throughout the codebase provide low-res time,
meaning timestamps jump back and forth in the subunit file. Also, some subunit
reporters produce UTC timestamps while others produce local time. UTC was chosen
as the standard for this commit since all of the timestamps end with a Z (= Zulu
= UTC).
Signed-off-by: Jamie McClymont <jamiemcclymont at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Mar 22 13:26:44 CET 2018 on sn-devel-144
- - - - -
42d6dd2f by Ralph Boehme at 2018-03-22T17:26:03Z
s3: smbd: always set vuid in check_user_ok()
A SMB session reauth will have invalidated conn->vuid via
conn_clear_vuid_caches().
Ensure conn->vuid always has the vuid of the current user in
check_user_ok().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13351
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Mar 22 18:26:04 CET 2018 on sn-devel-144
- - - - -
35ca6161 by Andreas Schneider at 2018-03-23T00:59:07Z
s3:lib: Fix probably a copy&paste error in namemap_cache_set_sid2name()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13350
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Mar 23 01:59:08 CET 2018 on sn-devel-144
- - - - -
8fd73b38 by Andrew Bartlett at 2018-03-23T01:32:08Z
selftest: Align cleanup of tmpkpasswdscript with scripts that use it
Some scripts removed it without creating it and the others created it
and did not remove it.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
e1334909 by Andrew Bartlett at 2018-03-23T01:32:08Z
selftest: Ensure tmpkpasswdscript is always under $PREFIX
Otherwise it might not be removed at the end of the test
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
b9f0c7f9 by Timur I. Bakeyev at 2018-03-23T06:25:30Z
Fix invocation of gnutls_aead_cipher_encrypt()
Which was failing with GNUTLS_E_SHORT_MEMORY_BUFFER - The given memory
buffer is too short to hold parameters.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13352
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Fri Mar 23 07:25:30 CET 2018 on sn-devel-144
- - - - -
708abbf3 by Noel Power at 2018-03-23T06:28:23Z
samba python tests: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
aacbe1b6 by Noel Power at 2018-03-23T06:28:23Z
samba-tool: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
9c251740 by Noel Power at 2018-03-23T06:28:23Z
samba python libs: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a8aab19b by Noel Power at 2018-03-23T06:28:24Z
s3/dsdb: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
66a9b4dc by Noel Power at 2018-03-23T06:28:24Z
s4/script: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
dd5c347d by Noel Power at 2018-03-23T06:28:24Z
s4/scripting: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
66ea4913 by Noel Power at 2018-03-23T06:28:24Z
s4/torture/drs: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
bebdefeb by Noel Power at 2018-03-23T06:28:24Z
s4/selftest: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
40e7d579 by Noel Power at 2018-03-23T06:28:24Z
selftest: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
220f19fc by Noel Power at 2018-03-23T06:28:24Z
s3/script/tests: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
2a64f77d by Noel Power at 2018-03-23T06:28:24Z
script: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7b897d6d by Noel Power at 2018-03-23T06:28:24Z
auth/credentials/test: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0844c5aa by Noel Power at 2018-03-23T06:28:24Z
lib/tdb: convert print func to be py2/py3 compatible
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
cd1136f3 by Douglas Bagnall at 2018-03-23T06:28:24Z
README.Coding: mention compatible Python versions
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8ca43ec8 by Douglas Bagnall at 2018-03-23T06:28:25Z
README.Coding: remove reference to non-existent prog_guide4.txt
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
04487198 by Noel Power at 2018-03-23T06:28:25Z
libcli/nbt: Fix illegal tuple index access.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0fa93f5f by Noel Power at 2018-03-23T06:28:25Z
s4/selftest: Add simple python netbios test python2 only for the moment
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
330bbf7c by Noel Power at 2018-03-23T06:28:25Z
python3 port for netbios module
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4c02d5ca by Noel Power at 2018-03-23T06:28:25Z
s4/selftest: enable netbios python test for python3 too
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0d65c1ef by Noel Power at 2018-03-23T06:28:25Z
s4/dsdb: python3 api should take 'bytes'
Attributes are properly represented by 'bytes' and *maybe* can be
converted into strings (if they are text).
py_dsdb_normalise_attributes currently expects strings, this is fine
in python2 however in python3 we need to actually pass a 'bytes'
class.
Signed-off-by: Noel Power <noel.power at suse.com>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
aea433ee by Noel Power at 2018-03-23T06:28:25Z
python: Add compatability helpers to determine if type is really bytes
py3compat has PyBytes_Check macro which evalates to PyString_Check in
python2. To help switch behaviour based on whether you are dealing
with the bytes type the following macros have been added.
IsPy3Bytes
IsPy3BytesOrString
IsPy3Bytes will evaluate to false in python2 and will return the
expected result in python3. IsPy3BytesOrString will test for string
type alone in python2 or bytes and string in python3.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
18a5afa6 by Noel Power at 2018-03-23T06:28:25Z
s4/librpc: GUID should accept string or bytes in python3
In python3 you can't store a binary blob GUID in a string class, you
need to use 'bytes'. This change ensures python2 code continues to use
a string and in python3 both 'bytes' and 'string' are supported.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cd5a4519 by Noel Power at 2018-03-23T06:28:25Z
samba python tests: Ensure GUIDTests cover all input formats
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f6db12e2 by Douglas Bagnall at 2018-03-23T06:28:25Z
tests/dcerpc/misc.GUID: test that long-form py3 bytes works
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bb88292c by Joe Guo at 2018-03-23T06:28:25Z
tests/dcerpc/misc.GUID: improve tests
1. Merge tests for different formats into a for loop, make it easy to
read and extend.
2. Add test for invalid formats.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a032ea5b by David Mulder at 2018-03-23T06:28:25Z
libgpo: port samba.gpo to python3
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6a7cdad3 by David Mulder at 2018-03-23T06:28:26Z
Add python tests for samba.gpo module
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4f036497 by Noel Power at 2018-03-23T06:28:26Z
python3 port for dckeytab module
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e29a75e7 by David Mulder at 2018-03-23T06:28:26Z
Add tests for dckeytab python module
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
da72c401 by Andrew Bartlett at 2018-03-23T11:00:40Z
autobuild: Move "none" environment to samba-none-env
This takes this part of the test out of the main, slow samba task
but also keeps it away from samba-o3 which is up against the 50min
budget on travis-ci.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Mar 23 12:00:40 CET 2018 on sn-devel-144
- - - - -
d418d0ca by Andrew Bartlett at 2018-03-24T01:31:15Z
winbindd: Add a cache of the samr and lsa handles for the passdb domain
This domain is very close, in AD DC configurations over a internal ncacn_np pipe
and otherwise in the same process via C linking. It is however very expensive
to re-create the binding handle per SID->name lookup, so keep a cache.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
fc9150dc by Andrew Bartlett at 2018-03-24T01:31:15Z
winbindd: Do re-connect if the RPC call fails in the passdb case
This is very, very unlikely but possible as in the AD case the RPC server is in
another process that may eventually be able to restart.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
2610a3f2 by Andrew Bartlett at 2018-03-24T06:21:37Z
winbindd: Use talloc_zero_array for consistency with other winbindd_domain allocators
The other allocator for this structure uses talloc_zero()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat Mar 24 07:21:37 CET 2018 on sn-devel-144
- - - - -
92a68af1 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-client: Do not try to allocate 0 sized record
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13356
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
4e37be92 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-client: Add missing initialization of tevent_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13356
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
147ff850 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Convert database map to a linked list in fake_ctdbd
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
2de66072 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Add dbdir option for creating databases in fake_ctdbd
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
50e25418 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Implement database attach control in fake_ctdbd
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
14bdbef9 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Add database attach tests
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
0e5e8469 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Use seqnum from tdb if available in fake_ctdbd
This also adds the lower level ltdb read/write functions required to
read seqnum from database.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
5be29b79 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Add req_call processing in fake_ctdbd
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
7c30d479 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Add volatile database tests
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
8250956c by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Implement transaction control in fake_ctdbd
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
2a8e4257 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Add persistent database tests
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
a5fb33e2 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Implement traverse control in fake_ctdbd
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
c8656588 by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Add database traverse tests
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
7da9802a by Amitay Isaacs at 2018-03-27T02:27:24Z
ctdb-tests: Add debug messages for unimplemented functions
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
ce5116cf by Martin Schwenke at 2018-03-27T07:06:14Z
ctdb-tests: Don't expand octal escapes in unit test output
The echo command in dash expands octal escapes in strings by default
but the echo command in bash doesn't. Since the behaviour is
ill-defined, use printf to handle affected strings. However, ensure
that these strings aren't used as format strings.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Mar 27 09:06:14 CEST 2018 on sn-devel-144
- - - - -
77d88d75 by Eric Vannier at 2018-03-27T11:50:09Z
Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13302
Signed-off-by: Eric Vannier <evannier at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Mar 27 13:50:09 CEST 2018 on sn-devel-144
- - - - -
a8e825c4 by Andrew Bartlett at 2018-03-27T21:03:13Z
gitlab-ci: Create swap space to work around the 2G image
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
75d2be7d by Joe Guo at 2018-03-27T21:03:13Z
gitlab-ci: set docker image and change tag
1. Specify docker image to use in gitlab-ci.yml
2. Change tag autobuild to docker
So we can use gitlab.com shared runners.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
2532c0db by Joe Guo at 2018-03-27T21:03:13Z
gitlab-ci: add git variable to speed up clone
Set GIT_STATEGY to fetch, and GIT_DEPTH to 3.
This will speed up cloning for repos.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
7544f357 by Andrew Bartlett at 2018-03-27T21:03:13Z
autobuild: Run nt4_dc and nt4_member tests in parallel
These do not interact with the main AD DC environments, so can run in parallel
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
bfee4414 by Andrew Bartlett at 2018-03-27T21:03:13Z
travis-ci: Run new samba-nt4 environment
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
fd036899 by Andrew Bartlett at 2018-03-27T21:03:13Z
gitlab-ci: Add samba-nt4 environment to the CI
This parallel build is de-coupled from the main samba build
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
3fd29c05 by Andrew Bartlett at 2018-03-27T21:03:13Z
selftest: Do not run smb2.notify against nt4_dc and ad_dc
This is a slow test and we need to keep the time on ad_dc down to below 50mins total
for travis-ci.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d47fb223 by Andrew Bartlett at 2018-03-27T21:03:13Z
autobuild: Run all "ad_dc" environment tests in samba-ad-dc
This allows us not to run ad_dc tests in the main build, making the
autobuild process faster. The ad_dc tests run in less than 50mins
on travis-ci, which allows this part of the tests to be run.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
e4a969cc by Andrew Bartlett at 2018-03-27T21:03:13Z
autobuild: Remove fileserver tests from the main build
Again, this is to allow these to run in the 50min timelimit
of travis-ci and so gain test coverage.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
a9a6fdad by Andrew Bartlett at 2018-03-27T21:03:13Z
selftest: Move base.delaywrite tests to fileserver environment
This aims to keep the ad_dc tests well below 50mins for travis CI and
base.delaywrite is very slow.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
0668303a by Andrew Bartlett at 2018-03-27T21:03:14Z
Move smbtorture3 tests to fileserver environment
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d6ac8bea by Andrew Bartlett at 2018-03-27T21:03:14Z
autobuild: Try and test different configure options for new environments
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
fafbeb18 by Andrew Bartlett at 2018-03-27T21:03:14Z
selftest: Move slower base.deny1 and base.deny2 to fileserver environment
This avoids these running in the ad_dc environment which we need to get under 50mins for
travis-ci.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d9208748 by Andrew Bartlett at 2018-03-27T21:03:14Z
selftest: Move samba.tests.samba_tool{.dnscmd,.sites} to chgdcpass
This helps reduce the runtime of ad_dc which needs to be under 50mins
including build time to run on travis-ci.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
474b39ce by Andrew Bartlett at 2018-03-27T21:03:14Z
gitlab-ci: Set shared and private tags to allow builds that need ext4 to pass
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
56191dcf by Andrew Bartlett at 2018-03-27T21:03:14Z
autobuild: Split up the build further with samba-ad-dc-2
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
606ba7a0 by Andrew Bartlett at 2018-03-27T21:03:14Z
gitlab: Run fileserver tests on "private" not "shared"
This might make the delaywrite tests pass
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
97d02031 by Andrew Bartlett at 2018-03-27T21:03:14Z
autobuild: Run all envs that depend on ad_dc in the ad_dc job
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
5509fdea by Andrew Bartlett at 2018-03-27T21:03:14Z
selftest: Do not run raw.notify, smb2.oplock and raw.oplock twice
These are slower tests that do not need to be run against the ad_dc configuration
in particular.
This saves time in the ad_dc job which needs to stay under 50mins to
pass on travis-ci (and faster tests are better for everyone anyway).
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
106793a4 by Andrew Bartlett at 2018-03-27T21:03:14Z
selftest: Do not run krb5.kdc machine account test against ad_dc
This code is already well tested against fl2008r2dc and just as per
8f1557a2c43e287c07723c16be78e1d858f4111d this test is slow and we can afford to be
more selective here.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
f4fe1c83 by Andrew Bartlett at 2018-03-27T21:03:14Z
gitlab-ci: Split up build_samba_others and build_ctdb tasks
These make too much output and the shared runners on GitLab CI object to
sending more than 4MB of output.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
f8c429bd by Andrew Bartlett at 2018-03-27T21:03:14Z
selftest: Move slow raw_protocol test to chgdcpass environment
The ad_dc environment is busy and we need to keep it under 50mins for travis CI, so run
this on a different environment with a shorter runtime.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
a93b1f6f by Andrew Bartlett at 2018-03-27T21:03:14Z
selftest: Do not run *.lock tests against both nt4_dc and ad_dc
This part of the protocol is not changed by being an AD DC.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d955ab22 by Andrew Bartlett at 2018-03-27T23:53:56Z
selftest: Run net.api.become.dc against less roles
This test is slower than many and need not be run five times.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Mar 28 01:53:56 CEST 2018 on sn-devel-144
- - - - -
2f33b18d by Martin Schwenke at 2018-03-28T00:57:15Z
ctdb-script: Drop CTDB_MANAGED_SERVICES configuration option
This seems never to have caught on so reduce complexity.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
cf866d66 by Martin Schwenke at 2018-03-28T00:57:15Z
ctdb-scripts: Drop unused functions
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ad081f91 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Make FAKE_CTDB_STATE globally set
Lots of things depend on it.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
fb209076 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: New global variable FAKE_NETWORK_STATE
Stash all the network state in this directory.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6f730c4b by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Fix a bug in the ctdb stub's moveip command
This was writing garbage into the IP layout file and relevant tests
were passing by luck.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
06be4a65 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Drop unused ctdb stub scriptstatus and xpnn commands
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7d1d5fc9 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Move ctdb stub code from case statement to functions
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
713804be by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Update argument handling of ctdb stub functions
All functions are now called after shifting away the command name.
There is less churn that expected because some functions don't use any
arguments.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ce1b5b30 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Remove case statement in ctdb stub
This removes a lot of unnecessary clutter.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3bbf3e97 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Move variable FAKE_CTDB_IFACES_DOWN into ctdb stub
It is the only user of this variable.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
26329aa0 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Move variable FAKE_IP_STATE into the ip stub
It is the only user of this variable.
This is now a subdirectory of FAKE_NETWORK_STATE.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ab899588 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Don't set FAKE_ETHTOOL_LINK_DOWN globally
This variable doesn't need to be set in a generic function and can be
set by the ethtool support functions
This is now a subdirectory of FAKE_NETWORK_STATE.
The down/up functions get reindented because the new 1st line should
be indented according to the new script indent-with-tabs style.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
35713456 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: New support functions setup_dbdir() and setup_date()
For now, these need to be called from setup_generic() to stop tests
from breaking.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e4a4532e by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Make date handling consistent in 00.ctdb tests
This duplicates the filter function but that will be fixed later.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6eec33c0 by Martin Schwenke at 2018-03-28T00:57:16Z
ctdb-tests: Tweak debug function
Output to stderr. Read from stdin if no arguments given, making it
possible to handle long lines using here documents.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3c82d3ae by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: New function setup_numnodes()
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1d7d4874 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Clean up fake share handling
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
26e090dd by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Clean up handling of CTDB_SCRIPT_VARDIR
Only set this in ctdb_set_pnn() and always use the PNN in the path.
Generic setup functions like setup_ctdb() will go away soon in favour
of more doing setup that is specific to the script being tested.
Therefore, call ctdb_set_pnn() in define_test() to ensure that
CTDB_SCRIPT_VARDIR is always set. Note that setup_ctdb() is never
called with an argument so the default PNN has always been 0.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bbd96993 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Allow modularisation of event script testing support
local.sh is enormous. Allow per-event-script customisation.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bcb6cc28 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 00.ctdb.sh
Contains testing support used only by tests for 00.ctdb event script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7b4dd7e5 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 01.reclock.sh
Contains testing support used only by tests for 01.reclock event
script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f5a70415 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 05.system.sh
Contains testing support used only by tests for 05.system event script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ee6052e6 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 10.interface.sh
Contains testing support used only by tests for 10.interface event
script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
916b7f94 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 11.natgw.sh
Contains testing support used only by tests for 11.natgw event script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e4899293 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 13.per_ip_routing.sh
Contains testing support used only by tests for 13.per_ip_routing
event script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
38b54a60 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 20.multipathd.sh
Contains testing support used only by tests for 20.multipathd event
script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f306c2d8 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 40.vsftpd.sh
Contains testing support used only by tests for 40.vsftpd event
script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f33f4b3a by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 41.httpd.sh
Contains testing support used only by tests for 41.httpd event script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a51e4ea0 by Martin Schwenke at 2018-03-28T00:57:17Z
ctdb-tests: Create 49.winbind.sh
Contains testing support used only by tests for 49.winbind event
script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
32d8483b by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: Create 50.samba.sh
Contains testing support used only by tests for 50.samba event script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7d91de54 by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: Create 60.nfs.sh and 06.nfs.sh
Contains testing support used only by tests for 60.nfs and 06.nfs
event scripts.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0f080ceb by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: Create 91.lvs.sh
Contains testing support used only by tests for 91.lvs event scripts.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0f78e0b4 by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: Create statd-callout.sh
Contains testing support used only by tests for statd-callout script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b6cde6ff by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: 05.system.sh simple 80 column fixups
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bfd2d70f by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: 10.interface.sh simple 80 column fixups
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4430e22d by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: 11.natgw.sh simple 80 column fixups
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b526968b by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: 20.multipathd.sh 80 column fixups
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
44b29982 by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: 60.nfs.sh simple 80 column fixups and reordering
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
90387592 by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: statd-callout.sh simple 80 column fixups
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
5815c32d by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: Define generic setup() function
Create default setup() function that aborts. This function will be
redefined by each support script and used to do the setup.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
db5c6041 by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: 00.ctdb testing setup modularisation
Switch to generic setup() function and set variables there.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7cddc88d by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: 01.reclock event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d8232476 by Martin Schwenke at 2018-03-28T00:57:18Z
ctdb-tests: 05.system event script setup modularisation
Do initial test setup using setup() function. Rename usage setting
functions to make them more obvious.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8c81fb9d by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 10.interface event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a63c4560 by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 11.natgw event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0ca1cfcf by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 13.per_ip_routing event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0bc1b4b2 by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 20.multipathd event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3172dc72 by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 31.clamd event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
99c3fd34 by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 40.vsftpd event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
29eb410f by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 41.httpd event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
34eba35c by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 49.winbind event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ab5bc195 by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 50.samba event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
042a5101 by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 60.nfs (and 06.nfs) event script setup modularisation
Includes gratuitous changes to get lines below 80 columns.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8ee51d2f by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: 91.lvs event script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
58db0dbe by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: statd-callout script setup modularisation
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6c5f7c00 by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-tests: Remove unused functions and stubs
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1c9b6c39 by Martin Schwenke at 2018-03-28T00:57:19Z
ctdb-scripts: Clean up function detect_init_style()
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8b182215 by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-docs: Promote CTDB_INIT_STYLE to global options section
Clarify that the global options should be set in the system
configuration file.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b4997755 by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-scripts: Split CTDB configuration loading
loadconfig() currently tries to load the CTDB configuration and also
any system configuration relevant to the current (event) script.
Instead add a new function load_system_config() to load the
distribution-specific system configuration for a component. Call this
directly in the rare scripts that need the system configuration.
Also call load_system_config when loading the CTDB configuration to
pull in anything from the CTDB system configuration. This is partly
for backward compatibility but also to get options that can be used
anywhere.
loadconfig() no longer takes an argument. It simply loads the CTDB
configuration.
Drop support for falling back to /etc/ctdb/sysconfig/ctdb (or
similar). Surely there's nobody who uses that!
Also, drop the indirection where loadconfig() calls _loadconfig().
This was used years ago as a test hook and is no longer required.
Inexplicably, this change introduces a new shellcheck test failure, so
silence this.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3712640d by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: New function setup_script_options()
Currently exports the variable assignment on each line. Later this
can be changed to handle actual per-script configuration.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
45de2b1d by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 05.system tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
87cd76e0 by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 10.interface tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6b88a818 by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 11.natgw tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ef98333d by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 13.per_ip_routing tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a16eb657 by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 20.multipathd tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
051458fe by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 31.clamd tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
17b8f12d by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 40.vsftpd tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3944fc4a by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 41.httpd tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ecda38c8 by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 49.winbind tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
96ed6c34 by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 50.samba tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a48bd342 by Martin Schwenke at 2018-03-28T00:57:20Z
ctdb-tests: Use setup_script_options() in 60.nfs (and 06.nfs) tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e0c2b3a1 by Martin Schwenke at 2018-03-28T00:57:21Z
ctdb-tests: Use setup_script_options() in 91.lvs tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a2f8730c by Martin Schwenke at 2018-03-28T00:57:21Z
ctdb-scripts: Add new function load_script_options()
For now this loads the global CTDB configuration too. This will
change in the future after things are properly modularised.
This also anticipates a future change where event scripts end with a
".script" suffix.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
65ce5e21 by Martin Schwenke at 2018-03-28T00:57:21Z
ctdb-scripts: Use load_script_options in event scripts
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
66cfddc6 by Martin Schwenke at 2018-03-28T00:57:21Z
ctdb-tests: Script options into per-script file
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1db96ce2 by Martin Schwenke at 2018-03-28T00:57:21Z
ctdb-tests: Rename setup_config() to setup_tunable_config()
Drop the "CTDB_SET_" prefix from variable names and add it back for
now. When there is a better way of setting tunables then this
function will support that.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
02fc52d6 by Martin Schwenke at 2018-03-28T00:57:21Z
ctdb-scripts: Tunables are now loaded from ctdb.tunables
Using CTDB_SET_TunableVariables in the main configuration file is no
longer supported.
The only subtlety is an unexpected order change in one of the unit
test results. This is because the old implementation implicitly
sorted the tunable variables via the set command.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4e0cf2fa by Martin Schwenke at 2018-03-28T05:27:58Z
ctdb-tests: Delete unused fake /etc/sysconfig/ctdb file
The only remaining item is a setting of CTDB_DEBUGLEVEL, which is not
required.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Wed Mar 28 07:27:58 CEST 2018 on sn-devel-144
- - - - -
360804ed by Volker Lendecke at 2018-03-28T11:03:25Z
ndr_string: Fix a signed/unsigned glitch
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
1cd0fe90 by Volker Lendecke at 2018-03-28T14:08:16Z
ndr_string: Do overflow checks in ndr_push/pull_charset
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Mar 28 16:08:16 CEST 2018 on sn-devel-144
- - - - -
8b5925b3 by Volker Lendecke at 2018-03-28T22:21:50Z
libads: Fix CID 1433606 Dereference before null check
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9ecc6f3b by Volker Lendecke at 2018-03-28T22:21:52Z
lsa_server: Fix CID 1433608 Dereference after null check
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1b7881ce by Volker Lendecke at 2018-03-28T22:21:53Z
libads: Fix 1433611 Resource leak
Not really a memleak due to the passed-in talloc ctx, but this way it's cleaner
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bb7da335 by Volker Lendecke at 2018-03-28T22:21:54Z
dsdb: Fix CID 1433614 Dereference after null check
This whole routine assumes module!=NULL, both in the successful as
well as in error cases. So checking for module!=NULL is confusing both
the reader as well as Coverity.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f3e98f41 by Volker Lendecke at 2018-03-28T22:21:55Z
vfs_fruit: Fix CID 1433613 Operands don't affect result
Two changes: First, we can't check multiplication overflow after the
operation. This has to be done before with a division. Second, there
is no OFF_T_MAX, and both operands are size_t, so check for
SIZE_MAX. The result is assigned to off_t, but I'm not sure where the
automatic coercion from size_t to off_t would happen.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cfe8fa2c by Volker Lendecke at 2018-03-28T22:21:56Z
smbstatus: Fix CID 1128560 Dereference null return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
67c31842 by Volker Lendecke at 2018-03-28T22:21:57Z
net: Fix CID 1128559 Dereference null return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
efa66c9e by Volker Lendecke at 2018-03-29T01:45:00Z
libads: Fix CID 1349423 Resource leak
get_sorted_dc_list should already take care, but this way it's safer
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Mar 29 03:45:00 CEST 2018 on sn-devel-144
- - - - -
2514bee0 by Jeremy Allison at 2018-03-29T18:31:34Z
s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
- - - - -
53cdf7a9 by Jeremy Allison at 2018-03-29T18:31:34Z
s4: torture: Ensure a failed file create doesn't create the file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
- - - - -
22fe8dcb by Jeremy Allison at 2018-03-29T18:31:34Z
s4: torture: Test all combinations of file create to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
- - - - -
820b35bb by Jeremy Allison at 2018-03-29T18:31:34Z
s4: torture: Test all combinations of file open with existing file to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
- - - - -
fd908433 by Jeremy Allison at 2018-03-29T18:31:34Z
s4: torture: Test all combinations of directory create to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
- - - - -
c98cd0f2 by Jeremy Allison at 2018-03-29T21:13:41Z
s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Mar 29 23:13:42 CEST 2018 on sn-devel-144
- - - - -
66052fdc by Ralph Boehme at 2018-03-30T01:51:48Z
s3:smbd: don't use the directory cache for SMB2/3
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13363
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Mar 30 03:51:48 CEST 2018 on sn-devel-144
- - - - -
3ffc9181 by Jones Syue at 2018-03-30T16:39:19Z
s4:torture: kernel oplocks. Fix assertion warning
Simply boolean 'ret' instead of 'ret = true'.
Signed-off-by: Jones Syue <jonessyue at qnap.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Mar 30 18:39:19 CEST 2018 on sn-devel-144
- - - - -
22299f98 by Swen Schillig at 2018-03-30T22:07:18Z
ctdb: Fixing possible memory leak in ctdb_daemon_read_cb
In case of an error condition the further processing of the data is cancelled
and the callback returns. In such a scenario the data has to be free'd.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
611c9a0b by Swen Schillig at 2018-03-30T22:07:18Z
ctdb: Fixing memory leak in ctdb_tcp_tnode_cb
It is expected by the caller(queue_process) that the callback is
free'ing the memory referenced by the data pointer.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
aba3d508 by Swen Schillig at 2018-03-30T22:07:18Z
ctdb: Fixing possible memory leak in ctdb_tcp_read_cb
In case of an error condition the further processing of the data is cancelled
and the callback returns. In such a scenario the data has to be free'd.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d6a9dc6e by Swen Schillig at 2018-03-30T22:07:18Z
ctdb: Use provided mem_ctx for newly allocated memory
ctdb_call_local is called with a mem_ctx parameter which should be used
for newly allocated memory.
This is safe because all allocations of this context are freed before
this function returns.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a2f2bf9e by Swen Schillig at 2018-03-30T22:07:18Z
ctdb: Use talloc_zero instead of zeroing attributes
Zero entire structure with talloc_zero on memory allocation instead of
setting each attribute individually.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3269cd67 by Swen Schillig at 2018-03-30T22:07:18Z
ctdb-server: Cleanup ctdb_daemon_call_send_remote
Minor code cleanup and adding a temporary variable to improve readabilty.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b40bcb09 by Swen Schillig at 2018-03-30T22:07:18Z
ctdb-server: Only talloc_set_destructor when required
The destructor is only needed once the state got added to the DLIST.
Therefore, move the setting of the destructor to after the addition
of state to the DLIST.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
423d7e24 by Swen Schillig at 2018-03-30T22:07:18Z
ctdb-server: Replace the variable rc by something meaningful
Replace the varibale name "rc" in ctdb_start_revoke_ro_record
to prevent a mix-up with the common meaning of rc (return code).
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7248b82e by Swen Schillig at 2018-03-30T22:07:18Z
ctdb-server: Minor code cleanup
Cleanup ctdb_start_revoke_ro_record to improve readability.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
134223e4 by Swen Schillig at 2018-03-30T22:07:18Z
ctdb-server: Add goto tag avoiding code duplication
Introduced err_out goto tag to prevent code duplication.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e8dba190 by Swen Schillig at 2018-03-31T01:45:51Z
ctdb-server: Only set destructor if required
Set the detructor in ctdb_start_revoke_ro_record after the revokechild_handle
was added to the list.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Mar 31 03:45:51 CEST 2018 on sn-devel-144
- - - - -
6b75d2c6 by Amitay Isaacs at 2018-03-31T06:34:00Z
ctdb-scripts: Drop "net serverid wipe" from 50.samba event script
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13359
There is no serverid database anymore.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Sat Mar 31 08:34:00 CEST 2018 on sn-devel-144
- - - - -
f2ff61ce by Stefan Metzmacher at 2018-04-03T14:41:09Z
lib/util: remove unused '#include <sys/syscall.h>' from tests/tfork.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13342
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
329a229a by Stefan Metzmacher at 2018-04-03T14:41:09Z
lib/replace: define __[u]intptr_t_defined if we prove an replacement
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
b8c30abb by Stefan Metzmacher at 2018-04-03T14:41:09Z
nsswitch: maintain prototypes for the linux based functions only once
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
d5be3b32 by Stefan Metzmacher at 2018-04-03T14:41:09Z
nsswitch: add some const to _nss_winbind_initgroups_dyn() prototype
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
dc160247 by Stefan Metzmacher at 2018-04-03T14:41:09Z
nsswitch: fix the developer build of nsswitch/wins.c on freebsd 11
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
fb7b67af by Stefan Metzmacher at 2018-04-03T14:41:09Z
s3:modules: fix the picky-developer build of vfs_virusfilter.c on FreeBSD 11
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
74278a70 by Stefan Metzmacher at 2018-04-03T14:41:09Z
s3:modules: make virusfilter_io_connect_path() more portable
We have existing utility functions to prepare a socket.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
7ae77db3 by Stefan Metzmacher at 2018-04-03T14:41:09Z
lib/crypto: avoid 'return void_function();' which isn't portable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
666dda90 by Stefan Metzmacher at 2018-04-03T14:41:09Z
ldb/tests: avoid 'return void_function();' which isn't portable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
702665cc by Stefan Metzmacher at 2018-04-03T18:18:58Z
s3:modules: fix the build of vfs_aixacl2.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13345
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Apr 3 20:18:58 CEST 2018 on sn-devel-144
- - - - -
63e05322 by Andreas Schneider at 2018-04-03T18:20:10Z
third_party: Update pam_wrapper to version 1.0.6
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
be709e8c by Andreas Schneider at 2018-04-03T18:20:10Z
ldb: Add test for ldb_qsort()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
889d1daf by Andreas Schneider at 2018-04-03T18:20:10Z
ldb: Fix overflow checks
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
41895045 by Andreas Schneider at 2018-04-03T18:20:10Z
third_party: Fix size type in cmocka
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bc3834d6 by Andreas Schneider at 2018-04-03T18:20:10Z
lib:util: Fix size types in fgets_slash()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c4a73ccd by Andreas Schneider at 2018-04-03T18:20:10Z
s4:registry: Fix size type and loop
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
28dec65c by Andreas Schneider at 2018-04-03T18:20:10Z
s4:client: Fix size types and loop
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
aa17db1f by Andreas Schneider at 2018-04-03T18:20:10Z
heimdal: Fix size types and array access
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
abc9c560 by Andreas Schneider at 2018-04-03T18:20:10Z
s4:torture: Fix size types in torture_create_procs()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
06940155 by Andreas Schneider at 2018-04-03T18:20:10Z
s3:smbd: Fix size types in reply_negprot()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0459a296 by Andreas Schneider at 2018-04-03T18:20:10Z
s3:printing: Fix size types
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
22a28ac8 by Andreas Schneider at 2018-04-03T18:20:10Z
s3:spoolss: Fix size types
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
be4cb4a7 by Andreas Schneider at 2018-04-03T18:20:11Z
s3:client: Fix size types
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
deccc84b by Andreas Schneider at 2018-04-03T18:20:11Z
s3:torture: Fix size types in make_nonstd_fd()
This fixes compilation with -Wstrict-overflow=2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
23bedb33 by Andreas Schneider at 2018-04-03T18:20:11Z
s3:modules: Update getdate.y to work with newer bison versions
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
083e52f5 by Andreas Schneider at 2018-04-03T18:20:11Z
s3:modules: Generate new getdate.c with bison
bison -o source3/modules/getdate.c source3/modules/getdate.y<Paste>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a12e12e9 by Andreas Schneider at 2018-04-03T18:20:11Z
wafsamba: Add missing cflags_end argument to SAMBA_MODULE
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
08e350b5 by Andreas Schneider at 2018-04-03T18:20:11Z
replace: Check for -Wno-strict-overflow
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3e0f538c by Andreas Schneider at 2018-04-03T18:20:11Z
s3:modules: Set -Wno-strict-overflow for getdate if supported
bison generates an C89 files which does some weired things.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5ebb1dd1 by Andreas Schneider at 2018-04-03T21:08:33Z
wafsamba: Add missing cflags_end argument to SAMBA_BINARY
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Apr 3 23:08:33 CEST 2018 on sn-devel-144
- - - - -
37dcbe17 by Volker Lendecke at 2018-04-03T22:44:22Z
libhttp: Fix CID 1273001 Dereference after null check
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
7164e00f by Volker Lendecke at 2018-04-03T22:44:22Z
libcli: Fix CID 710748 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ab6228c3 by Volker Lendecke at 2018-04-03T22:44:22Z
lsasrv: Fix CID 241331 Self assignment
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
dd370f8a by Volker Lendecke at 2018-04-03T22:44:22Z
lsasrv: Fix CID 241332 Self assignment
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c31e5371 by Volker Lendecke at 2018-04-03T22:44:22Z
smbd: Fix CID 240676 Dereference after null check
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
7bffd65b by Volker Lendecke at 2018-04-03T22:44:22Z
cldap: Avoid a ZERO_STRUCTP
This is done implicitly by tevent_req_create
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
64b144dc by Volker Lendecke at 2018-04-03T22:44:22Z
dsdb: Fix CID 1034744 Dereference after null check
This HIGHLY looks like a cut&paste error...
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
76babda4 by Volker Lendecke at 2018-04-03T22:44:23Z
groupdb: Fix CID 1167984 Ignoring number of bytes read
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
2d7a3e06 by Volker Lendecke at 2018-04-03T22:44:23Z
libads: Fix CID 1272809 Free of address-of expression
Look at the other SAFE_FREE's in this function...
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
925d1f23 by Volker Lendecke at 2018-04-03T22:44:23Z
dsdb: Fix CID 1034966 Uninitialized scalar variable
"continue" in a do-while loop jumps to the "while"-check, so "id_exists" needs
to be initialized by that point.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13367
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
54fc9002 by Volker Lendecke at 2018-04-03T22:44:23Z
utils: Fix CID 1035541 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
5b52c308 by Volker Lendecke at 2018-04-03T22:44:23Z
pygpo: Fix CID 1422263 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
bc16f7da by Volker Lendecke at 2018-04-03T22:44:23Z
pdb_ldap: Fix CID 1363266 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
54db80e6 by Volker Lendecke at 2018-04-03T22:44:23Z
net: Fix CID 1414752 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c3341ed2 by Volker Lendecke at 2018-04-03T22:44:23Z
net: Avoid tallocs
Not really performance critical, but I think it's worth establishing sample
code to use more stack variables than going out to talloc.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
015e0466 by Volker Lendecke at 2018-04-03T22:44:23Z
krb5_wrap: Fix CID 1034833 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
f2df0e50 by Volker Lendecke at 2018-04-04T01:51:00Z
krb5_wrap: Fix CID 1414755 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Apr 4 03:51:00 CEST 2018 on sn-devel-144
- - - - -
c42c721b by Swen Schillig at 2018-04-04T04:35:17Z
ctdb: Remove double sanity checks from ctdb_daemon_read_cb
Within ctdb_daemon_read_cb the provided data is checked for sanity,
e.g. correct size and content. This is not required because it was
done already by the caller (queue_process).
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b8f7f425 by Swen Schillig at 2018-04-04T07:31:04Z
ctdb: Remove double sanity checks from ctdb_tcp_read_cb
Within ctdb_tcp_read_cb the provided data is checked for sanity,
e.g. correct size and content. This is not required because it was
done already by the caller(queue_process).
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Wed Apr 4 09:31:04 CEST 2018 on sn-devel-144
- - - - -
e895b6cf by Lutz Justen at 2018-04-04T21:52:02Z
s3: lib: messages: Don't use the result of sec_init() before calling sec_init().
Commit ad8c7171ba86e8a47d78b0c7329bb814e5a8871e accidently
moved sec_init() to the point after sec_initial_uid() is
called in the call to directory_create_or_exist_strict().
I missed this in the review (sorry). This works as root
as initial_uid/initial_gid are static (and so initialized
as zero) but doesn't work on ChromeOS as this code isn't
running as root.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13368
Signed-off-by: Lutz Justen <ljusten at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Apr 4 23:52:02 CEST 2018 on sn-devel-144
- - - - -
90c02ec6 by Volker Lendecke at 2018-04-04T23:10:09Z
credentials: Fix CID 1414796 Explicit null dereferenced
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cc746385 by Volker Lendecke at 2018-04-04T23:10:09Z
credentials: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
91c0f497 by Volker Lendecke at 2018-04-04T23:10:10Z
libsmb: Handle long-running smb2cli_notify
This likely runs into a timeout. Properly cancel the smb2 request,
allowing the higher-level caller to re-issue this request on an existing
handle.
I did not see a proper way to achieve this with tevent_req_set_endtime or
something like that.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
abfe4828 by Volker Lendecke at 2018-04-04T23:10:10Z
libsmb: Handle IO_TIMEOUT in cli_smb2_notify properly
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1452677e by Volker Lendecke at 2018-04-05T02:05:52Z
smbclient: Handle ENUM_DIR in "notify" command
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Apr 5 04:05:52 CEST 2018 on sn-devel-144
- - - - -
e481e4f3 by Andrew Bartlett at 2018-04-05T02:50:16Z
ldb_tdb: Ensure we can not commit an index that is corrupt due to partial re-index
The re-index traverse can abort part-way though and we need to ensure
that the transaction is never committed as that will leave an un-useable db.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13335
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
06d9566e by Gary Lockyer at 2018-04-05T02:50:16Z
lib ldb tests: Prepare to run api and index test on tdb and lmdb
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13335
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
653a0a1b by Andrew Bartlett at 2018-04-05T05:53:10Z
ldb: Add test to show a reindex failure must not leave the DB corrupt
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13335
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Apr 5 07:53:10 CEST 2018 on sn-devel-144
- - - - -
0210f607 by David Mulder at 2018-04-05T06:59:08Z
python: Write py3 bin to correct args location
Comands written like this were working:
python /home/dmulder/code/samba/source4/scripting/bin/subunitrun
Changed to:
/usr/bin/python3 /home/dmulder/code/samba/source4/scripting/bin/subunitrun
But commands with env args overwrite the wrong arg:
CLIENT_IP=127.0.0.11 SOCKET_WRAPPER_DEFAULT_IFACE=11 python /home/dmulder/code/samba/source4/scripting/bin/subunitrun
Changed to:
/usr/bin/python3 SOCKET_WRAPPER_DEFAULT_IFACE=11 python /home/dmulder/code/samba/source4/scripting/bin/subunitrun
And were further mangled in plantestsuite_loadlist() to:
/usr/bin/python3 /home/dmulder/code/samba/source4/scripting/bin/subunitrun SOCKET_WRAPPER_DEFAULT_IFACE=11 python /home/dmulder/code/samba/source4/scripting/bin/subunitrun
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
52224336 by Noel Power at 2018-04-05T06:59:08Z
python3 port for policy module
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ccc0e06c by Noel Power at 2018-04-05T06:59:08Z
samba test python: enable samba.tests.policy for py3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7ad012d4 by Noel Power at 2018-04-05T06:59:08Z
python selftest: split samba3 test into separate tests
This patch splits the tests contained in samba3.py into separate
tests s3idmapdb.py, s3param.py, s3passdb.py, s3registry.py, s3windb.py
This allows test of associated python c-modules to be done independently.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ac888471 by Noel Power at 2018-04-05T06:59:08Z
python3 port for param module
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c6bba60c by Noel Power at 2018-04-05T06:59:08Z
python3 port for passdb module
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e4779b0d by Noel Power at 2018-04-05T06:59:08Z
python selftest: enable samba.tests.s3param to run with python3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
8caa2cd4 by Noel Power at 2018-04-05T06:59:08Z
python selftest: enable samba.tests.s3passdb to run with python3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1734655b by Noel Power at 2018-04-05T06:59:08Z
python selftest: enabled samba.tests.s3registry to run with py3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5fd49e89 by Noel Power at 2018-04-05T06:59:08Z
python selftest: enable samba.tests.s3windb to run with py3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
22d563b1 by Noel Power at 2018-04-05T06:59:09Z
selftest python: get samba.tests.s3idmapdb to run with py3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
94fd3cfa by Noel Power at 2018-04-05T06:59:09Z
python3 port for libsmb_samba_internal module
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
25e336eb by Noel Power at 2018-04-05T06:59:09Z
python samba test: enable samba.tests.libsmb_samba_internal for py3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
53e76ed2 by Noel Power at 2018-04-05T06:59:09Z
python3 port for smbd module
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c10925e9 by Noel Power at 2018-04-05T06:59:09Z
s4/ntvfs/posix/python: python3 (get|set)xattr value should be bytes
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ed0844fb by Noel Power at 2018-04-05T06:59:09Z
samba python tests: enable samba.tests.posixacl for python3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
05617a9e by Noel Power at 2018-04-05T06:59:09Z
samba python tests: enable samba.tests.ntacls for python3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7ad9bdd6 by Noel Power at 2018-04-05T06:59:09Z
python3 port for provision.c
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
2d593c27 by Noel Power at 2018-04-05T06:59:09Z
get make test TESTS=samba.tests.provision to work
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
fe9e6293 by Joe Guo at 2018-04-05T06:59:09Z
samba3: work around bytes formatting for Python 3.4
b'%s\x00' % key
The above % formatting for bytes is only available since Python 3.5,
however we need to support Python 3.4 so far.
Work around this with `+`.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d28379dc by Joe Guo at 2018-04-05T06:59:09Z
wscript_build: fix c modules deps name for Python 3
In wscript_build, the lib name in deps list may have postfix for Python
3. Instead of hard coding the base name directly, need to load correct
name for each Python version with `bld.pyembed_libname`.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
cf857853 by Joe Guo at 2018-04-05T06:59:09Z
selftest: enable py3 for samba.tests.posixacl
Fix bytes and str issue.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d3e4c473 by Joe Guo at 2018-04-05T06:59:09Z
selftest: enable py3 for samba.tests.xattr
Fix bytes and str issue.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
908ee2d3 by Joe Guo at 2018-04-05T06:59:09Z
selftest: enable py3 for samba.tests.blackbox.check_output
convert bytes to str for Python 3
`BlackboxTestCase.check_output` will return bytes since it uses
`subprocess.communicate` underneath.
Convert expected string result to bytes for comparing.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
87743b32 by Joe Guo at 2018-04-05T06:59:09Z
selftest: enable py3 for samba.tests.upgrade
`os.tempname` is removed in Python 3.
Use `tempfile` instead.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
34cf522e by Joe Guo at 2018-04-05T06:59:09Z
selftest: enable py3 for samba.tests.password_quality
No change needed.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
55c96614 by Joe Guo at 2018-04-05T06:59:09Z
selftest: enable py3 for samba.tests.dcerpc.rpc_talloc
No changes needed.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a35dfa01 by Joe Guo at 2018-04-05T06:59:09Z
selftest: enable py3 for samba.tests.dcerpc.array
No change needed.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
80aaafc2 by Joe Guo at 2018-04-05T06:59:09Z
selftest: enable py3 for samba.tests.dcerpc.string
No change needed.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0ebf5274 by Joe Guo at 2018-04-05T06:59:10Z
selftest: enable py3 for samba.tests.common
fix dsdb_Dn comparison for Python 3
In Python 3, the builtin `cmp` funtion was dropped. And the `__cmp__` magic
method in object is no longer honored, which is replaced by 6 new methods:
__eq__, __ne__, __lt__, __le__, __gt__, __ge__.
This caused `tests.CommonTests` failed with `py3_compatiable=True`.
Fixed by adding the above methods.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
68d89b0a by Joe Guo at 2018-04-05T06:59:10Z
selftest: enable py3 for samba.tests.hostconfig
Fix relative import.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5d774fa7 by Joe Guo at 2018-04-05T06:59:10Z
selftest: enable py3 for samba.tests.upgradeprovision
1. `has_key` was removed from dict in Python 3, use `in` instead.
2. `cmp` was removed in Python 3, define it ourselves.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a5bc4d8c by Joe Guo at 2018-04-05T06:59:10Z
selftest: enable py3 for samba.tests.kcc.graph
In Python 3, range() will not return a list any more.
So `range(7) * 4` will not work.
Convert range to list to fix.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ff664282 by Joe Guo at 2018-04-05T06:59:10Z
selftest: enable py3 for samba.tests.kcc.graph_utils
zip will not return a list in Python 3.
Convert to list.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
47761ee4 by Joe Guo at 2018-04-05T06:59:10Z
selftest: enable py3 for samba.tests.samdb_api
Fix bytes and string.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
707af5b3 by Joe Guo at 2018-04-05T10:16:40Z
selftest: enable py3 for samba.tests.blackbox.ndrdump
No change needed.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Apr 5 12:16:41 CEST 2018 on sn-devel-144
- - - - -
03124c85 by Stefan Metzmacher at 2018-04-05T11:01:20Z
talloc: use atexit() again instead of a library destructor
The change for https://bugzilla.samba.org/show_bug.cgi?id=7587
("talloc_autofree_context() in shared libraries and plugins is a bad idea on FreeBSD")
(ommit 41b6810ba01f44537f470c806adb8686e1a39c48)
causes the following for sssd on Linux:
Stack trace of thread 19667:
#0 0x00007f2cab91ff6b __GI_raise (libc.so.6)
#1 0x00007f2cab90a5c1 __GI_abort (libc.so.6)
#2 0x00007f2cab90a491 __assert_fail_base (libc.so.6)
#3 0x00007f2cab9186e2 __GI___assert_fail (libc.so.6)
#4 0x00007f2cb10aaca5 k5_mutex_lock (libkrb5.so.3)
#5 0x00007f2cb10ab790 k5_mutex_lock (libkrb5.so.3)
#6 0x00007f2cb10ab8f5 profile_free_file (libkrb5.so.3)
#7 0x00007f2cb10ab983 profile_close_file (libkrb5.so.3)
#8 0x00007f2cb10af249 profile_release (libkrb5.so.3)
#9 0x00007f2cb10a06c7 k5_os_free_context (libkrb5.so.3)
#10 0x00007f2cb1075a9a krb5_free_context (libkrb5.so.3)
#11 0x000055cea7cb2dd1 kcm_data_destructor (sssd_kcm)
#12 0x00007f2cac153e96 _tc_free_internal (libtalloc.so.2)
#13 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
#14 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
#15 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
#16 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
#17 0x00007f2cac14e648 _talloc_free (libtalloc.so.2)
#18 0x00007f2cac14c480 talloc_lib_fini (libtalloc.so.2)
#19 0x00007f2cb151da96 _dl_fini (ld-linux-x86-64.so.2)
#20 0x00007f2cab9226bc __run_exit_handlers (libc.so.6)
#21 0x00007f2cab9227ec __GI_exit (libc.so.6)
#22 0x00007f2cb030dc61 orderly_shutdown (libsss_util.so)
#23 0x00007f2cac365a46 tevent_common_check_signal (libtevent.so.0)
#24 0x00007f2cac367975 epoll_event_loop_once (libtevent.so.0)
#25 0x00007f2cac365dab std_event_loop_once (libtevent.so.0)
#26 0x00007f2cac362098 _tevent_loop_once (libtevent.so.0)
#27 0x00007f2cac3622eb tevent_common_loop_wait (libtevent.so.0)
#28 0x00007f2cac365d3b std_event_loop_wait (libtevent.so.0)
#29 0x00007f2cb030eb37 server_loop (libsss_util.so)
#30 0x000055cea7cb29f4 main (sssd_kcm)
#31 0x00007f2cab90c1eb __libc_start_main (libc.so.6)
#32 0x000055cea7cb2c7a _start (sssd_kcm)
We still only register one atexit handler instead of multiple ones
like in talloc 2.1.11, but avoids using a library destructor.
Bug #7587 seems to be fixed by not using talloc_autofree_context()
within samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13366
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
d48b6232 by Stefan Metzmacher at 2018-04-05T13:53:16Z
talloc: version 2.1.13
* Use atexit() again instead of a library destructor
(bug #13366)
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Apr 5 15:53:16 CEST 2018 on sn-devel-144
- - - - -
d5ef8dbe by Volker Lendecke at 2018-04-05T14:17:13Z
eventlog: Fix CID 242105 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
7a1e69eb by Volker Lendecke at 2018-04-05T17:11:57Z
eventlog: Fix CID 1363194 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Apr 5 19:11:57 CEST 2018 on sn-devel-144
- - - - -
9bf489d8 by Stefan Metzmacher at 2018-04-05T21:05:39Z
s3: nmbd: Fix strict overflow checking compiler warning.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
924f3f00 by Andreas Schneider at 2018-04-06T00:07:15Z
wafsamba: Add '-Werror=strict-overflow -Wstrict-overflow=2' to the developer build
We could move it to 3, but shouldn't go higher. If you set it to 4 and 5
you will probably also get a lot of false positives.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Apr 6 02:07:16 CEST 2018 on sn-devel-144
- - - - -
f8b368c9 by Andrew Bartlett at 2018-04-06T00:08:44Z
ldb: Fix missing NULL terminator in ldb_mod_op_test testsuite
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
5dc7db57 by Andrew Bartlett at 2018-04-06T00:08:44Z
samba-tool domain classicupgrade: Do not mix python-samdb transactions and passdb modifications
This worked previously because we knew the same tdb was in use under the hood,
but now that nested TDB transactions are banned this breaks, and it breaks for
LMDB.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
78851816 by Garming Sam at 2018-04-06T00:08:44Z
ldb: Change some prototypes to using ldb_val instead of TDB_DATA
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
7bf85395 by Garming Sam at 2018-04-06T00:08:44Z
ldb: Change remaining fetch prototypes to remove TDB_DATA
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
8c848549 by Gary Lockyer at 2018-04-06T00:08:44Z
upgradeprovision: Do not copy backup lmdb -lock files
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
68d70974 by Andrew Bartlett at 2018-04-06T00:08:44Z
ldb: Ignore these tests in mdb test mode
These are tests are specifically for when the GUID index is not in use
which is always in with ldb_mdb.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
eb4205fc by Andrew Bartlett at 2018-04-06T00:08:44Z
ldb: Allow GUID index mode to be tested on TDB
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d161a6dc by Gary Lockyer at 2018-04-06T00:08:44Z
ldb index: Fix truncation key length calculation
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
556466e7 by Andrew Bartlett at 2018-04-06T00:08:44Z
ldb_tdb: A more robust check for if we can fit the index string in
This avoids magic numbers and also is careful against overflow
from a long attr_for_dn.
This is done as a distinct commit to make the previous behaviour
change more clear, and to show that this does not change the
calculations, only improves the overflow check.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
412cdb17 by Gary Lockyer at 2018-04-06T00:08:44Z
ldb index: Add tests for truncated base 64 index keys
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0f7d1534 by Gary Lockyer at 2018-04-06T00:08:44Z
ldb test: close pipes to stop forked tests failing on failure
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d206fcf5 by Gary Lockyer at 2018-04-06T00:08:45Z
ldb tests: ldb_mod_op_test use correct ldb to create dn
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8d1b11aa by Gary Lockyer at 2018-04-06T00:08:45Z
ldb_tdb: ltdb_tdb_parse_record map tdb error codes
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e001c5fb by Gary Lockyer at 2018-04-06T00:08:45Z
ldb_tdb: ltdb_tdb_store require active transaction
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1fceb64d by Gary Lockyer at 2018-04-06T00:08:45Z
ldb_tdb: ltdb_tdb_delete require active transaction
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5ca90e75 by Gary Lockyer at 2018-04-06T00:08:45Z
ldb tests: add cmocka tests of kv operations
Add tests for the behaviour the ldb layer expects the key value layer to
provide. This should make it easier to add another KV store
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
301cd5e5 by Gary Lockyer at 2018-04-06T00:08:45Z
python: Add wrapper of mdb_copy that we can call from python
This is like the use of tdbbackup for tdb files.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
34b12fbd by Gary Lockyer at 2018-04-06T00:08:45Z
provision: allow provisioning of a different database backend
This sets the backendStore field in @PARTITION, depending on which
argument you set in the provision.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ba61c684 by Andrew Bartlett at 2018-04-06T00:08:45Z
provision: Set @INDEXLIST first when building dummy sam.ldb
The new LMDB backed will not allow normal records to be added before the @INDEXLIST
as this is what forces the GUID index mode.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
a9856839 by Gary Lockyer at 2018-04-06T00:08:45Z
dsdb: add lmdbLevelOne as a required feature.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
428c0a81 by Gary Lockyer at 2018-04-06T00:08:45Z
source3: initilize_password_db after a fork.
This is required because we need a new pointer for LDB after the fork,
and with LMDB we can not longer rely on tdb_reopen_all() to do that
for us.
This can not be done in reinit_after_fork() due to the dependency loop
this would create.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0935b25b by Gary Lockyer at 2018-04-06T00:08:45Z
ldb: Unwind transaction counter if start_transaction fails
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
946dfc78 by Gary Lockyer at 2018-04-06T03:12:11Z
upgradeprovision: detect and handle lmdb databases
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Apr 6 05:12:11 CEST 2018 on sn-devel-144
- - - - -
f262520c by Björn Baumbach at 2018-04-06T04:29:10Z
samba-tool: implement computer management commands
Usage: samba-tool computer <subcommand>
Computer management.
Available subcommands:
create - Create a new computer.
delete - Delete a computer.
list - List all computers.
move - Move a computer to an organizational unit/container.
show - Display a computer AD object
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6e4a49e9 by Björn Baumbach at 2018-04-06T04:29:10Z
tests/samba-tool: add tests for new computer management commands
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e41b9b04 by Joe Guo at 2018-04-06T04:29:10Z
samba-tool: improve computer management commands
This pathch is based on Björn Baumbach's work:
1. Add `--ip-address` option for create subcommand, to allow user set DNS
A or AAAA records while creating the computer.
2. Delete above DNS records while deleting the computer.
3. Add `--service-principal-name` option for create command, to allow user
set `servicePrincipalName` while creating the computer.
4. Tests.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5a51990f by Björn Baumbach at 2018-04-06T04:29:10Z
docs-xml:samba-tool.8: document computer management commands
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ba81f33f by Joe Guo at 2018-04-06T04:29:10Z
docs-xml:samba-tool.8: improve doc for computer management commands
Add docs for new options:
1. --ip-address
2. --service-prinicipal-name
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
306f5e57 by Björn Baumbach at 2018-04-06T04:29:10Z
s3-mdssvc: allow build with --enable-spotlight and libtracker-sparql-2.0
adds libtracker-sparql version 2.0 to configure check with pkg-config.
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0a6c2ac8 by Andrew Bartlett at 2018-04-06T04:29:10Z
samba-tool: Escape username and computername in ldb search filter
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a02a98af by Jeremy Allison at 2018-04-06T06:21:12Z
s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here.
Thanks to Isaac Boukris <iboukris at gmail.com> for finding the
issue and testing this fix.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13244
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jan 26 02:25:20 CET 2018 on sn-devel-144
(cherry picked from commit e7425bd5245ffea68b7e8f794c9b5f864d103769)
- - - - -
67855509 by Jeremy Allison at 2018-04-06T06:21:12Z
s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
HPUX has this problem.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13270
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Feb 23 22:56:35 CET 2018 on sn-devel-144
(cherry picked from commit 5ad5e7966f555b1d2b39d276646934a2cd2535e6)
- - - - -
f1c0db35 by Jeremy Allison at 2018-04-06T06:21:12Z
s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit e9059c7b40069cfb036bfb95958b78c6a2c800e4)
- - - - -
9fab1ddc by Jeremy Allison at 2018-04-06T06:21:12Z
s3: vfs_fruit: Ensure we operate on a copy of the incoming security descriptor.
This will allow us to modify it in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 019a1bc4caf3439adcaac48b384e86d84a1ad383)
- - - - -
8ea9d133 by Jeremy Allison at 2018-04-06T06:21:12Z
s3: vfs_fruit. If the security descriptor was modified, ensure we set the flags correctly to reflect the ACE's left.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 8edad37e476295e25932778721d8ef33713f6853)
- - - - -
0aed4732 by Jeremy Allison at 2018-04-06T06:21:12Z
s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's generated by fruit_fget_nt_acl().
Ensures they don't get stored in the underlying ACL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Mar 8 04:09:38 CET 2018 on sn-devel-144
(cherry picked from commit e0b147f650fe59f606d1faffe57059e6e9d7837b)
- - - - -
2fc537b7 by Jeremy Allison at 2018-04-06T06:21:12Z
s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover.
Not yet used, will be used to tidyup existing code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit ef091e2cf836793e2aa533990913609ccab5119a)
- - - - -
9c80cb6a by Jeremy Allison at 2018-04-06T06:21:12Z
s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit a3c925d80433e3d4fe1b1b315edf6520cacf0a9e)
- - - - -
134c4125 by Jeremy Allison at 2018-04-06T06:21:12Z
s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 875ff2575feb96d06cf2290e5b6a226b32ef9758)
- - - - -
1f93e4d2 by Ralph Boehme at 2018-04-06T06:21:12Z
selftest: run vfs.fruit_netatalk test against seperate share
These tests require a fs with xattr support. This allows adding
xattr_tdb to all other shares in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 013aaffe7ff0ed4c30495761bb3208c29b3b5de2)
- - - - -
c45da7ee by Ralph Boehme at 2018-04-06T06:21:12Z
selftest: vfs.fruit: add xattr_tdb where possible
This makes the tests indepent from fs xattr support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 49996ca9324596b6cd72eb8051ca3676dab17191)
- - - - -
47b1ec0a by Jeremy Allison at 2018-04-06T06:21:12Z
s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Mar 17 04:04:32 CET 2018 on sn-devel-144
(cherry picked from commit a6054c01c29c2507e0d5a6aa110fee4fd5c5eeb9)
- - - - -
65ca5574 by Jeremy Allison at 2018-04-06T06:21:12Z
s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 5c909ea4530d4e7e4aa27046c45e3e48b094a411)
- - - - -
f66a35b8 by Martin Schwenke at 2018-04-06T06:21:12Z
ctdb-tests: Don't use nc -d or -w options
nmap-ncat is used in some distributions to replace netcat. It has a
different meaning for these options.
We can get the same effect as the current combination of -d and -w by
piping a sleep process to nc. Subsequent use of $! works because it
gets the last process in pipeline.
Note that redirecting from /dev/null doesn't work with some versions
of nc. They just exit when they get EOF.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13327
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 9e954bcbf43d67a18ee55f84cda0b09028f96b92)
- - - - -
ccda6d9b by Anton Nefedov via samba-technical at 2018-04-06T06:21:12Z
s3:smbd: map nterror on smb2_flush errorpath
smbd_smb2_flush_recv() expects nterror in tevent_req, and otherwise
aborts in tevent_req_is_nterror()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13338
Signed-off-by: Anton Nefedov <anton.nefedov at virtuozzo.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 98623129446672521b7fa41d3457b8ce95db828c)
- - - - -
43cbf7f7 by Noel Power at 2018-04-06T06:21:12Z
lib:replace: Fix linking when libtirpc-devel overwrites system headers
Some systems (like SUSE currently) install the new tirpc headers by
overwritting the existing system location used by gcc. This patch will
detect if the headers in the system location belong to tirpc or not.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13341
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 618c714b6b6c0b63993299b40b9a466adb753cc2)
- - - - -
49a9c984 by Jeremy Allison at 2018-04-06T06:21:12Z
s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it.
Will allow easier smb2-specific debugging.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
(cherry picked from commit 8dabcf8948c2e514b489169c34673e093519b583)
- - - - -
e9f54762 by Jeremy Allison at 2018-04-06T06:21:12Z
lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
(cherry picked from commit cdde6d93605d15a59e816a35e8e02ca193bf1403)
- - - - -
b5bc2f59 by Jeremy Allison at 2018-04-06T06:21:13Z
s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
(cherry picked from commit ad973fddef00d6d92443be89e7f5404006a94d99)
- - - - -
58befddf by Jeremy Allison at 2018-04-06T06:21:13Z
s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
(cherry picked from commit fc922bd29b40a20450f16728fa7347f8f83d3bcd)
- - - - -
8a77ae09 by Eric Vannier at 2018-04-06T06:21:13Z
Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13302
Signed-off-by: Eric Vannier <evannier at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Mar 27 13:50:09 CEST 2018 on sn-devel-144
(cherry picked from commit 77d88d75f6262a855e818a9b2b4018f8b6ced7b0)
- - - - -
25edad41 by Timur I. Bakeyev at 2018-04-06T06:21:13Z
Fix invocation of gnutls_aead_cipher_encrypt()
Which was failing with GNUTLS_E_SHORT_MEMORY_BUFFER - The given memory
buffer is too short to hold parameters.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13352
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Fri Mar 23 07:25:30 CET 2018 on sn-devel-144
(cherry picked from commit b9f0c7f93c058685e24d104432978bd40b94b49f)
- - - - -
aeed66ec by Amitay Isaacs at 2018-04-06T06:21:13Z
ctdb-client: Do not try to allocate 0 sized record
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13356
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 92a68af1a8473dc2a5d9d6036830f944e968606d)
- - - - -
a630cb9a by Amitay Isaacs at 2018-04-06T06:21:13Z
ctdb-client: Add missing initialization of tevent_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13356
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 4e37be92bfb790150b3791bef552aa4acf8f78b7)
- - - - -
879fccbb by Amitay Isaacs at 2018-04-06T06:21:13Z
ctdb-client: Client code should never free the client context
This should never have been done.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 376e9794e2d19e8d17b0bdde36ce8a1a205986c6)
- - - - -
03876304 by Jeremy Allison at 2018-04-06T06:21:13Z
s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
(cherry picked from commit 2514bee0a3b0a12430e2679ee590075c54d4803a)
- - - - -
2f418222 by Jeremy Allison at 2018-04-06T06:21:13Z
s4: torture: Ensure a failed file create doesn't create the file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
(cherry picked from commit 53cdf7a9a18ed547eade4c3cdd80d286058e440d)
- - - - -
d3ac7882 by Jeremy Allison at 2018-04-06T06:21:13Z
s4: torture: Test all combinations of file create to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
(cherry picked from commit 22fe8dcb77565495886244e88bb0433363d1f80a)
- - - - -
29aa75e6 by Jeremy Allison at 2018-04-06T06:21:13Z
s4: torture: Test all combinations of file open with existing file to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
(cherry picked from commit 820b35bb1ceb445eb3659b67eedfb0a2f5b2f976)
- - - - -
1f94e367 by Jeremy Allison at 2018-04-06T06:21:13Z
s4: torture: Test all combinations of directory create to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
(cherry picked from commit fd9084336e7e86ccec83141d880fd7c336c23b6c)
- - - - -
95cad5ca by Andrew Bartlett at 2018-04-06T07:30:14Z
samba-tool: Use same method for removing trailing $ as elsewhere in the tool
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Apr 6 09:30:14 CEST 2018 on sn-devel-144
- - - - -
8e149c84 by Jeremy Allison at 2018-04-06T11:50:18Z
s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13358
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Mar 29 23:13:42 CEST 2018 on sn-devel-144
(cherry picked from commit c98cd0f25edaae7558f18fd331e2fef3aabb61f2)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Fri Apr 6 13:50:18 CEST 2018 on sn-devel-144
- - - - -
567fe36c by Ralph Boehme at 2018-04-06T12:58:48Z
ldb/tests: remove lmdb.h include from test
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Apr 6 14:58:48 CEST 2018 on sn-devel-144
- - - - -
4c8faa73 by Volker Lendecke at 2018-04-06T15:57:03Z
ldb: Fix trailing whitespace
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Apr 6 17:57:04 CEST 2018 on sn-devel-144
- - - - -
6f07afad by Christof Schmitt at 2018-04-06T15:58:38Z
test_smbclient_s3.sh: Use correct separator in "list with backup privilege" test
Samba selftest uses the forward slash as winbind separator and in the
USERNAME passed to the test. "net sam rights" expect the backslash. Map
the separator used in selftest to a backslash to avoid creating an
incorrect username DOMAIN\DOMAIN/USERNAME.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
3c146be4 by Christof Schmitt at 2018-04-06T15:58:38Z
nsswitch: Fix wbcListUsers test
With an AD DC, wbcListUsers returns the users in the DOMAIN SEPARATOR
USERNAME format. The test then calls wbcLookupName with the domain name
and the previous string (including domain and separator) as username.
Fix this by passing the correct username and adding some additional
checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
f4db4e86 by Christof Schmitt at 2018-04-06T15:58:38Z
nsswitch: Fix wbcListGroups test
With an AD DC, wbcListGroups returns the users in the DOMAIN SEPARATOR
GROUPNAME format. The test then calls wbcLookupName with the domain
name and the previous string (including domain and separator) as
username. Fix this by passing the correct username and adding some
additional checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
552a00ec by Christof Schmitt at 2018-04-06T15:58:38Z
Add test for wbinfo name lookup
This demonstrates that wbinfo -n / --name-to-sid returns information
instead of failing the request. More specifically the query for
INVALIDDOMAIN//user returns the user SID for the joined domain, instead
of failing the request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
1775ac8a by Christof Schmitt at 2018-04-06T19:03:31Z
winbindd: Do not ignore domain in the LOOKUPNAME request
A LOOKUPNAME request with a domain and a name containing a winbind
separator character would return the result for the joined domain,
instead of the specified domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Apr 6 21:03:31 CEST 2018 on sn-devel-144
- - - - -
11589a26 by Ralph Boehme at 2018-04-07T00:11:20Z
s4/test: fix AAPL size check
A recent commit changed the ModelString from "Samba" to "MacSamba".
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0c73ddfa by Ralph Boehme at 2018-04-07T00:11:20Z
s4/torture: spelling fix in vfs_fruit test
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7def556d by Ralph Boehme at 2018-04-07T00:11:20Z
s4/torture: spelling fix in vfs_fruit test
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ad90835c by Volker Lendecke at 2018-04-07T00:11:20Z
idmap: Use TALLOC_FREE instead of explicit code
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e29eaa43 by Volker Lendecke at 2018-04-07T00:11:20Z
idmap: Fix CID 1363261 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
de48619c by Volker Lendecke at 2018-04-07T00:11:20Z
pdb_nds: Fix CID 1273401 Unused value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5bba8c39 by Ralph Wuerthner at 2018-04-07T03:05:22Z
s3:smb2_tcon: Add check to prevent non-DFS clients from connecting to an msdfs proxy.
Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Apr 7 05:05:22 CEST 2018 on sn-devel-144
- - - - -
461a1172 by Jeremy Allison at 2018-04-09T19:48:12Z
s3: smbd: Fix memory leak in vfswrap_getwd()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13372
Signed-off-by: Andrew Walker <awalker at ixsystems.com>.
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Apr 9 21:48:12 CEST 2018 on sn-devel-144
- - - - -
3227b110 by Jeremy Allison at 2018-04-09T22:45:56Z
s3: smbd: Unix extensions attempts to change wrong field in fchown call.
Cut and paste error.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13375
Reported-by: Rungta, Vandana <vrungta at amazon.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Tue Apr 10 00:45:56 CEST 2018 on sn-devel-144
- - - - -
9230fe25 by Björn Baumbach at 2018-04-10T07:40:08Z
samba-tool visualize: fix python2.6 incompatibility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13337
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Wed Mar 21 09:25:51 CET 2018 on sn-devel-144
(cherry picked from commit 9312a1cdafbd5a0140d72502487c4e478dc578d2)
- - - - -
365569df by Björn Baumbach at 2018-04-10T07:40:08Z
ms_schema: fix python2.6 incompatibility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13337
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit a27db0b61e40b6b503b53e3579867e227f1971b8)
- - - - -
eb9085b3 by Amitay Isaacs at 2018-04-10T07:40:08Z
ctdb-scripts: Drop "net serverid wipe" from 50.samba event script
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13359
There is no serverid database anymore.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Sat Mar 31 08:34:00 CEST 2018 on sn-devel-144
(cherry picked from commit 6b75d2c650aa9ee632122fa87ea8a2a98f1fa613)
- - - - -
a9ed1968 by Ralph Boehme at 2018-04-10T07:40:08Z
s3:smbd: don't use the directory cache for SMB2/3
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13363
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Mar 30 03:51:48 CEST 2018 on sn-devel-144
(cherry picked from commit 66052fdccd28922cf1caa2bc750e39051a6414cf)
- - - - -
2c3060b6 by Volker Lendecke at 2018-04-10T07:40:08Z
dsdb: Fix CID 1034966 Uninitialized scalar variable
"continue" in a do-while loop jumps to the "while"-check, so "id_exists" needs
to be initialized by that point.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13367
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 925d1f23291c4bdbc832977b2b4577964b8301c8)
- - - - -
5afebb25 by Lutz Justen at 2018-04-10T07:40:08Z
s3: lib: messages: Don't use the result of sec_init() before calling sec_init().
Commit ad8c7171ba86e8a47d78b0c7329bb814e5a8871e accidently
moved sec_init() to the point after sec_initial_uid() is
called in the call to directory_create_or_exist_strict().
I missed this in the review (sorry). This works as root
as initial_uid/initial_gid are static (and so initialized
as zero) but doesn't work on ChromeOS as this code isn't
running as root.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13368
Signed-off-by: Lutz Justen <ljusten at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Apr 4 23:52:02 CEST 2018 on sn-devel-144
(cherry picked from commit e895b6cf4a7eb3d50d618a022be74db85975bf69)
- - - - -
bc11f285 by Jeremy Allison at 2018-04-10T12:44:28Z
s3: smbd: Fix memory leak in vfswrap_getwd()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13372
Signed-off-by: Andrew Walker <awalker at ixsystems.com>.
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Apr 9 21:48:12 CEST 2018 on sn-devel-144
(cherry picked from commit 461a1172ff819692aa0a2dc5ce7fc5379c8a529e)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Tue Apr 10 14:44:28 CEST 2018 on sn-devel-144
- - - - -
ee560fa3 by William Brown at 2018-04-10T23:06:39Z
s4:ldb/password_hash.c: improve krb5 context error message
When heimdal encounters a MIT krb5.conf that it does not understand,
it would emit an "ldb operations error". Sadly this does not help
or communicate to the administrator the root cause of the issue.
Improve the error message for when krb init fails during password_hash.c
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
10dbd51e by Volker Lendecke at 2018-04-10T23:06:39Z
tdbtool: Use tdb_wipe_all in "erase" command
This is a lot quicker on large, fragmented databases. tdb_delete can
leave the freelist in a fragmented mess.
Also, it's a lot more robust: I've got a 4GB tdb file that was affected
by the problem fixed with c7211882a79. These databases have large space
at the end that is not part of any record or freelist
entry. tdb_wipe_all converts this space into a freelist entry. One
downside is that with those broken databases (which should not happen
after c7211882a79) have unallocated blocks in their file range after
this operation.
I think the speed advantage outweighs this disadvantage.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5cdc5834 by Volker Lendecke at 2018-04-10T23:06:39Z
nmbd: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
59961f9c by Volker Lendecke at 2018-04-10T23:06:39Z
nmbd: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6c1e75f6 by Volker Lendecke at 2018-04-10T23:06:39Z
libsmb: Remove unused trustdom_cache.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
39bdd175 by Volker Lendecke at 2018-04-10T23:06:39Z
libsmb: Give namequery.c its own header
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1643c334 by Volker Lendecke at 2018-04-10T23:06:39Z
libsmb: Give dsgetdcname.c its own header
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
295c5340 by Volker Lendecke at 2018-04-10T23:06:39Z
libsmb: Introduce a helper variable
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d34014c9 by Volker Lendecke at 2018-04-10T23:06:39Z
libsmb: Pass "account_name/flags" through prep_getdc_request
Don't hardcode values that we might want to change later
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
07532f6a by Volker Lendecke at 2018-04-10T23:06:39Z
libsmb: Pass "account_name/flags" through nb_getdc
Don't hardcode values that we might want to change later
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
85dc9ee1 by Andrew Bartlett at 2018-04-10T23:06:39Z
s3-lib: Remove support for libexc for IRIX backtraces
IRIX is long dead, and this code needs become_root() which is not in
the top level code.
Additionally, the check for libexc never made it into waf, so this
has been dead code since Samba 4.1.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3acc00b6 by Andrew Bartlett at 2018-04-10T23:06:39Z
lib/util: Log PANIC before calling pacic action just like s3
This is like the changes made in s3 by
4fa555980070d78b39711ef21d77628d26055bc2
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bf955190 by Andrew Bartlett at 2018-04-10T23:06:39Z
lib/util: Move log_stack_trace() to common code
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
462eb4a4 by Andrew Bartlett at 2018-04-11T02:03:07Z
lib/util: Call log_stack_trace() in smb_panic_default()
This matches the AD DC with the behaviour in smbd.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Apr 11 04:03:07 CEST 2018 on sn-devel-144
- - - - -
7abe54b5 by Jeremy Allison at 2018-04-11T09:52:25Z
s3: smbd: Unix extensions attempts to change wrong field in fchown call.
Cut and paste error.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13375
Reported-by: Rungta, Vandana <vrungta at amazon.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Tue Apr 10 00:45:56 CEST 2018 on sn-devel-144
(cherry picked from commit 3227b110d065500ed84fc70063da70ab35823a2e)
- - - - -
d2799ab5 by Christof Schmitt at 2018-04-11T09:52:25Z
test_smbclient_s3.sh: Use correct separator in "list with backup privilege" test
Samba selftest uses the forward slash as winbind separator and in the
USERNAME passed to the test. "net sam rights" expect the backslash. Map
the separator used in selftest to a backslash to avoid creating an
incorrect username DOMAIN\DOMAIN/USERNAME.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 6f07afad07d9c670a00d9d314a8134efdda5e424)
- - - - -
f901e8cc by Christof Schmitt at 2018-04-11T09:52:25Z
nsswitch: Fix wbcListUsers test
With an AD DC, wbcListUsers returns the users in the DOMAIN SEPARATOR
USERNAME format. The test then calls wbcLookupName with the domain name
and the previous string (including domain and separator) as username.
Fix this by passing the correct username and adding some additional
checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 3c146be404affc894c0c702bbfbfcc4fb9ed902b)
- - - - -
80560167 by Christof Schmitt at 2018-04-11T09:52:25Z
nsswitch: Fix wbcListGroups test
With an AD DC, wbcListGroups returns the users in the DOMAIN SEPARATOR
GROUPNAME format. The test then calls wbcLookupName with the domain
name and the previous string (including domain and separator) as
username. Fix this by passing the correct username and adding some
additional checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit f4db4e86c341a89357082e81e30c302440647530)
- - - - -
40ee7863 by Christof Schmitt at 2018-04-11T09:52:25Z
Add test for wbinfo name lookup
This demonstrates that wbinfo -n / --name-to-sid returns information
instead of failing the request. More specifically the query for
INVALIDDOMAIN//user returns the user SID for the joined domain, instead
of failing the request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 552a00ec1f6795b9025298931a6cc50ebe552052)
- - - - -
21281596 by Volker Lendecke at 2018-04-11T13:19:19Z
rpc_server: Init local_server_* in make_internal_rpc_pipe_socketpair
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13370
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Apr 11 15:19:19 CEST 2018 on sn-devel-144
- - - - -
bb5526d0 by Christof Schmitt at 2018-04-11T15:11:19Z
winbindd: Do not ignore domain in the LOOKUPNAME request
A LOOKUPNAME request with a domain and a name containing a winbind
separator character would return the result for the joined domain,
instead of the specified domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Apr 6 21:03:31 CEST 2018 on sn-devel-144
(cherry picked from commit 1775ac8aa4dc00b9a0845ade238254ebb8b32429)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Wed Apr 11 17:11:21 CEST 2018 on sn-devel-144
- - - - -
95c81fe5 by Volker Lendecke at 2018-04-11T17:07:24Z
tevent: Fix CID 1414792 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
37b094c3 by Volker Lendecke at 2018-04-11T17:07:24Z
vfs_fruit: Fix CID 1416474 Dereference null return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6a9bc0fa by Volker Lendecke at 2018-04-11T17:07:24Z
winbind: Fix CID 1427625 Calling risky function
Probably not really a problem, but we have generate_random(), so why not
use it?
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e7522a4f by Volker Lendecke at 2018-04-11T17:07:24Z
dnsrpc: Use TALLOC_FREE instead of an explicit if-statement
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d40891a1 by Volker Lendecke at 2018-04-11T17:07:24Z
smbd: Fix CID 1414783 Double unlock
The loop is unnecessary, both susv4 as well as the Linux manpage
explicitly say:
> These functions shall not return an error code of [EINTR].
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
56a8739e by Volker Lendecke at 2018-04-11T17:07:24Z
credentials: Revert "credentials: Fix CID 1414796 Explicit null dereferenced"
This reverts commit 90c02ec64d0e3c860f8d6906cf849bdd2c7bcc54.
We have code to take care of password==NULL, this CID must be fixed in a
different way
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7a9df796 by Volker Lendecke at 2018-04-11T17:07:24Z
credentials: Fix line length
... just because I'll modify that line in the next commit
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dff196a1 by Volker Lendecke at 2018-04-11T19:58:00Z
credentials: Fix CID 1414796 Explicit null dereferenced
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Apr 11 21:58:00 CEST 2018 on sn-devel-144
- - - - -
4d839d0f by Jeremy Allison at 2018-04-11T21:09:12Z
s3: vfs: vfs_streams_xattr: Don't blindly re-use the base file mode bits.
When returning the stat struct for an xattr stream,
we originally base the st_ex_mode field on the value
from the base file containing the xattr. If the base
file is a directory, it will have S_IFDIR set in st_ex_mode,
but streams can never be directories, they must be reported
as regular files.
The original code OR'ed in S_IFREG, but neglected to
AND out S_IFDIR.
Note this is not a complete to fix bug 13380 as
it doesn't fix the generic case with all streams
modules. See later fix and regression test.
Found in real-world use case by Andrew Walker <awalker at ixsystems.com>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
- - - - -
118e77d8 by Jeremy Allison at 2018-04-11T21:09:12Z
s3: smbd. Generic fix for incorrect reporting of stream dos attributes on a directory
According to MS-FSA a stream name does not have
separate DOS attribute metadata, so we must return
the DOS attribute from the base filename. With one caveat,
a non-default stream name can never be a directory.
As this is common to all streams data stores, we handle
it here instead of inside all stream VFS modules.
Otherwise identical logic would have to be added to
all streams modules in their [f]get_dos_attribute_fn()
VFS calls.
Found in real-world use case by Andrew Walker <awalker at ixsystems.com>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
- - - - -
82beaf86 by Jeremy Allison at 2018-04-12T00:04:28Z
s3: tests: Regression test to ensure we can never return a DIRECTORY attribute on a stream.
Tests streams_xattr and also streams_depot.
Inspired from a real-world test case by Andrew Walker <awalker at ixsystems.com>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Apr 12 02:04:28 CEST 2018 on sn-devel-144
- - - - -
5c7973e9 by Andrew Bartlett at 2018-04-12T03:15:16Z
dsdb: Check for userPassword support after loading the databases
The net result of this is only that userPassword values (which were
world readable when set) would still be visible after userPassword
started setting the main DB password.
In AD, those values become hidden once the dSHeuristics bit is set,
but Samba lost that when fixing a performance issue with
f26a2845bd42e580ddeaf0eecc9b46b823a0c6bc
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13378
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
056b2abd by Andrew Bartlett at 2018-04-12T03:15:16Z
dsdb: check for dSHeuristics more carefully
This check would pass if the dSHeuristics was treated as always being
000000000 for searches which is not enough, we must check for a value
of 000000001 (userPassword enabled).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13378
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
46b6f2d7 by Andrew Bartlett at 2018-04-12T03:15:16Z
ldb_wrap: Remove ldb_transaction_cancel_noerr from ldb_wrap_fork_hook()
Writing to a TDB, without locks (these are per-process) in a forked child is never going to
end well, if a transaction is open at this point we have bigger problems.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
23ef25fa by Andrew Bartlett at 2018-04-12T03:15:16Z
dsdb: Ensure to cancel the transaction if we fail to save the prefixMap
This rare error case forgot to call ldb_transaction_cancel()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
bd5f6f5a by Andrew Bartlett at 2018-04-12T03:15:16Z
dsdb: Do not create a transaction in partition_init()
This will allow us to lock the databases for read during all of the Samba init
hooks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a755c413 by Andrew Bartlett at 2018-04-12T03:15:16Z
dsdb: Allow search before init() call in encrypted_secrets
Simply do not decrypt anything until the init call is run.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a4778ad4 by Andrew Bartlett at 2018-04-12T03:15:16Z
dsdb: Wait until a transaction starts to call dsdb_schema_set_indices_and_attributes()
This avoids starting a transaction in schema_load_init() and allows it
to operate with a read lock held, which will avoid locking issues
(deadlock detected due to lock odering if we do not have a global
read lock).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
18d4a1cc by Andrew Bartlett at 2018-04-12T03:15:16Z
selftest: Make a transaction before @INDEXLIST etc is checked in dsdb_schema_attributes.py
This helps us remove the write to the database from the (soon to be
read locked) init code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
63956116 by Andrew Bartlett at 2018-04-12T03:15:17Z
dsdb: Create rootdse_get_private_data()
This will get the private data on the first call, allowing that not to be
the init() hook.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4d37f55c by Andrew Bartlett at 2018-04-12T03:15:17Z
dsdb: Move ldb_set_default_dns() into rootdse_get_private_data()
This call needs to be done at the very first chance, in this case
during the first call to the lock_read() hook, otherwise the
schema_data module can't find the schema.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6baf7608 by Andrew Bartlett at 2018-04-12T03:15:17Z
dsdb: Allow search before init() is called in extended_dn_out
This matches the earlier check of p && p->normalise.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6c9e658e by Andrew Bartlett at 2018-04-12T03:15:17Z
dsdb: Load schema during the read_lock() hook, not the search
This should trigger slightly less often and is the more correct place, as
we only load it during the first lock when not in a transaction.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e9483c26 by Andrew Bartlett at 2018-04-12T03:15:17Z
dsdb: Rework schema reload during the read lock
Rather than refusing the reload based on making cached sequence numbers match
just load it once at the time the DB is globally locked, if required.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
887b48c4 by Andrew Bartlett at 2018-04-12T03:15:17Z
dsdb: ensure we take out a read lock during the dsdb_init
We have to also take it out in the partitions code when we load the
partition backends.
This ensures that the init handlers hold a whole-db lock just as the
search code does.
To ensure the locking count in schema_load is balanced, the
private data is now created in the first lock_read() call.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
132e932d by Andrew Bartlett at 2018-04-12T03:15:17Z
dsdb: Use talloc_get_type_abort() in schema_load_{start,end}_transaction
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a7cdec9d by Andrew Bartlett at 2018-04-12T03:15:17Z
ldb_wrap: Remove the magic cache of database handles except for sam.ldb
sam.ldb is handled in samdb_connect_url(), not this function.
This cache caused issues when "private dir" was changed in a testing script, but also
just generates many-owner shared mutable state that is frowned upon these days.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
040a526a by Gary Lockyer at 2018-04-12T03:15:17Z
ldb-samba: require pid match for cached ldb
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
490756a8 by Arvid Requate at 2018-04-12T06:12:39Z
Check "auth event notification" param in log_json
When Samba is compiled with JSON support it logs an error message
at log level 3 by default for every authentication event:
get_auth_event_server: Failed to find 'auth_event' registered on the
message bus to send JSON authentication events to:
NT_STATUS_OBJECT_NAME_NOT_FOUND
This patch adjusts the log_json function to consider the smb.conf
parameter "auth event notification" before calling auth_message_send.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13381
Signed-off-by: Arvid Requate <requate at univention.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Apr 12 08:12:39 CEST 2018 on sn-devel-144
- - - - -
cfd2d708 by David Mulder at 2018-04-12T06:13:34Z
gpo: Rename the inf_to class to gp_ext_setter
This class will be subclassed and used for more
than just inf settings application.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1d47ab7e by David Mulder at 2018-04-12T06:13:34Z
gpo: Move gp_sec_ext __init__ to base class
For this class to be extensible, the constructor
should be available to subclasses.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
dc415147 by David Mulder at 2018-04-12T06:13:34Z
gpo: Move the file parse function to gp_ext
A file will always be read from the sysvol the
same way, but the data will be read differently.
This patch moves the parse function to gp_ext,
and requires subclasses to implement the read()
function to interpret the data.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
10b43aa1 by David Mulder at 2018-04-12T06:13:34Z
gpo: Create base class gp_inf_ext
Abstract the process of reading from an ini file,
since other extensions will be reading gpos this
way.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
76cfbb6e by David Mulder at 2018-04-12T06:13:34Z
gpo: Move implementation from samba_gpoupdate
The implementation of group policy apply should
not be in the application script. One reason is
to implement user apply, we can call these
functions via the python c-api, (passing creds
via the command line will expose them via ps).
Another reason for this is if some overrides
the smb.conf "gpo update command" option, it
would be useful to have these functions.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
477fd77c by David Mulder at 2018-04-12T06:13:34Z
gpo: Create a gp_sec_ext module
Move the gp_sec_ext into it's own module,
which is how new gp_ext's will be created.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6747553d by David Mulder at 2018-04-12T06:13:34Z
param: Add python binding for lpcfg_cache_path
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8e25e2f3 by David Mulder at 2018-04-12T06:13:34Z
libgpo: gpo_copy_file() shouldn't explicitly call smb1
Don't call cli_openx directly to open a file this
calls smb1 code explicitly, which fails if we did
a multi-protocol negotiate and negotiated smb2+.
Use the higher level cli_open() instead.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
09c21214 by David Mulder at 2018-04-12T09:27:03Z
gpo: python chardet is not a dep of samba
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Apr 12 11:27:03 CEST 2018 on sn-devel-144
- - - - -
87e25cd1 by Stefan Metzmacher at 2018-04-12T09:28:17Z
s3:smb2_server: correctly maintain request counters for compound requests
If a session expires during a compound request chain,
we exit smbd_smb2_request_dispatch() with
'return smbd_smb2_request_error(req, ...)' before
calling smbd_smb2_request_dispatch_update_counts().
As req->request_counters_updated was only reset
within smbd_smb2_request_dispatch_update_counts(),
smbd_smb2_request_reply_update_counts() was called
twice on the same request, which triggers
SMB_ASSERT(op->request_count > 0);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
40edd1bc by Volker Lendecke at 2018-04-12T12:38:39Z
torture: Test compound request request counters
This will send an unfixed smbd into the
SMB_ASSERT(op->request_count > 0);
in smbd_smb2_request_reply_update_counts
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Apr 12 14:38:39 CEST 2018 on sn-devel-144
- - - - -
de398573 by Stefan Metzmacher at 2018-04-12T15:26:33Z
s3:smb2_server: correctly maintain request counters for compound requests
If a session expires during a compound request chain,
we exit smbd_smb2_request_dispatch() with
'return smbd_smb2_request_error(req, ...)' before
calling smbd_smb2_request_dispatch_update_counts().
As req->request_counters_updated was only reset
within smbd_smb2_request_dispatch_update_counts(),
smbd_smb2_request_reply_update_counts() was called
twice on the same request, which triggers
SMB_ASSERT(op->request_count > 0);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 87e25cd1e45bfe57292b62ffc44ddafc01c61ca0)
- - - - -
7e010280 by Volker Lendecke at 2018-04-12T20:55:22Z
torture: Test compound request request counters
This will send an unfixed smbd into the
SMB_ASSERT(op->request_count > 0);
in smbd_smb2_request_reply_update_counts
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Apr 12 14:38:39 CEST 2018 on sn-devel-144
(cherry picked from commit 40edd1bc273f664d5567ef5be169033899acee1f)
Autobuild-User(v4-8-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-8-test): Thu Apr 12 22:55:22 CEST 2018 on sn-devel-144
- - - - -
23d84103 by Volker Lendecke at 2018-04-12T21:04:17Z
dbwrap: Fix "use mmap = no"
Mutexes require mmap.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Apr 12 23:04:18 CEST 2018 on sn-devel-144
- - - - -
5c7e7cad by Noel Power at 2018-04-13T05:27:11Z
s4/libcli: python3 port for smb module
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e48e6b08 by David Mulder at 2018-04-13T05:27:11Z
python: create test for pysmb module.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4a58393b by Noel Power at 2018-04-13T05:27:11Z
wscript_build: make sure we link extra-python versions of libraries
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f24f0e1f by Noel Power at 2018-04-13T05:27:11Z
s3/param/wscript: build PROVISION subsytem for extra-python/py3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
84f7ead2 by Noel Power at 2018-04-13T05:27:11Z
s3/libnet/wscript: build samba-net lib for extra-python/py3
python_net needs to link appropriate samba-net library for extra-py/py3
version so we need to build it for extra-python/py3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
62105101 by Noel Power at 2018-04-13T05:27:12Z
s3/lib/policy/wscript_build: build samba_policy lib for extra-python/py3
pypolicy module needs appropriate samba_policy library for
extra-python/py3 therefore we need to build it for it to be available
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6716971c by Noel Power at 2018-04-13T05:27:12Z
python/wscript: build grouping library for py2/py3 (--extra-python)
Grouping library is not used for any delivered libraries, however
it is used internally when building local libraries used when
"make test TESTS='blah'" is invoked. Failure to provide the grouping
library results in missing symbols (and cores) when running tests
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f3b52875 by Joe Guo at 2018-04-13T05:27:12Z
python: bulk replace dict.iteritems to items for py3
In py3, iterxxx methods are removed.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
28922931 by Joe Guo at 2018-04-13T05:27:12Z
python: bulk port tdb iterkeys for py3
In py3, `dict.iterkeys()` is removed, we need to use `keys()` instead.
This is compatible with py2 since `dict.keys()` exists for py2.
tdb pretents to be a dict, however, not completely.
It provides `iterkeys()` for py2 only, and `keys()` for py3 only,
which means replace `iterkeys()` to `keys()` will break py2.
In python, iter a dict will implicitly iter on keys.
Use this feature to work around.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
9d79329d by Joe Guo at 2018-04-13T05:27:12Z
python: bulk replace dict.itervalues to values for py3
In py3, iterxxx methods are removed.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
8432ca2b by Joe Guo at 2018-04-13T05:27:12Z
python: bulk replace file to open for py3
The builtin function `file` was removed in py3. Use `open` instead.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5258add3 by Joe Guo at 2018-04-13T05:27:12Z
python: bulk convert zip to list
In py3, zip will return a iterator other than a list.
Convert it to a list to support both py2 and py3.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
aeb6e07d by Joe Guo at 2018-04-13T05:27:12Z
python: fix unicode escape in doc string
The doc string has `\u` mark inside, which will cause encoding error in
py3. prefix `r` to doc string to fix.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
01ace235 by Joe Guo at 2018-04-13T05:27:12Z
selftest: enable py3 for samba.tests.dcerpc.sam
1. Fix invalid declaration syntax for toArray
2. Simplify toArray implementation with list comprehension.
3. Remove ending L for long integer.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e209cc2e by Joe Guo at 2018-04-13T05:27:12Z
selftest: enable py3 for samba.tests.dcerpc.bare
Prefix b to bytes.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
9b8b40fa by Joe Guo at 2018-04-13T05:27:12Z
selftest: enable py3 for samba.tests.dcerpc.rpcecho
Prefix `b` for bytes.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
fb972815 by Joe Guo at 2018-04-13T05:27:12Z
selftest: enable py3 for samba.tests.dcerpc.registry
No changes needed.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
eec07f2f by Joe Guo at 2018-04-13T05:27:13Z
selftest: enable py3 for samba.tests.lsa_string
No change needed.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c0706803 by Joe Guo at 2018-04-13T05:27:13Z
selftest: enable py3 for samba.tests.source
In py2, `open` has no `encoding` arg, python guesses file encoding from
locale. This could be wrong.
Use `io.open` to open a file, so we can specify encoding in both py2 and
py3.
Also, open file with `r` instead of `rb` for py3.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a9f59136 by Joe Guo at 2018-04-13T05:27:13Z
selftest: enable py3 for samba.tests.docs
Popen methods will return bytes.
Decode output to string before using.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
470499fd by Joe Guo at 2018-04-13T05:27:13Z
selftest: enable py3 for samba.tests.krb5_credentials
Fix encoding issue.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
fadd2cec by Joe Guo at 2018-04-13T05:27:13Z
graph: fix divide for py3
`/` will return float other than int in py3.
Use `//` to keep consistent with py2.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6d696d61 by Joe Guo at 2018-04-13T05:27:13Z
graph: fix sort for py3
`sorted` can not sort `None` with str in py3, use the `key` arg to fix.
Sort None as ''.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d1312c86 by Douglas Bagnall at 2018-04-13T05:27:13Z
python/tests/graph: actually test graphs, don't print
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
16a228ca by Joe Guo at 2018-04-13T05:27:13Z
selftest/graph: enable py3 for samba.tests.graph
Changes are made separatedly in previous commits.
No change needed here.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
767f6e59 by Joe Guo at 2018-04-13T05:27:13Z
kcc/graph_utils: port string.translate for py3
In py3, `str.translate` removed the second positional argument
`deletechars`, which means you can not use it to delete chars from str.
Use `replace` for this case.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
09081eae by Joe Guo at 2018-04-13T05:27:13Z
kcc/kcc_utils: convert dict.keys to list
In py3, `dict.keys()` will return a iterator not a list.
Convert it to list to support both py2 and py3.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
94910944 by Joe Guo at 2018-04-13T05:27:13Z
kcc/kcc_utils: fix divide for py3
`/` will return float other than int in py3.
Use `//` to keep consistent with py2.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c7f3c91b by Joe Guo at 2018-04-13T05:27:13Z
kcc: fix sort for py3
py2:
list.sort(cmp=None, key=None, reverse=False)
sorted(iterable[, cmp[, key[, reverse]]])
py3:
list.sort(key=None, reverse=False)
sorted(iterable, *, key=None, reverse=False)
The `cmp` arg was removed in py3, make use of `key` arg to work around.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6eb3391c by Joe Guo at 2018-04-13T05:27:13Z
kcc/graph: add __hash__ to InternalEdge for py3
In py3, if a class defines `__eq__()` but not `__hash__()`, its instances will
not be usable as items in hashable collections, e.g.: set.
Add `__hash__()` to InternalEdge, so it can be added to a set in py3.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0d56edb9 by Douglas Bagnall at 2018-04-13T05:27:14Z
ldb/pyldb: initialize optional parameter in ldb_connect()
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
e62d2bd4 by Douglas Bagnall at 2018-04-13T05:27:14Z
nbt/pynbt: initialize optional parameter in nbt_name_register
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
399c22a8 by Douglas Bagnall at 2018-04-13T05:27:14Z
nbt/pynbt: initialize optional parameter in nbt_name_refresh
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
2a305014 by Douglas Bagnall at 2018-04-13T05:27:14Z
s3/py_passdb: initialize optional parameters earlier
It is just a bit easier to see what is happening.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
30fb803e by Douglas Bagnall at 2018-04-13T05:27:14Z
s4/lib/py-registry: initialize optional parameters for open_* functions
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
c034caaf by Douglas Bagnall at 2018-04-13T05:27:14Z
s4/webserver: initialise optional parameter
OK, this is unused and unimplemented.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
ce63db26 by Joe Guo at 2018-04-13T08:36:32Z
traffic_relay: bulk port print to modern py3 style
Change print to function and avoid the ugly `print >>sys.stderr`.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Fri Apr 13 10:36:32 CEST 2018 on sn-devel-144
- - - - -
5fea3e3f by Volker Lendecke at 2018-04-13T16:14:41Z
libnbt: Add an explicit "mem_ctx" to name_request_send
Implicitly hanging requests off nbtsock is too inflexible for future use
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
8b770e64 by Volker Lendecke at 2018-04-13T16:14:42Z
libnbt: Align data types
ARRAY_SIZE returns size_t
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
b8f71674 by Volker Lendecke at 2018-04-13T19:04:28Z
libdgram: Fix an error path memleak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Apr 13 21:04:28 CEST 2018 on sn-devel-144
- - - - -
115423c9 by Volker Lendecke at 2018-04-16T14:06:07Z
tstream: Fix CID 1167982 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
78c35337 by Volker Lendecke at 2018-04-16T17:09:56Z
tstream: Fix CID 1167981 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Apr 16 19:09:56 CEST 2018 on sn-devel-144
- - - - -
c988a56b by Mathieu Parent at 2018-04-17T19:07:30Z
Mark libparse-pidl-perl, samba-dev, samba-dsdb-modules and samba-vfs-modules "Multi-Arch: same"
- - - - -
22703181 by Mathieu Parent at 2018-04-17T19:08:51Z
Standards-Version: 4.1.4, no change
- - - - -
54d35a1a by Mathieu Parent at 2018-04-17T19:18:41Z
debian/smb.conf: Fix typo in comment line: sever -> server (Closes: #763648)
Signed-off-by: Santiago Vila <sanvila at debian.org>
- - - - -
27c9121e by Mathieu Parent at 2018-04-17T19:18:41Z
Changelog for previous commits
- - - - -
e6df6f20 by Volker Lendecke at 2018-04-17T19:27:23Z
nbt_server: Factor out nbtd_name_query_reply_packet
Separate packet creation from sending out the packet. This way packet
creation can be used elsewhere in the future.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
a7d52505 by Volker Lendecke at 2018-04-17T19:27:23Z
nbt_server: Factor out nbtd_node_status_reply_packet
Separate packet creation from sending out the packet. This way packet
creation can be used elsewhere in the future.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
3ce07998 by Mathieu Parent at 2018-04-17T20:09:32Z
Read smb.conf until [print$] section instead of [cdrom] to preserve locally-defined shares (Closes: #776259)
- - - - -
04bfc021 by Mathieu Parent at 2018-04-17T20:19:39Z
dhclient3 was renamed to dhclient long time ago...
- - - - -
a306f250 by Mathieu Parent at 2018-04-17T20:22:17Z
Remove /etc/samba/dhcp.conf on purge (Closes: #784713)
- - - - -
fc473cd2 by Volker Lendecke at 2018-04-17T22:11:51Z
nbt_server: Align integer types
sizeof returns size_t
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Apr 18 00:11:51 CEST 2018 on sn-devel-144
- - - - -
cc1eed99 by Björn Baumbach at 2018-04-18T13:25:42Z
build: add option to choose to build with or without JSON audit support
Add a new configure option:
--with-json-audit
Build with JSON auth audit support (default=auto). This requires
the jansson devel package.
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): <bbaumbach at samba.org>
Autobuild-Date(master): Wed Apr 18 15:25:42 CEST 2018 on sn-devel-144
- - - - -
99859479 by Andreas Schneider at 2018-04-18T22:32:22Z
s3:passdb: Do not return OK if we don't have pinfo set up
This prevents a crash in fill_mem_keytab_from_secrets()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13376
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Apr 19 00:32:22 CEST 2018 on sn-devel-144
- - - - -
18c097bc by Mathieu Parent at 2018-04-19T08:08:08Z
Move dhcp.conf out of /etc to allow ro root (Closes: #695362)
- - - - -
9a4e2904 by Mathieu Parent at 2018-04-19T08:23:14Z
Update template for "Move dhcp.conf out of /etc to allow ro root"
- - - - -
9f3ab35a by Volker Lendecke at 2018-04-19T09:40:11Z
libads: Fix the build --without-ads
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Tue Feb 6 02:47:44 CET 2018 on sn-devel-144
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13273
(cherry picked from commit 859698d29b547217356851094ed8188236e717b6)
- - - - -
a25ec76b by Volker Lendecke at 2018-04-19T09:40:11Z
rpc_server: Init local_server_* in make_internal_rpc_pipe_socketpair
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13370
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Apr 11 15:19:19 CEST 2018 on sn-devel-144
(cherry picked from commit 212815969f4a706bc8395e2f6dbf225318ff2ad7)
- - - - -
daf2c88a by Volker Lendecke at 2018-04-19T09:40:11Z
libsmb: Handle long-running smb2cli_notify
This likely runs into a timeout. Properly cancel the smb2 request,
allowing the higher-level caller to re-issue this request on an existing
handle.
I did not see a proper way to achieve this with tevent_req_set_endtime or
something like that.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 91c0f497816bb88d8935a8a79c146c08379ecf53)
- - - - -
61470f63 by Volker Lendecke at 2018-04-19T09:40:11Z
libsmb: Handle IO_TIMEOUT in cli_smb2_notify properly
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit abfe482828e8c1dc233d67657a4d11a91a731f70)
- - - - -
c45c96e9 by Volker Lendecke at 2018-04-19T14:16:40Z
smbclient: Handle ENUM_DIR in "notify" command
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Apr 5 04:05:52 CEST 2018 on sn-devel-144
(cherry picked from commit 1452677ef0044815df0702de5424d4711e18144b)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Thu Apr 19 16:16:41 CEST 2018 on sn-devel-144
- - - - -
ade0d545 by Volker Lendecke at 2018-04-20T09:56:21Z
utils: Add destroy_netlogon_creds_cli
This is a pure testing utility that will garble the netlogon_creds_cli
session_key. This creates a similar effect to our schannel credentials
as does a domain controller reboot.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit bffae41842fe218959fe6f8b43df694feec1589c)
- - - - -
ad0b42ae by Volker Lendecke at 2018-04-20T09:56:21Z
winbind: Add smbcontrol disconnect-dc
Make a winbind child drop all DC connections
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(backported from commit 0af88b98e7e1bba14827305257e77b63dc82d902)
- - - - -
1e60ca51 by Volker Lendecke at 2018-04-20T09:56:21Z
winbind: Keep "force_reauth" in invalidate_cm_connection
Right now I don't see a way to actually force a re-serverauth
from the client side as long as an entry in netlogon_creds_cli.tdb
exists. cm_connect_netlogon goes through invalidate_cm_connection, and
this wipes our wish to force a reauthenticatoin. Keep this intact until
we actually did reauthenticate.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 4b7a9d560a51b51ac88f30276c87edc097b00d0b)
- - - - -
586a0ff3 by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: add and use ldap_reconnect_need_retry() in winbindd_reconnect_ads.c
ldap_reconnect_need_retry() is a copy of reconnect_need_retry() minus
the RPC connection invalidation.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit a8d5e4d36768bc199c631626488b2d0acbd6e91a)
- - - - -
5c701c46 by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: check for NT_STATUS_IO_DEVICE_ERROR in reset_cm_connection_on_error()
reconnect_need_retry() already checks for this error, it surfaces up
from tstream_smbXcli_np as a mapping for EIO.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit a33c1d25e0422483c903001dd246626f84c4cbc1)
- - - - -
4d2968cb by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: make reset_cm_connection_on_error() public
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 17749a5d9fa08da1c61de45728656a2c9b85782d)
- - - - -
7d9aa1d5 by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: call reset_cm_connection_on_error() from reconnect_need_retry()
This ensures we use the same disconnect logic in the reconnect backend,
which calls reconnect_need_retry(), and in the dual_srv frontend which
calls reset_cm_connection_on_error.
Both reset_cm_connection_on_error() and reconnect_need_retry() are very
similar, both return a bool indicating whether a retry should be
attempted, unfortunately the functions have a different default return,
so I don't dare unifying them, but instead just call one from the other.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 2837b796af3e491b6bb34bd441758ae214f629ee)
- - - - -
cde7022c by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: force netlogon reauth for certain errors in reset_cm_connection_on_error()
NT_STATUS_RPC_SEC_PKG_ERROR is returned by the server if the server
doesn't know the server-side netlogon credentials anymore, eg after a
reboot. If this happens we must force a full netlogon reauth.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <vl at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 2d1f00cc3ad77bed4e810dc910979e6cdf582216)
- - - - -
c4fd5a39 by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: call dcerpc_binding_handle_is_connected() from reset_cm_connection_on_error()
To consolidate the error handling for RPC calls, add the binding handle
as an additional argument to reset_cm_connection_on_error().
All callers pass NULL for now, so no change in behaviour up to here.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 966ff3793a867a5ffe1a49e48c8ab3ecb02f8359)
- - - - -
5bf61b01 by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: fix logic calling dcerpc_binding_handle_is_connected()
The calls were missing the negation operator, a retry should be
attempted is the binding handle got somehow disconnected behind the
scenes and is NOT connected.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 08718af36f3ed6cf2308beb3800abfb0414f94b9)
- - - - -
6e1018e5 by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: use reset_cm_connection_on_error() instead of dcerpc_binding_handle_is_connected()
This catches more errors and triggers retry as appropriate.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 6244a2beb184de8d050389e304f087ef153d61dd)
- - - - -
f9ccb90f by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: add retry to _wbint_LookupSids()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit c2cd2d3f3137e27cd6e4cabd34f27b49251f078d)
- - - - -
ce6357b6 by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: add retry to _wbint_DsGetDcName
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit fcf8edf9b8cdf5f3897c1a63ed97c302a231742f)
- - - - -
71eb2d9c by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: add retry to _winbind_DsrUpdateReadOnlyServerDnsRecords
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit e608f058b8f2d2295e24498daa35852de3212b23)
- - - - -
f8abea57 by Ralph Boehme at 2018-04-20T09:56:22Z
winbindd: add retry to _winbind_SendToSam
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Mar 15 20:57:44 CET 2018 on sn-devel-144
(cherry picked from commit c37fbfcb248e5a8d6088a28eb0c1a62423f94502)
- - - - -
cd2cc69e by Stefan Metzmacher at 2018-04-20T09:56:22Z
lib/util: remove unused '#include <sys/syscall.h>' from tests/tfork.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13342
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit f2ff61ce9e8ab56d8a69fce29c9f214d5d98f89e)
- - - - -
f11278fa by Andreas Schneider at 2018-04-20T09:56:22Z
s3:passdb: Do not return OK if we don't have pinfo set up
This prevents a crash in fill_mem_keytab_from_secrets()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13376
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 99859479fc6e12b2f74ce2dfa83da56d8b8f3d26)
- - - - -
63d9b532 by Stefan Metzmacher at 2018-04-20T09:56:22Z
lib/replace: define __[u]intptr_t_defined if we prove an replacement
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit 329a229af3c3c9475b9254ca68c413ec18fa3b71)
- - - - -
5cc7432b by Stefan Metzmacher at 2018-04-20T09:56:22Z
nsswitch: maintain prototypes for the linux based functions only once
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit b8c30abb02f461f16af4da83eecd173993974dc1)
- - - - -
f0aa869b by Stefan Metzmacher at 2018-04-20T09:56:22Z
nsswitch: add some const to _nss_winbind_initgroups_dyn() prototype
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit d5be3b3279162005d9ebea2eda71d455e4c48739)
- - - - -
9e1b535d by Stefan Metzmacher at 2018-04-20T09:56:23Z
nsswitch: fix the developer build of nsswitch/wins.c on freebsd 11
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit dc160247d13e2c63574a7e7ec7720fc4c690483b)
- - - - -
c703cfb4 by Volker Lendecke at 2018-04-20T09:56:23Z
vfs_virusfilter: Fix CID 1428739 Buffer not null terminated
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
(cherry picked from commit 8a4409c956bdbe5d928e685b7c219566d467a627)
- - - - -
932bdb20 by Volker Lendecke at 2018-04-20T09:56:23Z
vfs_virusfilter: Fix CID 1428740 Macro compares unsigned to 0
vsnprintf returns "int" and not "size_t"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
(cherry picked from commit 734404bbe911fd4aa6565b2a2aaecab4fbbf3c45)
- - - - -
bade8dc3 by Volker Lendecke at 2018-04-20T09:56:23Z
vfs_virusfilter: Fix CID 1428738 Macro compares unsigned to 0
vsnprintf returns "int" and not "size_t"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan 31 05:28:48 CET 2018 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
(cherry picked from commit 21eb5169f46b8d819a5d5d028baff581e4e63de6)
- - - - -
deb624c8 by Stefan Metzmacher at 2018-04-20T09:56:23Z
s3:modules: fix the picky-developer build of vfs_virusfilter.c on FreeBSD 11
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit fb7b67af984812784756574df4f0fb55d472181b)
- - - - -
08d5ade3 by Stefan Metzmacher at 2018-04-20T09:56:23Z
s3:modules: make virusfilter_io_connect_path() more portable
We have existing utility functions to prepare a socket.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit 74278a70389e2479d80ec5c88b01a09c141e8d39)
- - - - -
8c0a598b by Stefan Metzmacher at 2018-04-20T09:56:23Z
lib/crypto: avoid 'return void_function();' which isn't portable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit 7ae77db3b29ef08e1f74aa413049b995a598a5dd)
- - - - -
74da4c87 by Stefan Metzmacher at 2018-04-20T09:56:23Z
ldb/tests: avoid 'return void_function();' which isn't portable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit 666dda907b7f190b2dff1f2639bd2518240b9fb2)
- - - - -
c67a2f85 by William Brown at 2018-04-20T13:23:24Z
ldb_wrap.c missing header
ldb_wrap.c was missing unistd.h causing implicit symbol declaration and error
during compilation.
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Simo Sorce <idra at samba.org>
- - - - -
98fb60b1 by Stefan Metzmacher at 2018-04-20T14:53:16Z
s3:modules: fix the build of vfs_aixacl2.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13345
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Apr 3 20:18:58 CEST 2018 on sn-devel-144
(cherry picked from commit 702665cc52d5dc05ae636519e1ffe9c296f5ef77)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Fri Apr 20 16:53:16 CEST 2018 on sn-devel-144
- - - - -
a18b5100 by William Brown at 2018-04-20T16:18:25Z
s3/security.c undefined value
s3/security.c had an NTSTATUS status that was undefined and with the configure
option --address-sanitizer this caused uninitialised value error.
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Simo Sorce <idra at samba.org>
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Fri Apr 20 18:18:25 CEST 2018 on sn-devel-144
- - - - -
57d9969f by Björn Baumbach at 2018-04-20T19:12:33Z
build: fix build without JSON audit support
Autobuild-User(master): Björn Baumbach <bbaumbach at samba.org>
Autobuild-Date(master): Fri Apr 20 21:12:33 CEST 2018 on sn-devel-144
- - - - -
74590c67 by Stefan Metzmacher at 2018-04-23T08:30:18Z
s3:smbd: call pthreadpool_tevent_init() already in smbd_process()
pthreadpool_tevent_init() doesn't start any thread yet, it only
allocates a bit of memory.
It's easier to start this in a central place, so that it's
available to all VFS modules.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
7ba243f3 by Stefan Metzmacher at 2018-04-23T08:30:19Z
docs-xml: rewrite the vfs_aio_pthread manpage to reflect the >= 4.0.0 behavior
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
b805a597 by Stefan Metzmacher at 2018-04-23T08:30:19Z
selftest: add some basic testing for aio_pthread
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
b5a34e65 by Stefan Metzmacher at 2018-04-23T11:30:06Z
s3:vfs_aio_pthread: make use of pthreadpool_tevent instead of pthreadpool_pipe
pthreadpool_tevent provides a much simpler api and avoids an extra
pipe for the completion notification.
This means we now have just one thread pool, that's shared for
all async pread, pwrite, fsync and openat() calls, instead of having
an extra pool for openat() with the same possible number of threads.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Apr 23 13:30:06 CEST 2018 on sn-devel-144
- - - - -
f092ee2a by Volker Lendecke at 2018-04-23T23:53:18Z
libcli: Call dbwrap_local_open with the correct hash size
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ca6efa96 by Volker Lendecke at 2018-04-23T23:53:18Z
libcli: Call dbwrap_local_open with the correct tdb_flags
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7e183a22 by Volker Lendecke at 2018-04-23T23:53:18Z
credentials: Call dbwrap_local_open with the correct hash size
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7f09fd2b by Volker Lendecke at 2018-04-23T23:53:18Z
credentials: Call dbwrap_local_open with the correct tdb_flags
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
281822ac by Volker Lendecke at 2018-04-23T23:53:18Z
cluster4: Call dbwrap_local_open with the correct hash size
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f542552e by Volker Lendecke at 2018-04-23T23:53:19Z
cluster4: Call dbwrap_local_open with the correct tdb_flags
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
247563e1 by Volker Lendecke at 2018-04-23T23:53:19Z
dbwrap3: Call dbwrap_local_open with the correct hash size
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
91bb8b8e by Volker Lendecke at 2018-04-23T23:53:19Z
dbwrap3: Call dbwrap_local_open with the correct tdb flags
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
807cb593 by Volker Lendecke at 2018-04-23T23:53:19Z
libcli: Call dbwrap_local_open with the correct hash size
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
812312ca by Volker Lendecke at 2018-04-23T23:53:19Z
libcli: Call dbwrap_local_open with the correct tdb flags
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1aeac2f8 by Volker Lendecke at 2018-04-23T23:53:19Z
dbwrap: Remove calls to loadparm
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
27e6e451 by Volker Lendecke at 2018-04-23T23:53:19Z
dbwrap: Remove dependency on samba-hostconfig
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0b042589 by Volker Lendecke at 2018-04-24T02:44:30Z
winbind: Remove an unused struct declaration
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Apr 24 04:44:30 CEST 2018 on sn-devel-144
- - - - -
fdcc1622 by Ralph Boehme at 2018-04-24T09:13:17Z
s3:messages: check reg->refcount == 0 before accessing other elements
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
dfb712a0 by Ralph Boehme at 2018-04-24T09:13:17Z
s3:messages: check tevent_fd_get_flags() == 0 before using stale event context pointer
If the event context got deleted, tevent_fd_get_flags() will return 0
for the stale fde. In that case we should not use fde_ev->ev anymore.
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
8e5cc973 by Ralph Boehme at 2018-04-24T12:30:20Z
s3:messages: improve tevent_create_immediate recycling
We should create the immediate event at the beginning
were we have a chance to return an error, rather than
ignoring a failure later.
As a side effect this also reuses the immediate event
after the refcount went to 0 and up again.
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Apr 24 14:30:20 CEST 2018 on sn-devel-144
- - - - -
ffe97000 by Stefan Metzmacher at 2018-04-24T12:32:10Z
nsswitch: fix memory leak in winbind_open_pipe_sock() when the privileged pipe is not accessable.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13400
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
6120f568 by Volker Lendecke at 2018-04-24T12:32:10Z
ntlm_auth: PAM_AUTH_CRAP needs a privileged socket
This only works right now because wb_common always tries privileged
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
fdf0b2a7 by Volker Lendecke at 2018-04-24T12:32:10Z
nsswitch: Only connect to the priv socket if required
This should speed up calls like "wbinfo -p"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ffeb2acf by Volker Lendecke at 2018-04-24T15:18:23Z
winbind: Speed up wbinfo -p
This was (possibly) used as an example in the early days of the async winbind
code we have today. It's not necessary to send this through a full tevent_req
round.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Tue Apr 24 17:18:23 CEST 2018 on sn-devel-144
- - - - -
a4d2eeda by Stefan Metzmacher at 2018-04-24T17:41:14Z
s3:util: remove reinit_after_fork_pipe_handler before sending SIGTERM
We should not keep the tevent_fd active when we sending us a SIGTERM,
this is not a real problem, but due to a different bug I triggered
a 100% cpu loop. I think it's safer to idle in that case instead
of waisting a lot of energy.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4fa8e567 by Volker Lendecke at 2018-04-24T17:41:14Z
torture3: Fix CID 1435119 Error handling issues (CHECKED_RETURN)
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a37d9a45 by Volker Lendecke at 2018-04-24T17:41:15Z
tevent: Fix callers of tevent_req_set_endtime
tevent_req_set_endtime internally already calls tevent_req_nomem and thus sets
the error status correctly.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d7cfb12b by Volker Lendecke at 2018-04-24T20:26:22Z
lib: #include "util_event.h" only where needed
One dependency of includes.h less
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Apr 24 22:26:22 CEST 2018 on sn-devel-144
- - - - -
c4bb166a by Mathieu Parent at 2018-04-24T20:40:12Z
Enable --accel-aes=intelaesni on DEB_HOST_GNU_CPU=x86_64 (Closes: #896196)
- - - - -
35f2afe4 by Björn Jacke at 2018-04-25T11:55:25Z
printing: return the same error code as windows does on upload failures
Some print drivers inf files are broken and cause driver installation to fail
on Samba servers. Windows returns WERR_APP_INIT_FAILURE in that case, we should
do the same. Windows machines are less unlucky with that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13395
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Björn Jacke <bj at sernet.de>
Autobuild-Date(master): Wed Apr 25 13:55:25 CEST 2018 on sn-devel-144
- - - - -
0e1125da by William Brown at 2018-04-25T17:59:13Z
s4/smbd/server.c: create /run if missing
In some cases (containers mainly) /var/run may not be present. Instead of
erroring, we should create it at startup.
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
501819fa by Christof Schmitt at 2018-04-25T17:59:13Z
rpcclient: Print number of entries for NetSessEnum
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e04846c7 by Christof Schmitt at 2018-04-25T17:59:13Z
selftest: Add testcase for querying sessions after smbd crash
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a6fade4e by Christof Schmitt at 2018-04-25T20:49:07Z
rpc_server: Fix NetSessEnum with stale sessions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Apr 25 22:49:07 CEST 2018 on sn-devel-144
- - - - -
8649e216 by Ralph Boehme at 2018-04-25T23:09:27Z
Add a wrapper script as git pre-commit hook
When developer mode is enabled, the wrapper script
"script/git-hooks/pre-commit-hook" gets installed as
.git/hooks/pre-commit
and calls "script/git-hooks/pre-commit-script".
This way we can later modify the "script/git-hooks/pre-commit-script"
without the need to ever change the installed commit hook itself.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5757d259 by Ralph Boehme at 2018-04-26T01:54:38Z
script/git-hooks: add check-trailing-whitespace
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Apr 26 03:54:39 CEST 2018 on sn-devel-144
- - - - -
4ec99393 by Karolin Seeger at 2018-04-26T07:16:27Z
WHATSNEW: Add release notes for Samba 4.8.1.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
e5b036dd by Karolin Seeger at 2018-04-26T07:16:58Z
VERSION: Disable GIT_SNAPSHOT for the 4.8.1 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
f1bf8d74 by Karolin Seeger at 2018-04-26T07:17:47Z
VERSION: Bump version up to 4.8.2...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
6a83fb45 by Mathieu Parent at 2018-04-26T18:41:39Z
New upstream version 4.8.1+dfsg
- - - - -
70f411c0 by Mathieu Parent at 2018-04-26T18:51:27Z
Merge tag 'upstream/4.8.1+dfsg'
Upstream version 4.8.1+dfsg
- - - - -
7dbf8336 by Martin Schwenke at 2018-04-27T04:53:16Z
ctdb: Fix some -Werror=strict-overflow issues
All quite obvious. For the LCP2 one, we're not actually counting so
use a bool instead of an int.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d8741fee by Martin Schwenke at 2018-04-27T04:53:16Z
ctdb-scripts: Avoid shellcheck SC1117: Backslash is literal in "..."
This warning (apparently new in shellcheck 0.4.7) only applies to
double-quoted strings. Change affected constant strings to use
single-quotes. In the one example that contains a variable expansion
escape the backslash as recommended.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d44fed60 by Martin Schwenke at 2018-04-27T04:53:16Z
ctdb-tools: Avoid filtering stderr when onnode not running in parallel
stderr_filter() only does anything useful when running in
parallel (i.e. with the -p option). So, simplify the non-parallel
case by not using stderr_filter().
As a side-effect, this fixes an issue introduced in commit
85a4375788d8ef8345ec390807f18299abdadb20 where local daemon tests
would hang when trying to start daemons with VALGRIND set (to a
valgrind command that does not use --log-file). This is because
valgrind would keep stderr open for its output so the pipeline
involving stderr_filter() would never complete.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3388aed0 by Martin Schwenke at 2018-04-27T04:53:16Z
ctdb-docs: Drop references to CTDB_BASE from the documentation
CTDB_BASE should only ever be modified by test code. It should not be
mentioned in the user documentation.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
072650b4 by Martin Schwenke at 2018-04-27T04:53:16Z
ctdb-docs: Drop stale reference to unused configuration file
Recently removed but documentation change was forgotten.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
dbc6ebc6 by Martin Schwenke at 2018-04-27T04:53:16Z
ctdb-docs: Drop documentation for CTDB_SHUTDOWN_TIMEOUT option
This was recently removed but the documentation was forgotten.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
26430ab1 by Martin Schwenke at 2018-04-27T04:53:16Z
ctdb-scripts: Drop unused variable service_config
This was previously used by the loadconfig() function.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
110e72cc by Martin Schwenke at 2018-04-27T07:37:48Z
ctdb-scripts: Drop CTDB_RC_LOCAL testing hook
This is not used.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Apr 27 09:37:49 CEST 2018 on sn-devel-144
- - - - -
31c39040 by Mathieu Parent at 2018-04-29T08:32:00Z
Use dh-exec to install libaesni-intel.so.0 only on amd64
dh-exec (>= 0.13) in Debian>=jessie
- - - - -
f249731b by Mathieu Parent at 2018-04-29T10:56:19Z
Release 2:4.8.1+dfsg-1
- - - - -
693ca7b9 by Martin Schwenke at 2018-04-30T09:41:22Z
ctdb-tests: Simplify a test
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a23d8054 by Martin Schwenke at 2018-04-30T12:26:43Z
ctdb-tests: Fix a typo
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Mon Apr 30 14:26:43 CEST 2018 on sn-devel-144
- - - - -
f477a758 by Douglas Bagnall at 2018-04-30T13:43:18Z
samba-tool visualize: use correct DC in graph label
We have been using a random DC (depending to hash order, which was not
random enough on Python 2.7 to affect the tests).
Reported-by: Noel Power <noel.power at suse.com>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
db8da077 by Noel Power at 2018-04-30T13:43:19Z
lib/ldb: Additionally accept unicode as string param in Py2
With the changes to make samba python code Py2/Py3 compatible there
now are many instances where string content is decoded.
Decoded string variables in Py2 are returned as the unicode type. Many
Py2 c-module functions that take string arguments only check for the
string type. However now it's quite possibe the content formally passed
as a string argument is now passed as unicode after being decoded,
such arguments are rejected and code can fail subtly. This only affects
places where the type is directly checked e.g. via PyStr_Check etc.
arguments that are parsed by ParseTuple* functions generally already
accept both string and unicode (if 's', 'z', 's*' format specifiers
are used)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
702e85e4 by Noel Power at 2018-04-30T13:43:19Z
lib/tevent: Additionally accept unicode as string param in Py2
With the changes to make samba python code Py2/Py3 compatible there
now are many instances where string content is decoded.
Decoded string variables in Py2 are returned as the unicode type. Many
Py2 c-module functions that take string arguments only check for the
string type. However now it's quite possibe the content formally passed
as a string argument is now passed as unicode after being decoded,
such arguments are rejected and code can fail subtly. This only affects
places where the type is directly checked e.g. via PyStr_Check etc.
arguments that are parsed by ParseTuple* functions generally already
accept both string and unicode (if 's', 'z', 's*' format specifiers
are used)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
7020af42 by Noel Power at 2018-04-30T13:43:19Z
libcli/nbt: Additionally accept unicode as string param in Py2
With the changes to make samba python code Py2/Py3 compatible there
now are many instances where string content is decoded.
Decoded string variables in Py2 are returned as the unicode type. Many
Py2 c-module functions that take string arguments only check for the
string type. However now it's quite possibe the content formally passed
as a string argument is now passed as unicode after being decoded,
such arguments are rejected and code can fail subtly. This only affects
places where the type is directly checked e.g. via PyStr_Check etc.
arguments that are parsed by ParseTuple* functions generally already
accept both string and unicode (if 's', 'z', 's*' format specifiers
are used)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
3544f1b5 by Noel Power at 2018-04-30T13:43:19Z
s4/auth: Additionally accept unicode as string param in Py2
With the changes to make samba python code Py2/Py3 compatible there
now are many instances where string content is decoded.
Decoded string variables in Py2 are returned as the unicode type. Many
Py2 c-module functions that take string arguments only check for the
string type. However now it's quite possibe the content formally passed
as a string argument is now passed as unicode after being decoded,
such arguments are rejected and code can fail subtly. This only affects
places where the type is directly checked e.g. via PyStr_Check etc.
arguments that are parsed by ParseTuple* functions generally already
accept both string and unicode (if 's', 'z', 's*' format specifiers
are used)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
5055b54d by Noel Power at 2018-04-30T13:43:19Z
s4/dsdb: Additionally accept unicode as string param in Py2
With the changes to make samba python code Py2/Py3 compatible there
now are many instances where string content is decoded.
Decoded string variables in Py2 are returned as the unicode type. Many
Py2 c-module functions that take string arguments only check for the
string type. However now it's quite possibe the content formally passed
as a string argument is now passed as unicode after being decoded,
such arguments are rejected and code can fail subtly. This only affects
places where the type is directly checked e.g. via PyStr_Check etc.
arguments that are parsed by ParseTuple* functions generally already
accept both string and unicode (if 's', 'z', 's*' format specifiers
are used)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
5c129351 by Noel Power at 2018-04-30T13:43:19Z
s4/librpc: Additionally accept unicode as string param in Py2
With the changes to make samba python code Py2/Py3 compatible there
now are many instances where string content is decoded.
Decoded string variables in Py2 are returned as the unicode type. Many
Py2 c-module functions that take string arguments only check for the
string type. However now it's quite possibe the content formally passed
as a string argument is now passed as unicode after being decoded,
such arguments are rejected and code can fail subtly. This only affects
places where the type is directly checked e.g. via PyStr_Check etc.
arguments that are parsed by ParseTuple* functions generally already
accept both string and unicode (if 's', 'z', 's*' format specifiers
are used)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
ba5f00de by Noel Power at 2018-04-30T13:43:19Z
s4/param: Additionally accept unicode as string param in Py2
With the changes to make samba python code Py2/Py3 compatible there
now are many instances where string content is decoded.
Decoded string variables in Py2 are returned as the unicode type. Many
Py2 c-module functions that take string arguments only check for the
string type. However now it's quite possibe the content formally passed
as a string argument is now passed as unicode after being decoded,
such arguments are rejected and code can fail subtly. This only affects
places where the type is directly checked e.g. via PyStr_Check etc.
arguments that are parsed by ParseTuple* functions generally already
accept both string and unicode (if 's', 'z', 's*' format specifiers
are used)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
d2ee36e3 by Noel Power at 2018-04-30T13:43:19Z
python/samba: Add some compatability PY2/PY3 functions
I hope these changes are a short term interim solution for the
absence of the 'six' module/library. I also hope that soon this
module can be removed and be replaced by usage of six.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
d331ddf4 by Noel Power at 2018-04-30T13:43:19Z
Add aliases for StringIO.StringIO
cStringIO doesn't handle unicode, StringIO does. With py2/py3
compatable code we can easily find ourselves getting passed
unicode so we don't alias cStringIO
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
cbd6786c by Noel Power at 2018-04-30T13:43:19Z
python/samba: Add binary_type for p2/p3 testing.
For helping test for binary types, binary_type evaluates to 'str'
in py2, and 'bytes' in py3.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
13280d3d by Noel Power at 2018-04-30T13:43:19Z
python/samba: bulk conversion of caller to dsdb_Dn 2nd param.
Convert second param to dsdb_Dn to be unicode so py2 & py3 code
will work
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
b54472f8 by Noel Power at 2018-04-30T13:43:19Z
python: Bulk conversion callers of ldb.Dn second param
Convert second param passed to ldb.Dn to be unicode so py2 & py3 code
will work
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
141d9081 by Noel Power at 2018-04-30T13:43:19Z
python/samba: port some isinstance str checks (to cater for unicode)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
26c1eca5 by Mathieu Parent at 2018-04-30T16:25:00Z
Really ignore nmbd start errors when there is no non-loopback interface (Closes: #893762)
- - - - -
268ad19e by Noel Power at 2018-04-30T16:25:25Z
python/samba: Py2/Py3 compat change '/' to '//' to ensure int result
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Mon Apr 30 18:25:25 CEST 2018 on sn-devel-144
- - - - -
aefe444d by Jeremy Allison at 2018-04-30T19:48:55Z
ceph: VFS: Add asynchronous fsync to ceph module, fake using synchronous call.
This will allow me to ultimately simplify the VFS by removing the synchronous
fsync VFS call.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13412
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Mon Apr 30 21:48:55 CEST 2018 on sn-devel-144
- - - - -
01c8dc7e by Amitay Isaacs at 2018-05-01T11:31:17Z
ctdb-client: Remove ununsed functions from old client code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13411
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
45202d86 by Amitay Isaacs at 2018-05-01T11:31:17Z
ctdb-build: Drop unnessary dependency on ctdb-client
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
e70fe419 by Amitay Isaacs at 2018-05-01T11:31:17Z
ctdb-daemon: Move ctdb_client.c to server/ subdir
It is used only by the code in the server directory. It's mainly used
in recovery daemon and vacuuming child process.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
b3dc0dca by Amitay Isaacs at 2018-05-01T11:31:17Z
ctdb-build: Rename ctdb-client2 subsystem to ctdb-client
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
cdd51df3 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-docs: Move some ctdbd options out of the debug section
ctdbd -i might be useful with systemd or similar, so should be
documented.
--nosetsched and --script-log-level options are valid user-level
options.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f5ee0884 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-docs: Move some configuration options out of the debug section
These aren't test options so improve their visibility.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
17ad7d91 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-daemon: Set ctdb->notification_script directly
This doesn't need a wrapper function. It gets in the way if building
a value involves allocating memory (e.g. talloc_asprintf()) and then
ctdb_set_notification_script() duplicates that memory.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7052f879 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-daemon: Drop unused function ctdb_set_notification_script()
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
518be6d5 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-daemon: Use a local variable instead of repeating getenv()
Makes the error handling easier and the code more compact.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ed80fc13 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-daemon: Provide a default location for the notification script
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7e9dd3fd by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-tests: Ensure notify.sh is available to local daemons
Changes to notification configuration are coming, so ensure notify.sh
is always "installed" for local daemons.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e5af0678 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-scripts: Drop CTDB_NOTIFY_SCRIPT configuration option
Notification scripts are installed into $CTDB_BASE/notify.d/ and are
always run by notify.sh. Leave notify.sh where it is for now but no
longer consider it a configuration file. This is an interim measure
and will be changed again soon.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0349d658 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-daemon: Drop ctdbd --notification-script command-line option
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3c7b766e by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-daemon: Add testing environment variable CTDB_TEST_MODE
This is a generic indicator that tests are being run.
For local daemons, this will replace --sloppy-start and
--nopublicipcheck - it also does --nosetsched, which isn't being
removed at this point.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
5081cec4 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-tests: Make local daemon tests depend on CTDB_TEST_MODE
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8c43ce74 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-daemon: Drop ctdbd --sloppy-start and --nopublicipcheck options
CTDB_LOCAL_DAEMON_MODE=yes is used instead.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
32430f84 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-scripts: Drop CTDB_VALGRIND testing option
This is too inflexible for general use. There is no use finding a new
home for this in the new configuration scheme.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8a835ae1 by Martin Schwenke at 2018-05-01T11:31:18Z
ctdb-daemon: Drop ctdbd --torture and --valgrinding options
These haven't been used by anyone in a long time. --valgrinding is
less use with CTDB_VALGRINDING now gone.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f4fe768c by Martin Schwenke at 2018-05-01T11:31:19Z
ctdb-docs: Move remaining test options to README
Test options do not belong in the user documentation. Move them to
the README file in the tests/ subdirectory.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4eea5314 by Martin Schwenke at 2018-05-01T11:31:19Z
ctdb-daemon: Move ctdb_init() to the only place it is used
This used to be used by client code but not anymore, so move it to
where it is used. Drop the comment because it is wrong. Modernise
logging.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1b574876 by Martin Schwenke at 2018-05-01T11:31:19Z
ctdb-daemon: Drop duplicate initialisation of request ID context
This doesn't require configuration options so keep the instance in
ctdb_init().
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9623c920 by Martin Schwenke at 2018-05-01T11:31:19Z
ctdb-daemon: Consolidate basic CTDB context initialisation
None of this initialisation needs configuration options, so centralise
it with the context initialisation.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
79c49f60 by Martin Schwenke at 2018-05-01T11:31:19Z
ctdb-daemon: Reorder main() to improve the structure
Move code into clearly defined sections. Add a fail label for fatal
errors to ensure memory is freed. Modernise debug messages.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8821857c by Martin Schwenke at 2018-05-01T11:31:19Z
ctdb-scripts: Drop warning when there is no recovery lock
After configuration changes ctdbd_wrapper will no longer see the
CTDB_RECOVERY_LOCK option. The daemon already logs a warning if the
recovery lock is not set, so simply drop this extra warning.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9a5ba6b9 by Martin Schwenke at 2018-05-01T11:31:19Z
ctdb-daemon: Log the logging location when not logging via syslog()
A variant of this is currently done by the wrapper but will be removed
from there because the wrapper will no longer see the CTDB_LOGGING
option.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3459a152 by Martin Schwenke at 2018-05-01T11:31:20Z
ctdb-scripts: Drop UDP/file logging warning from ctdbd_wrapper
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
eba893f0 by Martin Schwenke at 2018-05-01T11:31:20Z
ctdb-tests: Fix location of persistent databases
Always use CTDB_DBDIR_PERSISTENT, which is setup by the test
infrastructure. The persistent database directory is
not (necessarily) relative to the volatile one.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
051203e1 by Martin Schwenke at 2018-05-01T11:31:20Z
ctdb-scripts: Fix location of persistent databases
If CTDB_DBDIR_PERSISTENT is not set then set the default relative to
CTDB_VARDIR. The persistent database directory is not (necessarily)
relative to the volatile one.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8ea7fa57 by Martin Schwenke at 2018-05-01T11:31:20Z
ctdb-tests: CTDB_DBDIR_PERSISTENT should not depend on CTDB_DBDIR
Add new variable CTDB_DBDIR_BASE, just for event script unit tests.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
eb7ec16a by Martin Schwenke at 2018-05-01T11:31:21Z
ctdb-daemon: Change default volatile database directory
Volatile databases now have their own subdirectory. This makes things
easier if we later recommend mounting a tmpfs on the volatile database
directory, rather than supporting the current CTDB_DBDIR=tmpfs magic.
No need to create database directories for local daemon tests. ctdbd
will do that.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
043f3f26 by Martin Schwenke at 2018-05-01T11:31:21Z
ctdb-scripts: Drop support for CTDB_DBDIR=tmpfs
CTDB has no business mounting filesystems. Instead, documentation
for the new configuration system will include a recommendation that a
tmpfs be mounted on the volatile database directory.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
c6c67d9e by Martin Schwenke at 2018-05-01T14:20:37Z
ctdb-scripts: Remove function rewrite_ctdb_options()
This is no longer necessary after the removal of support for
CTDB_DBDIR=tmpfs.
File-local variable ctdb_rundir is no longer used, so drop it.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Tue May 1 16:20:37 CEST 2018 on sn-devel-144
- - - - -
811596b1 by Mathieu Parent at 2018-05-01T18:26:49Z
Ignore nmbd start errors when there is no local IPv4 non-loopback interface (Closes: #859526)
- - - - -
d7cf1917 by Mathieu Parent at 2018-05-01T18:46:07Z
Fix possible-unindented-list-in-extended-description in samba-vfs-modules
- - - - -
a0482b9d by Jeremy Allison at 2018-05-01T20:15:21Z
s3: VFS: Add a synchronous smb_vfs_fsync_sync() call, built from async primitives.
Will be used in the next commit.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
cf444209 by Jeremy Allison at 2018-05-01T20:15:21Z
s3: vfs: Use the new smb_vfs_fsync_sync() call in place of SMB_VFS_FSYNC().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
bc71cd03 by Jeremy Allison at 2018-05-01T23:06:27Z
s3: VFS: Remove fsync_fn() from the VFS and all modules. VFS ABI change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed May 2 01:06:28 CEST 2018 on sn-devel-144
- - - - -
b1ac0944 by Gary Lockyer at 2018-05-02T12:18:10Z
ldb_tdb: Do not fail in GUID index mode if there is a duplicate attribute
It is not the job of the index code to enforce this, but do give a
a warning given it has been detected.
However, now that we do allow it, we must never return the same
object twice to the caller, so filter for it in ltdb_index_filter().
The GUID list is sorted, which makes this cheap to handle, thankfully.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13335
(cherry picked from commit 5c1504b94d1417894176811f18c5d450de22cfd2)
- - - - -
3f15f1c6 by Gary Lockyer at 2018-05-02T12:18:11Z
ldb_tdb: Add tests for truncated index keys
Tests for the index truncation code as well as the GUID index
format in general.
Covers truncation of both the DN and equality search keys.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat Mar 3 09:58:40 CET 2018 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13335
(cherry picked into 4.8 and cut down to operate without truncated
index values from master commit 4c0c888b571d4c21ab267024178353925a8c087c
by Andrew Bartlett)
- - - - -
7f70fcd8 by Andrew Bartlett at 2018-05-02T12:18:11Z
ldb_tdb: Ensure we can not commit an index that is corrupt due to partial re-index
The re-index traverse can abort part-way though and we need to ensure
that the transaction is never committed as that will leave an un-useable db.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13335
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
(cherry picked from commit e481e4f30f4dc540f6f129b4f2faea48ee195673)
- - - - -
89ce0d90 by Gary Lockyer at 2018-05-02T12:18:11Z
lib ldb tests: Prepare to run api and index test on tdb and lmdb
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13335
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 06d9566ef7005588de18c5a1d07a5b9cd179d17b)
- - - - -
21e10ff3 by Andrew Bartlett at 2018-05-02T12:18:11Z
ldb: Add test to show a reindex failure must not leave the DB corrupt
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13335
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Apr 5 07:53:10 CEST 2018 on sn-devel-144
(cherry picked from commit 653a0a1ba932fc0cc567253f3e153b2928505ba2)
- - - - -
bf0a6646 by Andrew Bartlett at 2018-05-02T12:18:11Z
ldb: Release ldb 1.3.3
* Fix failure to upgrade to the GUID index DB format
* Add tests for GUID index behaviour
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13306
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
13f23ec1 by Stefan Metzmacher at 2018-05-02T16:56:45Z
nsswitch: fix memory leak in winbind_open_pipe_sock() when the privileged pipe is not accessable.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13400
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit ffe970007bf934955f72ec2d73bf8f94a2b796eb)
Autobuild-User(v4-8-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-8-test): Wed May 2 18:56:45 CEST 2018 on sn-devel-144
- - - - -
ff3a23e9 by Jeremy Allison at 2018-05-02T17:33:13Z
s3: VFS: default: Remove fallback if we don't have HAVE_PREAD set. Samba doesn't work without pread.
Start of the changes to remove synchronous VFS read.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c68cfbce by Jeremy Allison at 2018-05-02T17:33:13Z
s3: VFS: default: Remove recursion into the VFS inside the default pread call.
We already know we're at the POSIX level here.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0c78aa1f by Jeremy Allison at 2018-05-02T20:20:23Z
s3: VFS: Default. Move vfs_read_data() out of source3/smbd/vfs.c to the printing code, which is the only caller.
Make static.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed May 2 22:20:23 CEST 2018 on sn-devel-144
- - - - -
795ec751 by Jeremy Allison at 2018-05-03T00:42:20Z
s3: libsmbclient: Fix hard-coded connection error return of ETIMEDOUT.
We shouldn't hard-code the connection error as ETIMEDOUT when
we have a perfectly good NT_STATUS to map from.
Found by the ChromeOS guys trying to connect an SMB2-only client
to an SMB1-only supporting server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13419
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu May 3 02:42:20 CEST 2018 on sn-devel-144
- - - - -
a82ca08f by Garming Sam at 2018-05-03T03:25:27Z
samba_dnsupdate: Put samba.kcc import after path insert of bin/python
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1b3d3304 by Douglas Bagnall at 2018-05-03T03:25:28Z
python.gpo.ADS_STRUCT: check type of loadparm argument
And add a test showning the segfault.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2096d132 by Richard Sharpe at 2018-05-03T06:16:26Z
Fix some incorrect debug messages that look to be copy-paste issues.
Signed-off-by: Richard Sharpe <realrichardsharpe at gmail.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu May 3 08:16:26 CEST 2018 on sn-devel-144
- - - - -
7e091e50 by Andrew Bartlett at 2018-05-03T06:17:44Z
s4-lsa: Fix use-after-free in LSA server
This is a regression introduced in ab7988aa2fd1a43f576a4b73a6893c61c7ef1957.
The state variable contains the data to be returned to the client
and packed into NDR after the function returned.
This memory needs to be kept (on mem_ctx as parent) until that is
pushed and freed by the caller.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13420
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
61244998 by Andrew Bartlett at 2018-05-03T06:17:44Z
selftest: Allow make test to run with --address-sanitizer
Recent GCC versions enforce that the library must be in LD_PRELOAD if linked to a plugin
(like a python module).
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4365741f by Andrew Bartlett at 2018-05-03T06:17:44Z
autobuild: Extend build combinations tested to include --without-ldap
This bumps --without-ads to the samba-nt4 job so that option alone is still covered.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c9764342 by Andrew Bartlett at 2018-05-03T06:17:44Z
gitlab-ci: split up gitlab-ci file
The "private" build environments are not available to most users so
remove this from the default build. Only developers with access
to private runners (rather than a shared runner) will have a runner
tagged as "private".
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d0d32fc0 by Andrew Bartlett at 2018-05-03T06:17:44Z
gitlab-ci: Use YAML templates to reduce duplication
Inspired by WIP patches by Jamie McClymont
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
67842838 by Andrew Bartlett at 2018-05-03T06:17:44Z
gitlab-ci: Run samba-ad-dc-2 in the shared environment
This will allow more AD DC tests to run for those without access
to a private gitlab runner.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e48bd332 by Stefan Metzmacher at 2018-05-03T06:17:44Z
ldb/tests: don't use TEVENT_DEPRECATED in ldb_kv_ops_test.c
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
705cf715 by Gary Lockyer at 2018-05-03T06:17:44Z
ldb_tdb: Make sure max_key_length != 0 requires a GUID index mode
We need to enforce the GUID index mode so end-users do not get a supprise
in mid-operation and we enforce a max key length of 511 so that the
index key trunctation is done correctly.
Otherwise the DB will appear to work until a very long key (DN or index)
is used, after which it will be sad.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
39e5faa7 by Gary Lockyer at 2018-05-03T06:17:44Z
ldb: make key/value backends expose if there is an active transaction
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
501b35f8 by Gary Lockyer at 2018-05-03T06:17:44Z
ldb_tdb: Do not make search or DB modifications without a lock
The ldb_cache startup code would previously not take a read lock
nor a sufficiently wide write transaction.
The new code takes a read lock, and if it needs to write takes a
write lock (transaction) and re-reads before continuing.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f04bbd3e by Gary Lockyer at 2018-05-03T06:17:44Z
ldb_tdb: Disallow TDB nested transactions and use tdb_transaction_active()
This avoids keeping a counter, which can be error-prone.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
25e1cfad by Andrew Bartlett at 2018-05-03T06:17:44Z
ldb_tdb: Disallow reads without a transaction or read lock
This will ensure we match LMDB behaviour and avoid a repeat of the per-record locking
issues (compared with full DB locking) we had before Samba 4.7.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
9ca34b9c by Gary Lockyer at 2018-05-03T06:17:45Z
ldb tests: api ensure database correctly populated
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c8b45a35 by Gary Lockyer at 2018-05-03T06:17:45Z
ldb tests: add cmocka tests of kv operation interactions with transactions
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7e67df48 by Gary Lockyer at 2018-05-03T06:17:45Z
dsdb:partition_metadata: make use of ldb_relative_path() in partition_metadata_open()
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
6c8748c1 by Gary Lockyer at 2018-05-03T06:17:45Z
dsdb:schema_load: make use of ldb_relative_path() in partition_metadata_open()
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
1bff2ae1 by Gary Lockyer at 2018-05-03T06:17:45Z
ldb: Introduce new generic ldb:// prefix to allow backend autodetection
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c25cec83 by Gary Lockyer at 2018-05-03T06:17:45Z
ldb-samba: Handle generic ldb:// url scheme in ldb_relative_path()
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
cfa1c0bc by Garming Sam at 2018-05-03T06:17:45Z
tests: Replace some references to tdb with ldb://
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
910b7bee by Gary Lockyer at 2018-05-03T06:17:45Z
tests/dlz_bind9: support for multiple db types by using ldb://
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
8a0c7f39 by Gary Lockyer at 2018-05-03T09:08:12Z
ldb: Prepare to allow tests to operate on ldb_mdb (by using the GUID index)
The LMDB backend requires the GUID index mode, so prepare for it
by setting a unique objectGUID on each record. Also prepare for the
index list to be optionally set as an attribute on the test object,
allowing the GUID index mode to be set later when LMDB is configured.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu May 3 11:08:12 CEST 2018 on sn-devel-144
- - - - -
ca387c22 by Joe Guo at 2018-05-03T11:42:11Z
samdb: fix wrong computer container dn for newcomputer
CN=Users --> CN=Computers
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Rowland Penny <rpenny at samba.org>
- - - - -
47713d64 by Andrew Bartlett at 2018-05-03T11:42:11Z
vfs_virusfilter_fsav: Initialize stack pointers per README.Coding
This allows a build with --address-sanitizer
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
a753ccfd by Andreas Schneider at 2018-05-03T14:33:54Z
s3:smbspool: Fix cmdline argument handling
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13417
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Thu May 3 16:33:54 CEST 2018 on sn-devel-144
- - - - -
d3b9d11b by Ralph Boehme at 2018-05-03T22:11:24Z
s3:cleanupd: use MSG_SMB_BRL_VALIDATE to signal cleanupd unclean process shutdown
Since 6423ca4bf293cac5e2f84b1a37bb29b06b5c05ed messaging_send_all()
broadcasts messages in a cluster, so cleanupd receives those broadcasts
and acts upon it by re-broadcasting the message. Result: message
storm.
By reactivating the currently unused MSG_SMB_BRL_VALIDATE for the
trigger message to cleanupd we avoid the storm.
Note that MSG_SMB_BRL_VALIDATE was unused only in the sense that noone
*listened* to it, but we were still *sending* the message in
smbd_parent_ctdb_reconfigured(). de6fe2a1dd6ab03b1c369b61da17fded72305b2d
removed listening for MSG_SMB_BRL_VALIDATE from cleanupd. This commits
brings it back.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13414
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
53ff08a2 by Ralph Boehme at 2018-05-04T01:02:27Z
s3:cleanupd: sends MSG_SMB_UNLOCK twice to interested peers
MSG_SMB_UNLOCK should be send to smbd that are waiting on blocked
byte-range-locks when a lock holder died.
In smbd_cleanupd_unlock() we do this twice: once via a broadcast and
then again via brl_revalidate() to processes that are actually recorded
in brlock.tdb.
As brl_revalidate() should already take care of signaling anyone who
would be interested in the message, there's no need to broadcast.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13416
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri May 4 03:02:28 CEST 2018 on sn-devel-144
- - - - -
0b6186bf by Garming Sam at 2018-05-04T04:12:10Z
netlogon: Add a comment regarding one of the DC location calls
It appears to be basically deprecated, as it was superceded by other
calls. Presumably it is also unused.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13365
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3fcb7680 by Garming Sam at 2018-05-04T04:12:10Z
dsdb: Allow the disable of the Windows server site fallback
A usage in GetDCNameEx2 could return the wrong result. This may need to
be fixed in other places.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13365
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
00cb8a3e by Garming Sam at 2018-05-04T04:12:10Z
netlogon: Allow return of error code in future asynchronous winbind forwards
We change the naming conventions to match dcesrv_netr_*_base_call used elsewhere.
This is important when we make the underlying Ex2 call asynchronous.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13365
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
972659eb by Garming Sam at 2018-05-04T04:12:10Z
tests/getdcname: Add a number of tests for GetDCNameEx
This will test the winbind forwarding to deal with sites that the target
DC does not exist in.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13365
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7d23177c by Garming Sam at 2018-05-04T04:12:10Z
winbindd_irpc: Add an IRPC call to trigger a DC locate
Calling the top level winbindd API would probably be more appropriate,
but we lack certain structures. We introduce this call in order to
return the result to NETLOGON (in order to give site-aware and domain
aware DC location).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13365
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6d188fe0 by Garming Sam at 2018-05-04T04:12:10Z
netlogon: Forward GetDCNameEx2 to winbind via IRPC
Here we simply forward everything without alteration (the same struct is
returned). This helps us to fix the case where the DC does not exist in
the target site, furthermore, this is supposed to work for trusted
domains.
In calling out to winbind, we now also notice if you provide a site
which exists in multiple domains and provide the correct domain (instead
of accidentally returning ourselves).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13365
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7b56b522 by Garming Sam at 2018-05-04T04:12:11Z
netlogon: Store the client site to clobber any plausibly returned via winbind
So far, I have never observed the case where the winbind call ever
bothered to return a proper site, but in case it ever does so, we
clobber it here. This has implications for returning a non-local domain
site name, but for now, we ignore them.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13365
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d1730d6f by Garming Sam at 2018-05-04T07:11:19Z
netlogon: Allow zero-GUID to act the same as NULL in GetDCNameEx2
This matches Windows behaviour and allows rpcclient to work against
Samba without knowing the GUID ahead of time. Errors related to this
don't appear to occur within selftest.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13365
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Fri May 4 09:11:19 CEST 2018 on sn-devel-144
- - - - -
631bca9e by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Reformatting of parts of this file to modern coding standards.
This should not change the code behavior in any way, it is just being
done to make it easier for me to move this code to calling the
standard read_file() function later on, which takes a file offset
to read from (and uses pread internally).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
6a42a24b by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Split handling of PE file into separate function.
This is *horrible* old code...
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
43d91685 by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Move handle_ne_file code into a separate function.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e943c5db by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Rename vfs_read_data() -> printing_read_data().
This is an internal printing call, nothing to do with the VFS.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b927b53a by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Rename printing_read_data() -> printing_pread_data() and add an offset parameter.
Currently pass -1 as the offset, so it's not used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4b580ee9 by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Make printing_pread_data() update the offset paramter, if not passed in as -1.
As all callers pass -1 here, still not used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
09aaed21 by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Use auto-updating of offset in printing_pread_data() to remove offset tracking in get_file_version().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0c736ae0 by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Add existing offset position as a parameter to handle_pe_file(), handle_ne_file()
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a87328ed by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Use passed in offset, and offset tracking in printing_pread_data() to remove seeks from handle_pe_file().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9bf5d0da by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Use offset tracking in printing_pread_data() to remove the seek in handle_ne_file().
Uses the fact that: lseek(fd, 0, SEEK_CUR) is merely getting the current file position,
which we have already tracked in in_pos.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
70eb5336 by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Now we never pass an offset of -1, remove the off_t==-1 protections from printing_pread_data().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
2bea1103 by Jeremy Allison at 2018-05-04T20:34:24Z
s3: printing: Remove the LSEEK in printing_pread_data() and use read_file() instead.
Removes last-but-one user of SMB_VFS_READ.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
75fde601 by Jeremy Allison at 2018-05-04T20:34:25Z
s3: torture: Make cmd_read use read_file().
Removed last user of SMB_VFS_READ.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c1bcf1e7 by Jeremy Allison at 2018-05-04T20:34:25Z
s3: VFS: Remove SMB_VFS_READ() function and all implementations.
All code in Samba now uses SMB_VFS_PREAD or SMB_VFS_PREAD_SEND.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
90bd7464 by Jeremy Allison at 2018-05-04T20:34:25Z
s3: VFS: default: Remove fallback if we don't have HAVE_PWRITE set. Samba doesn't work without pwrite.
Start of the changes to remove synchronous VFS write.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
23f4b3f0 by Jeremy Allison at 2018-05-04T20:34:25Z
s3: VFS: default: Remove recursion into the VFS inside the default pwrite call.
We already know we're at the POSIX level here.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
394ac908 by Jeremy Allison at 2018-05-04T20:34:25Z
s3: smbd: Remove the handling of offset == -1 in real_write_file().
All SMB1/2/3 offsets over the wire are absolute.
The only caller with offset == -1 is on a print-spool file
in reply_printwrite(), and write_file() redirects this
to print_spool_write(), which correctly handles the -1.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
25bad329 by Jeremy Allison at 2018-05-04T20:34:25Z
s3: VFS: Remove vfs_write_data(). No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
532ff3a5 by Jeremy Allison at 2018-05-04T20:34:25Z
s3: VFS: ceph: Replace the lseek/write ftruncate extend with pwrite.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
98f03064 by Jeremy Allison at 2018-05-04T20:34:25Z
s3: torture: Remove the last user of SMB_VFS_WRITE.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
30e6b599 by Jeremy Allison at 2018-05-04T23:38:07Z
s3: VFS: Remove SMB_VFS_WRITE() function and all implementations.
All code in Samba now uses SMB_VFS_PWRITE or SMB_VFS_PWRITE_SEND.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Sat May 5 01:38:07 CEST 2018 on sn-devel-144
- - - - -
abb80ce4 by Jeremy Allison at 2018-05-04T23:39:40Z
s3: client: Add btime_ts to struct finfo.
Fill it in when available, else return it as zero.
Based on a patch from Puran Chand <pchand at vmware.com>.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
bf13fe0f by Puran Chand at 2018-05-04T23:39:40Z
s3: libsmbclient: Add internal/external structures needed for readdirplus.
Not yet used.
Signed-off-by: Puran Chand <pchand at vmware.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
3fc5a797 by Puran Chand at 2018-05-04T23:39:40Z
s3: libsmbclient: Add readdirplus cleanup code on directory close.
Signed-off-by: Puran Chand <pchand at vmware.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
dd3f019d by Puran Chand at 2018-05-04T23:39:40Z
s3: libsmbclient: Add function add_dirplus() to fill the list from a returned file info.
Not yet externally visible.
Signed-off-by: Puran Chand <pchand at vmware.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
2166c2d3 by Puran Chand at 2018-05-04T23:39:40Z
s3: libsmbclient: Add new function SMBC_readdirplus_ctx().
New ABI function, move to library version 0.33.
Signed-off-by: Puran Chand <pchand at vmware.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
54f29891 by Jeremy Allison at 2018-05-05T02:31:18Z
tests: libsmbclient: Add a readdirplus() test suite.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat May 5 04:31:18 CEST 2018 on sn-devel-144
- - - - -
a66f9416 by Douglas Bagnall at 2018-05-05T02:32:42Z
auth/pycredentials: correct spelling of reponse
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
f94c9a13 by Douglas Bagnall at 2018-05-05T02:32:42Z
auth/ntlmssp_client: correct spelling of response
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
4eeb43d0 by Douglas Bagnall at 2018-05-05T02:32:42Z
autobuild: add compiler version to results tarball
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
6b7494f5 by Douglas Bagnall at 2018-05-05T02:32:42Z
perftest: ad_dc_medley failing base search failed to catch exception
This meant it only happened once.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
e6669d12 by Douglas Bagnall at 2018-05-05T02:32:42Z
gitignore .gdb_history anywhere in the tree
For when you run gdb in places like lib/ldb/ and it decides to leave
behind a history file.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
ac053b14 by Douglas Bagnall at 2018-05-05T02:32:42Z
.gitignore .agignore
.agingore is used by "the silver searcher", ag, which is a form of
grep with more useful defaults and prettier colours for searching
source trees.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
2c6cac99 by Douglas Bagnall at 2018-05-05T02:32:42Z
sambatool tests: make assertMatch use assertIn
With a note to tidy this up at some point
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
406284be by Douglas Bagnall at 2018-05-05T02:32:42Z
samba_kcc: remove an unused variable
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
cb40e2bb by Douglas Bagnall at 2018-05-05T02:32:42Z
autobuild: do not try to send email to no recipient
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
2073635d by Douglas Bagnall at 2018-05-05T05:25:13Z
traffic: ensure we are using the same division in py 2 and 3
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Sat May 5 07:25:13 CEST 2018 on sn-devel-144
- - - - -
ace735eb by Jeremy Allison at 2018-05-07T07:56:11Z
s3: vfs: vfs_streams_xattr: Don't blindly re-use the base file mode bits.
When returning the stat struct for an xattr stream,
we originally base the st_ex_mode field on the value
from the base file containing the xattr. If the base
file is a directory, it will have S_IFDIR set in st_ex_mode,
but streams can never be directories, they must be reported
as regular files.
The original code OR'ed in S_IFREG, but neglected to
AND out S_IFDIR.
Note this is not a complete to fix bug 13380 as
it doesn't fix the generic case with all streams
modules. See later fix and regression test.
Found in real-world use case by Andrew Walker <awalker at ixsystems.com>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
(cherry picked from commit 4d839d0f46b723ed6809bb932b9ebe4ead2cec82)
- - - - -
3d4a8f2c by Jeremy Allison at 2018-05-07T07:56:11Z
s3: smbd. Generic fix for incorrect reporting of stream dos attributes on a directory
According to MS-FSA a stream name does not have
separate DOS attribute metadata, so we must return
the DOS attribute from the base filename. With one caveat,
a non-default stream name can never be a directory.
As this is common to all streams data stores, we handle
it here instead of inside all stream VFS modules.
Otherwise identical logic would have to be added to
all streams modules in their [f]get_dos_attribute_fn()
VFS calls.
Found in real-world use case by Andrew Walker <awalker at ixsystems.com>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
(cherry picked from commit 118e77d86a7171f589f805fa4f63246b0cb63672)
- - - - -
81e7736c by Jeremy Allison at 2018-05-07T07:56:11Z
s3: tests: Regression test to ensure we can never return a DIRECTORY attribute on a stream.
Tests streams_xattr and also streams_depot.
Inspired from a real-world test case by Andrew Walker <awalker at ixsystems.com>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Apr 12 02:04:28 CEST 2018 on sn-devel-144
(cherry picked from commit 82beaf868f252c4bc975ddafd80240af6f679b83)
- - - - -
24a933e7 by Björn Jacke at 2018-05-07T07:56:11Z
printing: return the same error code as windows does on upload failures
Some print drivers inf files are broken and cause driver installation to fail
on Samba servers. Windows returns WERR_APP_INIT_FAILURE in that case, we should
do the same. Windows machines are less unlucky with that.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13395
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Björn Jacke <bj at sernet.de>
Autobuild-Date(master): Wed Apr 25 13:55:25 CEST 2018 on sn-devel-144
(cherry picked from commit 35f2afe411a3b22fb1befadb3bee8da1bc14753c)
- - - - -
b7b08709 by Christof Schmitt at 2018-05-07T07:56:11Z
rpcclient: Print number of entries for NetSessEnum
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 501819fa9e7926c2f54cb92d508ac0e8437fd476)
- - - - -
2fcd26a3 by Christof Schmitt at 2018-05-07T07:56:11Z
selftest: Add testcase for querying sessions after smbd crash
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e04846c7df8e3eec1f3dbb2fc5eaf47ceb1c44d2)
- - - - -
7cfaf700 by Christof Schmitt at 2018-05-07T07:56:11Z
rpc_server: Fix NetSessEnum with stale sessions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Apr 25 22:49:07 CEST 2018 on sn-devel-144
(cherry picked from commit a6fade4e10760284ef56abf45d3fa70038091cbe)
- - - - -
bde66337 by Amitay Isaacs at 2018-05-07T07:56:11Z
ctdb-client: Remove ununsed functions from old client code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13411
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 01c8dc7e15b8764a9b8c8e34b84d0cab790edf47)
- - - - -
0ccfe320 by Jeremy Allison at 2018-05-07T07:56:11Z
ceph: VFS: Add asynchronous fsync to ceph module, fake using synchronous call.
This will allow me to ultimately simplify the VFS by removing the synchronous
fsync VFS call.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13412
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Mon Apr 30 21:48:55 CEST 2018 on sn-devel-144
(cherry picked from commit aefe444d17a2eee3c0ff38bd34cf9e3f012ecf51)
- - - - -
dc7b7bee by Ralph Boehme at 2018-05-07T07:56:11Z
s3:cleanupd: use MSG_SMB_BRL_VALIDATE to signal cleanupd unclean process shutdown
Since 6423ca4bf293cac5e2f84b1a37bb29b06b5c05ed messaging_send_all()
broadcasts messages in a cluster, so cleanupd receives those broadcasts
and acts upon it by re-broadcasting the message. Result: message
storm.
By reactivating the currently unused MSG_SMB_BRL_VALIDATE for the
trigger message to cleanupd we avoid the storm.
Note that MSG_SMB_BRL_VALIDATE was unused only in the sense that noone
*listened* to it, but we were still *sending* the message in
smbd_parent_ctdb_reconfigured(). de6fe2a1dd6ab03b1c369b61da17fded72305b2d
removed listening for MSG_SMB_BRL_VALIDATE from cleanupd. This commits
brings it back.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13414
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit d3b9d11bade8bc52d08688ee66a4a20fe0a31a04)
- - - - -
02b898e4 by Jeremy Allison at 2018-05-07T12:25:28Z
s3: libsmbclient: Fix hard-coded connection error return of ETIMEDOUT.
We shouldn't hard-code the connection error as ETIMEDOUT when
we have a perfectly good NT_STATUS to map from.
Found by the ChromeOS guys trying to connect an SMB2-only client
to an SMB1-only supporting server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13419
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu May 3 02:42:20 CEST 2018 on sn-devel-144
(cherry picked from commit 795ec751ac5f6e58966385bec25063c4af4f185d)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Mon May 7 14:25:28 CEST 2018 on sn-devel-144
- - - - -
df16777c by Volker Lendecke at 2018-05-08T08:03:16Z
dsdb: Fix CID 1435453 Null pointer dereferences
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
2073fd09 by Amitay Isaacs at 2018-05-08T10:55:04Z
third_party: Update popt to 1.16 release
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue May 8 12:55:04 CEST 2018 on sn-devel-144
- - - - -
233d2213 by Volker Lendecke at 2018-05-08T21:48:07Z
samba-tool: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Rowland Penny <rpenny at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Tue May 8 23:48:07 CEST 2018 on sn-devel-144
- - - - -
4e78aeed by Vandana Rungta at 2018-05-09T02:28:11Z
s3: VFS: Fix memory leak in vfs_ceph.
Centralize error handling.
https://bugzilla.samba.org/show_bug.cgi?id=13424
Signed-off-by: Vandana Rungta <vrungta at amazon.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed May 9 04:28:11 CEST 2018 on sn-devel-144
- - - - -
1174b52b by Andrew Bartlett at 2018-05-09T02:29:48Z
ldb_tdb: Prevent ldb_tdb reuse after a fork()
We may relax this restriction in the future, but for now do not assume
that the caller has done a tdb_reopen_all() at the right time.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
daf79e5b by Gary Lockyer at 2018-05-09T02:29:48Z
ldb/tests: add tests for transaction_{start,commit}/lock_read across forks
(Split from a larger commit by Andrew Bartlett)
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
3b069156 by Andrew Bartlett at 2018-05-09T02:29:48Z
ldb: Reset errno before checking it in ltdb_connect()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
21366649 by Andrew Bartlett at 2018-05-09T02:29:48Z
ldb_tdb: Allow use of a TDB for ldb_tdb after as fork()
Otherwise we rely on the caller doing tdb_reopen_all() which should
not be their job.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
f891b8dc by Andrew Bartlett at 2018-05-09T02:29:48Z
ldb: Add tests for ldb_tdb use after a fork()
We need to show that despite the internal cache of TDB pointers that it
is safe to open a ldb_tdb after a fork()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
ba33d90e by Andrew Bartlett at 2018-05-09T05:27:24Z
ldb: Ensure we can open a new LDB after a fork()
Based on work for an mdb-specific test by Gary Lockyer
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed May 9 07:27:24 CEST 2018 on sn-devel-144
- - - - -
4a9c164d by Andreas Schneider at 2018-05-09T07:48:21Z
smbspool: Improve URI handling code
This also checks that the URI given via the environment variables
starts with smb://
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(cherry picked from commit a6eac8f64989235e7a297c14e349d98a3fc70e47)
- - - - -
4b793d97 by Simo Sorce at 2018-05-09T08:38:57Z
Fix Jean François name to be UTF-8
Signed-off-by: Simo Sorce <idra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed May 9 10:38:57 CEST 2018 on sn-devel-144
- - - - -
bb5cee36 by Andreas Schneider at 2018-05-09T12:22:22Z
s3:smbspool: Fix cmdline argument handling
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13417
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit a753ccfd946aaad320977ae8c5f483f73077c3f8)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Wed May 9 14:22:22 CEST 2018 on sn-devel-144
- - - - -
bc2beedf by Ralph Boehme at 2018-05-09T17:18:43Z
libcli: remove unused se_create_child_secdesc_buf()
Commit e2c9ad93cb914186b89e2055f1bed3cceee1f768 removed the last caller
of this.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed May 9 19:18:44 CEST 2018 on sn-devel-144
- - - - -
f0e6453b by David Disseldorp at 2018-05-09T17:30:15Z
vfs_ceph: add fake async pwrite/pread send/recv hooks
As found by Jeremy, VFS modules that don't provide pread_send() or
pwrite_send() hooks result in vfs_default fallback, which is
catastrophic for VFS modules with non-mounted filesystems such as
vfs_ceph.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13425
Reported-by: Jeremy Allison <jra at samba.org>
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
52dc959b by Jeremy Allison at 2018-05-09T20:24:38Z
s3: smbd: Remove unused counters for outstanding aio calls.
Only a debug message used this.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed May 9 22:24:38 CEST 2018 on sn-devel-144
- - - - -
79ba530a by Gary Lockyer at 2018-05-10T18:02:22Z
dsdb: refactor password attibutes to constant
The password attributes are defined as literal in two places in the
password_hash code. They will also be needed to support password change
logging. This patch replaces the individual definitions with a shared
constant.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1488723a by Gary Lockyer at 2018-05-10T18:02:22Z
auth: Add unique session GUID identifier
Generate a GUID for each successful authorization, this will allow the
tying of events in the logs back to a specific session.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
52a3318b by Gary Lockyer at 2018-05-10T18:02:22Z
auth log: Log the unique session GUID
Log the unique_session_token GUID on successful Authorizations.
This patch adds the "sessionID" attribute to the Authorization object
and increments the version to 1.1
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
fdf82755 by Gary Lockyer at 2018-05-10T18:02:23Z
auth logging tests: Add tests for sessionId
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8cf4e546 by Gary Lockyer at 2018-05-10T18:02:23Z
auth logging tests: Clean up flake8 warnings
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
daa7b60a by Gary Lockyer at 2018-05-10T18:02:23Z
dsdb: pass the remote address to samdb connect
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5c0345ea by Gary Lockyer at 2018-05-10T18:02:23Z
samdb: Add remote address to connect
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
01fab30a by Gary Lockyer at 2018-05-10T18:02:23Z
samdb: Add transaction id control
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b07b4e45 by Christof Schmitt at 2018-05-10T20:47:15Z
loadparm: Remove unused realm_original
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu May 10 22:47:15 CEST 2018 on sn-devel-144
- - - - -
59742894 by Tim Beale at 2018-05-11T04:01:23Z
tests: Move repeated code into a helper function
Several tests hang all the objects they create off a unique OU.
Having a common OU makes cleanup easier, and having a unique OU (i.e.
adding some randomness) helps protect against one-off test failures
(Replication between testenvs is happening in the background.
Occasionally, when a test finishes on one testenv and moves onto the
next testenv, that testenv may have received the replicated test
objects from the first testenv, but has not received their deletion
yet).
Rather than copy-n-pasting this code yet again, split it out into a
helper function.
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
d0a9e191 by Tim Beale at 2018-05-11T04:01:23Z
tests: Split out setUp code into separate function for reuse
Any test that wants to change a password has to set the dSHeuristics
and minPwdAge first in order for the password change to work. The code
that does this is duplicated in several tests. This patch splits it out
into a static method so that the code can be reused rather than
duplicated.
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
78ebfcfa by Tim Beale at 2018-05-11T04:01:23Z
tests: Add tests for Password Settings Objects
a.k.a Fine-Grained Password Policies
These tests currently all run and pass gainst Windows, but fail against
Samba. (Actually, the permissions test case passes against Samba,
presumably because it's enforced by the Schema permissions).
Two helper classes have been added:
- PasswordSettings: creates a PSO object and tracks its values.
- TestUser: creates a user and tracks its password history
This allows other existing tests (e.g. password_lockout, password_hash)
to easily be extended to also cover PSOs.
Most test cases use assert_PSO_applied(), which asserts:
- the correct msDS-ResultantPSO attribute is returned
- the PSO's min-password-length, complexity, and password-history
settings are correctly enforced (this has been temporarily been hobbled
until the basic constructed-attribute support is working).
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
f5d67c10 by Tim Beale at 2018-05-11T04:01:23Z
tests: Add comments to help explain password_lockout tests
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
f94f4728 by Tim Beale at 2018-05-11T04:01:24Z
tests: Add PSO test case to existing password_lockout tests
This checks that the lockout settings of the PSO take effect when one is
applied to a user. Import the password_settings code to create/apply a
PSO with the same lockout settings that the test cases normally use.
Then update the global settings so that the default lockout settings are
wildly different (i.e. so the test fails if the default lockout settings
get used instead of the PSO's).
As the password-lockout tests are quite slow, I've selected test cases
that should provide sufficient PSO coverage (rather than repeat every
single password-lockout test case in its entirety).
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
17d8d475 by Tim Beale at 2018-05-11T04:01:24Z
tests: Add test for password-lockout via SAMR RPC
The existing password_lockout tests didn't check for changing the
password via the SAMR password_change RPC. This patch adds a test-case
for this, using the default domain lockout settings (which passes), and
then repeats the same test using a PSO (which fails).
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
823dec9d by Tim Beale at 2018-05-11T04:01:24Z
tests: Add a test case for msDS-PasswordReversibleEncryptionEnabled
Add a test for the 'msDS-PasswordReversibleEncryptionEnabled' attribute
on the PSO. The Effective-PasswordReversibleEncryptionEnabled is
based on the PSO setting (if one applies) or else the
DOMAIN_PASSWORD_STORE_CLEARTEXT bit for the domain's pwdProperties.
This indicates whether the user's cleartext password is to be stored
in the supplementalCredentials attribute (as 'Primary:CLEARTEXT').
The password_hash tests already text the cleartext behaviour, so I've
added an additional test case for PSOs. Note that supplementary-
credential information is not returned over LDAP (the password_hash
test uses a local LDB connection), so it made more sense to extend
the password_hash tests than to check this behaviour as part of the
PSO tests (i.e. rather than in password_settings.py).
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
fcdb935e by Tim Beale at 2018-05-11T04:01:24Z
dsdb: Use attribute-name parameter for error message
We'll reuse this code for working out the msDS-ResultantPSO, so
references to 'tokenGroups' in error messages would be misleading.
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
8a105af7 by Tim Beale at 2018-05-11T04:01:24Z
dsdb: Split out construct_generic_token_groups() so we can reuse it
construct_generic_token_groups() currently works out the entire group
membership for a user, including the primaryGroupID. We want to do the
exact same thing for the msDS-ResultantPSO constructed attribute.
However, construct_generic_token_groups() currently adds the resulting
SIDs to the LDB search result, which we don't want to do for
msDS-ResultantPSO.
This patch splits the bulk of the group SID calculation work out into
a separate function that we can reuse for msDS-ResultantPSO. basically
this is just a straight move of the existing code. The only real change
is the TALLOC_CTX is renamed (tmp_ctx --> mem_ctx) and now passed into
the new function (so freeing it if an error conditions is hit is now
done in the caller).
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
0da9dbbf by Tim Beale at 2018-05-11T04:01:24Z
netcmd: Small tweak to retrieving pwdProperties
Currently the 'samba-tool domain passwordsettings' command shares a
'set' and 'show' option, but there is very little common code between
the two. The only variable that's shared is pwd_props, but there's a
separate API we can use to get this. This allows us to split the command
into a super-command in a subsequent patch.
Fixed up erroneous comments while I'm at it.
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
7255e0ce by Tim Beale at 2018-05-11T04:01:24Z
netcmd: Split 'domain passwordsettings' into a super-command
The show and set options are not really related to each other at all, so
it makes sense to split the code into 2 separate commands.
We also want to add separate sub-commands for PSOs in a subsequent
patch.
Because of the way the sub-command was implemented previously, it meant
that you could specify other command-line options before the 'set' or
'show' keyword, and the command would still be accepted. However, now
that it's a super-command 'set'/'show' needs to be specified before any
additional arguments, so we need to update the test code to reflect
this.
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
569937b8 by Tim Beale at 2018-05-11T07:06:10Z
tests: Add tests for samba-tool passwordsettings commands
I've added a test case for 'samba-tool domain passwordsettings set/show'
to prove I haven't broken it. It's behaviour shouldn't have changed, but
there was no test for it previously.
We'll extend these tests in the very near future, when we add samba-tool
support for managing PSOs.
The base samba_tool test's runsubcmd() only handled commands with
exactly one sub-command, i.e. it would handle the command 'samba-tool
domain passwordsettings' OK, but not 'samba-tool domain passwordsettings
set' (The command still seemed to run OK, but you wouldn't get the
output/err back correctly). A new runsublevelcmd() function now handles
a varying number of sub-commands.
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Fri May 11 09:06:10 CEST 2018 on sn-devel-144
- - - - -
9bc2b922 by Andreas Schneider at 2018-05-11T07:07:36Z
selftest: Make sure we have correct group mappings
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0d2f743d by Andreas Schneider at 2018-05-11T07:07:36Z
nsswitch: Add a test looking up the user using the upn
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0aceca6a by Andreas Schneider at 2018-05-11T07:07:36Z
nsswitch: Add a test looking up domain sid
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
4fa811ec by Andreas Schneider at 2018-05-11T07:07:36Z
nsswitch: Lookup the domain in tests with the wb seperator
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
5319cae0 by Andreas Schneider at 2018-05-11T07:07:36Z
selftest: Add a user with a different userPrincipalName
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
2715f52f by Andreas Schneider at 2018-05-11T07:07:36Z
nsswitch:tests: Add test for wbinfo --user-info
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
789c89e6 by Stefan Metzmacher at 2018-05-11T07:07:36Z
winbind: Pass upn unmodified to lookup names
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
- - - - -
32770e92 by Andreas Schneider at 2018-05-11T07:07:37Z
winbind: Remove unused function parse_domain_user_talloc()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
a05b63db by Andreas Schneider at 2018-05-11T07:07:37Z
winbind: Fix UPN handling in parse_domain_user()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
1766f774 by Andreas Schneider at 2018-05-11T10:02:37Z
winbind: Fix UPN handling in canonicalize_username()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri May 11 12:02:37 CEST 2018 on sn-devel-144
- - - - -
e8a04f72 by Volker Lendecke at 2018-05-11T18:33:13Z
printing: Fix CID 1435452 (TAINTED_SCALAR)
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ira Cooper <ira at samba.org>
- - - - -
12f6d56c by Ralph Boehme at 2018-05-11T18:33:13Z
s4:torture/smb2: new test for interaction between chown and SD flags
This passes against Windows, but fails against Samba.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13432
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ced55850 by Ralph Boehme at 2018-05-11T21:30:31Z
s3:smbd: fix interaction between chown and SD flags
A change ownership operation that doesn't set the NT ACLs must not touch
the SD flags (type).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13432
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri May 11 23:30:32 CEST 2018 on sn-devel-144
- - - - -
5ca89d84 by Joe Guo at 2018-05-12T00:09:25Z
Fix typo for response
reponse --> response
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
fe53f0b3 by Mathieu Parent at 2018-05-12T00:09:25Z
Fix spelling s/allows to/allows one to/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
b2a1dea0 by Mathieu Parent at 2018-05-12T00:09:25Z
Fix spelling s/anwser/answer/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
8fc64d45 by Mathieu Parent at 2018-05-12T00:09:25Z
Fix spelling s/authenticaiton/authentication/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
f74090c8 by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/conection/connection/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
685f4528 by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/coult/could/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
3a7b1295 by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/desriptor/descriptor/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2bde81db by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/doens't/doesn't/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
4e476424 by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/Everytime/Every time/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
f5b908d8 by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/formated/formatted/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
fd46fd09 by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/fowarding/forwarding/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2bacc1ca by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/malicous/malicious/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
fab4fe9c by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/missmatch/mismatch/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
1af89686 by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/openened/opened/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
7ad87bb4 by Mathieu Parent at 2018-05-12T00:09:26Z
Fix spelling s/opions/options/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
e8a3a436 by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/ouput/output/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
6fa770fd by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/processs/process/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
8ed28734 by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/propogate/propagate/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
43ec8c6b by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/protcol/protocol/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
25ac1f19 by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/receving/receiving/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
44ae0885 by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/retrive/retrieve/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
8f7749cd by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/retun/return/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
c55248bb by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/specfied/specified/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
66a9b534 by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/succesfully/successfully/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
5a0fd87b by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/unitialized/uninitialized/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
15d2f4f8 by Mathieu Parent at 2018-05-12T00:09:27Z
Fix spelling s/unsuported/unsupported/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
d4bbff5c by Mathieu Parent at 2018-05-12T00:09:28Z
Fix pidl manpage sections
.TH header should match file name (i.e 3pm and not 3 for Parse::Pidl::NDR).
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
674fd1c2 by Mathieu Parent at 2018-05-12T00:09:28Z
Improve vfs_linux_xfs_sgid manpage
- Add missing refpurpose and describe the "circumstances"
- Replace dangling link by archive.org backup
- Add fixed Linux version and commit link
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
6a6d1424 by Joe Guo at 2018-05-12T00:09:28Z
cmd_drsuapi: add dswriteaccountspn command
The dswriteaccountspn command is missing in drsuapi, add it so we can
use it in rpcclient.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
656ec98e by Joe Guo at 2018-05-12T00:09:28Z
pycredentials: add py_creds_get_secure_channel_type
We have only set, need get.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2a4261c0 by Andrew Bartlett at 2018-05-12T00:09:28Z
selftest: Add a test for creds.{get,set}_secure_channel_type()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
4d950527 by Joe Guo at 2018-05-12T00:09:28Z
traffic: add paged_results control for ldb search
While there are more then 1000 records in the search result from Windows,
a `LDAP_SIZE_LIMIT_EXCEEDED` error will be returned.
Add paged_results control to fix.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
5ed16829 by Joe Guo at 2018-05-12T00:09:28Z
traffic_replay: set gensec features to encrypt credentials
While running traffic_replay script against windows dc, it will fail
with a `LDAP_UNWILLING_TO_PERFORM` error for adding user.
Windows requires the credentials to be encrypted before sending.
`set_gensec_features` will fix it.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
4e373366 by Joe Guo at 2018-05-12T00:09:28Z
traffic_replay: fix typo in message string
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
8d8ef486 by Joe Guo at 2018-05-12T00:09:28Z
traffic_packets: support NT_STATUS_NO_SUCH_DOMAIN in packet_lsarpc_39
For packet_lsarpc_39, samba will return NT_STATUS_OBJECT_NAME_NOT_FOUND,
however, windows will return NT_STATUS_NO_SUCH_DOMAIN.
Allow both status for now to keep compatiable with both samba and
windows DC.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
34e35c4c by Joe Guo at 2018-05-12T00:09:28Z
traffic: add credentials to samr
lp and creds are missing in SamrContext and samr connection.
While run traffic_replay against windows, this will cause
`Access Denied` error.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
51333c15 by Joe Guo at 2018-05-12T00:09:28Z
traffic_packets: replace level 102 to 101 for packet_srvsvc_21
Level 102 will cause WERR_ACCESS_DENIED error against Windows, because:
> If the level is 102 or 502, the Windows implementation checks whether
> the caller is a member of one of the groups previously mentioned or
> is a member of the Power Users local group.
It passed against Samba since this check is not implemented by Samba yet.
refer to:
https://msdn.microsoft.com/en-us/library/cc247297.aspx#Appendix_A_80
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
14af041c by Joe Guo at 2018-05-12T00:09:29Z
traffic_packets: replace share_name from netlogon to IPC$ for packet_srvsvc_16
Sharename list for Windows:
Sharename Type Comment
--------- ---- -------
ADMIN$ Disk Remote Admin
C$ Disk Default share
IPC$ IPC Remote IPC
For Samba:
Sharename Type Comment
--------- ---- -------
netlogon Disk
sysvol Disk
IPC$ IPC IPC Service
While test packet_srvsvc_16 with share_name `netlogon`,
it passed Samba, and got a WERR_NERR_NETNAMENOTFOUND error for Windows.
Change share name to `IPC$` so Samba and Windows have it in common.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
eafda913 by Joe Guo at 2018-05-12T00:09:29Z
traffic_packets: add windows instructions for ldap 0 simple bind
To run packet_ldap_0 simple bind test against Windows, we need to
install CA on Windows with following PowerShell commands:
Install-windowsfeature ADCS-Cert-Authority
Install-AdcsCertificationAuthority -CAType EnterpriseRootCA
Restart-Computer
Otherwise we will get `NT_STATUS_CONNECTION_RESET` error.
Didn't change any code, just add above instructions in comment.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
9cabb16b by Joe Guo at 2018-05-12T00:09:29Z
traffic_packets: add trailing $ to fix packet_rpc_netlogon_30
For `NetrServerPasswordSet2`, the 2nd arg `account_name` must end with a
$, otherwise windows will return an `Access Denied` error.
Use `creds.get_username()` instead of `creds.get_workstation()` to
include the trailing $.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
7c93fb57 by Joe Guo at 2018-05-12T00:09:29Z
traffic_packets: provision request data for packet_drsuapi_13
The `drsuapi.DsWriteAccountSpnRequest1` struct in this packet was empty before.
Samba lets it go but Windows will report an invalid parameter error.
Provision the request with proper data, and give user permission to
write account SPN.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
fd2bcd5d by Joe Guo at 2018-05-12T00:09:29Z
traffic: set domain on user_creds and machine_creds
The domain is missing in traffic user and machine credential, this will cause
some packet tests fail against windows.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
7181af9f by Joe Guo at 2018-05-12T00:09:29Z
traffic_replay: fetch domain from creds other than opts
For traffic_replay script, when user provides `--workgroup` or `-W` option,
it will be set on the creds option group, not the default opts one.
The previous code will not work properly when smb.conf file is missing.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
4fb5e28b by Joe Guo at 2018-05-12T00:09:29Z
traffic: grant user write permission
Some packets need user to have write permission, e.g.: writeaccountspn
Grant user write permission then we can send packets successfully.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
5107e56a by Joe Guo at 2018-05-12T00:09:29Z
traffic: simplify forget_packets_outside_window
Make code compact, and improve performance a little bit.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
c1af6a0d by Joe Guo at 2018-05-12T00:09:29Z
traffic: improve add_short_packet by avoiding str.split
Avoid str.split, which will repeat for each packet.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
38fc8125 by Joe Guo at 2018-05-12T00:09:29Z
traffic: improve is_really_a_packet
This function will repeat on each packet.
Avoid exception for getattr, which is expensive for performance.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
454d8148 by Garming Sam at 2018-05-12T00:09:29Z
Fix spelling s/woks/works
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b3799fb6 by Garming Sam at 2018-05-12T00:09:29Z
gpo: Ensure all files are retrieved in fetch
.ini files are normally set as hidden, and will not be found over SMB.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cda3b233 by Garming Sam at 2018-05-12T02:57:29Z
pysmb: Add some more documentation for conn.list
There are two options which are undocumented.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat May 12 04:57:29 CEST 2018 on sn-devel-144
- - - - -
36e7043f by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-tests: Continue running if a testcase is not executable
At the moment the whole test run aborts without printing a summary of
results but inexplicably succeeds. Instead, generate a clear failure
for a non-executable testcase.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
5d7d53b2 by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-scripts: Don't load CTDB configuration in statd-callout
The only configuration options used by statd-callout are NFS_HOSTNAME,
which comes from the NFS system configuration file, and
CTDB_NFS_CALLOUT, which is exported by the 60.nfs event script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
574af23e by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-scripts: Don't load CTDB configuration in onnode
onnode does not use any configuration options.
Drop sourcing of functions file since the only function used was
loadconfig().
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
130f37c2 by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-scripts: Don't check for CTDB_PARTIALLY_ONLINE_INTERFACES clash
Just document that NAT gateway and LVS are not compatible with this
option. Update the documentation to make it clear that this is a
10.interface option.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
31f26e97 by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-tests: Separate support script for 06.nfs
Including 60.nfs was too simple a hack, since we will want to do some
magic to use the configuration from 60.nfs for 06.nfs.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
00f35b7b by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-scripts: Add global script.options configuration file
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
02444e5f by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-scripts: Allow load_script_options() to specify an event script
This allows other scripts to use the given options for a particular
event script. One interesting example is that the ctdb_natgw tool
should look for configuration in events.d/11.natgw.options.
In the future this will be something like
events/failover/11.natgw.options, so require the component to be
specified even though it isn't yet used.
Test support is also updated.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ac1c12b5 by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-scripts: Use load_script_options() in miscellaneous scripts
Some of these just aim to load the generic script.options file while
others target more specific files.
For NFS configuration, always use 60.nfs.options - even for 06.nfs.
This could be carefully documented but will change a lot before
release so there is no need.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a8ccf41b by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-docs: Document script.options
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f63f9053 by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-config: Add a default script.options file
Include it in the RPM.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
74230c59 by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-docs: Document system options and resource controls
The existing configuration file is disappearing so these configuration
options need a new home that is not handled by ctdbd_wrapper.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7e31a138 by Martin Schwenke at 2018-05-12T04:11:17Z
ctdb-config: Add default ctdb.sysconfig file, update ctdb.service
Install ctdb.sysconfig in RPM.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b9d01fdd by Martin Schwenke at 2018-05-12T07:13:28Z
ctdb-scripts: Drop CTDB_SUPPRESS_COREFILE and CTDB_MAX_OPEN_FILES options
These should be done using features provided by the operating system.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Sat May 12 09:13:28 CEST 2018 on sn-devel-144
- - - - -
6a09162d by Aaron Haslett at 2018-05-12T07:15:07Z
ldb: removing prior secret from logs
priorSecret, like secret, can contain a machine account password
(for secrets.ldb) and so should not be printed in a debug
trace.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13353
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
8b72d4c7 by Aaron Haslett at 2018-05-12T07:15:07Z
samdb rid: clear cache to prevent old ntds_guid
During the new samba-tool domain backup restore the NTDS GUID changes
as the server is taken over by the new DC record.
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
77ea31bc by Aaron Haslett at 2018-05-12T10:05:31Z
devel: removing unused code from chgkrbtgtpass
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat May 12 12:05:31 CEST 2018 on sn-devel-144
- - - - -
b72d5fc7 by Amitay Isaacs at 2018-05-12T10:06:28Z
ctdb-packaging: Package all helpers using wildcard
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
356dacc6 by Amitay Isaacs at 2018-05-12T10:06:28Z
ctdb-common: Add command line processing abstraction
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
fe25aa75 by Amitay Isaacs at 2018-05-12T10:06:28Z
ctdb-common: Add utility code to get various paths
This will construct correct paths when running with CTDB_TEST_MODE.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
b2eaacaa by Amitay Isaacs at 2018-05-12T10:06:28Z
ctdb-common: Add path tool
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
cb64a7ca by Amitay Isaacs at 2018-05-12T10:06:28Z
ctdb-tests: Setup $CTDB_BASE/{run,var} directories
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
77539b47 by Amitay Isaacs at 2018-05-12T10:06:28Z
util: Add tini to samba-util-core
So it can be used by CTDB.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
70250411 by Amitay Isaacs at 2018-05-12T10:06:28Z
ctdb-common: Add config file parsing code
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
e96e1def by Amitay Isaacs at 2018-05-12T10:06:28Z
ctdb-common: Add config options tool
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
fec40ea5 by Amitay Isaacs at 2018-05-12T10:06:28Z
ctdb-common: Refactor log backend parsing code
This will allow to add a validator for logging specification.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
7ef8dbc7 by Amitay Isaacs at 2018-05-12T10:06:28Z
ctdb-common: Add a function to validate logging specification
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
8f97c17d by Martin Schwenke at 2018-05-12T10:06:28Z
ctdb-common: Add config options for logging
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
fcda17cb by Amitay Isaacs at 2018-05-12T13:01:32Z
ctdb-tools: Add logging config options to config tool
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Sat May 12 15:01:32 CEST 2018 on sn-devel-144
- - - - -
63648af5 by Noel Power at 2018-05-12T19:38:16Z
python/samba: Bulk replace of '.next()' method with function 'next()'
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7399da0b by Noel Power at 2018-05-12T19:38:16Z
samba_tool: Py2/Py3 compatability fix tuple assigment
replace
(foo, bar) = e
with
(foo, bar) = e.args
while will run in with both python2 and python3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9410cea3 by Noel Power at 2018-05-12T19:38:16Z
samba_tool: make exception handling statements py2/py3 compatible
Fix some missed conversions of
except Exception, e:
to
except Exception as e:
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a0cd47fd by Noel Power at 2018-05-12T19:38:16Z
python/samba/provision: Fix urllib.quote usage for py2/py3
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ee363db5 by Noel Power at 2018-05-12T19:38:16Z
python/samba: Ensure md5 always provided with bytes
To allow code run in both python3 and python2 we have to ensure
that md5 always receives bytes
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9c543376 by Noel Power at 2018-05-12T19:38:16Z
python/samba/tests: py2/py3 compatability replace xrange with range
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5f330840 by Noel Power at 2018-05-12T19:38:17Z
s4/dsdb/tests: py2/py3 compatability replace xrange with range
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
504fca73 by Noel Power at 2018-05-12T19:38:17Z
samba_tool: replace xrange -> range
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
521bc605 by Noel Power at 2018-05-12T19:38:17Z
Bulk: enclose .keys() method with list where list (from python2) expected
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ff1920fb by Noel Power at 2018-05-12T19:38:17Z
s4/scripting/bin: py2/py3 compatability always decode result of b64encode
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bf95ecb3 by Noel Power at 2018-05-12T19:38:17Z
s4/scripting/devel: py2/py3 compatability always decode result of b64encode
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6f30a0b5 by Noel Power at 2018-05-12T19:38:17Z
s4/dsdb/tests: py2/py3 compatability always decode result of b64encode
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c50ccc71 by Noel Power at 2018-05-12T19:38:17Z
python/samba: py2/py3 compatability always decode result of b64encode
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
26c4084a by Noel Power at 2018-05-12T22:24:35Z
auth/credentials/test: py2/py3 compat always decode result of b64encode
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun May 13 00:24:35 CEST 2018 on sn-devel-144
- - - - -
9a513304 by Stefan Metzmacher at 2018-05-13T08:27:28Z
s4:lsa_lookup: remove TALLOC_FREE(state) after all dcesrv_lsa_Lookup{Names,Sids}_base_map() calls
This completes the regression fix of commit 7e091e505156381e385235ab4518b4d133a98497.
There might be strings allocated on state, which are part of the
result.
The reason for the TALLOC_FREE(state) was to cleanup the possible
irpc_handle before leaving the function. Now we call
TALLOC_FREE(state->wb.irpc_handle) explicitly in
dcesrv_lsa_Lookup{Names,Sids}_base_done() instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13420
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun May 13 10:27:28 CEST 2018 on sn-devel-144
- - - - -
31cba34a by Volker Lendecke at 2018-05-13T21:43:56Z
smbd: Fix "reset on zero vc"
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13340
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Sun May 13 23:43:56 CEST 2018 on sn-devel-144
- - - - -
72f98f97 by Joe Guo at 2018-05-14T00:53:16Z
traffic: change machine creds secure channel type
SEC_CHAN_WKSTA --> SEC_CHAN_BDC
This will fix netlogon failure against windows.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2fc6cbb8 by Joe Guo at 2018-05-14T00:53:16Z
traffic: fix userAccountControl for machine account
change userAccountControl from
UF_WORKSTATION_TRUST_ACCOUNT | UF_PASSWD_NOTREQD
to
UF_TRUSTED_FOR_DELEGATION | UF_SERVER_TRUST_ACCOUNT
This will fix NetrServerPasswordSet2 failure in packet_rpc_netlogon_30
while testing against windows.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
21c82072 by Joe Guo at 2018-05-14T00:53:16Z
traffic: optimize packet init for better performance
When we run traffic_replay, we are creating millions of Packet objects.
So small change in Packet.__init__ will make big difference.
By initializing packet with converted values without parsing string, the time
cost for 3961148 calls of Packet.__init__ dcrease from 17s to 4s, according
to cProfile.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
d444221d by Joe Guo at 2018-05-14T03:38:06Z
traffic: improve add_short_packet by avoiding dict.get
dict.get is slower than [].
Avoid get to improve performance.
(For 3989418 calls, total time decease from 9.395 to 8.573)
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon May 14 05:38:06 CEST 2018 on sn-devel-144
- - - - -
1b34b869 by Ralph Boehme at 2018-05-14T07:58:07Z
s3:cleanupd: sends MSG_SMB_UNLOCK twice to interested peers
MSG_SMB_UNLOCK should be send to smbd that are waiting on blocked
byte-range-locks when a lock holder died.
In smbd_cleanupd_unlock() we do this twice: once via a broadcast and
then again via brl_revalidate() to processes that are actually recorded
in brlock.tdb.
As brl_revalidate() should already take care of signaling anyone who
would be interested in the message, there's no need to broadcast.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13416
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri May 4 03:02:28 CEST 2018 on sn-devel-144
(cherry picked from commit 53ff08a2cf838c0f1c3f050ac2aa13fc3acc5981)
- - - - -
234216c1 by Andrew Bartlett at 2018-05-14T07:58:07Z
s4-lsa: Fix use-after-free in LSA server
This is a regression introduced in ab7988aa2fd1a43f576a4b73a6893c61c7ef1957.
The state variable contains the data to be returned to the client
and packed into NDR after the function returned.
This memory needs to be kept (on mem_ctx as parent) until that is
pushed and freed by the caller.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13420
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit 7e091e505156381e385235ab4518b4d133a98497)
- - - - -
060a0479 by Stefan Metzmacher at 2018-05-14T07:58:07Z
s4:lsa_lookup: remove TALLOC_FREE(state) after all dcesrv_lsa_Lookup{Names,Sids}_base_map() calls
This completes the regression fix of commit 7e091e505156381e385235ab4518b4d133a98497.
There might be strings allocated on state, which are part of the
result.
The reason for the TALLOC_FREE(state) was to cleanup the possible
irpc_handle before leaving the function. Now we call
TALLOC_FREE(state->wb.irpc_handle) explicitly in
dcesrv_lsa_Lookup{Names,Sids}_base_done() instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13420
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun May 13 10:27:28 CEST 2018 on sn-devel-144
(cherry picked from commit 9a513304adadd79d1c63d55fcf06b67ed45d43ba)
- - - - -
01c335dd by Vandana Rungta at 2018-05-14T07:58:07Z
s3: VFS: Fix memory leak in vfs_ceph.
Centralize error handling.
https://bugzilla.samba.org/show_bug.cgi?id=13424
Signed-off-by: Vandana Rungta <vrungta at amazon.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed May 9 04:28:11 CEST 2018 on sn-devel-144
(cherry picked from commit 4e78aeedb8329953df83fc7f2c191b2c97a051d0)
- - - - -
54c537a0 by David Disseldorp at 2018-05-14T07:58:07Z
vfs_ceph: add fake async pwrite/pread send/recv hooks
As found by Jeremy, VFS modules that don't provide pread_send() or
pwrite_send() hooks result in vfs_default fallback, which is
catastrophic for VFS modules with non-mounted filesystems such as
vfs_ceph.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13425
Reported-by: Jeremy Allison <jra at samba.org>
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f0e6453b0420fe9d062936d4ddc05f44b40cf2ba)
- - - - -
7557c5df by Andrew Bartlett at 2018-05-14T07:58:07Z
winbindd: Add a cache of the samr and lsa handles for the passdb domain
This domain is very close, in AD DC configurations over a internal ncacn_np pipe
and otherwise in the same process via C linking. It is however very expensive
to re-create the binding handle per SID->name lookup, so keep a cache.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13430
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit d418d0ca33afb41a793a2fff19ca68871aa5e9ef)
- - - - -
32a5538a by Andrew Bartlett at 2018-05-14T13:11:11Z
winbindd: Do re-connect if the RPC call fails in the passdb case
This is very, very unlikely but possible as in the AD case the RPC server is in
another process that may eventually be able to restart.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13430
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit fc9150dcab231fe9beb72e198b0c2742d5f2505f)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Mon May 14 15:11:11 CEST 2018 on sn-devel-144
- - - - -
e45b5047 by Björn Baumbach at 2018-05-14T16:27:17Z
samba-tool computer: fix wrong computer container in help message
CN=Users --> CN=Computers
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
9be8ef19 by Björn Baumbach at 2018-05-14T16:27:17Z
docs-xml:samba-tool.8: fix wrong default computer container name
CN=Users --> CN=Computers
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
171750e9 by Björn Jacke at 2018-05-14T19:15:21Z
s3/wscript: remove test, that we do in lib/replace
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Björn Baumbach <bb at sernet.de>
Autobuild-User(master): Björn Baumbach <bbaumbach at samba.org>
Autobuild-Date(master): Mon May 14 21:15:21 CEST 2018 on sn-devel-144
- - - - -
6fda57d3 by Andrew Bartlett at 2018-05-15T01:36:08Z
build: Make --with-json-audit the default
Thanks to Rowland for a clear description of the behaviour for the smb.conf manpage.
This means that those not wanting to link to libarchive will just need to
build --without-json-audit.
In general, we prefer that optional libraries be required by default
so that they are not accidentially missed, particularly in packages.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
78c8e699 by Andrew Bartlett at 2018-05-15T01:36:08Z
build: Make --with-libarchive the default
This means that those not wanting to link to libarchive will just need to
build --without-libarchive.
In general, we prefer that optional libraries be required by default
so that they are not accidentially missed, particularly in packages.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
aced4017 by Andrew Bartlett at 2018-05-15T01:36:09Z
build: Make --with-gpgme the default
Those wishing to build without gpgme support need simply to build --without-gpgme
This In general, we prefer that optional libraries be required by default
so that they are not accidentially missed, particularly in packages.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
a0f03502 by Andrew Bartlett at 2018-05-15T04:31:03Z
selftest: Require libarchive for --enable-selftest
This avoids one more case where tests can go missing by removing the conditional.
(Yes, this has happend for other tests in the past).
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue May 15 06:31:03 CEST 2018 on sn-devel-144
- - - - -
8063995a by Volker Lendecke at 2018-05-15T04:32:40Z
lib: Put "results_store" into a doubly linked list
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13362
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9fbd4672 by Volker Lendecke at 2018-05-15T07:37:21Z
lib: Hold at most 10 outstanding paged result cookies
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13362
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue May 15 09:37:21 CEST 2018 on sn-devel-144
- - - - -
506c5205 by Jeremy Allison at 2018-05-15T10:40:48Z
smbd: fileserver: Change defaults to work with EA support out of the box.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Tue May 15 12:40:48 CEST 2018 on sn-devel-144
- - - - -
a3d6fdd5 by Aaron Haslett at 2018-05-15T10:41:55Z
auth: keytab invalidation test
chgtdcpass should add a new DC password and delete the old ones but the bug
exposed by this test causes the tool to remove only a single record from
the old entries, leaving the old passwords functional. Since the tool is
used by administrators who may have disclosed their domain join password and
want to invalidate it, this is a security concern.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13415
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
8bd67c59 by Aaron Haslett at 2018-05-15T13:45:08Z
auth: keytab invalidation fix
chgtdcpass should add a new DC password and delete the old ones but the bug
exposed by this test causes the tool to remove only a single record from
the old entries, leaving the old passwords functional. Since the tool is
used by administrators who may have disclosed their domain join password and
want to invalidate it, this is a security concern.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13415
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue May 15 15:45:08 CEST 2018 on sn-devel-144
- - - - -
e838d8a5 by Volker Lendecke at 2018-05-15T19:12:33Z
winbind: Fix CID 1435598 Error handling issues (CHECKED_RETURN)
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue May 15 21:12:33 CEST 2018 on sn-devel-144
- - - - -
28469c0a by Andrew Bartlett at 2018-05-15T19:13:26Z
samba-tool domain provision: Move more OpenLDAP options behind TEST_LDAP
These options controlled the historical LDAP backend, they should not be left
to confuse other users.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
18aa6541 by Andrew Bartlett at 2018-05-15T19:13:26Z
samba-tool domain: Create a common set of options for provision/join/dcpromo
These commands share much in common, the options should be in common as well.
Start with --targetdir.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
5ba0f55e by Andrew Bartlett at 2018-05-15T19:13:26Z
samba-tool domain: Add --quiet to common options
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
b2002b67 by Andrew Bartlett at 2018-05-15T19:13:26Z
samba-tool domain: Add --machinepass to common options
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
53c2ed56 by Andrew Bartlett at 2018-05-15T19:13:26Z
samba-tool domain: Extend --plaintext-secrets to dcpromo by moving to common options
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d5d8589f by Andrew Bartlett at 2018-05-15T19:13:27Z
samba-tool domain: Extend --backend-store to join and dcpromo by moving to common options
This allows the choice of ldb backend for a domain join as well as a new provision.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
f55eab60 by Andrew Bartlett at 2018-05-15T19:13:27Z
samba-tool domain: Create a common --use-ntvfs option for provision, join, dcpromo and classicupgrade
The NTVFS fileserver mode is still integral to the selftest system (often simply used to
make the rest of the command run and not fuss with POSIX ACLs and permissions).
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
72e18d67 by Andrew Bartlett at 2018-05-15T19:13:27Z
samba-tool domain: Spit out common options between dcpromo and join
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
840eb5b0 by Mathieu Parent at 2018-05-15T19:23:45Z
Upload 2:4.8.1+dfsg-2 to unstable
- - - - -
5ebe3183 by Andrew Bartlett at 2018-05-15T21:58:17Z
selftest: Make setexpiry test much more reliable
Rather than setting all the expiries and expecting that they will be done within 5 seconds,
measure and check the time individually for each record.
This should make this test much less prone to flapping.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue May 15 23:58:17 CEST 2018 on sn-devel-144
- - - - -
7f2bebf0 by Stefan Metzmacher at 2018-05-15T22:13:19Z
auth/ntlmssp: add ntlmssp_client:ldap_style_send_seal option
This will be used to similate a Windows client only
using NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL
on an LDAP connection, which is indicated internally by
GENSEC_FEATURE_LDAP_STYLE.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
fc1c5bd3 by Stefan Metzmacher at 2018-05-15T22:13:20Z
s4:selftest: run test_ldb_simple.sh with more auth options
This demonstrates the broken GENSEC_FEATURE_LDAP_STYLE
handling in our LDAP server.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c7a3ce95 by Stefan Metzmacher at 2018-05-16T01:26:03Z
auth/ntlmssp: fix handling of GENSEC_FEATURE_LDAP_STYLE as a server
This fixes "NTLMSSP NTLM2 packet check failed due to invalid signature!"
error messages, which were generated if the client only sends
NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL on an LDAP
connection.
This fixes a regession in the combination of commits
77adac8c3cd2f7419894d18db735782c9646a202 and
3a0b835408a6efa339e8b34333906bfe3aacd6e3.
We need to evaluate GENSEC_FEATURE_LDAP_STYLE at the end
of the authentication (as a server, while we already
do so at the beginning as a client).
As a reminder I introduced GENSEC_FEATURE_LDAP_STYLE
(as an internal flag) in order to let us work as a
Windows using NTLMSSP for LDAP. Even if only signing is
negotiated during the authentication the following PDUs
will still be encrypted if NTLMSSP is used. This is exactly the
same as if the client would have negotiated NTLMSSP_NEGOTIATE_SEAL.
I guess it's a bug in Windows, but we have to reimplement that
bug. Note this only applies to NTLMSSP and only to LDAP!
Signing only works fine for LDAP with Kerberos
or DCERPC and NTLMSSP.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed May 16 03:26:03 CEST 2018 on sn-devel-144
- - - - -
74cf8f5e by Gary Lockyer at 2018-05-16T02:07:16Z
auth logging: Extract common audit logging code
Extract the common audit logging code into a library to allow it's
re-use in other logging modules.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2ba55f81 by Gary Lockyer at 2018-05-16T02:07:16Z
logging: add ldb audit classes
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5d068123 by Gary Lockyer at 2018-05-16T02:07:16Z
smb conf: Add DSDB event notification parameter
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
36800d09 by Gary Lockyer at 2018-05-16T02:07:16Z
idl messaging: Add DSDB and Password events and message types
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
75097275 by Gary Lockyer at 2018-05-16T02:07:16Z
auth_log: Use common code from audit_logging
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c15fc144 by Gary Lockyer at 2018-05-16T02:07:16Z
auth_log: tidy up code formatting
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2d47f9e1 by Gary Lockyer at 2018-05-16T02:07:16Z
auth_log: Rename the json variables
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0c6cb463 by Gary Lockyer at 2018-05-16T02:07:16Z
messaging idl add group membersip events
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
dfa341c1 by Gary Lockyer at 2018-05-16T02:07:16Z
smb.conf: Add dsdb group change notification parameter
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
431e02d0 by Mathieu Parent at 2018-05-16T04:40:59Z
Add Fix-pidl-manpage-sections.patch
- - - - -
e145901d by Mathieu Parent at 2018-05-16T04:41:30Z
Add Fix-spelling.patch
- - - - -
3b2bc960 by Mathieu Parent at 2018-05-16T04:41:53Z
Add Improve-vfs_linux_xfs_sgid-manpage.patch
- - - - -
ff7b4ea1 by Mathieu Parent at 2018-05-16T04:42:06Z
Fix pidl manpage sections
.TH header should match file name (i.e 3pm and not 3 for Parse::Pidl::NDR).
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
7e730e3f by Mathieu Parent at 2018-05-16T04:42:10Z
Fix spelling s/allows to/allows one to/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
53816639 by Mathieu Parent at 2018-05-16T04:42:10Z
Fix spelling s/anwser/answer/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
f3340420 by Mathieu Parent at 2018-05-16T04:42:10Z
Fix spelling s/authenticaiton/authentication/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
ac1497ce by Mathieu Parent at 2018-05-16T04:42:10Z
Fix spelling s/conection/connection/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
56483cd6 by Mathieu Parent at 2018-05-16T04:42:11Z
Fix spelling s/coult/could/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
e5de840d by Mathieu Parent at 2018-05-16T04:42:11Z
Fix spelling s/desriptor/descriptor/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
65aa8271 by Mathieu Parent at 2018-05-16T04:42:11Z
Fix spelling s/doens't/doesn't/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
fe976ece by Mathieu Parent at 2018-05-16T04:42:11Z
Fix spelling s/Everytime/Every time/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2c72a723 by Mathieu Parent at 2018-05-16T04:42:11Z
Fix spelling s/formated/formatted/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
8952b4e6 by Mathieu Parent at 2018-05-16T04:42:11Z
Fix spelling s/fowarding/forwarding/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
6c8151a8 by Mathieu Parent at 2018-05-16T04:42:11Z
Fix spelling s/malicous/malicious/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
04827d47 by Mathieu Parent at 2018-05-16T04:42:12Z
Fix spelling s/missmatch/mismatch/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
eca0b0e1 by Mathieu Parent at 2018-05-16T04:42:12Z
Fix spelling s/openened/opened/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
59821d05 by Mathieu Parent at 2018-05-16T04:42:12Z
Fix spelling s/opions/options/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
0782969a by Mathieu Parent at 2018-05-16T04:42:12Z
Fix spelling s/ouput/output/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
3fd531eb by Mathieu Parent at 2018-05-16T04:42:12Z
Fix spelling s/processs/process/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
07208332 by Mathieu Parent at 2018-05-16T04:42:12Z
Fix spelling s/propogate/propagate/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
48e2b0cb by Mathieu Parent at 2018-05-16T04:42:12Z
Fix spelling s/protcol/protocol/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
757106ed by Mathieu Parent at 2018-05-16T04:42:12Z
Fix spelling s/receving/receiving/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
3a602031 by Mathieu Parent at 2018-05-16T04:42:13Z
Fix spelling s/retrive/retrieve/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
6660d65d by Mathieu Parent at 2018-05-16T04:42:13Z
Fix spelling s/retun/return/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
1a9d56a7 by Mathieu Parent at 2018-05-16T04:42:13Z
Fix spelling s/specfied/specified/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
0241e3fb by Mathieu Parent at 2018-05-16T04:42:13Z
Fix spelling s/succesfully/successfully/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
f4b34d13 by Mathieu Parent at 2018-05-16T04:42:13Z
Fix spelling s/unitialized/uninitialized/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
7f8997fd by Mathieu Parent at 2018-05-16T04:42:13Z
Fix spelling s/unsuported/unsupported/
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
1646272e by Mathieu Parent at 2018-05-16T04:42:18Z
Improve vfs_linux_xfs_sgid manpage
- Add missing refpurpose and describe the "circumstances"
- Replace dangling link by archive.org backup
- Add fixed Linux version and commit link
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2ccd53dd by Mathieu Parent at 2018-05-16T04:44:33Z
Changelog for previous commits
- - - - -
472dca29 by Gary Lockyer at 2018-05-16T05:02:20Z
debug: Add group logging classes
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed May 16 07:02:20 CEST 2018 on sn-devel-144
- - - - -
215d8448 by Amitay Isaacs at 2018-05-16T05:03:53Z
ctdb-common: Fix CID 1435599
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
c853a807 by Volker Lendecke at 2018-05-16T07:51:07Z
ctdb-common: Fix CID 1435600
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Wed May 16 09:51:07 CEST 2018 on sn-devel-144
- - - - -
5be589c6 by Karolin Seeger at 2018-05-16T10:04:38Z
WHATSNEW: Add release notes for Samba 4.8.2.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
e64d0d03 by Karolin Seeger at 2018-05-16T10:05:10Z
VERSION: Disable GIT_SNAPSHOT for the 4.8.2 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
cc678c4f by Karolin Seeger at 2018-05-16T10:06:21Z
VERSION: Bump version up to 4.8.3...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
c0fd6cd3 by Tim Beale at 2018-05-16T11:53:26Z
script: Add 'random-seed' option to traffic_replay
When using a traffic-model file to generate traffic, there is some
randomness in the actual packets that get generated. This means it's
hard to use the tool to detect an increase/decrease in Samba
performance - we don't know whether a decrease in packets sent is due
to a regression in the Samba codebase, or just due to the tool sending
different types of packets (i.e. ones that take longer to process).
This patch adds an option to seed the python random number generator.
This means that exactly the same traffic can be generated across
multiple test runs.
(Previously we were using the '--traffic-summary' option to avoid this
problem - we can generate a summary-file based on the model, and then
use the same summary file across multiple runs. However, this proved
impractical when you want to run multiple combinations of scale/rate
parameters, e.g. 21 x 8 different permutations just fills up disk space
with summary-files.)
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: William Brown <william at blackhats.net.au>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed May 16 13:53:26 CEST 2018 on sn-devel-144
- - - - -
d3cbcbd5 by Timur I. Bakeyev at 2018-05-16T16:06:23Z
Remove extra 0x prefix for the "%p" format specifiers, avoiding 0x0x0 strings in the output.
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
010cddae by Timur I. Bakeyev at 2018-05-16T19:29:24Z
Convert affected by previous commit lines from DEBUG(10,..) to DBG_DEBUG().
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed May 16 21:29:24 CEST 2018 on sn-devel-144
- - - - -
9b8f5616 by Andreas Schneider at 2018-05-16T19:30:22Z
s4:dsdb:tests: Add return code check
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
228ef493 by Andreas Schneider at 2018-05-16T19:30:22Z
s3:winbind: Initialize validation_level in winbind_dual_SamLogon()
Found by Covertiy.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e7e4362b by Andreas Schneider at 2018-05-16T19:30:22Z
s3:modules: Initialize pointers in vfs_virusfilter
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3f1da75f by Andreas Schneider at 2018-05-16T19:30:22Z
s4:torture: Make sure variable is initialized in oplock test
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
25c4f8c5 by Andreas Schneider at 2018-05-16T19:30:23Z
libcli: Fix coverity warning in smb2cli_notify_send()
result_independent_of_operands: "(uint16_t)(recursive ? 1 : 0) >> 8" is
0 regardless of the values of its operands. This occurs as the operand
of assignment.
Found by Coverity.
Pair-Programmed-With: Ralph Boehme <slow at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
76d5f78b by Andreas Schneider at 2018-05-16T19:30:23Z
s3:smbd: Fix converity warning with _smb_setlen_large()
result_independent_of_operands: "(outsize - 4 & 0xffffff) >> 16 >> 8" is
0 regardless of the values of its operands. This occurs as the bitwise
first operand of "&".
So we should just pass a variable to silence the warning. However for
this, we should calculate it correctly and use size_t for it.
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3e3df112 by Mathieu Parent at 2018-05-16T20:43:48Z
New upstream version 4.8.2+dfsg
- - - - -
213e1636 by Mathieu Parent at 2018-05-16T20:49:16Z
Merge tag 'upstream/4.8.2+dfsg'
Upstream version 4.8.2+dfsg
- - - - -
892e76ab by Mathieu Parent at 2018-05-16T20:51:11Z
Wrap very long lines in d/rules
- - - - -
b7063059 by Mathieu Parent at 2018-05-16T20:54:53Z
Bump build-depends ldb >= 1.3.3
- - - - -
cb9796ff by Andreas Schneider at 2018-05-16T23:09:46Z
ctdb: Check return values of tevent_req_set_endtime()
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu May 17 01:09:46 CEST 2018 on sn-devel-144
- - - - -
20c158c1 by Andreas Schneider at 2018-05-16T23:10:28Z
s3:libsmbclient: Use const for setting and getting strings
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
- - - - -
a762386c by David Disseldorp at 2018-05-16T23:10:28Z
s3:libsmbclient: cleanup smbc_setWorkgroup() usage
It now takes a const char *. There's no need to use heap memory here.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
4eefd573 by Andreas Schneider at 2018-05-16T23:10:29Z
s4:torture: Do not leak memory in libsmbclient test
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
- - - - -
c83dad5b by Andreas Schneider at 2018-05-17T02:03:21Z
s4:torture: Do not leak file descriptor in smb2 oplock test
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu May 17 04:03:21 CEST 2018 on sn-devel-144
- - - - -
31747da5 by Martin Schwenke at 2018-05-17T02:04:30Z
ctdb-build: Create database directories during installation
Create and package.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
344e6eec by Martin Schwenke at 2018-05-17T02:04:30Z
ctdb-tests: Create database directories for local daemons
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9193a10f by Martin Schwenke at 2018-05-17T02:04:30Z
ctdb-daemon: Do not create database directories
These should be created at installation or, if non-standard, by the
administrator.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
61efed5a by Martin Schwenke at 2018-05-17T02:04:30Z
ctdb-scripts: Drop CTDB_MAX_PERSISTENT_CHECK_ERRORS option
This must harken back to the days of yore when corrupt persistent
databases were an issue. We haven't seen this used. If CTDB fails to
start due to a corrupt persistent database then this database can be
removed by hand.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
920f8345 by Martin Schwenke at 2018-05-17T02:04:30Z
ctdb-daemon: Drop ctdbd --max-persistent-check-errors option
Leave the code with an internal default of 0.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8831f674 by Amitay Isaacs at 2018-05-17T02:04:30Z
ctdb-event: Add event daemon config file options
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
5eec5e7c by Amitay Isaacs at 2018-05-17T02:04:30Z
ctdb-tools: Add event daemon config options to config tool
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
cf17a48d by Martin Schwenke at 2018-05-17T02:04:30Z
ctdb-cluster: Define cluster configuration file options
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
dbdd49da by Martin Schwenke at 2018-05-17T02:04:30Z
ctdb-tools: Add cluster config options to config tool
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
52d27012 by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-database: Define database configuration file options
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
65d9d1e7 by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-tools: Add database config options to config tool
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d91b9b30 by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-daemon: Define ctdbd legacy configuration file options
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b42dbadb by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-tools: Add legacy config options to config tool
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
239f189b by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-daemon: Implement ctdb configuration file loading
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
61e288ad by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-daemon: Integrate configuration file handling
Testing is now broken because command-line options are no longer
respected.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4e06610f by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-scripts: Translate old style options into new configuration file
This allows the relevant command-line options to be removed from the
daemon while still leaving the old ctdbd.conf options file in place.
It is a temporary measure to enable testing in an old testing
environment.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
78fbbfa4 by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-daemon: Drop most ctdbd command-line options
All except -i/--interactive. This remaining popt option is now neatly
wrapped to fit in 80 columns.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
25f05ced by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-tests: Add new variable CTDB_SCRIPTS_HELPER_BINDIR
This will always find a binary helper, as opposed to a script helper,
which currently lives under tools/ in the source tree.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ff3d0e70 by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-tests: Add setup of ctdb.conf database directory settings
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7c33f5ec by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-tests: Add setup of ctdb.conf recovery lock setting
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ad82b8ab by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-tests: Add ctdb-config wrapper stub for event script tests
Create a shim helper around that simply invokes ctdb-config via its
real location.
This is needed because the event script tests set CTDB_HELPER_BINDIR
to the stubs directory because all other helpers used by event script
testing are currently stubs.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
16aa9e7a by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-scripts: Add function ctdb_get_db_options()
This pulls database options from the configuration file, caches then
and makes the values available in scripts.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
2bc6be1e by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-scripts: Fetch database options from config file in scripts
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9b099431 by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-scripts: Fetch recovery lock option from config file in 01.reclock
Put it in a function so it is easy to move to common code just in case
it is needed somewhere else.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
60811d62 by Martin Schwenke at 2018-05-17T02:04:31Z
ctdb-tests: Clean up tests to not expose script options
The tests still use the script options but the event scripts no longer
see them exported from the test infrastructure. Testing now depends
on the event scripts successfully fetching the options from the
configuration file.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
72ba7ea8 by Martin Schwenke at 2018-05-17T02:04:32Z
ctdb-docs: Add ctdb.conf(5)
This documents the new Samba-style configuration file.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
409b0b79 by Martin Schwenke at 2018-05-17T02:04:32Z
ctdb-docs: Add ctdb.conf(5) cross references and documentation tweaks
Minor updates to other manual pages for compatibility.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bd58f7af by Martin Schwenke at 2018-05-17T02:04:32Z
ctdb-docs: Add example configuration files
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1aa17eb4 by Martin Schwenke at 2018-05-17T02:04:32Z
ctdb-config: Add default ctdb.conf file
Install it in RPM.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b1847618 by Martin Schwenke at 2018-05-17T02:04:32Z
ctdb-tests: Switch local daemons to use new style configuration file
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
87284da7 by Martin Schwenke at 2018-05-17T05:03:04Z
ctdb: Drop configuration file ctdbd.conf
Drop function loadconfig(), replacing uses with "load_system_config
ctdb". Drop translation of old-style configuration to new
configuration file. Drop export of debugging variables. Drop
documentation and configuration examples.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Thu May 17 07:03:04 CEST 2018 on sn-devel-144
- - - - -
4109236c by Volker Lendecke at 2018-05-17T06:44:18Z
winbindd: Introduce "bool_dispatch_table"
This is meant to replace the synchronous "dispatch_table".
The current dispatch_table assumes that every synchronous function does
the request_ok or request_error itself. This mixes two concerns: Doing
the work and shipping the reply to the winbind client. This new dispatch
table will make it possible to centralize shipping the reply to the
client. At a later stage this will enable easier statistics on how long
request processing took precisely.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
214d78a6 by Volker Lendecke at 2018-05-17T06:44:18Z
winbindd: winbindd_interface_version() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
25c365c6 by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: winbindd_info() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c6b9a0fd by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: winbindd_ping() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
05105ea0 by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: winbindd_domain_name() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
762d8ab7 by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: winbindd_netbios_name() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
de162c03 by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: winbindd_dc_info() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
a180f401 by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: winbindd_ccache_ntlm_auth() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
a781596e by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: winbindd_ccache_save() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
4f8ea6da by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: winbindd_priv_pipe_dir() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
7b11e917 by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: winbindd_list_trusted_domains() -> bool_dispatch_table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
4051b704 by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: Make DOMAIN_INFO a proper async request
This has an async code path hidden inside. Expose that properly.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0e4e2a08 by Volker Lendecke at 2018-05-17T06:44:19Z
winbindd: Remove the "old" non-bool dispatch table
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
70ce35d5 by Volker Lendecke at 2018-05-17T06:44:20Z
winbindd: Make "request_ok()" static to winbindd.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
8f215b8d by Volker Lendecke at 2018-05-17T06:44:20Z
winbindd: Make "request_error()" static to winbindd.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
23fbc23a by Mathieu Parent at 2018-05-17T07:59:00Z
Release 2:4.8.2+dfsg-1
- - - - -
8109857f by Volker Lendecke at 2018-05-17T09:30:18Z
winbindd: Remove an unused function prototype
This has been moved to async in 2009
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu May 17 11:30:18 CEST 2018 on sn-devel-144
- - - - -
b28b6a45 by Noel Power at 2018-05-17T09:31:28Z
s4/setup/tests: Add test for non ascii password setting samba-tool
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13435
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7102732b by Noel Power at 2018-05-17T09:31:28Z
python/samba: Fix incorrect encode of password
In python2 you can encode a 'str' type which doesn't really make sense
since it is already bytes (as such). In python3 this isn't possible you
can't encode bytes or decode strings. Also because you can call encode
on 'str' in python2 it tries to to what you wanted and it implicity
calls decode('ascii') before performing the encode. This is why we get
mention of ascii codec in the error. This patch should future proof for
python3 also.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13435
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a8d8c6ec by Noel Power at 2018-05-17T09:31:28Z
testprogs/blackbox: Add test to set and use password with non-ascii
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
75e1019f by Noel Power at 2018-05-17T09:31:28Z
s4/libnet: Allow passwords containing non ascii characters to be passed
Although we can pass unicode to py_net_change_password unfortunately in
Python2 unicode strings are encoded with the default encoding (e.g. ascii)
when extracting the unicode string to buffer.
In Python3 the default encoding for "s" format is utf8. Use the "es"
format instead of "s" so we can specify the encoding so behaviour is
correct in py2/py3.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e7144f2e by Noel Power at 2018-05-17T09:31:29Z
python/samba/netcmd: net.change_password should be passed string
password param which in python2 (is str) is incorrectly encoded
before passing to net.change_password.
python2 - password is either unicode or str, if str we should
decode to get unicode (and then pass to net.change_password).
python3 - password is either str or bytes, if bytes then decode
(and pass as 'str' to net.change_password).
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
83bde8a4 by Andrew Bartlett at 2018-05-17T12:28:19Z
FIXUP: Improve memory handling on py_net_change_password
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Thu May 17 14:28:19 CEST 2018 on sn-devel-144
- - - - -
cdd98aa1 by Andreas Schneider at 2018-05-17T15:28:28Z
s3:utils: Do not segfault on error in DoDNSUpdate()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13440
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu May 17 17:28:28 CEST 2018 on sn-devel-144
- - - - -
2a0ad57b by Andreas Schneider at 2018-05-17T15:30:08Z
s3:winbind: Add sanity check when closing fd
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
e1dad1d8 by Andreas Schneider at 2018-05-17T15:30:08Z
s3:winbind: Check if we have an open file descriptor
Found by Coverity.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
3c6481d7 by Günther Deschner at 2018-05-17T15:30:08Z
s3-winbindd: use fill_domain_username_talloc() in winbind.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
b24d4eb7 by Günther Deschner at 2018-05-17T15:30:09Z
s3-winbindd: remove unused fill_domain_username()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6326b341 by Günther Deschner at 2018-05-17T15:30:09Z
s3-printing: fix format-truncation in print_queue_update()
../source3/printing/printing.c: In function ‘print_queue_update’:
../source3/printing/printing.c:1809:42: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 244 [-Werror=format-truncation=]
snprintf(key, sizeof(key), "MSG_PENDING/%s", sharename);
^~ ~~~~~~~~~
../source3/printing/printing.c:1809:2: note: ‘snprintf’ output between 13 and 268 bytes into a destination of size 256
snprintf(key, sizeof(key), "MSG_PENDING/%s", sharename);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
57298982 by Günther Deschner at 2018-05-17T15:30:09Z
s4-torture: fix format-truncation warning in smb2 session tests.
../source4/torture/smb2/session.c: In function ‘test_session_reauth5’:
../source4/torture/smb2/session.c:645:36: error: ‘\file.dat’ directive output may be truncated writing 9 bytes into a region of size between 1 and 256 [-Werror=format-truncation=]
snprintf(fname, sizeof(fname), "%s\\file.dat", dname);
^~~~~~~~~~
../source4/torture/smb2/session.c:645:2: note: ‘snprintf’ output between 10 and 265 bytes into a destination of size 256
snprintf(fname, sizeof(fname), "%s\\file.dat", dname);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/torture/smb2/session.c:696:38: error: ‘\file2.dat’ directive output may be truncated writing 10 bytes into a region of size between 1 and 256 [-Werror=format-truncation=]
snprintf(fname2, sizeof(fname2), "%s\\file2.dat", dname);
^~~~~~~~~~~
../source4/torture/smb2/session.c:696:2: note: ‘snprintf’ output between 11 and 266 bytes into a destination of size 256
snprintf(fname2, sizeof(fname2), "%s\\file2.dat", dname);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
9b6dc8f5 by Günther Deschner at 2018-05-17T15:30:09Z
s3-utils: fix format-truncation in smbpasswd
../source3/utils/smbpasswd.c: In function ‘process_root’:
../source3/utils/smbpasswd.c:414:37: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
^
In file included from ../source3/include/includes.h:23,
from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
#define slprintf snprintf
../source3/utils/smbpasswd.c:414:3: note: in expansion of macro ‘slprintf’
slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
^~~~~~~~
../source3/utils/smbpasswd.c:397:35: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
slprintf(buf, sizeof(buf)-1, "%s$", user_name);
^
In file included from ../source3/include/includes.h:23,
from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
#define slprintf snprintf
../source3/utils/smbpasswd.c:397:3: note: in expansion of macro ‘slprintf’
slprintf(buf, sizeof(buf)-1, "%s$", user_name);
^~~~~~~~
cc1: some warnings being treated as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
- - - - -
7cec343a by Andreas Schneider at 2018-05-17T15:30:09Z
lib:util: Fix string check in mkdir_p()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
7a00d90d by Andreas Schneider at 2018-05-17T15:30:09Z
s4:torture: Use strlcpy() in gen_name()
../source4/torture/basic/mangle_test.c: In function ‘gen_name’:
../source4/torture/basic/mangle_test.c:148:3: error: ‘strncpy’ output
truncated before terminating nul copying 5 bytes from a string of the
same length [-Werror=stringop-truncation]
strncpy(p, "ABCDE", 5);
^~~~~~~~~~~~~~~~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
ff7568da by Andreas Schneider at 2018-05-17T15:30:09Z
s3:lib: Use memcpy() in escape_ldap_string()
../source3/lib/ldap_escape.c: In function ‘escape_ldap_string’:
../source3/lib/ldap_escape.c:79:4: error: ‘strncpy’ output truncated
before terminating nul copying 3 bytes from a string of the same length
[-Werror=stringop-truncation]
strncpy (p, sub, 3);
^~~~~~~~~~~~~~~~~~~
We concatenat and do not care about NUL-termination till the loop has
finished.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
728297ca by Andreas Schneider at 2018-05-17T15:30:09Z
s3:passdb: Fix size of ascii_p16
../source3/passdb/pdb_smbpasswd.c: In function ‘mod_smbfilepwd_entry’:
../source3/passdb/pdb_smbpasswd.c:1015:7: error: ‘:LCT-’ directive
output may be truncated writing 5 bytes into a region of size between 0
and 255 [-Werror=format-truncat ion=]
"%s:LCT-%08X:",
^~~~~
../source3/passdb/pdb_smbpasswd.c:1015:4: note: using the range [0,
4294967295] for directive argument
"%s:LCT-%08X:",
^~~~~~~~~~~~~~
In file included from ../source3/include/includes.h:23,
from ../source3/passdb/pdb_smbpasswd.c:23:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output
between 15 and 270 bytes into a destination of size 255
#define slprintf snprintf
../source3/passdb/pdb_smbpasswd.c:1013:3: note: in expansion of macro ‘slprintf’
slprintf(&ascii_p16[strlen(ascii_p16)],
^~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
6b728b87 by Andreas Schneider at 2018-05-17T15:30:09Z
s3:winbind: Fix uninitialzed variable warning
Raised by GCC8.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
6f06a015 by Andreas Schneider at 2018-05-17T15:30:09Z
lib:util: Fix parameter aliasing in tfork test
../lib/util/tests/tfork.c:483:24: error: passing argument 1 to
restrict-qualified parameter aliases with argument 4 [-Werror=restrict]
ret = pthread_create(&threads[i],
^~~~~~~~~~~
../lib/util/tests/tfork.c:486:10:
(void *)&threads[i]);
~~~~~~~~~~~~~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
fb6cd9c4 by Andreas Schneider at 2018-05-17T15:30:09Z
lib:util: Fix size types in debug.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
609ef35c by Andreas Schneider at 2018-05-17T15:30:09Z
s4:ntvfs: Fix string copy of share_name
../source4/ntvfs/ipc/rap_server.c:70:3: error: ‘strncpy’ specified bound 13 equals destination size [-Werror=stringop-truncation]
strncpy((char *)r->out.info[j].info1.share_name,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
snames[i],
~~~~~~~~~~
sizeof(r->out.info[0].info1.share_name));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
8b7c8eb3 by Andreas Schneider at 2018-05-17T18:17:35Z
lib: Fix array size in audit_logging
../lib/audit_logging/audit_logging.c: In function ‘json_add_timestamp’:
../lib/audit_logging/audit_logging.c:603:12: error: ‘%s’ directive
output may be truncated writing up to 9 bytes into a region of size
between 0 and 43 [-Werror=format-truncation=]
"%s.%06ld%s",
^~
../lib/audit_logging/audit_logging.c:606:3:
tz);
~~
../lib/audit_logging/audit_logging.c:600:2: note: ‘snprintf’ output
between 8 and 70 bytes into a destination of size 50
snprintf(
^~~~~~~~~
timestamp,
~~~~~~~~~~
sizeof(timestamp),
~~~~~~~~~~~~~~~~~~
"%s.%06ld%s",
~~~~~~~~~~~~~
buffer,
~~~~~~~
tv.tv_usec,
~~~~~~~~~~~
tz);
~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu May 17 20:17:35 CEST 2018 on sn-devel-144
- - - - -
48f72803 by Jeremy Allison at 2018-05-17T21:41:10Z
s3: profile: Cleanup - we no longer use read/write/fsync syscalls.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
42aadf42 by Jeremy Allison at 2018-05-17T21:41:10Z
s3: smbd: Fix SMB2-FLUSH against directories.
Directories opened with either FILE_ADD_FILE or
FILE_ADD_SUBDIRECTORY can be flushed even if
they're not writable in the conventional sense.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13428
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d42f467a by Jeremy Allison at 2018-05-18T00:38:50Z
s3: smbtorture: Add new SMB2-DIR-FSYNC test to show behavior of FSYNC on directories.
Tests against a directory handle on the root of a share,
and a directory handle on a sub-directory in a share.
Check SEC_DIR_ADD_FILE and SEC_DIR_ADD_SUBDIR separately,
either allows flush to succeed.
Passes against Windows.
Regression test for:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13428
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri May 18 02:38:50 CEST 2018 on sn-devel-144
- - - - -
a52d0c3a by Noel Power at 2018-05-18T03:24:42Z
python/samba/netcmd: Py2/Py3 misc replace range with enumerate
Replace various instances of xrange with enumerate.
Signed-off-by: Noel Power <noel.power at suse.com>
Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Fri May 18 05:24:42 CEST 2018 on sn-devel-144
- - - - -
ec2a4083 by Ralph Boehme at 2018-05-18T17:03:25Z
s3:smbd: make psbuf arg to make_default_acl_posix() const
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13175
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f93cc232 by Ralph Boehme at 2018-05-18T20:03:21Z
vfs_zfsacl: return synthesized ACL when ZFS return ENOTSUP
This allows accessing the ZFS .snapshots directory where ZFS returns
ENOTSUP when calling acl(".snapshots").
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13175
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri May 18 22:03:21 CEST 2018 on sn-devel-144
- - - - -
e1ede0b1 by Andrew Bartlett at 2018-05-21T21:48:18Z
auth: Use DBGC_AUTH as DBGC_CLASS for AD DC NTLM auth code.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8cd905d5 by Andrew Bartlett at 2018-05-21T21:48:18Z
s4-drsuapi: Call security_token_debug() with DBGC_DRS_REPL and a proper log level
Selftest logs are full of calls to security_token_debug() with no context
and this is never a log level 0 event, so tidy it up.
The RODC would trigger this each time there is an attempted preload
of a user in the Denied RODC replication group.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
20fda4f6 by Andrew Bartlett at 2018-05-22T00:42:32Z
auth: Use DBGC_AUTH as DBGC_CLASS for AD DC auth session code.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue May 22 02:42:32 CEST 2018 on sn-devel-144
- - - - -
7049b215 by Amitay Isaacs at 2018-05-22T11:57:07Z
socket_wrapper: Add missing dependency on tirpc
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue May 22 13:57:07 CEST 2018 on sn-devel-144
- - - - -
c8d7e4c8 by Andrew Bartlett at 2018-05-22T22:53:25Z
selftest: Clean up ldb on tearDown from each packet in TrafficEmulatorPacketTests
Otherwise the LDB (and so the server resources) are in use until the end of the whole test
due to the way the objects are maintained in python for reporting.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed May 23 00:53:25 CEST 2018 on sn-devel-144
- - - - -
5ec49104 by Garming Sam at 2018-05-23T00:27:10Z
ldb_mdb: Implement the lmdb backend for ldb
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e4e6d794 by Garming Sam at 2018-05-23T00:27:11Z
ldb_mdb: Enable LDB_FLG_NOSYNC in ldb_mdb
This is used in selftest with 'ldb:nosync = true'.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
95d1e474 by Garming Sam at 2018-05-23T00:27:11Z
ldb_mdb: Store pid to change destructor on fork
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0d2d1e5b by Gary Lockyer at 2018-05-23T00:27:11Z
ldb_mdb: Don't allow modify operations on a read only db
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
a5a000b6 by Gary Lockyer at 2018-05-23T00:27:11Z
ldb_mdb/tests: Add tests to check for max key length and DB size
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
53d9d497 by Gary Lockyer at 2018-05-23T00:27:11Z
ldb_mdb/tests: Run api and index test also on lmdb
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
f9a12b64 by Gary Lockyer at 2018-05-23T00:27:11Z
ldb_mdb: Apply LMDB key length restrictions at key-value layer
We need to enforce the GUID index mode so end-users do not get a
supprise in mid-operation and we enforce a max key length of 511 so
that the index key trunctation is done correctly.
Otherwise the DB will appear to work until a very long key (DN or
index) is used, after which it will be sad.
Because the previous ldb_lmdb_test confirmed the key length by
creating a large DN, those tests are re-worked to use the GUID index
mode. In turn, new tests are written that create a special DN around
the maximum key length.
Finally a test is included that demonstrates that adding entries to
the LMDB DB without GUID index mode fails.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
eb1bc2ec by Gary Lockyer at 2018-05-23T00:27:11Z
ldb_mdb: Wrap mdb_env_open
Wrap mdb_env_open to ensure that we only have one MDB_env opened per
database in each process
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
14f5c752 by Gary Lockyer at 2018-05-23T00:27:11Z
ldb_mdb: handle EBADE from mdb_env_open
Under some circumstances mdb_env_open returns EBADE, we treat this as
indicating the file is not a valid lmdb format file.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
322e4281 by Gary Lockyer at 2018-05-23T00:27:11Z
ldb_mdb: prevent MDB_env reuse across forks
MDB_env's may not be reused accross forks. Check the pid that the lmdb
structure was created by, and return an error if it is being used by a
different process.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
4dc44659 by Andrew Bartlett at 2018-05-23T00:27:11Z
ldb_mdb: Use mdb_env_get_fd() to get the FD for fstat() and FD_CLOEXEC
This ensures we leave the FD behind if we exec() in a child process.
This deliberatly the same as TDB, as we want the same behaviour as
we have come to expect with that backend.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
be335f1f by Gary Lockyer at 2018-05-23T00:27:11Z
ldb_mdb/tests: Tests for wrap open
Tests to ensure that the mdb_env wrapping code correctly handles
multiple ldb's point to the same physical database file.
The test_ldb_close_with_multiple_connections tests are in
ldb_mod_op_test due to the utility code it uses from
elsewhere in that test.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
d8919d2a by Andrew Bartlett at 2018-05-23T00:27:11Z
ldb_mdb: Run the ldb_mdb_mod_op_test
ldb_mdb is now able to pass the full ldb_mod_op_test when compiled against lmdb.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
65f6ce7a by Gary Lockyer at 2018-05-23T00:27:11Z
ldb_mdb: Remove implicit read lock and remove transaction counter
The way to know if we are in a transaction is if there is a non-NULL
transaction handle.
This allows the ldb_mdb_kv_ops_test test to be run.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
04884a80 by Gary Lockyer at 2018-05-23T00:27:12Z
ldb_mdb/tests: test large index key value
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
aeeab175 by Gary Lockyer at 2018-05-23T00:27:12Z
ldb_mdb/tests: add tests for multiple opens across forks
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
866af327 by Gary Lockyer at 2018-05-23T00:27:12Z
ldb: Add MDB support to ldb://
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
cb5da7a5 by Andrew Bartlett at 2018-05-23T00:27:12Z
ldb: Reject a possible future ldb_mdb with the index in a sub-database
This ensures we do not corrupt such an index by making changes to the
main database without knowing that the index values are now in a
sub-database.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
39b7f1bc by Gary Lockyer at 2018-05-23T00:27:12Z
ldb-samba: Handle generic mdb:// url scheme in ldb_relative_path()
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
1118fc3b by Andrew Bartlett at 2018-05-23T00:27:12Z
selftest: Run ad_dc and vampire_dc with --backend-store=mdb
This ensures the LMDB backend is tested in make test
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
754a8409 by Andrew Bartlett at 2018-05-23T03:11:13Z
autobuild: build ldb --without-ldb-lmdb
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed May 23 05:11:13 CEST 2018 on sn-devel-144
- - - - -
4c42d3f7 by Tim Beale at 2018-05-23T04:55:29Z
dsdb: Add msDS-ResultantPSO constructed attribute support
Add support for the msDS-ResultantPSO constructed attribute, which
indicates the PSO (if any) that should apply to a given user. First we
consider any PSOs that apply directly to a user. If none apply directly,
we consider PSOs that apply to any groups the user is a member of. (PSO
lookups are done by finding any 'msDS-PSOAppliesTo' links that apply to
the user or group SIDs we're interested in.
Note: the PSO should be selected based on the RevMembGetAccountGroups
membership, which doesn't include builtin groups. Looking at the spec,
it appears that perhaps our tokenGroups implementation should also
exclude builtin groups. However, in the short-term, I've added a new
ACCOUNT_GROUPS option to the enum, which is only used internally for
PSOs.
The PSO test cases (which are currently only checking the constructed
attribute) now pass, showing that the correct msDS-ResultantPSO value is
being returned, even if the corresponding password-policy settings are
not yet being applied.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
6f82161c by Tim Beale at 2018-05-23T04:55:30Z
tests: Extend PSO tests to cover password-history/length/complexity
Unhobble the PSO test cases so that they not only check the
msDS-ResultantPSO constructed attribute, but also that the corresponding
PSO's password-history, minimum password length, and complexity settings
are actually used.
The tests now fail once more, as actually using the PSO's settings isn't
implemented yet.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
442a38c9 by Tim Beale at 2018-05-23T04:55:30Z
dsdb/auth: Use PSO settings for lockOutThreshold/Duration
If a PSO applies to a user, use its lockOutThreshold/Duration settings
instead of the domain setting. When we lookup a user, we now include the
msDS-ResultantPSO attribute. If the attribute is present for a user,
then we lookup the corresponding PSO object to get the lockOutThreshold/
Duration settings.
Note: This is not quite enough to make the PSO lockout tests pass, as
msDS-User-Account-Control-Computed is still constructed based on the
domain lockoutDuration setting rather than the PSO.
Updating the password_hash.c code properly will be done in a subsequent
commit.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
5246d480 by Tim Beale at 2018-05-23T04:55:30Z
dsdb: PSO support for msDS-User-Account-Control-Computed
msDS-User-Account-Control-Computed uses the effective-lockoutDuration to
determine if a user is locked out or not. If a PSO applies to the user,
then the effective-lockoutDuration is the PSO's msDS-LockoutDuration
setting. Otherwise it is the domain default lockoutDuration value.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
70607027 by Tim Beale at 2018-05-23T04:55:30Z
dsdb/rpc: Update effective badPwdCount to use PSO settings
The lockOutObservationWindow is used to calculate the badPwdCount. When
a PSO applies to a user, we want to use the PSO's lockout-observation
window rather the the default domain setting.
This is finally enough to get some of the PSO password_lockout tests
to pass.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
05e25a72 by Tim Beale at 2018-05-23T04:55:30Z
rpc/samr: Fix PSO support in SAMR password_change RPC
To get the SAMR password_lockout test passing, we now just need to query
the msDS-ResultantPSO attribute for the user in the SAMR code. The
common code will then determine that a PSO applies to the user, and use
the PSO's lockout settings.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
e40af276 by Tim Beale at 2018-05-23T04:55:31Z
dsdb: Lookup PSO's lockout settings for password_hash modifies
When a user's password-hash is modified, we need the PSO settings for
that user, so that any lockout settings get applied correctly.
To do this, we query the msDS-ResultantPSO in the user search. Then, if
a PSO applies to the user, we add in a extra search to retrieve the
PSO's settings. Once the PSO search completes, we continue with the
modify operation.
In the event of error cases, I've tried to fallback to logging the
problem and continuing with the default domain settings. However,
unusual internal errors will still fail the operation.
We can pass the PSO result into dsdb_update_bad_pwd_count(), which means
the PSO's lockout-threshold and observation-window are now used. This is
enough to get the remaining lockout tests passing.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
0ac464df by Tim Beale at 2018-05-23T04:55:31Z
dsdb: Move anonymous domain_data struct
Anonymous structs and 80 character line-lengths don't mix well. Allow
the struct to be referenced directly.
With the introduction of PSOs, the password-settings are now calculated
per-user rather than per-domain. I've tried to reflect this in the
struct name.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
3b849f87 by Tim Beale at 2018-05-23T04:55:31Z
dsdb: Update password_hash to use PSO settings for password changes
Honour the settings in the PSO when changing the password, i.e.
msDS-PasswordComplexityEnabled, msDS-PasswordHistoryLength, etc.
The password_hash code populates dsdb_control_password_change_status's
domain_data with the password settings to use - these are currently
based on the settings for the domain.
Now, if the password_hash code has worked out that a PSO applies to the
user, we override the domain settings with the PSO's values.
This change means the password_settings tests now pass.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
1ebfe695 by Tim Beale at 2018-05-23T04:55:32Z
dsdb: Use PSO maxPwdAge for operational msDS-PasswordExpiryTimeComputed
When calculating the Password-Expiry-Time, we should use the PSO's
max-password-age setting, if one applies to the user.
This is code may be inefficient, as it may repeat the PSO-lookup work
several times (once for each constructed attribute that tries to use
it). For now, I've gone for the simplest code change, and efficiency can
be addressed in a subsequent patch (once we have a good test to measure
it).
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
de131c16 by Tim Beale at 2018-05-23T04:55:32Z
netcmd: Add samba-tool support for managing PSOs
Add a new command 'samba-tool domain passwordsettings pso', with the
sub-command options: create, delete, set, list, show, show-user, apply,
unapply. The apply and unapply options apply the PSO to a user or group.
The show-user option shows the actual PSO (and its settings) that will
take effect for a given user.
The new commands are pretty self-contained in a new pso.py file. We
decided to add these new commands under the existing 'samba-tool domain
passwordsettings' command, as that's what users would be already
familiar with.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
c10e1af0 by Tim Beale at 2018-05-23T04:55:32Z
tests: Extend passwordsettings tests to cover PSO command options
Add test cases for the new PSO samba-tool command options.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
b7d1c5aa by Tim Beale at 2018-05-23T04:55:32Z
tests: Add tests for domain pwdHistoryLength
This is not related to PSOs at all, but there's a minor discrepancy
between Windows and Samba password-history-length behaviour that I
noticed during PSO testing.
When the pwdHistoryLength changes from zero to non-zero, Windows
includes the user's current password as invalid immediately, whereas
Samba only includes it as invalid *after* it next changes. It's a
fairly obscure corner-case, and we might not care enough about it to
fix it. However, I've added a test case to highlight the difference and
marked it as a known-fail for now.
I also added a general pwdHistoryLength test case to show that the
basics work (this didn't seem to be tested anywhere else).
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
37793673 by Tim Beale at 2018-05-23T04:55:32Z
dsdb: Avoid performance hit if PSOs aren't actually used
The new PSO code adds some additional overhead in extra lookups. To
avoid penalizing existing setups, we can short-circuit the PSO
processing and return early if there are no actual PSO objects in the
DB. The one-level search should be very quick, and it avoids the need to
do more complicated PSO processing (i.e. expanding the nested groups).
The longer-term plan is to rework the tokenGroups lookup so that it only
gets done once, and the result can then be reused by the resultant-PSO
code (rather than computing the nested-groups again). However, in the
short-term, a slight decrease in performance is the price for any users
that want to deploy PSOs.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2fa2f132 by Tim Beale at 2018-05-23T08:09:10Z
dsdb: Avoid calculating the PSO multiple times
In a typical user login query, the code tries to work out the PSO 2-3
times - once for the msDS-ResultantPSO attribute, and then again for the
msDS-User-Account-Control-Computed & msDS-UserPasswordExpiryTimeComputed
constructed attributes.
The PSO calculation is reasonably expensive, mostly due to the nested
groups calculation. If we've already constructed the msDS-ResultantPSO
attribute, then we can save ourselves extra work by just re-fetching the
result directly, rather than expanding the nested groups again from
scratch.
The previous patch improves efficiency when there are no PSOs in the
system. This should improve the case where there are PSOs that apply to
the users. (Unfortunately, it won't help where there are some PSOs in
the system, but no PSO applies to the user being queried).
Also updated sam.c so the msDS-ResultantPSO gets calculated first,
before the other constructed attributes.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Wed May 23 10:09:11 CEST 2018 on sn-devel-144
- - - - -
2db4cb35 by Andrew Bartlett at 2018-05-23T19:22:14Z
gitlab-ci: Include system-info.txt to give info on possible failures
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a092a665 by Andrew Bartlett at 2018-05-23T19:22:14Z
gitlab-ci: Do not hide a possible out-of-space condition by cleaning up the tree
These are VMs anyway and will soon vanish, so a cleanup is totally wasted in any case.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0e11fabb by Andrew Bartlett at 2018-05-23T22:42:48Z
autobuild: Include information of disk free in system-info.txt
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu May 24 00:42:48 CEST 2018 on sn-devel-144
- - - - -
ca01643c by Volker Lendecke at 2018-05-23T22:43:51Z
ctdb: Fix CID 1435740 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8b013aa3 by Volker Lendecke at 2018-05-23T22:43:51Z
audit_logging: Fix CID 1435739 Dereference null return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c8b4f311 by Volker Lendecke at 2018-05-23T22:43:51Z
ctdbd: Fix CID 1435732 Argument cannot be negative
setenv returns its error in "errno"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
312faa0b by Volker Lendecke at 2018-05-23T22:43:51Z
ldap_server: Fix CID 1435731 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3aae048a by Volker Lendecke at 2018-05-23T22:43:52Z
kdc: Fix CID 1435720 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
29163012 by Volker Lendecke at 2018-05-24T01:35:00Z
ldap_server: Fix CID 1435721 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu May 24 03:35:00 CEST 2018 on sn-devel-144
- - - - -
4bbc5a87 by Andreas Schneider at 2018-05-24T09:29:22Z
selftest: Make sure we have correct group mappings
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 9bc2b922bbc6539341a2056f33f117ac350e61f1)
- - - - -
ee22c6fb by Andreas Schneider at 2018-05-24T09:29:22Z
nsswitch: Add a test looking up the user using the upn
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 0d2f743d826b87b369e25fc6bb9ff61f2b0896aa)
- - - - -
a28d7c41 by Andreas Schneider at 2018-05-24T09:29:22Z
nsswitch: Add a test looking up domain sid
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 0aceca6a94e868f9c01a66f79624ca10d80560ab)
- - - - -
40a13413 by Andreas Schneider at 2018-05-24T09:29:22Z
nsswitch: Lookup the domain in tests with the wb seperator
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 4fa811ec7bc301e96f5e40ba281e8d4e8709b94f)
- - - - -
5c946ebf by Andreas Schneider at 2018-05-24T09:29:22Z
selftest: Add a user with a different userPrincipalName
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 5319cae00096dcecc29aa9fa675a983352ad64d8)
- - - - -
a52b0675 by Andreas Schneider at 2018-05-24T09:29:22Z
nsswitch:tests: Add test for wbinfo --user-info
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 2715f52f54e66a73131a92d752a8c2447da1fd33)
- - - - -
f1dfb9fe by Stefan Metzmacher at 2018-05-24T09:29:23Z
winbind: Pass upn unmodified to lookup names
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 789c89e6ecb7d388fb5acdd5abc8fe99c58524f0)
- - - - -
b5ba5da4 by Andreas Schneider at 2018-05-24T09:29:23Z
winbind: Remove unused function parse_domain_user_talloc()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 32770e929ace8fe3f2469037ed887be14b3c5503)
- - - - -
124f0e4b by Andreas Schneider at 2018-05-24T09:29:23Z
winbind: Fix UPN handling in parse_domain_user()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit a05b63db627fdbe0bdea4d144dfaeedb39025592)
- - - - -
682a2e26 by Andreas Schneider at 2018-05-24T09:29:23Z
winbind: Fix UPN handling in canonicalize_username()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri May 11 12:02:37 CEST 2018 on sn-devel-144
(cherry picked from commit 1766f77493c5a76e4d7d1e5eedcaa150cc9ea552)
- - - - -
6ea5d164 by Ralph Boehme at 2018-05-24T09:29:23Z
s4:torture/smb2: new test for interaction between chown and SD flags
This passes against Windows, but fails against Samba.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13432
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 12f6d56c4814fca64e0e3c636018e70d71ad0be5)
- - - - -
bcee5472 by Ralph Boehme at 2018-05-24T09:29:23Z
s3:smbd: fix interaction between chown and SD flags
A change ownership operation that doesn't set the NT ACLs must not touch
the SD flags (type).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13432
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri May 11 23:30:32 CEST 2018 on sn-devel-144
(cherry picked from commit ced55850034a3653525823bf9623912a4fcf18a0)
- - - - -
2fb77a2b by Volker Lendecke at 2018-05-24T14:37:02Z
libgpo: Fix the build --without-ads
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Tue Feb 6 15:36:01 CET 2018 on sn-devel-144
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13331
(cherry picked from commit a222b7506b53e689708834237f18877231dca589)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Thu May 24 16:37:02 CEST 2018 on sn-devel-144
- - - - -
a9084dce by Andreas Schneider at 2018-05-24T16:07:03Z
s3:utils: Remove double error check
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Thu May 24 18:07:03 CEST 2018 on sn-devel-144
- - - - -
4c354cd5 by Andrew Bartlett at 2018-05-25T08:01:22Z
torture: Give extra information on WINBINDD_SHOW_SEQUENCE failure
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
95c117ff by Timur I. Bakeyev at 2018-05-25T08:01:22Z
Make ldb configuration --disable-python work as intended
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
e9b638c4 by Andrew Bartlett at 2018-05-25T11:07:47Z
autobuild: cover the Gentoo case with python disabled all down the stack
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri May 25 13:07:47 CEST 2018 on sn-devel-144
- - - - -
ae196c50 by Volker Lendecke at 2018-05-25T11:08:47Z
vfs_time_audit: Fix a log message
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
33d1ac85 by Volker Lendecke at 2018-05-25T14:00:08Z
smbd: Call smbXsrv_client_global_init in the parent smbd
Otherwise we're missing the clear-if-first optimization for
smbXsrv_client_global.tdb.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri May 25 16:00:08 CEST 2018 on sn-devel-144
- - - - -
a6c03f2a by Jeremy Allison at 2018-05-25T16:39:24Z
s3: smbd: Remove existing_unx_mode, an unused parameter to open_match_attributes().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
41ee89b2 by Jeremy Allison at 2018-05-25T16:39:24Z
s3: smbd: Add clarifying comment on mode change on overwritten files.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
d03e9a86 by Jeremy Allison at 2018-05-25T16:39:24Z
s3: smbd: Remove use of SMB_VFS_FCHMOD_ACL() in overwrite case.
We have potentially called SMB_VFS_FCHMOD() here in
the file_set_dosmode() call associated with the comment
/* Overwritten files should be initially set as archive */
at line 3755 above, so there is no need to do any POSIX ACL
mask protection.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
4f6c71ae by Jeremy Allison at 2018-05-25T16:39:24Z
s3: smbd: optimization. Only do the FCHMOD call if needed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
2f4e581c by Jeremy Allison at 2018-05-25T16:39:24Z
s3: smbd: Optimization. Only do the FCHMOD_ACL call if mode bits not equal.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
aaed6b4e by Jeremy Allison at 2018-05-25T16:39:24Z
s3: smbd: Use FCHMOD call, not FCHMOD_ACL call if mode bits reset needed.
This is a behavior change, it will modify the POSIX ACL mask
from a value of rwx instead of modifying the existing ACE
entries to be ANDed with the passed in mode. However it
will have no effect on the underlying permissions, and
better reflects the proper use of POSIX ACLs (i.e. I
didn't understand the use of the mask entry in the
ACL when I first wrote the POSIX ACL code).
In addition, the vfs_acl_common.c module already
filters these calls for all but POSIX opens, which
means the only place this change is exposed to the
client would be a cifsfs unix extensions client doing
posix acl calls (and they would expect the mask to
be set like this on chmod).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
90117f25 by Jeremy Allison at 2018-05-25T16:39:24Z
s3: modules: vfs_default: Remove CHMOD_ACL in mkdir.
Now I understand the use of the mask in POSIX ACLs
this extra step is no longer needed. If the mkdir
succeeded it's already set the correct mode.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
c5060e1a by Jeremy Allison at 2018-05-25T16:39:24Z
s3: modules: vfs_default: Remove CHMOD_ACL in chmod.
Now I understand the use of the mask in POSIX ACLs
this extra step is no longer needed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
d50bb460 by Jeremy Allison at 2018-05-25T16:39:24Z
s3: modules: vfs_ceph: Remove CHMOD_ACL in cephwrap_mkdir().
Now I understand the use of the mask in POSIX ACLs
this extra step is no longer needed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
b8477abb by Jeremy Allison at 2018-05-25T16:39:24Z
s3: modules: vfs_ceph: Remove CHMOD_ACL in cephwrap_chmod().
Now I understand the use of the mask in POSIX ACLs
this extra step is no longer needed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
7d3059cd by Jeremy Allison at 2018-05-25T16:39:24Z
s3: torture: Remove cmd_chmod_acl().
No longer needed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
7b8fa17f by Jeremy Allison at 2018-05-25T16:39:24Z
s3: VFS: Remove SMB_VFS_CHMOD_ACL().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
0c65f6b8 by Jeremy Allison at 2018-05-25T16:39:24Z
s3: modules: vfs_default: Remove FCHMOD_ACL in fchmod.
Now I understand the use of the mask in POSIX ACLs
this extra step is no longer needed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
55f013ed by Jeremy Allison at 2018-05-25T16:39:25Z
s3: modules: vfs_ceph: Remove FCHMOD_ACL in cephwrap_fchmod().
Now I understand the use of the mask in POSIX ACLs
this extra step is no longer needed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
a3d7544b by Jeremy Allison at 2018-05-25T16:39:25Z
s3: torture: Remove cmd_fchmod_acl().
No longer needed.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
5bbb8310 by Jeremy Allison at 2018-05-25T16:39:25Z
s3: VFS: Remove SMB_VFS_FCHMOD_ACL().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
cfbe3048 by Jeremy Allison at 2018-05-25T16:39:25Z
s3: posix_acls: Remove dead functions fchmod_acl()/chmod_acl().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
a41155b0 by Jeremy Allison at 2018-05-25T16:39:25Z
s3: posix_acls: Remove unused 'connection_struct *conn' parameter to map_acl_perms_to_permset().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
109d94d1 by Jeremy Allison at 2018-05-25T16:39:25Z
s3: smbd: Make unix_perms_to_acl_perms() extern.
The vfs_fake_acl module will need it to implement chown/fchown.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
e85a662e by Jeremy Allison at 2018-05-25T16:39:25Z
s3: smbd: Make map_acl_perms_to_permset() extern.
The vfs_fake_acl module will need it to implement chown/fchown.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
52778afd by Jeremy Allison at 2018-05-25T19:29:32Z
s3: vfs_fake_acls: Correctly implement the chmod/fchmod algorithm on fake acls.
We now pass samba3hide(nt4_dc), so remove it from knownfail.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri May 25 21:29:32 CEST 2018 on sn-devel-144
- - - - -
7ffcbd5c by Christof Schmitt at 2018-05-25T20:52:12Z
selftest: Add dfq_cache share with 'dfree cache time' set
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a55b3d2f by Christof Schmitt at 2018-05-25T20:52:12Z
selftest: Add test for 'dfree cache'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f5d05562 by Christof Schmitt at 2018-05-25T20:52:12Z
memcache: Add new cache type for dfree information
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8f121747 by Christof Schmitt at 2018-05-25T20:52:12Z
smbd: Cache dfree information based on query path
Sub directories in a SMB share can have different free space information
(e.g. when a different file system is mounted there). Caching the dfree
information per SMB share will return invalid data. Address this by
switching to memcache and store the cached data based on the query path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e30d0c0e by Christof Schmitt at 2018-05-25T20:52:12Z
smbd: Flush dfree memcache on service reload
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9a79a61a by Christof Schmitt at 2018-05-25T20:52:12Z
smbd: Move dfree_info struct
As the struct is no longer used as part of connection_struct, move it to
dfree.c.
This is not backported, as it would change the VFS ABI.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
01a6aef5 by Christof Schmitt at 2018-05-25T20:52:12Z
vfs_gpfs: Adjust debug level when get_winattrs returns EBADF
This is returned for a get_winattrs call against a non-gpfs file system.
This can happen for the .. entry when listing a share on the file system
root.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4a29a949 by Christof Schmitt at 2018-05-25T20:52:12Z
vfs_gpfs: Remove wrong get_full_smb_filename from ntimes function
Updating the timestamps requires the path to the file, but no stream
information.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1843a2d6 by Christof Schmitt at 2018-05-25T20:52:12Z
vfs_gpfs: Remove get_full_smb_filename from is_offline check
No stream information is required here.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1531fcde by Christof Schmitt at 2018-05-25T23:43:09Z
vfs_gpfs: Use full_path_tos instead of talloc_asprintf
full_path_tos avoids the talloc call for most cases; use that instead of
talloc_asprintf.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat May 26 01:43:09 CEST 2018 on sn-devel-144
- - - - -
f052b605 by Kai Blin at 2018-05-28T14:16:17Z
talloc: Fix some typos in the comments
Now with even more typos fixed. Thanks Rowland.
Signed-off-by: Kai Blin <kai at samba.org>
Reviewed-by: Rowland Penny <rpenny at samba.org>
Autobuild-User(master): Kai Blin <kai at samba.org>
Autobuild-Date(master): Mon May 28 16:16:17 CEST 2018 on sn-devel-144
- - - - -
e56b92bd by Andrew Bartlett at 2018-05-29T00:31:40Z
torture: Cope with WINBINDD_SHOW_SEQUENCE failure for fake trusts
This test has been flapping and we should not be checking the
sequence number of remote trusts in a loop like this. We can write
a test against the trusts we specifically set up if we want to check
remote sequence numbers (and connectivity) against actually working
domains.
When flapping the previous version of the test gave:
WARNING!: ../source4/torture/winbind/struct_based.c:812: WINBINDD_SHOW_SEQUENCE returned 0, expected 1: WINBINDD_SHOW_SEQUENCE
WARNING!: WINBINDD_SHOW_SEQUENCE on domain torturedom failed
Trust list for WINBINDD_SHOW_SEQUENCE was:
BUILTIN
S4MEMBER
SAMBADOMAIN
torturedom
WARNING!: ../source4/torture/winbind/struct_based.c:812: WINBINDD_SHOW_SEQUENCE returned 0, expected 1: WINBINDD_SHOW_SEQUENCE
WARNING!: WINBINDD_SHOW_SEQUENCE on domain TORTURE302 failed
Trust list for WINBINDD_SHOW_SEQUENCE was:
BUILTIN
S4MEMBER
SAMBADOMAIN
TORTURE302
TORTURE306
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue May 29 02:31:40 CEST 2018 on sn-devel-144
- - - - -
b8e51a81 by William Brown at 2018-05-29T03:34:07Z
python/samba/netcmd/{forest.py,main.py}: add configuration controls
With samba-tool we should expose ways to easily administer and control
common configuration options. This adds the base framework for modifying
forest settings, generally stored in cn=configuration partition.
An example is:
samba-tool forest directory_service show
samba-tool forest directory_service dsheuristics X
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
289ae87c by William Brown at 2018-05-29T03:34:08Z
python/samba/netcmd/group.py: add group show
The samba-tool user command can show the ldif of a user. This is
useful for groups also, especially to determine the objectSID and
objectGUID. Add support for group show to samba-tool.
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
74d85d4c by William Brown at 2018-05-29T03:34:08Z
python/samba/netcmd/schema.py: add schema query and management.
Schema management in active directory is complex and dangerous. Having
a tool that safely wraps administrative tasks as well as allowing query
of the schema will make this complex topic more accessible to administrators.
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2c651842 by William Brown at 2018-05-29T03:34:08Z
python/samba/netcmd/schema.py: add schema show_oc for attribute
Often administrators need to add a specific attribute to an object, but
it may not be possible with the objectClasses present. This tool allows
searching "what objectclasses must or may?" take an attribute to help hint
to an administrator what objectclasses can be added to objects to achieve
the changes they want.
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
4b1a8623 by William Brown at 2018-05-29T03:34:08Z
python/samba/tests/samba_tool/schema.py: Improve schema command testing
Assert the correct stdout content of the schema test commands.
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
5b862030 by William Brown at 2018-05-29T06:30:52Z
python/samba/netcmd/schema.py: samdb schema update now
When we change schema values, we should trigger a schema update to refresh
the changes applied. This is called after a change is made. A helper to
samdb is added so that it's easier for other locations to call additionally.
Signed-off-by: William Brown <william at blackhats.net.au>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue May 29 08:30:52 CEST 2018 on sn-devel-144
- - - - -
2729b432 by Ralph Boehme at 2018-05-29T21:37:07Z
s4:torture/vfs/fruit: decrease large resource fork size in test from 1 GB to 64 MB
64 MB is a more realistic value and lets the test pass on FreeBSD with
fruit:resource=stream and vfs_streams_xattr.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cf5d4715 by Ralph Boehme at 2018-05-29T21:37:07Z
s4:torture: test setting EOF of a stream to 0 with enabled AAPL extensions
macOS SMB server uses xattrs as storage backend for streams, directly
exposing xattr get/set characteristics. Setting EOF on a stream to 0
just deletes the xattr as macOS doesn't support 0-byte sized xattrs.
Note that this does not apply to the AFP_AfpInfo and AFP_Resource
streams, they have even stranger semantics and we have other tests
for those.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
46d12786 by Ralph Boehme at 2018-05-30T00:34:29Z
vfs_fruit: delete 0 byte size streams if AAPL is enabled
macOS SMB server uses xattrs as storage backend for streams, directly
exposing xattr get/set characteristics. Setting EOF on a stream to 0
just deletes the xattr as macOS doesn't support 0-byte sized xattrs.
Note that this does not apply to the AFP_AfpInfo and AFP_Resource
streams, they have even stranger semantics and we have other tests
for those.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed May 30 02:34:29 CEST 2018 on sn-devel-144
- - - - -
04e3c4be by Andrew Bartlett at 2018-05-30T02:23:26Z
ldb: Reset error string before running prepare_commit() hook
This ensures that the error string returned to the caller reflects a failure in this call.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
400abe83 by Andrew Bartlett at 2018-05-30T02:23:26Z
s4-repl: Try to give more information in the error codes for prepare_commit failure.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
9564adb6 by Andrew Bartlett at 2018-05-30T02:23:26Z
repl_meta_data: Remove el_count from replmd_delete_internals()
Instead, use the actual found attribute (less error prone).
This is an attempt to fix:
./source4/dsdb/repl/replicated_objects.c:945 Failed to prepare commit of transaction:
attribute isDeleted: invalid modify flags on CN=g1_1527558311141,CN=Users,DC=samba,DC=example,DC=com: 0x0
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
5ea11147 by Andrew Bartlett at 2018-05-30T02:23:27Z
repl_meta_data: Cope with the strange but unusual case of isDeleted: FALSE in replmd_process_linked_attribute()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
642dd37d by Tim Beale at 2018-05-30T02:23:27Z
tests: Fix intermittent error in PSO test
Deleting a group fails if the primaryGroupID of a user is set to that of
the group. This can happen in the PSO tests, as we don't clear the
primaryGroupID before cleaning up. Normally it seems to work OK, but
this is relying purely on the subtree delete order.
Update the test to clear the primaryGroupID before the tearDown is
called, to make things more robust.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
95a9dbd1 by Andrew Bartlett at 2018-05-30T02:23:27Z
samldb: Add useful error string to explain why a group may not be deleted.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
2dedd49c by Andrew Bartlett at 2018-05-30T02:23:27Z
samldb: Explain why the odd error code is expected.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
273c55e9 by Andrew Bartlett at 2018-05-30T02:23:27Z
selftest: Rework BasicDeleteTests.test_all() into setUp() and a test
This will allow running multiple tests against the same tree. This tree
is very similar to the tree produced by the KCC test that simply does a
tree_delete, and I want to lock down the tree_delete behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
16a05826 by Andrew Bartlett at 2018-05-30T02:23:27Z
selftest: Lock down the expected parents in BasicTreeDeleteTests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
d346e2ee by Andrew Bartlett at 2018-05-30T02:23:27Z
dsdb: Remove sort from subtree_delete and add comments.
The sort was written back when the module did not operate recursivly
over the tree. Now it is just confusing, so replace with useful
comments.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
41d8c563 by Andrew Bartlett at 2018-05-30T02:23:27Z
subtree_rename: Correct comments
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
d02cd236 by Andrew Bartlett at 2018-05-30T02:23:27Z
ldb: Save a copy of the index result before calling the callbacks.
Otherwise Samba modules like subtree_rename can fail as they modify the
index during the callback.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13452
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
3632775d by Andrew Bartlett at 2018-05-30T02:23:27Z
ldb: Indicate that the ltdb_dn_list_sort() in list_union is a bit subtle.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
9e143ee9 by Andrew Bartlett at 2018-05-30T02:23:27Z
ldb: Explain why an entry can vanish from the index
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
88ae60ed by Andrew Bartlett at 2018-05-30T02:23:27Z
ldb: One-level search was incorrectly falling back to full DB scan
When no search filter is specified, the code falls back to using
'(|(objectClass=*)(distinguishedName=*)'. ltdb_index_dn() then failed
because matching against '*' is not indexed. The error return then
caused the code to fallback to a full-scan of the DB, which could have a
considerable performance hit.
Instead, we want to continue on and do the ltdb_index_filter() over the
indexed results that were returned.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
e99c199d by Andrew Bartlett at 2018-05-30T02:23:28Z
ldb: Add tests for when we should expect a full scan
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
439072d1 by Andrew Bartlett at 2018-05-30T02:23:28Z
selftest: Add test to show that sam.ldb does not do a full scan in startup
We should add some other more complex operations here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
4e2eb566 by Andrew Bartlett at 2018-05-30T02:23:28Z
ldb: Release ldb 1.4.0
* New LMDB backend (experimental)
* Comprehensive tests for index behaviour
* Enforce transactions for writes
* Enforce read lock use for all reads
* Fix memory leak in paged_results module.
We hold at most 10 outstanding paged result cookies
(bug #13362)
* Fix compiler warnings
* Python3 improvements
* Restore --disable-python build
* Fix for performance regression on one-level searches
(bug #13448)
* Samba's subtree_rename could fail to rename some entries
(bug #13452)
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
ede668e8 by Gary Lockyer at 2018-05-30T02:23:28Z
dsdb partition.c: Make partition_copy_all aysnc.
partition_copy_all uses ldb_wait to wait for the update to the primary
partition to complete, when updating a special dn. If a module higher
up the chain inserts a callback, the code blocks in ldb_wait and does
not complete. This change replaces the ldb_wait logic with a callback.
Currently there is no code that triggers this bug, however the up coming
audit logging changes do trigger this bug.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6cce06f3 by Andrew Bartlett at 2018-05-30T02:23:28Z
selftest: Make create_test_ou() return a ldb.Dn
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
1eed8c07 by Andrew Bartlett at 2018-05-30T02:23:28Z
selftest: Use samba.tests.create_test_ou() in repl_move tests
This may avoid some flapping tests by ensuring that each part of this
test runs in a unique namespace, no matter what may be left behind
or revived via replication.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
57149959 by Andrew Bartlett at 2018-05-30T02:23:28Z
selftest: Use samba.tests.create_test_ou() in replica_sync tests
This may avoid some flapping tests by ensuring that each part of this
test runs in a unique namespace, no matter what may be left behind
or revived via replication.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
0196318a by Tim Beale at 2018-05-30T05:03:51Z
dsdb: Add log when ignoring a replicated object outside of partition
This is probably a note-worthy event for debugging purposes.
(Found while developing the domain rename functionality)
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed May 30 07:03:51 CEST 2018 on sn-devel-144
- - - - -
aa096ab7 by Ralph Boehme at 2018-05-30T17:10:25Z
selftest: run smb2.streams tests against a share with vfs_streams_xattr
The tests are currently only run against streams_depot, where stream IO
is handle based, compared to streams_xattr which is path
based. vfs_streams_xattr is also used much more in real world setups, so
we should run our tests against it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
00d19bda by Ralph Boehme at 2018-05-30T17:10:25Z
s4:torture/smb2/streams: try to rename basefile while is has open streams
This tests the following:
- create a file with a stream
- open the the stream and keep it open
- on a second connection, try to rename the basefile, this should fail
with NT_STATUS_ACCESS_DENIED
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f166207f by Ralph Boehme at 2018-05-30T17:10:25Z
s4:torture/vfs/fruit: adjust test testing basefile rename to expect failure
Renaming a basefile that has open streams must fail with
NT_STATUS_ACCESS_DENIED.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
37e7ff05 by Ralph Boehme at 2018-05-30T17:10:26Z
s3:smbd: add private option NTCREATEX_OPTIONS_PRIVATE_STREAM_BASEOPEN
This will be used to mark basefile opens of streams opens. This is
needed to later implement a function that can determine if a file has
stream opens.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dd8cf54c by Ralph Boehme at 2018-05-30T17:10:26Z
s3:locking: add file_has_open_streams()
This can be used to check if a file opened by fsp also has stream opens.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
465b7d07 by Ralph Boehme at 2018-05-30T17:10:26Z
s3:smbd: don't allow renaming basefile if streams are open
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
003f24ee by Volker Lendecke at 2018-05-30T19:46:53Z
selftest: Fix resolv_wrapper config variables
It can't really matter in this case, but it removes confusion
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed May 30 21:46:53 CEST 2018 on sn-devel-144
- - - - -
e646895d by Douglas Bagnall at 2018-05-30T23:57:15Z
samba-tool visualize: group (and colour) DCs by site
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
07302fe0 by Douglas Bagnall at 2018-05-30T23:57:15Z
samba-tool visualize tests: reduce noise on stdout
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bdc0681e by Douglas Bagnall at 2018-05-30T23:57:15Z
samba-tool visualize ntdsconn: add --importldif option
This visualizes the NTDSConnections in an LDIF file exported via
`samba_kcc --exportldif`. This functionality is already available in a
roundabout way -- you can use `samba_kcc --import_ldif`, and use the
DB that generates. This just shortens the process.
The ldif import/export feature is useful for analysing AD networks
offsite without exposing too much sensitive data.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9f52c19b by Douglas Bagnall at 2018-05-30T23:57:15Z
samba-tool viusalize: mark RODCs in distance matrix
RODCs should not be replicating out, which means they look alarming
when they are working properly. We label them as RODCs to reminds users
that no outbound replication is expected.
This results in slightly rejigged output formatting.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7f7e6902 by Douglas Bagnall at 2018-05-30T23:57:15Z
samba-tool visualise: --xdot option for instant graphviz visualisation
This is a convenience for people who have xdot (and X11).
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
23001c28 by Douglas Bagnall at 2018-05-30T23:57:15Z
samba-tool drs replicate: make pseudo-method a real method
This function can't function without a cmd_drs_replicate class, so it might as well be inside
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
35ab60b8 by Douglas Bagnall at 2018-05-30T23:57:16Z
samba-tool drs replicate: reformat drs_local_replicate method
line length.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e5d092ea by Douglas Bagnall at 2018-05-30T23:57:16Z
kcc.graph_utils: shift debug noise out of verify()
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c2cac449 by Douglas Bagnall at 2018-05-30T23:57:16Z
dsdb/util: use parse_guid_string, not sscanf()
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2157e8d8 by Douglas Bagnall at 2018-05-30T23:57:16Z
util/charset/iconv: use read_hex_bytes rather than sscanf
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f9308648 by Douglas Bagnall at 2018-05-30T23:57:16Z
util_str_hex: use array syntax in guid functions to document usage
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cd236517 by Douglas Bagnall at 2018-05-30T23:57:16Z
ndr_misc: read syntax_id using strict util_str_hex functions
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
03bd7c20 by Douglas Bagnall at 2018-05-30T23:57:16Z
kcc graphs: site edges in colour, labeled with DNs
This makes it easy to see where the site edges objects are, and
what sites they refer too.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e62cc29b by Douglas Bagnall at 2018-05-30T23:57:16Z
kcc graph verifier: use __doc__ description for error explanation
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
105633d4 by Douglas Bagnall at 2018-05-30T23:57:16Z
kcc graph verifiers: improve messages
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3a3929ee by Douglas Bagnall at 2018-05-30T23:57:16Z
python kcc/graph_utils: don't debug in colour
this was somewhat useful during the initial development, but is wrong for a library
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3f67fb5e by Douglas Bagnall at 2018-05-30T23:57:16Z
samba-tool dns cleanup_record: add missing verbose/quiet options
The code for using them is already there
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a3cc5ee8 by Douglas Bagnall at 2018-05-30T23:57:16Z
samba-tool: add -v to domain --verbose
Sometimes we accept -v for --verbose, sometimes we don't. Let's be a
bit more consistent.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
432719c6 by Douglas Bagnall at 2018-05-30T23:57:16Z
samba-tool: add -v to drs --verbose
Sometimes we accept -v for --verbose, sometimes we don't. Let's be a
bit more consistent.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
78fbe1ff by Douglas Bagnall at 2018-05-30T23:57:17Z
samba-tool: be consistent in accepting -q for --quiet
Not all commands accept --quiet, and not all of those that do use it.
Some already accept -q, and it is not used anywhere for anything else.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
408447cc by Douglas Bagnall at 2018-05-30T23:57:17Z
samba-tool drs showrepl: remove unused search
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
81167c01 by Douglas Bagnall at 2018-05-30T23:57:17Z
samba-tool drs: remove 'server' arg from commands without --server
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e58719d1 by Douglas Bagnall at 2018-05-30T23:57:17Z
python/colour: add colourizing and switch functions
When samba.colour is first imported, the function
colour.c_BLUE("samba")
will give you the string "\033[1;34msamba\033[0m", which will show up
as blue on an ANSI terminal. If you then go:
colour.switch_colour_off()
colour.c_BLUE("samba")
the c_BLUE call will return the uncoloured string "samba".
This is so things like samba-tool can do this sort of thing:
if not os.isatty(self.outf):
switch_colour_off()
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8426c428 by Douglas Bagnall at 2018-05-31T02:34:52Z
sambatool: heuristics to decided whether colour is wanted
The easy cases are --color=yes and --color=no.
With --color=auto, we use color if it seems we're writing to a TTY.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu May 31 04:34:52 CEST 2018 on sn-devel-144
- - - - -
9f55986a by Gary Lockyer at 2018-05-31T07:54:18Z
auth tests: irpc remove "auth_event" name on completion
Remove the "auth_event" name on completion of tests to prevent issues
with tests using messaging.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
fcbb3f31 by Gary Lockyer at 2018-05-31T07:54:18Z
cldap: clear remote address after cldap_dse_fill
Need to clear the remote address as the ldb handle is shared, and
changes made by internal processes would be logged as coming from the
last cldap requester
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d06ebf64 by Gary Lockyer at 2018-05-31T07:54:18Z
dsdb acl: Copy dsdb_control_password_acl_validation into reply
Copy the dsdb_control_password_acl_validation into the reply so that it
is available to the audit_logging module. The audit logging module
uses it to differentiate between password change and reset operations.
We include it in the result for failed request to allow the logging of
failed attempts.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d48b5d53 by Gary Lockyer at 2018-05-31T07:54:18Z
rpc_server: common routine to open ldb in system session
Add a function to open an ldb connection under the system session and
save the remote users session details in a ldb_opaque. This will allow
the audit logging to log the original session for operations performed
in the system session.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
fe6e7ce2 by Gary Lockyer at 2018-05-31T07:54:18Z
rpc_server lsa: pass remote connection data
Ensure that the session details of the requesting user are available to
the audit logging module for the CreateSecret and OpenSecret operations.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
47a6fe2e by Mathieu Parent at 2018-05-31T09:19:47Z
Update panic-action script message, samba-dbg renamed to samba-dbgsym (Closes: #900242)
- - - - -
02991b4d by Gary Lockyer at 2018-05-31T10:35:15Z
rpc_server backupkey: pass remote connection data
Ensure that the requesting session data is passed to the audit logging
module for BackupKey requests.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu May 31 12:35:15 CEST 2018 on sn-devel-144
- - - - -
7a0d82b6 by Sachin Prabhu at 2018-06-01T00:57:46Z
s4-torture: add test for lease break after file unlink
When deleting a file, all leases granting handle caching lease to the
file should be recalled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13458
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jun 1 02:57:46 CEST 2018 on sn-devel-144
- - - - -
77e66b86 by Gary Lockyer at 2018-06-01T06:28:26Z
lib audit_logging: re-factor and add functions.
Re-factor the common calls to json_dumps DEBUGC and audit_message_send
into a separate function.
Add functions to retrieve json object and json array elements
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
48ad90d9 by Andrew Bartlett at 2018-06-01T06:28:26Z
lib/audit_logging: Make function prototypes look like the rest of Samba
The previous style is needed sometimes to avoid an 80-col limit, but
is not how most of Samba looks.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
0f5f8f13 by Andrew Bartlett at 2018-06-01T06:28:26Z
lib/audit_logging: Remove #ifdef HAVE_JANSSON from audit_logging_test binary
Instead, we either build or do not build the entire binary.
This is much more likely to raise an error in make test if the build system
changes. The concern is that HAVE_JANSSON can go away and the tests just vanish.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d161aa35 by Lukas Slebodnik at 2018-06-01T09:10:24Z
ldb: Fix memory leak on module context
Introduced in e8cdacc509016d9273d63faf334d9f827585c3eb
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13459
Signed-off-by: Lukas Slebodnik <lslebodn at fedoraproject.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Jun 1 11:10:24 CEST 2018 on sn-devel-144
- - - - -
82175c0b by Volker Lendecke at 2018-06-01T09:28:22Z
dnsupdate: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
d3c82e68 by Volker Lendecke at 2018-06-01T09:28:22Z
dns: Simplify logic a bit
We've done an early return if (!found_tsig) a few lines before.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
d8acbe73 by Volker Lendecke at 2018-06-01T09:28:22Z
dns: Simplify logic a bit
We don't need a separate boolean variable
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
341b4708 by Volker Lendecke at 2018-06-01T09:28:22Z
dns: TALLOC_FREE already checks for !=NULL
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c56cd283 by Volker Lendecke at 2018-06-01T12:05:56Z
dns: Check for talloc_memdup failure
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jun 1 14:05:56 CEST 2018 on sn-devel-144
- - - - -
42f04985 by Jeremy Allison at 2018-06-01T15:47:08Z
s3: torture: Add DELETE-PRINT test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13457
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
364175b3 by Jeremy Allison at 2018-06-01T18:32:03Z
s3: smbd: printing: Re-implement delete-on-close semantics for print files missing since 3.5.x.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13457
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jun 1 20:32:03 CEST 2018 on sn-devel-144
- - - - -
44f3bf1f by Jeremy Allison at 2018-06-02T01:03:42Z
s3: VFS: Remove unused enum value.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Sat Jun 2 03:03:42 CEST 2018 on sn-devel-144
- - - - -
e153636f by Stefan Metzmacher at 2018-06-04T07:55:28Z
auth/ntlmssp: add ntlmssp_client:ldap_style_send_seal option
This will be used to similate a Windows client only
using NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL
on an LDAP connection, which is indicated internally by
GENSEC_FEATURE_LDAP_STYLE.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7f2bebf09cd8056b3f901dd9ff1fc9e9525f3e9d)
- - - - -
7faa201d by Stefan Metzmacher at 2018-06-04T07:55:28Z
s4:selftest: run test_ldb_simple.sh with more auth options
This demonstrates the broken GENSEC_FEATURE_LDAP_STYLE
handling in our LDAP server.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit fc1c5bd3be2c3f90eab2f31e43cf053f7ff13782)
- - - - -
9cb64598 by Stefan Metzmacher at 2018-06-04T07:55:28Z
auth/ntlmssp: fix handling of GENSEC_FEATURE_LDAP_STYLE as a server
This fixes "NTLMSSP NTLM2 packet check failed due to invalid signature!"
error messages, which were generated if the client only sends
NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL on an LDAP
connection.
This fixes a regession in the combination of commits
77adac8c3cd2f7419894d18db735782c9646a202 and
3a0b835408a6efa339e8b34333906bfe3aacd6e3.
We need to evaluate GENSEC_FEATURE_LDAP_STYLE at the end
of the authentication (as a server, while we already
do so at the beginning as a client).
As a reminder I introduced GENSEC_FEATURE_LDAP_STYLE
(as an internal flag) in order to let us work as a
Windows using NTLMSSP for LDAP. Even if only signing is
negotiated during the authentication the following PDUs
will still be encrypted if NTLMSSP is used. This is exactly the
same as if the client would have negotiated NTLMSSP_NEGOTIATE_SEAL.
I guess it's a bug in Windows, but we have to reimplement that
bug. Note this only applies to NTLMSSP and only to LDAP!
Signing only works fine for LDAP with Kerberos
or DCERPC and NTLMSSP.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed May 16 03:26:03 CEST 2018 on sn-devel-144
(cherry picked from commit c7a3ce95ac4ce837d8fde36578b3b1f56c3ac2fa)
- - - - -
9c794a21 by Andreas Schneider at 2018-06-04T07:55:29Z
s3:utils: Do not segfault on error in DoDNSUpdate()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13440
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit cdd98aa1e2116fb97e16718d115ee883fe1bc8ba)
- - - - -
8f01d946 by Andrew Bartlett at 2018-06-04T07:55:29Z
s3-lib: Remove support for libexc for IRIX backtraces
IRIX is long dead, and this code needs become_root() which is not in
the top level code.
Additionally, the check for libexc never made it into waf, so this
has been dead code since Samba 4.1.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit 85dc9ee14023a8fb84b5c74555d43008bb6bb0c0)
- - - - -
d14cd61f by Andrew Bartlett at 2018-06-04T07:55:29Z
lib/util: Log PANIC before calling pacic action just like s3
This is like the changes made in s3 by
4fa555980070d78b39711ef21d77628d26055bc2
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit 3acc00b6808d5d5ad035d9d43526204db1608c8a)
- - - - -
5733e906 by Andrew Bartlett at 2018-06-04T07:55:29Z
lib/util: Move log_stack_trace() to common code
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit bf9551902afdb32310db4a3381964c435dd08bf0)
- - - - -
20644011 by Martin Schwenke at 2018-06-04T10:37:39Z
ctdb-docs: Update reference to lmaster/recmaster capability options
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Mon Jun 4 12:37:39 CEST 2018 on sn-devel-144
- - - - -
68999b8e by Andrew Bartlett at 2018-06-04T12:30:55Z
lib/util: Call log_stack_trace() in smb_panic_default()
This matches the AD DC with the behaviour in smbd.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Apr 11 04:03:07 CEST 2018 on sn-devel-144
(cherry picked from commit 462eb4a44cc51dc17aebbcd5c609c9ff7f088554)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Mon Jun 4 14:30:55 CEST 2018 on sn-devel-144
- - - - -
3c3b1bc6 by Andrew Bartlett at 2018-06-04T16:18:11Z
pyldb-samba: Use the same smb.conf variable name as the C wrapper users for LDB_FLG_NOSYNC
This was never noticed as most wrappers on make test run with TDB_NO_FSYNC
However ldb_mdb has not been told to use this (naturally) and so we rely
on the smb.conf setting to not force an fsync().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13461
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
0f5d93a0 by Andrew Bartlett at 2018-06-04T18:58:01Z
dsdb: Honour LDB_FLG_NOSYNC for metadata.tdb
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13462
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Jun 4 20:58:01 CEST 2018 on sn-devel-144
- - - - -
12fd8d7a by Martin Schwenke at 2018-06-05T15:47:26Z
ctdb-scripts: Move event scripts to events/legacy/ directory
This is the initial location that will be used by the new
multi-component aware event daemon.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b23f3f99 by Martin Schwenke at 2018-06-05T15:47:26Z
ctdb-scripts: Event scripts must end with ".script" suffix
Preparation for recommending configuration for each script next to the
actual script.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4bdf97a9 by Martin Schwenke at 2018-06-05T15:47:26Z
ctdb-scripts: Change directory for notifications to events/notification
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f1d07908 by Martin Schwenke at 2018-06-05T15:47:27Z
Revert "ctdb-tests: Continue running if a testcase is not executable"
This reverts commit 36e7043fb16ac996793545022147f696caedee9c.
An recent change broke this and I forgot to test before posting. :-(
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f2e8ab3f by Martin Schwenke at 2018-06-05T18:37:15Z
ctdb-tests: Continue running if a testcase is not executable
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Jun 5 20:37:15 CEST 2018 on sn-devel-144
- - - - -
4b04c273 by Amitay Isaacs at 2018-06-05T20:34:18Z
ctdb-common: Simplify process registration using linked list
The way run_proc abstraction is used in run_event, there can be maximum
of 2 processes active at any given time. So the memory requirements
can be reduced by using a linked list.
New eventd will have multiple run_event instances but will be limited to
3 or 4. Even then the total number of processes will be less than 10.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
a883f8b0 by Amitay Isaacs at 2018-06-05T20:34:18Z
ctdb-common: Do not initialize run_proc inside run_event
Allowing run_event_init() to take run_proc_context as an argument allows
to create multiple run_event instances with a single run_proc_context.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
4d27c11c by Amitay Isaacs at 2018-06-05T20:34:18Z
ctdb-common: Rename run_event_script_list to run_event_list
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
a3591ed5 by Amitay Isaacs at 2018-06-05T20:34:19Z
ctdb-common: Return script_list for zero scripts
When an event script directory is empty, do not return script_list as
NULL. Instead return empty script_list with zero scripts.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
723529e4 by Amitay Isaacs at 2018-06-05T20:34:19Z
ctdb-common: Improve error handling in run_event
If event script directory does not exist, then return ENOTDIR. If a
directory gets removed at runtime, report error from scandir in
get_script_list().
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
e4a5d610 by Amitay Isaacs at 2018-06-05T20:34:19Z
ctdb-common: Reset running state on failure
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
366f6703 by Amitay Isaacs at 2018-06-05T20:34:19Z
ctdb-common: Add support to run events through failure
Usually run_event will stop executing event scripts on first failure.
Optionally it can continue to run events even on failure(s).
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
d4457040 by Swen Schillig at 2018-06-05T23:13:18Z
ctdb-daemon: CID 1435732: Argument cannot be negative
Negative parameter passed to function which cannot take negative values.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Christof Schmitt <cs at samba.org>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Wed Jun 6 01:13:18 CEST 2018 on sn-devel-144
- - - - -
ab28a64f by Joe Guo at 2018-06-06T23:46:25Z
netcmd/domain: fix a typo in message
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
00494a65 by Joe Guo at 2018-06-06T23:46:25Z
netcmd/domain: remove dns records after DC demote
Call `remove_dc.remove_dns_references()` at the end of demote cmd.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
- - - - -
0fb122af by Joe Guo at 2018-06-07T02:21:17Z
tests/demote: replace demote test bash script to python
Convert bash script to python and add demote and dns remove test on top.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Jun 7 04:21:17 CEST 2018 on sn-devel-144
- - - - -
2e5bc85b by Christof Schmitt at 2018-06-07T07:39:14Z
selftest: Add dfq_cache share with 'dfree cache time' set
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 7ffcbd5ce1222971cb9879f78765d87cdc4102a8)
- - - - -
88d19df4 by Christof Schmitt at 2018-06-07T07:39:14Z
selftest: Add test for 'dfree cache'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a55b3d2fcc2f7737a2702bf908dcf1f80969bf21)
- - - - -
3fd685e7 by Christof Schmitt at 2018-06-07T07:39:14Z
memcache: Add new cache type for dfree information
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f5d05562679f6aa691b98b4a75952f7dda7ed343)
- - - - -
f7e53f86 by Christof Schmitt at 2018-06-07T07:39:14Z
smbd: Cache dfree information based on query path
Sub directories in a SMB share can have different free space information
(e.g. when a different file system is mounted there). Caching the dfree
information per SMB share will return invalid data. Address this by
switching to memcache and store the cached data based on the query path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 8f121747b06ca78cf51801a3931b2ddd1a424c77)
- - - - -
ae4e5456 by Jeremy Allison at 2018-06-07T11:48:25Z
WHATSNEW.txt: Updated with VFS ABI changes for 4.9.0.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Kai Blin <kai at samba.org>
Autobuild-User(master): Kai Blin <kai at samba.org>
Autobuild-Date(master): Thu Jun 7 13:48:25 CEST 2018 on sn-devel-144
- - - - -
a7a51bd9 by Christof Schmitt at 2018-06-07T12:09:12Z
smbd: Flush dfree memcache on service reload
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e30d0c0e0d11f65b2d1886be3c0fe9e32eaf3926)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Thu Jun 7 14:09:12 CEST 2018 on sn-devel-144
- - - - -
7ddbf603 by Günther Deschner at 2018-06-08T11:23:51Z
s4-heimdal: Fix the format-truncation errors.
../source4/heimdal/lib/com_err/compile_et.c: In function ‘generate_h’:
../source4/heimdal/lib/com_err/compile_et.c:138:33: error: ‘%s’ directive output may be truncated writing up to 127 bytes into a region of size 126 [-Werror=format-truncation=]
snprintf(fn, sizeof(fn), "__%s__", hfn);
^~ ~~~
../source4/heimdal/lib/com_err/compile_et.c:138:5: note: ‘snprintf’ output between 5 and 132 bytes into a destination of size 128
snprintf(fn, sizeof(fn), "__%s__", hfn);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/heimdal/lib/com_err/compile_et.c: In function ‘main’:
../source4/heimdal/lib/com_err/compile_et.c:234:35: error: ‘.h’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
snprintf(hfn, sizeof(hfn), "%s.h", Basename);
^~
../source4/heimdal/lib/com_err/compile_et.c:234:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
snprintf(hfn, sizeof(hfn), "%s.h", Basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/heimdal/lib/com_err/compile_et.c:235:35: error: ‘.c’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
snprintf(cfn, sizeof(cfn), "%s.c", Basename);
^~
../source4/heimdal/lib/com_err/compile_et.c:235:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
snprintf(cfn, sizeof(cfn), "%s.c", Basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jun 8 13:23:51 CEST 2018 on sn-devel-144
- - - - -
1c0f743c by Gary Lockyer at 2018-06-09T13:02:11Z
dsdb: audit samdb and password changes
Add audit logging of DSDB operations and password changes, log messages
are logged in human readable format and if samba is commpile with
JANSSON support in JSON format.
Log:
* Details all DSDB add, modify and delete operations. Logs
attributes, values, session details, transaction id.
* Transaction roll backs.
* Prepare commit and commit failures.
* Summary details of replicated updates.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d4deb800 by Gary Lockyer at 2018-06-09T13:02:11Z
dsdb: Audit group membership changes
Log details of Group membership changes and User Primary Group changes.
Changes are logged in human readable and if samba has been built with
JANSSON support in JSON format.
Replicated updates are not logged.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1b07f133 by Gary Lockyer at 2018-06-09T13:02:11Z
dsdb: add defines for sessionInfo and networkSessionInfo
Replace uses of the string "sessionInfo" with the constant
DSDB_SESSION_INFO, and "networkSessionInfo" with the constant
DSDB_NETWORK_SESSION_INFO.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
81f7ecc2 by Andrew Bartlett at 2018-06-09T15:42:38Z
dsdb: Use ldb_init() to make the ldb_context in dsdb audit tests
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat Jun 9 17:42:38 CEST 2018 on sn-devel-144
- - - - -
e5c0e6da by Gary Lockyer at 2018-06-10T17:02:19Z
lib/audit_logging fix flapping test
Add an adjustment to the before and after values to cater for the
occasional differences between the calculated times.
The exact value of the time stamp is not important what is important is
that is correctly formatted and that the value is reasonable i.e. it's
close enough to the current time.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f27a700e by Douglas Bagnall at 2018-06-10T17:02:19Z
python/kcc/graph_utils: short-cut edge failure test without edges
Otherwise we get an exception because itertools.combinations is asked
to find combinations with negative size.
Instead we assert the graph is connected as-is, which in this case is
the same as asserting there are no vertices.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
92fff57f by Douglas Bagnall at 2018-06-10T17:02:19Z
samba-tool drs showrepl tests: don't assert existence of DNS partitions
Because their existence is uncertain immediately after provision,
when these tests will run under some circumstances.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
99aabf43 by Douglas Bagnall at 2018-06-10T17:02:19Z
samba-tool drs showrepl: generalise the way output mode is chosen
We have a couple more output modes coming along, so it makes senses to
untangle .run() into a number of independent sub-methods.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
50e3bfa4 by Douglas Bagnall at 2018-06-10T17:02:19Z
samba-tool drs showrepl: add a --verbose flag
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3f25e0b2 by Douglas Bagnall at 2018-06-10T17:02:19Z
python/graph: tweak colour schemes for distance charts
This works a bit better in terminals with white text.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7e001b27 by Douglas Bagnall at 2018-06-10T17:02:19Z
samba-tool visualise: helper for getting the partition
Repeated code becomes a function.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9353a580 by Douglas Bagnall at 2018-06-10T17:02:19Z
samba-tool visualize: separate dot options from common options
because not all sub-commands make dot format
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
4f7638f8 by Douglas Bagnall at 2018-06-10T17:02:20Z
python/samba/graph: use look up table for ascii-art charsets
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6813e1b3 by Douglas Bagnall at 2018-06-10T17:02:20Z
python/graph: rework shorten_vertex_names to not need edges
This will be necessary for the forthcoming full_matrix function.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
02bca559 by Douglas Bagnall at 2018-06-10T17:02:20Z
python/graph: add full_matrix graph function
This makes an ASCII/ANSI art picture like distance_matrix(), but from
a full matrix, not a list of adjacencies as in the distance_matrix case.
This will be used to visualise up-to-dateness vectors.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
87926094 by Douglas Bagnall at 2018-06-10T17:02:20Z
python/graph: use '>' for excessive numbers, not '+'
'+' already has another meaning in these graphs.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d8bbe1da by Douglas Bagnall at 2018-06-10T17:02:20Z
python/graph: don't crash colourer on bad link
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c3ad137e by Douglas Bagnall at 2018-06-10T17:02:20Z
samba-tool visualize: fix wrong variable name in get_partition()
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
04a773f3 by Douglas Bagnall at 2018-06-10T17:02:20Z
samba-tool visualize ntdsconn: properly sort/group vertices
The vertex is now a tuple, with the RODC state added.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2d8cc50d by Douglas Bagnall at 2018-06-10T17:02:20Z
sambatool visualize: add up-to-dateness visualization
Or more accurately, out-of-dateness visualization, which shows how far
each DCs is from every other using the difference in the up-to-dateness
vectors.
An example usage is
samba-tool visualize uptodateness -r -S -H ldap://somewhere \
-UAdministrator --color=auto --partition=DOMAIN
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
153252a5 by Douglas Bagnall at 2018-06-10T17:02:20Z
python/join: fix a typo
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b9a323a2 by Douglas Bagnall at 2018-06-10T19:41:33Z
python/drs_utils: fix repeated typo
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun Jun 10 21:41:33 CEST 2018 on sn-devel-144
- - - - -
3ddd8527 by Stefan Metzmacher at 2018-06-12T06:13:21Z
python: export fault_setup() to python bindings
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13469
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
454edac2 by Stefan Metzmacher at 2018-06-12T09:04:55Z
python: call fault_setup() if samba.getopt is used
This means we have a samba command line tool written in python,
e.g. samba-tool
We should get the samba typicall backtraces instead of
just "Segmentation fault (core dumped)".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13469
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jun 12 11:04:55 CEST 2018 on sn-devel-144
- - - - -
83cd68c8 by Timur I. Bakeyev at 2018-06-13T01:51:04Z
Fix UDP DNS queries in addns
The addns code tries to use common approach for TCP and UDP queries,
calling connect() for both types of sockets. In case of UDP that
requires to use send() instead of sendto().
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jun 13 03:51:04 CEST 2018 on sn-devel-144
- - - - -
7f754843 by Volker Lendecke at 2018-06-13T08:30:15Z
dsdb: Fix CID 1436920 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2678b4c2 by Volker Lendecke at 2018-06-13T08:30:15Z
dsdb: Fix CID 1436919 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c4039232 by Volker Lendecke at 2018-06-13T08:30:15Z
dsdb: Fix CID 1436918 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9ec47b3c by Volker Lendecke at 2018-06-13T08:30:15Z
dsdb: Fix typos
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
11cac8a2 by Volker Lendecke at 2018-06-13T08:30:16Z
dsdb: Fix CID 1435966 Unchecked return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
15fa8f9f by Volker Lendecke at 2018-06-13T11:40:55Z
dsdb: Fix CID 1435968 Dereference before null check
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jun 13 13:40:56 CEST 2018 on sn-devel-144
- - - - -
c0e4818d by Swen Schillig at 2018-06-13T11:41:45Z
CID 1416478: de-ref NULL value in fruit_pwrite_rsrc
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
808b7e2b by Swen Schillig at 2018-06-13T11:41:45Z
CID 1416477: possibly dereferencing NULL in fruit_pwrite_meta
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9715e55e by Swen Schillig at 2018-06-13T11:41:45Z
CID 1416476: possibly dereferencing NULL in fruit_ftruncate_rsrc
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d33c3551 by Swen Schillig at 2018-06-13T14:29:48Z
CID 1416475: possibly dereferencing NULL in fruit_pread_meta
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Jun 13 16:29:48 CEST 2018 on sn-devel-144
- - - - -
72bd6885 by Stefan Metzmacher at 2018-06-14T18:52:20Z
printing: remove unused arguments from load_printers()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ebae5e05 by Stefan Metzmacher at 2018-06-14T18:52:20Z
printing: remove unused arguments from delete_and_reload_printers()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
66bc2c43 by Stefan Metzmacher at 2018-06-14T18:52:20Z
smbd: add create_conn_struct_tos[_cwd]() helper functions
This makes it more obvious that the returned connection_struct
is only temporary (and allocated on talloc_tos()!)
It will never allow async requests on a long term
tevent context! So we create a short term event context.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cbde2e34 by Stefan Metzmacher at 2018-06-14T18:52:20Z
pysmbd: remove useless explicit conn_free() from set_nt_acl_conn()
The following TALLOC_FREE(frame); will do the same via
conn_free_wrapper().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7ef67df3 by Stefan Metzmacher at 2018-06-14T18:52:20Z
pysmbd: consitently use talloc_stackframe() for temporary memory
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
539f51f0 by Stefan Metzmacher at 2018-06-14T18:52:21Z
pysmbd: fix some talloc_stackframe() memory leaks and clean up the frame hierarchy in make_simple_acl().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
67ea5948 by Stefan Metzmacher at 2018-06-14T18:52:21Z
pysmbd: remove explicit talloc_stackframe() from get_conn() and name it get_conn_tos()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1566766f by Stefan Metzmacher at 2018-06-14T18:52:21Z
pysmbd: make use of create_conn_struct_tos()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
96ac5a80 by Stefan Metzmacher at 2018-06-14T18:52:21Z
smbd: make use of create_conn_struct_tos() in get_nt_acl_no_snum()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7983c708 by Stefan Metzmacher at 2018-06-14T18:52:21Z
s3:rpc_server/fss: use talloc_stackframe() for temporary memory
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ac922ebe by Stefan Metzmacher at 2018-06-14T18:52:21Z
s3:rpc_server/fss: make use of create_conn_struct_tos()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a9f5dcdc by Stefan Metzmacher at 2018-06-14T18:52:21Z
smbd: add an explicit talloc_stackframe() to {create,remove}_msdfs_link()
This makes further changes simpler.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e3837d36 by Stefan Metzmacher at 2018-06-14T18:52:21Z
smbd: add an explicit talloc_stackframe() to get_referred_path()
This makes further changes simpler.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
15ea2c1b by Stefan Metzmacher at 2018-06-14T18:52:21Z
smbd: add an explicit talloc_stackframe() to count_dfs_links()
This makes further changes simpler.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2401e257 by Stefan Metzmacher at 2018-06-14T18:52:21Z
smbd: add an explicit talloc_stackframe() to form_junctions()
This makes further changes simpler.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
42610e0c by Stefan Metzmacher at 2018-06-14T18:52:21Z
smbd: convert junction_to_local_path() to use create_conn_struct_tos_cwd()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
73e5d47d by Stefan Metzmacher at 2018-06-14T18:52:21Z
smbd: convert get_referred_path() to use create_conn_struct_tos_cwd()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bcb4d421 by Stefan Metzmacher at 2018-06-14T18:52:22Z
smbd: convert count_dfs_links() to use create_conn_struct_tos_cwd()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
36d3de02 by Stefan Metzmacher at 2018-06-14T18:52:22Z
smbd: convert form_junctions() to use create_conn_struct_tos_cwd()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
44e3c03b by Stefan Metzmacher at 2018-06-14T18:52:22Z
s3:rpc_server/srvsvc: add an explicit talloc_stackframe() to _srvsvc_NetGetFileSecurity()
This makes further changes simpler.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
185d4715 by Stefan Metzmacher at 2018-06-14T18:52:22Z
s3:rpc_server/srvsvc: add an explicit talloc_stackframe() to _srvsvc_NetSetFileSecurity()
This makes further changes simpler.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f9860b67 by Stefan Metzmacher at 2018-06-14T18:52:22Z
s3:rpc_server/srvsvc: _srvsvc_NetGetFileSecurity() to use create_conn_struct_tos_cwd()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
498830cc by Stefan Metzmacher at 2018-06-14T18:52:22Z
s3:rpc_server/srvsvc: _srvsvc_NetSetFileSecurity form_junctions() to use create_conn_struct_tos_cwd()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7d493eae by Stefan Metzmacher at 2018-06-14T18:52:22Z
printing: add more 'const' to read only input pointers
This makes it clearer that they won't be changed.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bad43d31 by Stefan Metzmacher at 2018-06-14T18:52:22Z
printing: add an explicit talloc_stackframe() to get_correct_cversion()
This makes further changes simpler.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a2ad24f8 by Stefan Metzmacher at 2018-06-14T18:52:22Z
printing: add an explicit talloc_stackframe() to move_driver_to_download_area()
This makes further changes simpler.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e56bb427 by Stefan Metzmacher at 2018-06-14T18:52:22Z
printing: add an explicit talloc_stackframe() to delete_driver_files()
This makes further changes simpler.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
76297c3c by Stefan Metzmacher at 2018-06-14T18:52:22Z
printing: convert get_correct_cversion() to use create_conn_struct_tos_cwd()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ae32a268 by Stefan Metzmacher at 2018-06-14T18:52:22Z
printing: convert move_driver_to_download_area() to use create_conn_struct_tos_cwd()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
240c47c2 by Stefan Metzmacher at 2018-06-14T18:52:23Z
printing: convert delete_driver_files() to use create_conn_struct_tos_cwd()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cdb875f5 by Stefan Metzmacher at 2018-06-14T18:52:23Z
smbd: remove unused create_conn_struct_cwd() function
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b71362b1 by Stefan Metzmacher at 2018-06-14T18:52:23Z
vfstest: make use of create_conn_struct_tos()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b5302c6b by Stefan Metzmacher at 2018-06-14T18:52:23Z
smbd: let create_conn_struct_tos() use create_conn_struct_as_root() directly
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d156483d by Stefan Metzmacher at 2018-06-14T18:52:23Z
smbd: remove unused create_conn_struct() function
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ee8ea5ce by Stefan Metzmacher at 2018-06-14T18:52:23Z
smbd: use pconn = talloc_move(ctx, &conn) in create_conn_struct_as_root()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
efce5587 by Stefan Metzmacher at 2018-06-14T18:52:23Z
smbd: call samba_tevent_context_init() within create_conn_struct_as_root()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
55b1b556 by Stefan Metzmacher at 2018-06-14T18:52:23Z
vfs_glusterfs: use tevent_req_defer_callback() in order to use the correct event context
The callback and _recv() functions should be called from the same
event context that was passed to the _send() function.
In future the completion pipe should be replaced by
tevent_threaded_context_create()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
553df619 by Stefan Metzmacher at 2018-06-14T18:52:23Z
smbd: make smbd_setup_sig_{term,hup}_handler() static
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
51407b90 by Stefan Metzmacher at 2018-06-14T18:52:23Z
smbd: split out a fsp_flush_write_time_update() function from update_write_time_handler()
It's confusing to call update_write_time_handler() from anywhere,
it should only be called from within the event loop when the
timer expires.
This makes it more obvious that fsp_flush_write_time_update()
doesn't really need an tevent context argument.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9393d95f by Stefan Metzmacher at 2018-06-14T18:52:23Z
smbd: remove useless allow_access() check for AS_GUEST
We already call allow_access() when we accept the connection
in smbd_add_connection().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5ef67759 by Stefan Metzmacher at 2018-06-14T21:38:55Z
smbd: don't call change_to_root_user() before change_to_guest()
This is just an optimization and it makes it clearer
that calling change_to_root_user() just before change_to_guest()
is useless and confusing.
We call change_to_guest() before set_current_service() now,
but that has no impact as we pass 'do_chdir=false'
as AS_GUEST is never mixed with AS_USER or DO_CHDIR.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Jun 14 23:38:55 CEST 2018 on sn-devel-144
- - - - -
f4f3abfa by Andrew Bartlett at 2018-06-15T02:39:41Z
ldb_tdb: Use mem_ctx and so avoid leak onto long-term memory on duplicated add.
After a duplicated add a small amount of memory can be leaked onto a
long-term context.
Found by Andrej Gessel https://github.com/andiges
https://github.com/samba-team/samba/commit/e8fb45125e6a279b918694668e0d4fbddac10aee#commitcomment-29334102
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13471
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jun 15 04:39:41 CEST 2018 on sn-devel-144
- - - - -
3ca1c09f by Andrej Gessel at 2018-06-15T21:07:25Z
Fix several mem leaks in ldb_index ldb_search ldb_tdb
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13475
Signed-off-by: Andrej Gessel <Andrej.Gessel at janztec.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Jun 15 23:07:25 CEST 2018 on sn-devel-144
- - - - -
4dac6e7c by Swen Schillig at 2018-06-15T23:06:36Z
Possible memory leak in map_info6_to_validation
If the call to copy_netr_SamInfo6 returns an error status,
the allocated memory for "validation" needs to be free'd before returning.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
- - - - -
ea4b40e6 by Volker Lendecke at 2018-06-15T23:06:36Z
winbindd: Align integer types in for loops
Iterate over the same type as the loop limit
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
73b183e1 by Volker Lendecke at 2018-06-15T23:06:36Z
winbindd: Use is_domain_offline() where appropriate
That if-condition is precisely covered by the helper routine
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b394026f by Volker Lendecke at 2018-06-15T23:06:36Z
winbindd: Do an early TALLOC_FREE
Leave the if-block without leaking
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e67d605b by Volker Lendecke at 2018-06-15T23:06:36Z
winbindd: Add a missing NULL check
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bced81cd by Volker Lendecke at 2018-06-15T23:06:36Z
winbindd: Fix winbindd_ping_dc_recv
tevent_req_simple_recv_ntstatus is only for the one-liner without any
additional functionality.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c4021d09 by Volker Lendecke at 2018-06-15T23:06:37Z
dsdb: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
455cd662 by Volker Lendecke at 2018-06-16T02:21:17Z
addns: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Jun 16 04:21:18 CEST 2018 on sn-devel-144
- - - - -
5d4f2294 by Günther Deschner at 2018-06-16T09:56:53Z
s4-dsdb: fix the build of audit_util.c
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Sat Jun 16 11:56:53 CEST 2018 on sn-devel-144
- - - - -
c21371bb by Mathieu Parent at 2018-06-17T20:43:47Z
Ensure /var/lib/samba/dhcp.conf exists (Closes: #901585)
- - - - -
df5e4592 by Stefan Metzmacher at 2018-06-18T06:59:15Z
s3:lib: add caching to set_current_user_info()
Currently we do that in the caller, but we use global
cache anyway, so we can simplify the callers.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
71d58091 by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: remove xconn->client->last_session_id based set_current_user_info() caching
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8e810907 by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: split out set_current_case_sensitive() and chdir_current_service() functions
We'll soon use them independend from set_current_service().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0e7456d2 by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: call set_current_case_sensitive() before chdir_current_service()
I guess we better setup conn->case_sensitive before doing the
vfs_ChDir() calls, so we have a consistent result everytime.
Otherwise vfs_Chdir() would get conn->case_sensitive from
last request.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e469d6c7 by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: let check_user_ok() construct ent->session_info in one coherent block
We should finish manipulating ent->session_info before filling
conn->session_info. And conn->session_info should be not be changed.
Use git show -U15.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
35a12e70 by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: simplify the logic in change_to_user()
We can return early if (vuser == NULL).
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
91a37964 by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: move current_user caching to change_to_user_internal()
Note that (current_user.vuid == vuid) also works with
UID_FIELD_INVALID.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8cfe36ee by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: call set_current_user_info() in change_to_user_internal() and pop_conn_ctx()
change_to_user() should be the one and only function for the whole
impersonation processing. So we also need to stack the
set_current_user_info() information for become_user/unbecome_user.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5472171b by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: make it explicit that make_connection_snum() returns NT_STATUS_OK on success
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0186ff23 by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: remember that the tcon completely setup connection_struct
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ffe1918e by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: call set_current_case_sensitive() before change_to_user() in switch_message()
change_to_user() will soon call chdir_current_service() and we should
make sure conn->case_sensitive is prepared before calling vfs_ChDir().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0e2786a9 by Stefan Metzmacher at 2018-06-18T06:59:16Z
smbd: make it possible to call vfs_ChDir(conn, conn->cwd_fname);
We should only TALLOC_FREE(old_cwd) at the successful end.
This also avoids calling cp_smb_filename() on the old value.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f407a86b by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: let create_conn_struct_as_root() fill in conn->origpath
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a61d0aa3 by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: use conn->lastused_count++ directly in process_blocking_lock_queue()
This avoids using set_current_service(), which will be removed shortly.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
1b86df90 by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: remove useless set_current_service(NULL,0,True) from reload_services()
All this does is 'return false' as conn is NULL...
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
58f4bbc1 by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: call chdir_current_service() directly in smbXsrv_tcon_disconnect()
There's no need to worry about conn->case_sensitive here.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
03f69e82 by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: remove set_current_service() from defer_rename_done()
The change_to_user() above already called chdir_current_service().
And for smb2 we don't have per packet conn->case_sensitive anyway.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b27d8854 by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: remove set_current_service() from smbd_smb2_request_check_tcon()
The change_to_user() above already called chdir_current_service().
And for smb2 we don't have per packet conn->case_sensitive anyway.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d1c80579 by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: call chdir_current_service() in change_to_user_internal() and pop_conn_ctx()
change_to_user() should be the one and only function for the whole
impersonation processing. So we also need to stack the
chdir_current_service() behaviour for become_user/unbecome_user,
so we may need to call vfs_ChDir(ctx_p->conn, ctx_p->conn->cwd_fname);
in pop_conn_ctx().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4a97448c by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: let switch_message() only call chdir_current_service() for SMBtdis/SMBexit
These are the two opcodes with DO_CHDIR, we don't want the
set_current_case_sensitive() logic for them,
so we don't need the full set_current_service() anymore.
The AS_USER case is already handled before, set_current_case_sensitive()
is called directly before change_to_user(), which already
calls chdir_current_service().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ff7efafe by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: remove unused set_current_service()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
60dbaa49 by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: avoid calling set_current_user_info() twice with AS_USER (SMB1)
It will be called via change_to_user().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
3194999f by Stefan Metzmacher at 2018-06-18T06:59:17Z
smbd: avoid calling set_current_user_info() twice with .need_tcon (SMB2)
It's already called via change_to_user().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4af45b8f by Stefan Metzmacher at 2018-06-18T06:59:18Z
vfs_default: remove unused checks which are already caught by vfs_offload_token_check_handles()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5ac91e48 by Stefan Metzmacher at 2018-06-18T06:59:18Z
vfs_btrfs: remove unused checks which are already caught by vfs_offload_token_check_handles()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
23173162 by Stefan Metzmacher at 2018-06-18T06:59:18Z
vfs_btrfs: update s/btrfs_cc_state/btrfs_offload_write_state/ s/cc_state/state/
This matches our naming conventions used for tevent_req based functions.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4512b918 by Stefan Metzmacher at 2018-06-18T06:59:18Z
vfs_btrfs: don't keep state->subreq in btrfs_offload_write_send/recv()
This can be a local variable as used in most of our tevent_req based
code.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e4fb4c1d by Stefan Metzmacher at 2018-06-18T06:59:18Z
smbd: add {become,change_to}_user_by_fsp() helper functions
This can be used if a request operates on two fsp's,
e.g. the offload_write_send/recv code.
This is important if (at least) one of
the shares uses "force user".
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
2d75da9f by Stefan Metzmacher at 2018-06-18T06:59:18Z
vfs_btrfs: make use of become_user_by_fsp() in order to switch between src and dst fsp
We can use become_user_by_fsp()/unbecome_user() as it spans only parts of
the btrfs_offload_write_send() function and never goes async in between.
This may matter if at least one share uses "force user".
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
506c9b37 by Stefan Metzmacher at 2018-06-18T06:59:18Z
vfs_default: make use of change_to_user_by_fsp() in order to switch between src and dst fsp
This may matter if at least one share uses "force user".
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
db83a8f7 by Stefan Metzmacher at 2018-06-18T06:59:18Z
vfs_default: maintain vfswrap_offload_write_state->{src_ev,dst_ev}
These get filled with impersonation wrappers in the following commits.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
19119a55 by Stefan Metzmacher at 2018-06-18T06:59:18Z
smbd: rename smbXsrv_client->ev_ctx into smbXsrv_client->raw_ev_ctx
That makes it clearer that no tevent_context wrapper is used here
and the related code should really run without any (active) impersonation
as before.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d39f6ce3 by Stefan Metzmacher at 2018-06-18T06:59:18Z
smbd: replace xconn->ev_ctx with xconn->client->raw_ev_ctx
This is the same pointer and we don't have a lot of callers,
so we can just use one pointer.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d2adcebd by Stefan Metzmacher at 2018-06-18T06:59:18Z
smbd: replace xconn->msg_ctx with xconn->client->msg_ctx
This is the same pointer and we don't have a lot of callers,
so we can just use one pointer.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
934b3756 by Stefan Metzmacher at 2018-06-18T06:59:18Z
smbd: remove unused tevent_context argument from notify_init
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
051c3216 by Stefan Metzmacher at 2018-06-18T06:59:19Z
s3:smb2_server: use req->xconn->client->raw_ev_ctx for smbd_smb2_request_pending_timer()
There's no need to use req->ev_ctx here just to do some network io.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4d5d8d62 by Stefan Metzmacher at 2018-06-18T06:59:19Z
s3:smb2_server: use req->xconn->client->raw_ev_ctx for smbd_smb2_request_dispatch_immediate()
smbd_smb2_request_dispatch() will redo the impersonation anyway,
so we don't use req->ev_ctx.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c059f0ae by Stefan Metzmacher at 2018-06-18T06:59:19Z
smbd: use req->xconn->client->raw_ev_ctx for schedule_deferred_open_message_smb()
process_smb() will redo the impersonation anyway.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
6114f954 by Stefan Metzmacher at 2018-06-18T06:59:19Z
smbd: add smbd_server_connection->raw_ev_ctx pointer
This will replace smbd_server_connection->ev_ctx in the next commits.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b0af5715 by Stefan Metzmacher at 2018-06-18T06:59:19Z
vfs_glusterfs: explain that/why we use the raw tevent_context in init_gluster_aio()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7cfafaf1 by Stefan Metzmacher at 2018-06-18T06:59:19Z
smbd: explain that/why we use the raw tevent_context for update_write_time_handler()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
52f098d3 by Stefan Metzmacher at 2018-06-18T06:59:19Z
smbd: explain that/why we use the raw tevent_context for lease_timeout_handler()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e73eaa3c by Stefan Metzmacher at 2018-06-18T06:59:19Z
smbd: explain that/why we use the raw tevent_context for oplock_timeout_handler()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
1d5210b6 by Stefan Metzmacher at 2018-06-18T06:59:19Z
smbd: explain that/why we use the raw tevent_context for do_break_to_none()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
dc517b20 by Stefan Metzmacher at 2018-06-18T06:59:19Z
smbd: explain that/why we use the raw tevent_context for linux_oplock_signal_handler()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f5f9b719 by Stefan Metzmacher at 2018-06-18T06:59:19Z
smbd: use raw_ev_ctx to clear the MSG_SMB_CONF_UPDATED registration
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
14693821 by Stefan Metzmacher at 2018-06-18T06:59:21Z
smbd: add smbd_server_connection->{root,guest}_ev_ctx pointer
For now these are just the same as smbd_server_connection->ev_ctx,
but this will change in future and we'll use impersonation wrappers.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
182991c2 by Stefan Metzmacher at 2018-06-18T06:59:21Z
smbd: use sconn->root_ev_ctx for brl_timeout_fn()
This already calls change_to_root_user(), which can be removed
later.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c835ffa7 by Stefan Metzmacher at 2018-06-18T06:59:21Z
smbd: use sconn->root_ev_ctx for smbd_sig_{term,hup}_handler()
They already call change_to_root_user(), which can be removed
later.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f2df8be1 by Stefan Metzmacher at 2018-06-18T06:59:21Z
smbd: add an effective connection_struct->user_ev_ctx that holds the event context used for the current user
This will be filled with an impersonation wrapper in the next commits.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
894e5001 by Stefan Metzmacher at 2018-06-18T06:59:21Z
smbd: add an effective {smb,smbd_smb2}_request->ev_ctx that holds the event context used for the request processing
In future this will an impersonation wrapper tevent_context based on the
user session.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
721fbbfa by Stefan Metzmacher at 2018-06-18T09:46:36Z
smbd: remove unused smbd_server_connection->ev_ctx
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Jun 18 11:46:36 CEST 2018 on sn-devel-144
- - - - -
f05a1554 by Jeffrey Altman at 2018-06-18T11:01:11Z
heimdal: lib/krb5: do not fail set_config_files due to parse error
Follow Apple's lead and do not fail krb5_set_config_files() simply
because one of the files in the profile list fails to parse correctly.
Doing so can lead to hard to find failures and could lead to an end
user shooting themselves in the foot and no longer be able to login
to their system to fix it.
Parse as many of the files as we can. Only fail krb5_set_config_files()
if init_context_from_config_file() fails.
Change-Id: I122664c6d707a5f926643808ba414bf4f681f8b8
Cherry-pick of Heimdal commit b7cf5e7caf9b270f4d4151d2690177b11a7a1bdf
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11573
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
88cac23e by Björn Baumbach at 2018-06-18T11:01:11Z
heimdal: small code adaption to cherry-pick heimdal commit
Check asprintf() return value.
Make use of krb5_enomem().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11573
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
0a6e9b6c by Nicolas Williams at 2018-06-18T13:52:26Z
heimdal: Add include/includedir directives for krb5.conf
Cherry-pick of Heimdal commit fe43be85587f834266623adb0ecf2793d212a7ca
Removed tests and documentation from original commit by
Björn Baumbach <bb at sernet.de>, since we do not ship them.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11573
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Björn Baumbach <bbaumbach at samba.org>
Autobuild-Date(master): Mon Jun 18 15:52:26 CEST 2018 on sn-devel-144
- - - - -
877266f7 by Volker Lendecke at 2018-06-18T16:34:51Z
librpc/crypto: Fix a misleading comment
Probably cut&paste error
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Jun 18 18:34:51 CEST 2018 on sn-devel-144
- - - - -
3604f377 by Mathieu Parent at 2018-06-18T19:49:40Z
Check smb.conf with testparm, and also with samba-tool when server role = active directory domain controller (Closes: #900908)
- - - - -
ba36a95d by Mathieu Parent at 2018-06-18T21:40:24Z
Release 2:4.8.2+dfsg-2
- - - - -
95dcdd3d by Andreas Schneider at 2018-06-19T06:59:11Z
testparm: Remove warning from the last century
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
ea50825a by Volker Lendecke at 2018-06-19T06:59:11Z
idmap_hash: Align integer types
Loop-variable and bound should be the same type
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
b8199009 by Volker Lendecke at 2018-06-19T06:59:11Z
lib: Align integer types
Loop-variable and bound should be the same type
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
e078991a by Volker Lendecke at 2018-06-19T09:43:16Z
winbind: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jun 19 11:43:16 CEST 2018 on sn-devel-144
- - - - -
016fc48a by Tim Beale at 2018-06-19T22:18:19Z
tests: Increase minPwdAge used for PSO tests
The PSO minPwdAge test was using a 1 second timeout. While this seemed
to work fine most of the time, we did see a rackspace failure that was
presumably due to the test taking longer than 1-second to execute
(which resulted in the password not being correctly rejected).
This patch increases the minPwdAge used, to try to avoid this problem
happening.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a3bf30e3 by Tim Beale at 2018-06-19T22:18:20Z
tests: Increase PSO test timeouts to minimise failures
When PSOs exist in the DB, there is some extra overhead involved in user
logins (an extra expand-nested-groups operation for every user login).
Currently password_lockout tests are quite query-intensive - each call
to _check_account() does ~6 RPC operations/LDB searches (plus sleeps for
20 millisecs). Plus the actual user login attempt being tested. It looks
like the current test needs to do 3 login attempts/_check_account()
calls within a 2-second window. While the PSO test cases usually work
OK, sometimes they fail (presumably they take slightly longer and fall
outside this 2-second window). Presumably this is due to the cloud
instance's CPU being slightly more loaded when the test is run.
Long-term the plan is to refactor the user login so that the extra
expand-nested-groups operation is unnecessary for PSOs. In the
short-term, increase the window the test uses from 2 seconds to 3
seconds.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9650deee by Noel Power at 2018-06-19T22:18:20Z
python/samba: Py2|Py3 compat, fix more missed exception tuple issues
- - - - -
fd35e533 by Noel Power at 2018-06-19T22:18:21Z
python/samab: py2/py3 string.upper(astring) -> astring.upper
- - - - -
9e349fe8 by Noel Power at 2018-06-19T22:18:21Z
python/samba/tests: py2/py3 port has_keys usage
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b0c9de82 by Noel Power at 2018-06-19T22:18:22Z
python/samba/emulate: py2/py3 .next usage, replace with next() fn
- - - - -
09c2b71e by Noel Power at 2018-06-19T22:18:22Z
python/samba: Another object.next() to next(object) py2/py3 converstion
fix samba.tests.samba_tool.visualize_drs
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f8ecffb6 by Noel Power at 2018-06-19T22:18:23Z
python/samba: enclose map.values with list (py2/py3)
Fix errors in samba.tests.samba_tool.visualize_drs that with python 3
will generate exception with messages something like
'can't iterate dict_values'
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a261a2a4 by Noel Power at 2018-06-20T02:08:53Z
python/samba/netcmd: Fix NameError exception
Running make test TEST=samba4.drs.samba_tool_drs.python results in
BlackboxProcessError: Command '/tmp/samba-testbase/b12/samba/bin/samba-tool drs clone-dc-database samba.example.com --server=localdc -USAMBADOMAIN/Administrator%locDCpass1 --targetdir=/tmp/samba-testbase/b12/samba/bin/ab/tmp/tmpWPo8r3'; exit status 255; stdout: ''; stderr: 'ERROR(<type 'exceptions.NameError'>): uncaught exception - global name 'logging' is not defined
File "bin/python/samba/netcmd/__init__.py", line 177, in _run
return self.run(*args, **kwargs)
File "bin/python/samba/netcmd/drs.py", line 697, in run
logger.setLevel(logging.INFO)
'
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jun 20 04:08:53 CEST 2018 on sn-devel-144
- - - - -
ce899317 by Jeremy Allison at 2018-06-20T07:22:23Z
s3: smbd: Fix SMB2-FLUSH against directories.
Directories opened with either FILE_ADD_FILE or
FILE_ADD_SUBDIRECTORY can be flushed even if
they're not writable in the conventional sense.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13428
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 42aadf42f27053e621f2a6b72448afebb3f5082a)
- - - - -
2839bf2e by Jeremy Allison at 2018-06-20T07:22:23Z
s3: smbtorture: Add new SMB2-DIR-FSYNC test to show behavior of FSYNC on directories.
Tests against a directory handle on the root of a share,
and a directory handle on a sub-directory in a share.
Check SEC_DIR_ADD_FILE and SEC_DIR_ADD_SUBDIR separately,
either allows flush to succeed.
Passes against Windows.
Regression test for:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13428
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri May 18 02:38:50 CEST 2018 on sn-devel-144
(cherry picked from commit d42f467a25e75e5487a00378609a24809ddc83ee)
- - - - -
c5f3606c by Günther Deschner at 2018-06-20T07:22:23Z
s4-heimdal: Fix the format-truncation errors.
../source4/heimdal/lib/com_err/compile_et.c: In function ‘generate_h’:
../source4/heimdal/lib/com_err/compile_et.c:138:33: error: ‘%s’ directive output may be truncated writing up to 127 bytes into a region of size 126 [-Werror=format-truncation=]
snprintf(fn, sizeof(fn), "__%s__", hfn);
^~ ~~~
../source4/heimdal/lib/com_err/compile_et.c:138:5: note: ‘snprintf’ output between 5 and 132 bytes into a destination of size 128
snprintf(fn, sizeof(fn), "__%s__", hfn);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/heimdal/lib/com_err/compile_et.c: In function ‘main’:
../source4/heimdal/lib/com_err/compile_et.c:234:35: error: ‘.h’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
snprintf(hfn, sizeof(hfn), "%s.h", Basename);
^~
../source4/heimdal/lib/com_err/compile_et.c:234:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
snprintf(hfn, sizeof(hfn), "%s.h", Basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/heimdal/lib/com_err/compile_et.c:235:35: error: ‘.c’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
snprintf(cfn, sizeof(cfn), "%s.c", Basename);
^~
../source4/heimdal/lib/com_err/compile_et.c:235:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
snprintf(cfn, sizeof(cfn), "%s.c", Basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jun 8 13:23:51 CEST 2018 on sn-devel-144
- - - - -
c70a0d52 by Günther Deschner at 2018-06-20T07:22:23Z
s3-winbindd: use fill_domain_username_talloc() in winbind.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 3c6481d75cea175d0a69988577163efb40e2316b)
- - - - -
35de20bd by Günther Deschner at 2018-06-20T07:22:24Z
s3-winbindd: remove unused fill_domain_username()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit b24d4eb7afad82afc3a9bab65e1d799edc4b5172)
- - - - -
1b420a21 by Günther Deschner at 2018-06-20T07:22:24Z
s3-printing: fix format-truncation in print_queue_update()
../source3/printing/printing.c: In function ‘print_queue_update’:
../source3/printing/printing.c:1809:42: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 244 [-Werror=format-truncation=]
snprintf(key, sizeof(key), "MSG_PENDING/%s", sharename);
^~ ~~~~~~~~~
../source3/printing/printing.c:1809:2: note: ‘snprintf’ output between 13 and 268 bytes into a destination of size 256
snprintf(key, sizeof(key), "MSG_PENDING/%s", sharename);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 6326b3415f3e225aafd5912d0965c80abcd7b22c)
- - - - -
23f19c83 by Günther Deschner at 2018-06-20T07:22:24Z
s4-torture: fix format-truncation warning in smb2 session tests.
../source4/torture/smb2/session.c: In function ‘test_session_reauth5’:
../source4/torture/smb2/session.c:645:36: error: ‘\file.dat’ directive output may be truncated writing 9 bytes into a region of size between 1 and 256 [-Werror=format-truncation=]
snprintf(fname, sizeof(fname), "%s\\file.dat", dname);
^~~~~~~~~~
../source4/torture/smb2/session.c:645:2: note: ‘snprintf’ output between 10 and 265 bytes into a destination of size 256
snprintf(fname, sizeof(fname), "%s\\file.dat", dname);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/torture/smb2/session.c:696:38: error: ‘\file2.dat’ directive output may be truncated writing 10 bytes into a region of size between 1 and 256 [-Werror=format-truncation=]
snprintf(fname2, sizeof(fname2), "%s\\file2.dat", dname);
^~~~~~~~~~~
../source4/torture/smb2/session.c:696:2: note: ‘snprintf’ output between 11 and 266 bytes into a destination of size 256
snprintf(fname2, sizeof(fname2), "%s\\file2.dat", dname);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 5729898248041794ffdd0b769332e015baf12cce)
- - - - -
3e42a24c by Günther Deschner at 2018-06-20T07:22:24Z
s3-utils: fix format-truncation in smbpasswd
../source3/utils/smbpasswd.c: In function ‘process_root’:
../source3/utils/smbpasswd.c:414:37: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
^
In file included from ../source3/include/includes.h:23,
from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
#define slprintf snprintf
../source3/utils/smbpasswd.c:414:3: note: in expansion of macro ‘slprintf’
slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
^~~~~~~~
../source3/utils/smbpasswd.c:397:35: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
slprintf(buf, sizeof(buf)-1, "%s$", user_name);
^
In file included from ../source3/include/includes.h:23,
from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
#define slprintf snprintf
../source3/utils/smbpasswd.c:397:3: note: in expansion of macro ‘slprintf’
slprintf(buf, sizeof(buf)-1, "%s$", user_name);
^~~~~~~~
cc1: some warnings being treated as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 9b6dc8f504c406ed8a044e5becca7e8f01da6c84)
- - - - -
c16e479f by Andreas Schneider at 2018-06-20T07:22:24Z
lib:util: Fix string check in mkdir_p()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 7cec343a89a0862c09f5ddd4707eb442157a4af2)
- - - - -
3ef6d6ab by Andreas Schneider at 2018-06-20T07:22:24Z
s4:torture: Use strlcpy() in gen_name()
../source4/torture/basic/mangle_test.c: In function ‘gen_name’:
../source4/torture/basic/mangle_test.c:148:3: error: ‘strncpy’ output
truncated before terminating nul copying 5 bytes from a string of the
same length [-Werror=stringop-truncation]
strncpy(p, "ABCDE", 5);
^~~~~~~~~~~~~~~~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 7a00d90d668f53914ffe035c41a5e79e60b51521)
- - - - -
aff12616 by Andreas Schneider at 2018-06-20T07:22:24Z
s3:lib: Use memcpy() in escape_ldap_string()
../source3/lib/ldap_escape.c: In function ‘escape_ldap_string’:
../source3/lib/ldap_escape.c:79:4: error: ‘strncpy’ output truncated
before terminating nul copying 3 bytes from a string of the same length
[-Werror=stringop-truncation]
strncpy (p, sub, 3);
^~~~~~~~~~~~~~~~~~~
We concatenat and do not care about NUL-termination till the loop has
finished.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit ff7568daaeb19ff30f47f7f600ead247eaf4e826)
- - - - -
aa833e8b by Andreas Schneider at 2018-06-20T07:22:24Z
s3:passdb: Fix size of ascii_p16
../source3/passdb/pdb_smbpasswd.c: In function ‘mod_smbfilepwd_entry’:
../source3/passdb/pdb_smbpasswd.c:1015:7: error: ‘:LCT-’ directive
output may be truncated writing 5 bytes into a region of size between 0
and 255 [-Werror=format-truncat ion=]
"%s:LCT-%08X:",
^~~~~
../source3/passdb/pdb_smbpasswd.c:1015:4: note: using the range [0,
4294967295] for directive argument
"%s:LCT-%08X:",
^~~~~~~~~~~~~~
In file included from ../source3/include/includes.h:23,
from ../source3/passdb/pdb_smbpasswd.c:23:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output
between 15 and 270 bytes into a destination of size 255
#define slprintf snprintf
../source3/passdb/pdb_smbpasswd.c:1013:3: note: in expansion of macro ‘slprintf’
slprintf(&ascii_p16[strlen(ascii_p16)],
^~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 728297ca889b39ce2006778bf6a5bf1c3ce82d6d)
- - - - -
ca1acede by Andreas Schneider at 2018-06-20T07:22:24Z
s3:winbind: Fix uninitialzed variable warning
Raised by GCC8.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 6b728b87bf5726f14100d76956c3df3fd9bb1058)
- - - - -
05dab794 by Andreas Schneider at 2018-06-20T07:22:24Z
lib:util: Fix parameter aliasing in tfork test
../lib/util/tests/tfork.c:483:24: error: passing argument 1 to
restrict-qualified parameter aliases with argument 4 [-Werror=restrict]
ret = pthread_create(&threads[i],
^~~~~~~~~~~
../lib/util/tests/tfork.c:486:10:
(void *)&threads[i]);
~~~~~~~~~~~~~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 6f06a0154f5769cb85f6e189eecd78cd7805090a)
- - - - -
15c13f73 by Andreas Schneider at 2018-06-20T07:22:24Z
lib:util: Fix size types in debug.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit fb6cd9c44ac6fcc9f6abe3b63fc742aeac42969a)
- - - - -
fd836721 by Andreas Schneider at 2018-06-20T07:22:24Z
s4:ntvfs: Fix string copy of share_name
../source4/ntvfs/ipc/rap_server.c:70:3: error: ‘strncpy’ specified bound 13 equals destination size [-Werror=stringop-truncation]
strncpy((char *)r->out.info[j].info1.share_name,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
snames[i],
~~~~~~~~~~
sizeof(r->out.info[0].info1.share_name));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 609ef35c12900bbd5ecaa557f7b5d71b5784a103)
- - - - -
0e3d52f5 by Andreas Schneider at 2018-06-20T07:22:24Z
lib: Fix array size in audit_logging
../lib/audit_logging/audit_logging.c: In function ‘json_add_timestamp’:
../lib/audit_logging/audit_logging.c:603:12: error: ‘%s’ directive
output may be truncated writing up to 9 bytes into a region of size
between 0 and 43 [-Werror=format-truncation=]
"%s.%06ld%s",
^~
../lib/audit_logging/audit_logging.c:606:3:
tz);
~~
../lib/audit_logging/audit_logging.c:600:2: note: ‘snprintf’ output
between 8 and 70 bytes into a destination of size 50
snprintf(
^~~~~~~~~
timestamp,
~~~~~~~~~~
sizeof(timestamp),
~~~~~~~~~~~~~~~~~~
"%s.%06ld%s",
~~~~~~~~~~~~~
buffer,
~~~~~~~
tv.tv_usec,
~~~~~~~~~~~
tz);
~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 8b7c8eb3907e2123acee67949e88c26072afc81a)
- - - - -
e5ffffdd by Jeremy Allison at 2018-06-20T07:22:24Z
s3: torture: Add DELETE-PRINT test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13457
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 42f049858f2037aab5b2097036db3e0375fdbf30)
- - - - -
6121a6fe by Jeremy Allison at 2018-06-20T07:22:24Z
s3: smbd: printing: Re-implement delete-on-close semantics for print files missing since 3.5.x.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13457
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jun 1 20:32:03 CEST 2018 on sn-devel-144
(cherry picked from commit 364175b359f018c8641359440fa07b0ea567b045)
- - - - -
7f32430c by Jeremy Allison at 2018-06-20T11:53:29Z
python: Fix talloc frame use in make_simple_acl().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13474
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
This was fixed differently by commit
539f51f0dfbe4ce317a2978982fd0fc9a7fd6922 in master.
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Wed Jun 20 13:53:29 CEST 2018 on sn-devel-144
- - - - -
defc1ced by Björn Baumbach at 2018-06-20T15:48:16Z
heimdal: remove include/includedir directives for krb5.conf
The original heimdal code introduces a segmentation fault, due to an
uninitialized pointer. This code does not seem to be tested very well.
Revert "heimdal: Add include/includedir directives for krb5.conf"
This reverts commit 0a6e9b6c0e15fa6fe46acdd357d76b8df447317f.
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Björn Baumbach <bbaumbach at samba.org>
Autobuild-Date(master): Wed Jun 20 17:48:16 CEST 2018 on sn-devel-144
- - - - -
bca97cc4 by Swen Schillig at 2018-06-20T19:05:40Z
Possible memory leak in map_info3_to_validation
In case of a failing call to copy_netr_SamInfo3, the allocated memory
for "validation" needs to be free'd before returning.
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jun 20 21:05:40 CEST 2018 on sn-devel-144
- - - - -
76828876 by Andreas Schneider at 2018-06-20T20:22:07Z
samdb: Fix build error with gcc8
../source4/dsdb/samdb/ldb_modules/samldb.c: In function ‘samldb_add’:
../source4/dsdb/samdb/ldb_modules/samldb.c:424:6: error: ‘found’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
if (found) {
^
../source4/dsdb/samdb/ldb_modules/samldb.c:348:11: note: ‘found’ was declared here
bool ok, found;
^~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
29f6842e by Andreas Schneider at 2018-06-20T20:22:07Z
s3:registry: Fix buffer truncation issues issues with gcc8
../source3/registry/reg_perfcount.c: In function ‘reg_perfcount_get_hkpd’:
../source3/registry/reg_perfcount.c:337:29: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
snprintf(buf, buflen,"%d%s", key_part1, key_part2);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
4a3164e0 by Andreas Schneider at 2018-06-20T20:22:07Z
s3:smbget: Fix buffer truncation issues with gcc8
../source3/utils/smbget.c: In function ‘smb_download_file’:
../source3/utils/smbget.c:97:27: error: ‘b’ directive output may be truncated writing 1 byte into a region of size between 0 and 19 [-Werror=format-truncation=]
snprintf(buffer, l, "%jdb", (intmax_t)s);
^
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
c1c76492 by Andreas Schneider at 2018-06-20T23:03:52Z
s3:winbind: Fix regression introduced with bso #12851
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12851
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Jun 21 01:03:52 CEST 2018 on sn-devel-144
- - - - -
47c31555 by Jeremy Allison at 2018-06-21T11:08:17Z
s3: smbd: Don't use getcwd() directly. We must always go through the VFS.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
5e89a23f by Andreas Schneider at 2018-06-21T13:52:02Z
krb5_plugin: Add winbind localauth plugin for MIT Kerberos
Applications (like OpenSSH) don't know about users and and
their relationship to Kerberos principals. This plugin allows that
Kerberos principals can be validated against local user accounts.
Administrator at WURST.WORLD -> WURST\Administrator
https://web.mit.edu/kerberos/krb5-latest/doc/plugindev/localauth.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13480
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Jun 21 15:52:02 CEST 2018 on sn-devel-144
- - - - -
fb3ddb48 by Swen Schillig at 2018-06-22T09:57:19Z
ctdb-common: replace talloc / memcpy by talloc_memdup
Signed-off-by: Swen Schillig <swen at vnet.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Jun 22 11:57:19 CEST 2018 on sn-devel-144
- - - - -
97eaeea6 by Christof Schmitt at 2018-06-22T22:57:47Z
krb5_wrap: fix keep_old_entries logic for older kerberos libraries
MIT kerberos 1.13 and older only stores 8 bits of the KVNO. The change
from commit 35b2fb4ff32 resulted in breakage for these kerberos
versions: 'net ads keytab create' reads a large KVNO from AD, and only
the lower 8 bits are stored. The next check then removed the entry again
as the 8 bit value did not match the currently valid KVNO.
Fix this by limiting the check to only 8 bits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13478
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Sat Jun 23 00:57:47 CEST 2018 on sn-devel-144
- - - - -
6b52d21e by Andrej Gessel at 2018-06-23T00:00:28Z
ldb: check return values
Signed-off-by: Andrej Gessel <Andrej.Gessel at janztec.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f75e8f58 by Andrej Gessel at 2018-06-23T00:00:28Z
check return value before using key_values
there are also mem leaks in this function
Signed-off-by: Andrej Gessel <Andrej.Gessel at janztec.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
05b54cc2 by Volker Lendecke at 2018-06-23T02:56:44Z
talloc_stack: Call talloc destructors while frame is still around
This fixes "samba-tool ntacl set -d10"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Jun 23 04:56:44 CEST 2018 on sn-devel-144
- - - - -
1bb2a1c6 by Andrew Bartlett at 2018-06-25T06:32:14Z
auth: For NTLM and KDC authentication, log the authentication duration
This is not a general purpose profiling solution, but these JSON logs are already being
generated and stored, so this is worth adding.
Some administrators are very keen to know how long authentication
takes, particularly due to long replication transactions in other
processes.
This complements a similar patch set to log the transaction duration.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
b282bcbb by Gary Lockyer at 2018-06-25T09:16:18Z
dsdb: Log the transaction duraton.
This is not a general purpose profiling solution, but these JSON
logs are already being generated and stored, so this is worth adding.
This will allow administrators to identify long running
transactions, and identify potential performance bottlenecks.
This complements a similar patch set to log authentication duration.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Jun 25 11:16:18 CEST 2018 on sn-devel-144
- - - - -
df16008c by Karolin Seeger at 2018-06-25T11:07:26Z
bla
- - - - -
228e5d4f by Christof Schmitt at 2018-06-25T11:07:26Z
krb5_wrap: fix keep_old_entries logic for older kerberos libraries
MIT kerberos 1.13 and older only stores 8 bits of the KVNO. The change
from commit 35b2fb4ff32 resulted in breakage for these kerberos
versions: 'net ads keytab create' reads a large KVNO from AD, and only
the lower 8 bits are stored. The next check then removed the entry again
as the 8 bit value did not match the currently valid KVNO.
Fix this by limiting the check to only 8 bits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13478
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Sat Jun 23 00:57:47 CEST 2018 on sn-devel-144
(cherry picked from commit 97eaeea6a130871cfac5be42459380c0c4e0fae6)
- - - - -
0196569d by Andreas Schneider at 2018-06-25T11:07:26Z
krb5_plugin: Add winbind localauth plugin for MIT Kerberos
Applications (like OpenSSH) don't know about users and and
their relationship to Kerberos principals. This plugin allows that
Kerberos principals can be validated against local user accounts.
Administrator at WURST.WORLD -> WURST\Administrator
https://web.mit.edu/kerberos/krb5-latest/doc/plugindev/localauth.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13480
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 5e89a23ffaceccdc83d70a4ab2798ae25c10d580)
- - - - -
bed29aba by Andreas Hasenack at 2018-06-25T14:10:42Z
- d/samba.logrotate: only try to reload the services if they are running
(Closes: #902149)
- - - - -
be00b892 by Jeffrey Altman at 2018-06-25T15:30:14Z
heimdal: lib/krb5: do not fail set_config_files due to parse error
Follow Apple's lead and do not fail krb5_set_config_files() simply
because one of the files in the profile list fails to parse correctly.
Doing so can lead to hard to find failures and could lead to an end
user shooting themselves in the foot and no longer be able to login
to their system to fix it.
Parse as many of the files as we can. Only fail krb5_set_config_files()
if init_context_from_config_file() fails.
Change-Id: I122664c6d707a5f926643808ba414bf4f681f8b8
Cherry-pick of Heimdal commit b7cf5e7caf9b270f4d4151d2690177b11a7a1bdf
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11573
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit f05a1554b770c6a2c905170347bfb41157f4aa78)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Mon Jun 25 17:30:14 CEST 2018 on sn-devel-144
- - - - -
5f2859e9 by Andreas Schneider at 2018-06-25T19:47:19Z
s3:registry: Fix buffer truncation issues issues with gcc8
../source3/registry/reg_perfcount.c: In function ‘reg_perfcount_get_hkpd’:
../source3/registry/reg_perfcount.c:337:29: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
snprintf(buf, buflen,"%d%s", key_part1, key_part2);
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 29f6842ee86b768f3677b38c5640655e312c398e)
- - - - -
941b5663 by Andreas Schneider at 2018-06-25T19:47:19Z
s3:smbget: Fix buffer truncation issues with gcc8
../source3/utils/smbget.c: In function ‘smb_download_file’:
../source3/utils/smbget.c:97:27: error: ‘b’ directive output may be truncated writing 1 byte into a region of size between 0 and 19 [-Werror=format-truncation=]
snprintf(buffer, l, "%jdb", (intmax_t)s);
^
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 4a3164e0beea35c1f4ce44fbe43547f7104587d1)
- - - - -
ee6bd861 by Andreas Schneider at 2018-06-25T19:47:19Z
s3:winbind: Fix regression introduced with bso #12851
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12851
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit c1c764925e24788905ab91aa455b415765d6f71f)
- - - - -
8a86aad4 by Mathieu Parent at 2018-06-25T20:57:33Z
Merge branch 'logrotate-with-services-stopped-902149' into 'master'
logrotate: only try to reload the services if they are running
See merge request samba-team/samba!8
- - - - -
5bb60e2d by Andrew Bartlett at 2018-06-25T21:01:20Z
build: Move --without-json-audit and json lib detection to lib/audit_logging
This is the common location of the audit logging code now
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a2783fe1 by Andrew Bartlett at 2018-06-25T21:01:20Z
lib/audit_logging: Require jansson JSON library for building the AD DC
This combination is untested and it is reasonable to require this
broadly available library for the AD DC build.
Doing so keeps the combinational complexity down and ensures we test
what we ship. (It was failing to compile).
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b650ea53 by Andrew Bartlett at 2018-06-25T21:01:20Z
lib/audit_logging: Only build audit_logging_test for --enable-selftest on the AD DC
This allows a --without-ad-dc --enable-selftest build to compile, still testing some
fileserver-only features.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
6b9a9a4d by Andrew Bartlett at 2018-06-25T21:01:20Z
dsdb: Ensure a build --without-json-audit --without-ad-dc compiles
We still build some of the ldb_modules even when we are not a DC, so we must
split up the DSDB_MODULE_HELPERS.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f33749fc by Andrew Bartlett at 2018-06-26T00:03:30Z
autobuild: Build samba-fileserver --without-json-audit
This build target is already --without-ad-dc and is the one we need to ensure is
compatible with a host without the Jansson JSON library.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Jun 26 02:03:30 CEST 2018 on sn-devel-144
- - - - -
8b32d297 by Andreas Schneider at 2018-06-26T00:26:14Z
samdb: Fix build error with gcc8
../source4/dsdb/samdb/ldb_modules/samldb.c: In function ‘samldb_add’:
../source4/dsdb/samdb/ldb_modules/samldb.c:424:6: error: ‘found’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
if (found) {
^
../source4/dsdb/samdb/ldb_modules/samldb.c:348:11: note: ‘found’ was declared here
bool ok, found;
^~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 76828876faa3cd463023e323983df0be597c7361)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Tue Jun 26 02:26:15 CEST 2018 on sn-devel-144
- - - - -
450210c3 by Andrew Bartlett at 2018-06-26T01:27:20Z
audit_logging: Clarify debug messages
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
4f508486 by Andrew Bartlett at 2018-06-26T01:27:20Z
audit_logging: Remove incorrect check for NT_STATUS_OBJECT_NAME_NOT_FOUND
NT_STATUS_OBJECT_NAME_NOT_FOUND is not a case we can ignore, it would mean that event_server
is not initialised.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
dad73e0b by Andrew Bartlett at 2018-06-26T01:27:20Z
audit_logging: Initialise event_server
It is better if this is a known zero value to start, even if we check the errors
correctly.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
4b077e07 by Andrew Bartlett at 2018-06-26T01:27:20Z
audit_logging: Remove duplciate error printing
These errors are already logged at DBG_NOTICE in get_event_server()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d38160c9 by Andrew Bartlett at 2018-06-26T01:27:20Z
dsdb: Use correct memory context for imessaging_client_init() in audit logging
This is only used for selftest, to send out the log messages for checking.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d2468f73 by Andrew Bartlett at 2018-06-26T01:27:20Z
dsdb: Use customary variable names for audit event contexts
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
2c883bd9 by Andrew Bartlett at 2018-06-26T01:27:20Z
dsdb: Use customary variable names for the audit private context
The variable name "ac" typically implies the async context, and the long-life
private context is normally denoted private, not context. This aligns better
with other modules.
talloc_get_type_abort() is now also used.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d18bae91 by Andrew Bartlett at 2018-06-26T01:27:20Z
dsdb: Use GUID_zero() rather than memset in dsdb audit code
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
120fe410 by Andrew Bartlett at 2018-06-26T01:27:20Z
dsdb-audit: Remove flapping part of the tests
Because we have tests for this in the auth audit code, we do not need to have
the complexity of checking that we got DCE/RPC over SMB as an authorization
message here.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
113da7ac by Gary Lockyer at 2018-06-26T04:09:46Z
dsdb audit: Fix timestamp tests
Fix flapping test:
[242(3560)/242 at 25m3s] samba4.dsdb.samdb.ldb_modules.audit_log
UNEXPECTED(failure):
samba4.dsdb.samdb.ldb_modules.audit_log.test_operation_json_empty(none)
REASON: Exception: Exception: difftime(after, actual) >= 0
../source4/dsdb/samdb/ldb_modules/tests/test_audit_log.c:74: error:
The tests truncate the microsecond portion of the time, so the
difference could be less than 0.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Jun 26 06:09:46 CEST 2018 on sn-devel-144
- - - - -
5c1d9b0b by Andrew Bartlett at 2018-06-26T07:19:16Z
ldb: Save a copy of the index result before calling the callbacks.
Otherwise Samba modules like subtree_rename can fail as they modify the
index during the callback.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13452
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
(cherry picked from commit d02cd236dcbd8a44ecc85d1f7e95a48c95c0a479)
- - - - -
d1b59c26 by Andrew Bartlett at 2018-06-26T07:19:16Z
ldb: Indicate that the ltdb_dn_list_sort() in list_union is a bit subtle.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
(cherry picked from commit 3632775d7ad31e06437ed76b8731d9895930caa1)
- - - - -
703ca1a4 by Andrew Bartlett at 2018-06-26T07:19:16Z
ldb: Explain why an entry can vanish from the index
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
(cherry picked from commit 9e143ee9b9f7be53c193cee3153f64c4dedc07e9)
- - - - -
b8df3cd9 by Andrew Bartlett at 2018-06-26T07:19:16Z
ldb: One-level search was incorrectly falling back to full DB scan
When no search filter is specified, the code falls back to using
'(|(objectClass=*)(distinguishedName=*)'. ltdb_index_dn() then failed
because matching against '*' is not indexed. The error return then
caused the code to fallback to a full-scan of the DB, which could have a
considerable performance hit.
Instead, we want to continue on and do the ltdb_index_filter() over the
indexed results that were returned.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
(cherry picked from commit 88ae60ed186c9c479722ad62d65a07d0c2e71469)
- - - - -
b4331a3a by Andrew Bartlett at 2018-06-26T07:19:16Z
ldb: Add tests for when we should expect a full scan
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13448
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
(cherry picked from commit e99c199d811e607e7867e7b40d82a1642226c647)
- - - - -
1fb72464 by Lukas Slebodnik at 2018-06-26T07:19:16Z
ldb: Fix memory leak on module context
Introduced in e8cdacc509016d9273d63faf334d9f827585c3eb
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13459
Signed-off-by: Lukas Slebodnik <lslebodn at fedoraproject.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Jun 1 11:10:24 CEST 2018 on sn-devel-144
(cherry picked from commit d161aa3522576545d269208426bb0014ee2ab35f)
- - - - -
9b5f368a by Andrew Bartlett at 2018-06-26T07:19:17Z
ldb_tdb: Use mem_ctx and so avoid leak onto long-term memory on duplicated add.
After a duplicated add a small amount of memory can be leaked onto a
long-term context.
Found by Andrej Gessel https://github.com/andiges
https://github.com/samba-team/samba/commit/e8fb45125e6a279b918694668e0d4fbddac10aee#commitcomment-29334102
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13471
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jun 15 04:39:41 CEST 2018 on sn-devel-144
(cherry picked from commit f4f3abfa0e18bb4968b37b1cac40cd8c185c8d7b)
- - - - -
7a1906d9 by Andrej Gessel at 2018-06-26T07:19:17Z
ldb: check return values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13475
Signed-off-by: Andrej Gessel <Andrej.Gessel at janztec.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 6b52d21e6040699a72aff12fd6ebb34534dcb457)
- - - - -
2a3f91ea by Andrej Gessel at 2018-06-26T07:19:17Z
check return value before using key_values
there are also mem leaks in this function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13475
Signed-off-by: Andrej Gessel <Andrej.Gessel at janztec.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f75e8f58cd2390c092631803d333adadb475306a)
- - - - -
7ccd1eb5 by Andrej Gessel at 2018-06-26T07:19:17Z
Fix several mem leaks in ldb_index ldb_search ldb_tdb
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13475
Signed-off-by: Andrej Gessel <Andrej.Gessel at janztec.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Jun 15 23:07:25 CEST 2018 on sn-devel-144
(cherry picked from commit 3ca1c09f686fbfa9257cd95710dba4a98c3eeb8f)
- - - - -
fb522c1b by Andrew Bartlett at 2018-06-26T07:19:17Z
.gitlab-ci.yml: Adapt to current GitLab CI setup
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e25631d6 by Andrew Bartlett at 2018-06-26T11:31:53Z
ldb: version 1.3.4
* Fix memory leaks and missing error checks (bug 13459, 13471, 13475)
* Fix fallback to full scan (performance regression) on
one-level search (bug 13448)
* Fix read corruption (missing results) during writes, particularly
during a Samba subtree rename (bug 13452)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Tue Jun 26 13:31:53 CEST 2018 on sn-devel-144
- - - - -
e268d435 by Andreas Hasenack at 2018-06-26T12:26:51Z
Remove the deprecated "syslog" and "syslog only" options (Closes: #901138)
Remove the deprecated "syslog only" and "syslog" global options from
debian/smb.conf and replace them with the "logging" statement. The same logging
behaviour remains after this change.
- - - - -
519bc4de by Karolin Seeger at 2018-06-26T14:37:36Z
WHATSNEW: Add release notes for Samba 4.8.3.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
1df7f93b by Karolin Seeger at 2018-06-26T14:38:32Z
VERSION: Bump version up to 4.8.4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
a62c2f3e by Karolin Seeger at 2018-06-26T14:38:32Z
VERSION: Disable GIT_SNAPSHOT for the 4.8.3 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
89a8b3ec by Justin Stephenson at 2018-06-26T15:43:25Z
s3:client: Add --quiet option to smbclient
Add quiet command-line argument to allow suppressing the help log
message printed automatically after establishing a smbclient connection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13485
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Björn Baumbach <bb at sernet.de>
- - - - -
f90f434e by Justin Stephenson at 2018-06-26T18:29:19Z
s3:tests: Add test for smbclient --quiet
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13485
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Björn Baumbach <bb at sernet.de>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jun 26 20:29:19 CEST 2018 on sn-devel-144
- - - - -
562ec950 by Tim Beale at 2018-06-26T21:32:51Z
remove_dc: Fix removal of an old Windows DC
Windows has 'CN=DNS Settings' child object underneath the Server object.
This was causing the removal of the server object in remove_dc() to
fail.
Noticed this problem while testing the backup/restore tool manually
against a Windows VM.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13484
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Tue Jun 26 23:32:51 CEST 2018 on sn-devel-144
- - - - -
d9914b9b by Andrew Bartlett at 2018-06-27T05:51:14Z
Update .travis.yml to match package list used in docker container and Catalyst Cloud builds
The package list has some "strange" things in them, but more important is
using the same list everywhere. We can hopefully harmonise the package lists
to a single file in Samba git soom, merging the docker and packer image creation.
Additionally, Travis CI will probably need to move to Docker once we change
beyond Ubuntu 14.04, so it will simple reference the gitlab.com image then.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Wed Jun 27 07:51:14 CEST 2018 on sn-devel-144
- - - - -
eba2eb8a by Andreas Schneider at 2018-06-27T14:00:19Z
krb5_plugin: Install plugins to krb5 modules dir
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
4a7e0f25 by Andreas Schneider at 2018-06-27T14:00:19Z
krb5_plugin: Move krb5 locator plugin to krb5_plugin subdir
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
6b7fcec0 by Andreas Schneider at 2018-06-27T14:00:19Z
docs: Move winbind_krb5_locator manpage to volume 8
The vfs and idmap manpages are in volume 8 too.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
e88d68c2 by Andreas Schneider at 2018-06-27T16:45:56Z
docs: Add manpage for winbind_krb5_localauth.8
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Jun 27 18:45:56 CEST 2018 on sn-devel-144
- - - - -
8e58954f by Tim Beale at 2018-06-28T01:34:26Z
tests: Add test that Samba cannot be started with a backup DB
We don't want users to take a backup file, and then simply untar it and
run Samba (Several modifications to the DB need to be made as part of
the restore process, so users should always run the 'backup restore'
command).
To enforce this, prime_ldb_databases() now refuses to start Samba if the
backupDate marker is present in the DB. This patch adds a test-case that
proves this basic behaviour works.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f0aad4a1 by Aaron Haslett at 2018-06-28T01:34:26Z
samba: read backup date field on init and fail if present
This prevents a backup tar file, created with the new official
backup tools, from being extracted and replicated.
This is done here to ensure that samba-tool and ldbsearch can
still operate on the backup (eg for forensics) but starting
Samba as an AD DC will fail.
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5728867d by Aaron Haslett at 2018-06-28T01:34:27Z
param: Add non-global smb.cfg option (support 2 different smb.confs)
The default behaviour is that there is only a single global underlying
LoadParm object. E.g. if you create 2 different LoadParm objects in
python, they both modify the same underlying object.
This patch adds a mechanism to override this and create a separate
non-global LoadParm object. The use-case is the backup tool, where we
want to manipulate 2 different smb.conf files (the one used to create
the backup, and the smb.conf in the backup itself).
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
66f8c86e by Tim Beale at 2018-06-28T01:34:27Z
tests: Add basic test for non-global LoadParm behaviour
Add a simple test to show that the new non-global LoadParm behaviour
works, i.e.
- by default all LoadParm objects are linked to the same underlying
object
- using a non-global LoadParm creates a separate underlying object.
- using a non-global LoadParm with a bad filename fails.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c9cf62bd by Tim Beale at 2018-06-28T01:34:27Z
selftest: Update MAX_WRAPPED_INTERFACES comment to match code
Commit 19606e4dc657b0baf3ea84d updated the MAX_WRAPPED_INTERFACES define
in the C code from 40 to 64.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8b07ddde by Tim Beale at 2018-06-28T04:22:16Z
provision: set 'binddns dir' when making new smb.conf
When creating a new smb.conf from scratch during a join/clone/etc, the
'binddns dir' setting still uses the source smb.conf/default setting,
instead of the targetdir sub-directory.
I noticed this problem when trying to create a new testenv - the
provision() was trying to create /usr/local/samba/bind-dns directory,
which would fail if samba hadn't already been installed on the host
machine.
Now that this is fixed, we also need to fix tests that were explicitly
asserting that no unexpected directories were left behind after the test
completes.
This change also breaks the upgradeprovision script. The upgrade-
provision calls newprovision() to create a reference provision in a
temporary directory. However, previously this temporary provision was
creating the bind-dns directory in the actual upgrade directory as a
side-effect, e.g. it did a provision() with
targetdir=alpha13_upgrade_full/private/referenceprovisionLBKBh2 and this
ended up creating alpha13_upgrade_full/bind-dns as a side-effect.
The provision() now creates bind-dns in the specified targetdir, but
this means check_for_DNS() fails (it tries to create bind-dns sub-
directories, but the upgrade's bind-dns doesn't exist). I've avoided
this problem by making sure bind-dns exists as part of the
check_for_DNS() processing.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Jun 28 06:22:16 CEST 2018 on sn-devel-144
- - - - -
2403b7c4 by Douglas Bagnall at 2018-06-28T04:29:16Z
samba-tool drs showrepl: add a --color flag
Nothing is using it yet, but the next commit will
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b62b3da9 by Douglas Bagnall at 2018-06-28T04:29:16Z
samba-tool drs showrepl --summary for a quick local check
The default output ("classic") gives you a lot of very uninteresting
detail when everything is fine. --summary shuts up about things that
are fine but shouts a little bit when things are broken. It doesn't
provide any new information, just tries to present it in a more useful
format.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3a1b710e by Douglas Bagnall at 2018-06-28T04:29:16Z
samba-tool drs show_repl: simplify the collection of DC lists
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
79c1c0c9 by Andrew Bartlett at 2018-06-28T04:29:16Z
samba-tool drs showrepl: Skip deleted DSAs when checking for success
The deleted DSAs are ignored by the server replication code, so ignore past failures
here also.
The repsFrom and repsTo entries will eventually be removed by the KCC.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f08e3d6d by Douglas Bagnall at 2018-06-28T04:29:17Z
samba-tool drs showrepl test: remove useless print
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
da30b37e by Douglas Bagnall at 2018-06-28T04:29:17Z
s4/torture/drs/python: don't double-call enable/disable replication
This is repeating work done in setup/teardown or doubling up in place (self._enable_all_repl includes self._enable_inbound_repl)
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5fcd3746 by Douglas Bagnall at 2018-06-28T04:29:17Z
s4/torture/samba_tool_drs_showrepl: use assertRegexpMatches
rather than a local rewrite special to this file.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2c9eeedc by Andrew Bartlett at 2018-06-28T04:29:17Z
samba-tool drs showrepl: add --pull-summary and --notify-summary
These separate the two halves of --summary (which is still there),
allowing the repsto and repsfrom to be separately queried.
One motivation for this is testing: it is difficult to assert the
success of repsfrom (--notify-summary) in the test framework, because
we can't rely on the other end behaving properly and promptly.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
211275fa by Douglas Bagnall at 2018-06-28T07:23:09Z
samba-tool showrepl tests: test all-good with --pull-summary
We test the all-good case with --pull-summary, which is the only one
we can be reasonably certain about.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Jun 28 09:23:10 CEST 2018 on sn-devel-144
- - - - -
4320dcc4 by Joe Guo at 2018-06-28T07:25:08Z
pysmb: add py_smb_unlink and test
Add unlink api to delete a file with a smb connection.
Test added.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f1566c2e by Joe Guo at 2018-06-28T07:25:09Z
pysmbd: add py_smbd_mkdir
Add mkdir for smbd API.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
747c3f1f by Joe Guo at 2018-06-28T07:25:09Z
pysmbd: extract init_files_struct function
Extract initialization code from set_nt_acl_conn for reuse.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1078c969 by Joe Guo at 2018-06-28T07:25:09Z
pysmbd: add py_smbd_create_file
Add create_file function to smbd API.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
132fa04c by Joe Guo at 2018-06-28T07:25:09Z
ntacls: add functions to backup and restore ntacls
1. backup a share online from a smb connection with ntacls using pysmb API.
2. backup a share offline from service path with ntacls using pysmbd API.
3. restore from tarfile with pysmdb API.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b3346158 by Joe Guo at 2018-06-28T07:25:09Z
ntacls: add extra test file for ntacls backup
The ntacls backup tests have to run in ad_dc:local env, which is
different from existing ntacls tests. Add a separate file for backup
tests.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
178c7d4f by Joe Guo at 2018-06-28T07:25:09Z
tests/ntacls_backup: register test
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
3262f01d by Joe Guo at 2018-06-28T07:25:09Z
tests/ntacls: use global vars to make code DRY
Move acl and dommain_sid to global vars so we don't repeat them in every
test.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
975b751b by Joe Guo at 2018-06-28T10:14:59Z
tests/ntacls: fix pep8 warnings
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Jun 28 12:14:59 CEST 2018 on sn-devel-144
- - - - -
396f1231 by Björn Baumbach at 2018-06-28T13:04:44Z
README.Coding: Fix link to Python coding style guide (PEP 8)
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: David Mulder <dmulder at suse.com>
Autobuild-User(master): Björn Baumbach <bbaumbach at samba.org>
Autobuild-Date(master): Thu Jun 28 15:04:44 CEST 2018 on sn-devel-144
- - - - -
b6b1226d by Carlos O'Donell at 2018-06-29T04:47:00Z
ctdb: Improve robust mutex test
This avoids some of the undefined behaviour, like initializing the same mutex
twice which happens when the low and high priority processes start (both
do the initialization and that's dangerous.) Instead now we start an
"init" process to start the shared memory segment, and then everything
else just uses it without truncation or unlinking (same mutex).
Signed-off-by: Carlos O'Donell <codonell at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Jun 29 06:47:00 CEST 2018 on sn-devel-144
- - - - -
e84b5020 by Amitay Isaacs at 2018-06-29T13:12:37Z
ctdb-common: Correctly handle conf->reload()
Configuration reload should reset the values of configuration options
missing from the config file to default.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Jun 29 15:12:37 CEST 2018 on sn-devel-144
- - - - -
c0a8098a by Mathieu Parent at 2018-07-01T12:16:47Z
New upstream version 4.8.3+dfsg
- - - - -
f4254a01 by Mathieu Parent at 2018-07-01T12:31:10Z
Merge branch 'drop-deprecated-syslog-options' into 'master'
Drop deprecated syslog options from default smb.conf
See merge request samba-team/samba!7
- - - - -
bc987f2c by Mathieu Parent at 2018-07-01T12:31:56Z
Merge tag 'upstream/4.8.3+dfsg'
Upstream version 4.8.3+dfsg
- - - - -
f4f81546 by Mathieu Parent at 2018-07-01T12:32:22Z
Bump build-depends ldb >= 1.3.4
- - - - -
fc0bfbb5 by Mathieu Parent at 2018-07-01T12:35:15Z
smb.conf: Remove wins support and wins server comments
WINS protocol is outdated and DNS is recommended.
- - - - -
43c26f85 by Mathieu Parent at 2018-07-01T12:40:55Z
smb.conf: Improve "logging" comments
- - - - -
24b1422d by Mathieu Parent at 2018-07-01T12:44:25Z
Changelog for previous commits
- - - - -
e21bce86 by Mathieu Parent at 2018-07-01T12:47:15Z
smb.conf: Remove "dns proxy = no", only usefull as a WINS server
- - - - -
15a1abf3 by Mathieu Parent at 2018-07-01T13:07:56Z
smb.conf: Propose better idmap config
We use tdb backend, as rid consumes too much uids, and ads requires SFU server-side.
We reserve uid < 3000 for local users. We reserve 65534 for nobody.
- - - - -
244976bf by Mathieu Parent at 2018-07-01T13:12:24Z
smb.conf: Remove "passdb backend = tdbsam" as this is the default
- - - - -
9e165f27 by Mathieu Parent at 2018-07-01T13:18:34Z
smb.conf: Fix "usershare max shares" default (patched to 100 instead of 0)
- - - - -
7eeba9c5 by Amitay Isaacs at 2018-07-02T06:51:20Z
replace: Add test for sin6_len in sockaddr_in6 structure
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
79992dbb by Amitay Isaacs at 2018-07-02T06:51:20Z
ctdb-common: Use sin6_len only if the structure supports it
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
14868df9 by Amitay Isaacs at 2018-07-02T06:51:20Z
ctdb-build: Add checks for raw pkt handling support
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
f697c2e1 by Amitay Isaacs at 2018-07-02T06:51:20Z
ctdb-build: Add ipv6 headers check for packet details
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
57834c64 by Martin Schwenke at 2018-07-02T06:51:20Z
ctdb-common: Rename system utility files
system_socket.[ch] will contain all the raw socket code and other
functions that use ctdb_sock_addr. system.[ch] will contain other
platform dependent functions.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
2f0a4d20 by Martin Schwenke at 2018-07-02T06:51:20Z
ctdb-common: Move parse_ip_mask() to system_socket.[ch]
This uses ctdb_sock_addr so belongs here.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8fcd12ba by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-common: Move ctdb_system_check_iface_exists() to system.[ch]
The system_<os>.c files contain a lot of duplication, making
maintenance difficult. These functions are being merged into
system_socket.[ch] and system.[ch].
This function doesn't need ctdb_sock_addr so put it with general
system utilities.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
1d7d8045 by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-common: Move ctdb_get_peer_pid() to system.[ch]
The system_<os>.c files contain a lot of duplication, making
maintenance difficult. These functions are being merged into
system_socket.c and system.c.
This function doesn't need ctdb_sock_addr so put it with general
system utilities.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9c51b278 by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-common: Move ctdb_sys_send_arp() to ctdb_socket.[ch]
The system_<os>.c files contain a lot of duplication, making
maintenance difficult. These functions are being merged into
system_socket.c and system.c.
Bring a copy of tcp_checksum6(), renamed to ip6_checksum().
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
eafcc98b by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-common: Move ctdb_sys_send_tcp() to ctdb_socket.[ch]
The system_<os>.c files contain a lot of duplication, making
maintenance difficult. These functions are being merged into
system_socket.c and system.c.
Bring across tcp_checksum(), renamed to ip_checksum().
uint16_checksum() becomes static.
Use the BSD struct tcphdr field names for portability. See the
comment in the code for more details about how we get this to compile
on older glibc versions.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
fa94a49d by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-common: Move capture_socket functions to ctdb_socket.[ch]
The system_<os>.c files contain a lot of duplication, making
maintenance difficult. These functions are being merged into
system_socket.c and system.c.
Bring across ctdb_sys_open_capture_socket(),
ctdb_sys_close_capture_socket() and ctdb_sys_read_tcp_packet().
Remove empty system_<os>.c files.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
05a908d7 by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-tests: Switch fake_ctdbd to use ctdb_get_peer_pid()
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
40a8ab1c by Amitay Isaacs at 2018-07-02T06:51:21Z
ctdb: Fix build on AIX
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
edffe4d1 by Amitay Isaacs at 2018-07-02T06:51:21Z
tdb: Fix build on AIX
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Here is the build error on AIX 7.1.
../../lib/tdb/tools/tdbtool.c:39:12: error: 'disable_lock' redeclared as different kind of symbol
static int disable_lock;
^~~~~~~~~~~~
In file included from /usr/include/sys/gfs.h:24:0,
from /usr/include/sys/vfs.h:27,
from ../../lib/replace/system/filesys.h:48,
from ../../lib/tdb/tools/tdbtool.c:26:
/usr/include/sys/lock_def.h:314:5: note: previous declaration of 'disable_lock' was here
int disable_lock(int,simple_lock_t);
^~~~~~~~~~~~
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
23adbaad by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-tests: Drop check for invalid event in 00.test event script
This isn't necessary and complicates the code.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
acd10a5d by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-tests: Clean up argument validation in 00.test event script
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8888711e by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-tests: Drop unnecessary code in 00.test event script
This script is only used with local daemons.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
673b0e78 by Martin Schwenke at 2018-07-02T06:51:21Z
ctdb-tests: Add generic logging of event details in 00.test event script
No need for a separate case for each event just to log details.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9e1cbd92 by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-tests: Clean up startup event in 00.test event script
Rewrite interface initialisation to avoid an error when there are no
interfaces configured. Re-indent case label.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9f09579a by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-tests: Support CTDB_RUN_TIMEOUT_MONITOR=yes in simple tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
dfd39c9c by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-tests: Enable event script debugging in local daemon tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ff181a82 by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-tests: Switch 90_debug_hung_script.sh to be a simple test
This test only runs against local daemons. Configuration is done via
script.options, which simplifies things quite a bit.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
cd9930ea by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-scripts: Drop 99.timeout event script
This is now implemented in local daemon testing.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b318cf22 by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-recoverd: Set the process name correctly
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
77db0b15 by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-client: Fix typo where CTDB_BROADCAST_ALL is repeated
Surely this is meant to be CTDB_BROADCAST_CONNECTED?
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4b008556 by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-tests: Add check for non-lmaster node status in integration tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ec72fade by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-tests: Add a simple test for database traverses
This tests that volatile databases traverse correctly, including the
case where a record was updated on a non-lmaster node.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
36938bfd by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-server: Rename CTDB_BROADCAST_VNNMAP -> CTDB_BROADCAST_ACTIVE
This broadcast is misnamed. Both places where this type of broadcast
is used expect the broadcast to go to all active nodes.
Make the corresponding change to the semantics in the daemon by
sending to all active nodes.
There is a mismatch between the ideas of VNN map and active nodes. A
node that is not in the VNN map but is active can still host database
records. These were the same until the LMASTER capability was
introduced and then the logic was not updated.
The only place where the VNN map is relevant is when finding the
location master of a record in the migration code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
af446d52 by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-docs: Fix the documentation for VNN map
It is incorrectly says that nodes not in the VNN map can not be
DMASTER.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
63255ef9 by Martin Schwenke at 2018-07-02T06:51:22Z
ctdb-daemon: Only consider client ID for local database attach
The comment immediately above this code says "don't allow local
clients to attach" and then looks up the client ID regardless of
whether the request is local or remote.
This means that an intentional remote attach from a client will not
work correctly. No real client should ever do that since clients
attach so they an access databases locally. Perhaps some sanity
checks should be added.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13500
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0b4a071e by Martin Schwenke at 2018-07-02T09:30:29Z
ctdb-tests: Teach strace packet parser about non-octal escapes
strace output also encodes characters 7 to 13 as \a, \b, \t, \n, \v,
\f, \r.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Mon Jul 2 11:30:29 CEST 2018 on sn-devel-144
- - - - -
c7fd6808 by Andrew Bartlett at 2018-07-03T03:24:13Z
dbcheck: Use symbolic control name for DSDB_CONTROL_DBCHECK_FIX_DUPLICATE_LINKS
While we do not wish to encourage use of this control, manually typed OIDs are
even more trouble, so pass out via pydsdb.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
22208f52 by Tim Beale at 2018-07-03T03:24:13Z
dbchecker: Fixing up incorrect DNs wasn't working
dbcheck would fail to fix up attributes where the extended DN's GUID is
correct, but the DN itself is incorrect. The code failed attempting to
remove the old/incorrect DN, e.g.
NOTE: old (due to rename or delete) DN string component for
objectCategory in object CN=alice,CN=Users,DC=samba,DC=example,DC=com -
<GUID=7bfdf9d8-62f9-420c-8a71-e3d3e931c91e>;
CN=Person,CN=Schema,CN=Configuration,DC=samba,DC=bad,DC=com
Change DN to <GUID=7bfdf9d8-62f9-420c-8a71-e3d3e931c91e>;
CN=Person,CN=Schema,CN=Configuration,DC=samba,DC=example,DC=com?
[y/N/all/none] y
Failed to fix old DN string on attribute objectCategory : (16,
"attribute 'objectCategory': no matching attribute value while deleting
attribute on 'CN=alice,CN=Users,DC=samba,DC=example,DC=com'")
The problem was the LDB message specified the value to delete with its
full DN, including the GUID. The LDB code then helpfully corrected this
value on the way through, so that the DN got updated to reflect the
correct DN (i.e. 'DC=example,DC=com') of the object matching that GUID,
rather than the incorrect DN (i.e. 'DC=bad,DC=com') that we were trying
to remove. Because the requested value and the existing DB value didn't
match, the operation failed.
We can avoid this problem by passing down just the DN (not the extended
DN) of the value we want to delete. Without the GUID portion of the DN,
the LDB code will no longer try to correct it on the way through, and
the dbcheck operation will succeed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13495
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet at samba.org>
- - - - -
b2dc8e5d by Tim Beale at 2018-07-03T03:24:14Z
provision: Small refactor to host-IP logic
Split out the code that determines the host-IP of the new server into
separate functions. This will allow us to re-use the same logic in the
backup/restore case.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
bea990d2 by Aaron Haslett at 2018-07-03T03:24:14Z
join: Pipe through dns_backend option for clones
Allow join_clone() calls to specify a dns_backend parameter for the new
cloned DB.
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
3ee38df8 by Tim Beale at 2018-07-03T03:24:14Z
join: Rename dc_join() so it looks like an object
dc_join() is creating an object, but it currently looks like it's
just a function call. Rename it to look more object-like.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
3230c345 by Tim Beale at 2018-07-03T03:24:14Z
join: Refactor clone_only case to simplify code
Currently for DC clones, we create a regular DCJoinContext, se a
'clone_only' flag, and then make lots of special checks for this flag
throughout the code. Instead, we can use inheritance to create a
DCCloneContext sub-class, and put the specialization there.
This means we can remove all the 'clone_only' checks from the code. The
only 2 methods that really differ are do_join() and join_finalize(), and
these don't share much code at all. (To avoid duplication, I split the
first part of do_join() into a new build_nc_lists() function, but this
is a pretty trivial code move).
We still pass the clone_only flag into the __init__() as there's still
one case where we want to avoid doing work in the case of the clone.
For clarity, I'll refactor this in a subsequent patch.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
c2422593 by Tim Beale at 2018-07-03T06:12:10Z
join: Remove unnecessary clone_only flag
For the clone-only case, we have been avoiding a block of code in the
DCJoinContext's __init__(). The main reason we do this is because the
netbios_name is None for clones, and this block of code tries to derive
a bunch of values based on the netbios_name (otherwise, a few lines into
this block, it tries to do NoneType.lower(), which Python doesn't like
very much).
This code is not particularly clone-specific - it is just never going to
work if the netbios_name is None. So we can change the conditional
check, which allows us to get rid of the clone_only flag.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Tue Jul 3 08:12:10 CEST 2018 on sn-devel-144
- - - - -
e0301df1 by Aaron Haslett at 2018-07-03T08:39:14Z
netcmd: domain backup online command
This adds a samba-tool command that can be run against a remote DC to
produce a backup-file for the current domain. The backup stores similar
info to what a new DC would get if it joined the network.
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
78440746 by Aaron Haslett at 2018-07-03T08:39:14Z
netcmd: domain backup restore command
Add a command option that restores a backup file. This is only intended
for recovering from a catastrophic failure of the domain. The old domain
DCs are removed from the DB and a new DC is added.
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
70b73f3c by Aaron Haslett at 2018-07-03T08:39:14Z
tests: Add tests for the domain backup online/restore commands
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
ccba77a9 by Tim Beale at 2018-07-03T08:39:14Z
selftest: Add testenv for testing backup/restore
This adds a new testenv for testing that a DC created using the
samba-tool backup/restore can actually be started up. This actually
requires 2 new testenvs:
1. A 'backupfromdc' that solely exists to make a online backup of.
2. A 'restoredc' which takes the backup, and then uses the backup file
to do a restore, which we then start the DC based on.
The backupfromdc is just a plain vanilla AD DC. We use a separate test
env purely for this purpose, because the restoredc will use the same
domain (and so using an existing testenv would potentially interfere
with existing test cases).
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
00d22122 by Tim Beale at 2018-07-03T08:39:14Z
tests: Add a sub-set of tests to show the restored DC is sound
+ Add a new ldapcmp_restoredc.sh test that asserts that the original DC
backed up (backupfromdc) matches the new restored DC.
+ Add a new join_ldapcmp.sh test that asserts we can join a given DC,
and that the resulting DB matches the joined DC
+ Add a new login_basics.py test that sanity-checks Kerberos and NTLM
user login works. (This reuses the password_lockout base code, without
taking as long as the password_lockout tests do). Basic LDAP and SAMR
connections are also tested as a side-effect.
+ run the netlogonsvc test against the restored DC to prove we can
establish a netlogon connection.
+ run the same subset of rpc.echo tests that we do for RODC
+ run dbcheck over the new testenvs at the end of the test run
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
417fe47a by Tim Beale at 2018-07-03T08:39:14Z
drs_utils: Add infrastructure to support 'clone with rename'
Our end goal is to create a backup clone of a DB, but rename the
domain/realm so we can startup the backup DC without interferring with
the existing Samba network. The basic strategy to do this is to leverage
DRS replication - by renaming the first object in the partition, all
subsequent objects will automatically be renamed.
This patch adds the infrastructure to do this. I've used object
inheritance to handle the special case of renaming the partition
objects. This means the domain-rename special case doesn't really
pollute the existing DRS replication code. All it needs is a small
refactor to create a new 'process_chunk()' function that the new
sub-class can then override.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
3287bfe2 by Björn Jacke at 2018-07-03T11:24:51Z
build: bundle and reduce huge number of EA function tests
It's sufficient to check for one basic function of an EA implementation and a
use a single ifdef for each group of EA functions. This makes more sense than
checking for each EA function on each platform.
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Jul 3 13:24:51 CEST 2018 on sn-devel-144
- - - - -
c5fa4b15 by Ralph Boehme at 2018-07-03T23:19:50Z
s3: lib/ctdbd_conn: include .h, not .c
Probably a copy/paste mistake. Detected by a failing autobuild on
sn-devel and a local make test:
Build failed: default/examples/libsmbclient/testbrowse2: Symbol
tevent_req_is_unix_error linked in multiple libraries
['samba-cluster-support', 'tevent-util']
UNEXPECTED(failure): wafsamba.duplicate_symbols.duplicate_symbols(none)
Wonder why this didn't fail before in autobuild.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Jul 4 01:19:50 CEST 2018 on sn-devel-144
- - - - -
ec69abec by Andrew Bartlett at 2018-07-04T02:43:39Z
samba-tool drs showrepl: correctly report failing repsFrom
Hopefully this fixes the flapping test.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Wed Jul 4 04:43:39 CEST 2018 on sn-devel-144
- - - - -
56d9b1a5 by Amit Kumar at 2018-07-04T05:38:04Z
MAN: Adding entry for net ads lookup
There is no man page description for net ads lookup.
This PR adds entry for the same.
Signed-off-by: Amit Kumar amitkuma at redhat.com
Reviewed-by: Ralph Böhme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jul 4 07:38:04 CEST 2018 on sn-devel-144
- - - - -
c8621948 by David Mulder at 2018-07-04T08:22:15Z
samba_gpoupdate: Rename the command to samba-gpupdate
On a Windows client, this command is called 'gpupdate'
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a958dc35 by David Mulder at 2018-07-04T11:23:09Z
samba-gpupdate: Change machine option to target
On a Windows client, you designate machine/user
apply with a 'target' parameter. This change
makes gpupdate work more like that command.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jul 4 13:23:09 CEST 2018 on sn-devel-144
- - - - -
e311801e by Ralph Boehme at 2018-07-04T19:07:09Z
lib: smb_threads: fix access before init bug
talloc_stackframe_internal() calls SMB_THREAD_GET_TLS(global_ts) which
calls smb_get_tls_pthread() in the POSIX pthread wrapper implementation.
If SMB_THREAD_SET_TLS() hasn't been called before, global_ts is NULL and
smb_get_tls_pthread dereferences it so it crashes.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13505
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
8e96e9ea by Andreas Schneider at 2018-07-04T19:07:10Z
nsswitch: Add tests to lookup user via getpwnam
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13503
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9f28d306 by Andreas Schneider at 2018-07-04T21:55:56Z
s3:winbind: Do not lookup local system accounts in AD
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13503
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Jul 4 23:55:56 CEST 2018 on sn-devel-144
- - - - -
b977ded3 by Amitay Isaacs at 2018-07-04T21:56:42Z
ctdb-common: Use correct return type for tevent_queue_add_entry
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
af697008 by Amitay Isaacs at 2018-07-04T21:56:42Z
ctdb-tests: Avoid segfault by initializing logging
Setting DEBUGLEVEL before calling debug_init() causes segmentation
violation with gcc8. DEBUGLEVEL_CLASS is statically initialized to
debug_class_list_initial which is defined as const. Only after
debug_init() is called, DEBUGLEVEL_CLASS becomes a talloc'd array.
So before modifying DEBUGLEVEL, ensure debug_init() is called via
setup_logging(). (debug_init is a static function.)
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
a4393dde by Amitay Isaacs at 2018-07-04T21:56:42Z
ctdb-daemon: Avoid closing stdin when running in interactive mode
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
271407ab by Amitay Isaacs at 2018-07-04T21:56:42Z
ctdb-daemon: Set environment variable if running in interactive mode
CTDB_INTERACTIVE will be used to tell the other daemons if the ctdb daemon
is started in interactive mode. This is primarily used only for testing.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
c08d65c3 by Amitay Isaacs at 2018-07-04T21:56:42Z
wafsamba: Add strict option to CHECK_CODE
Some compilers (e.g. xlc) ignores unsupported features, generates a
warning, but does not fail compilation.
This ensures that any compiler warnings are treated as errors and the
feature support is correctly identified. This adds equivalent compiler
option to -Werror for xlc.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a9775c24 by Amitay Isaacs at 2018-07-04T21:56:43Z
wafsamba: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
77cdfe3e by Amitay Isaacs at 2018-07-04T21:56:43Z
socket_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
59dfd2d7 by Amitay Isaacs at 2018-07-04T21:56:43Z
replace: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
9a670bde by Amitay Isaacs at 2018-07-04T21:56:43Z
nss_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
65b07466 by Amitay Isaacs at 2018-07-04T21:56:43Z
pam_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c220e310 by Amitay Isaacs at 2018-07-04T21:56:43Z
resolv_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
734ea271 by Amitay Isaacs at 2018-07-05T01:01:33Z
uid_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Thu Jul 5 03:01:33 CEST 2018 on sn-devel-144
- - - - -
634a72df by Tim Beale at 2018-07-05T02:01:25Z
join: Add more framework for renaming a domain
Add a DCCloneContext subclass which will rename the DB objects as they
get cloned. This uses the drs_ReplicateRenamer class added to drs_utils
in an earlier patch. Where the drs_Replicate object currently gets
created has been split out into a simple new function, which we can then
override in the rename case.
The other important difference is overriding the provision step, so that
we use the new domain-DN/realm when setting up the initial SAM DB (and
smb.conf, secrets.ldb, etc).
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
850bba4d by Tim Beale at 2018-07-05T02:01:25Z
drs_utils: Always set the GET_TGT flag for clone renames
The DCCloneAndRenameContext replication was a little inefficient, in
that it would essentially replicate the entire DB twice. This was due to
resolving the link targets - it finds a target object it doesn't know
about, so retries the entire replication again with the GET_TGT flag set
this time.
Normally, the repl_meta_data code will use the target object's GUID,
however, it can't do this for cross-partition links (if it hasn't
replicated the target partition yet). The repl_md code can normally
detect that the link is a cross-parition link by checking the base-DN,
however, this doesn't work in the DCCloneAndRenameContext case because
we have renamed the base-DN.
This is not a big deal - it just means extra work. However, because the
domains being backed up could potentially be quite large, it probably
makes sense to just always set the GET_TGT in the rename case and skip
this extra work.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cd727c95 by Tim Beale at 2018-07-05T02:01:25Z
tests: Tweak the backup online tests so they're generic
Update backup-online tests to be more generic. We can then re-use the
common framework for other types of backups (offline, rename), and just
change what's specific to those particular cases.
This change includes asserting the restored backup's domain/realm are
correct, which we weren't doing previously but makes sense.
The new 'return samdb' is for convenience, so that child classes can
easily extend the checks we run over the restored DB.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ab65647a by Tim Beale at 2018-07-05T02:01:25Z
netcmd: Add 'samba-tool domain backup rename' command
Add a new command that takes a clone of the domain's DB, and renames the
domain as well. (We rename the domain during the clone because it's
easier to implement - the DRS code handles most of the renaming for us,
as it applies the received replication chunks).
The new option is similar to an online backup, except we also do the
following:
- use the new DCCloneAndRenameContext code to clone the DB
- run dbcheck to fix up any residual old DNs (mostly objectCategory
references)
- rename the domain's netBIOSName
- add dnsRoot objects for the new DNS realm
- by default, remove the old realm's DNS objects (optional)
- add an extra backupRename marker to the backed-up DB. In the restore
code, if the backup was renamed, then we need to register the new
domain's DNS zone at that point (we only know the new DC's host IP
at the restore stage).
Note that the backup will contain the old DC entries that still use the
old dnsHostname, but these DC entries will all be removed during the
restore, and a new DC will be added with the correct dnsHostname.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6681f904 by Tim Beale at 2018-07-05T02:01:25Z
netcmd: Extend 'backup restore' command to handle renamed domains
When restoring a renamed domain backup, we need to register the new
realm's DNS zone. We do this in the restore step because we don't know
the new server's IP/hostname in the backup step.
Because we may have removed the old realm's DNS entries in the rename
step, the remove_dc() code may fail to find the expected DNS entries for
the DC's domain (the DCs' dnsHostname still maps to the old DNS realm).
We just needed to adjust remove_dns_references() as it was getting a
slightly different error code.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
20568e00 by Tim Beale at 2018-07-05T02:01:26Z
selftest: Add dedicated RENAMEDC testenv for 'backup rename'
Add a new testenv that's similar to the existing restoredc, except we
use 'backup rename' to rename the domain as we back it up.
Restoring this backup then proves that a valid DC can be started from a
renamed backup.
Run the same sub-set of RESTOREDC tests to prove that the new testenv is
sound.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
62948a30 by Tim Beale at 2018-07-05T02:01:26Z
tests: Add new tests for backup-rename command
Extend the existing 'backup online' tests to also test the domain
rename case. This mostly involves some extra assertions that the
restored DB has been modified appropriatelt (i.e. domain NetBIOS
name is updated, etc).
I've also added an extra test case that creates a few objects and
links and specifically asserts that they get renamed appropriately.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2860bd07 by Tim Beale at 2018-07-05T02:01:26Z
netcmd: Use dbcheck to fix DB problems introduced by restore itself
As part of the restore process, we remove all the old DCs from the DB.
However, this introduces some dbcheck errors - there are some DN
attributes and one-way links that reference the deleted objects that
need fixing up. To resolve this, we can run dbcheck as part of the
restore process. This problem affects both renames and plain restores.
The dbcheck.sh test didn't spot this problem because it fixes this type
of DB error first, before it checks the DB.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
64e35021 by Douglas Bagnall at 2018-07-05T02:01:26Z
samba-tool drs showrepl test: turn subprocess error into failure
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
41d86e5f by Douglas Bagnall at 2018-07-05T02:01:26Z
samba_tool_showrepl_pull_summary_all_good is flapping
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9a7e9e52 by Andrew Bartlett at 2018-07-05T04:51:26Z
autobuild: Fix random-sleep.sh invocation in autobuild.py
The scripts were not running with the correct path and this causes sn-devel to hit
a very high load as many of the compile jobs start at once.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Jul 5 06:51:26 CEST 2018 on sn-devel-144
- - - - -
046d4688 by Amitay Isaacs at 2018-07-05T04:52:42Z
ctdb-protocol: Separate protocol-basic subsystem
This includes marshalling code for basic data types. This will be used
by other daemons.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
cbf7e2f0 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-build: Add ctdb prefix to build target
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
5586e035 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-tests: Separate testing code for basic data types
This will be used for testing other daemons' protocol code.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
f42106fb by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-common: Add client pid to connect callback in sock_daemon
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
281bc849 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-event: Add event daemon protocol
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
24ba8e7c by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-event: Add event daemon implementation
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
99c33e6f by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-event: Add event daemon client code
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
587a1e04 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-event: Add event daemon client tool
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
f9104d46 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-tests: Rename eventd testsuite to ctdb_eventd
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
6eaef849 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-event: Add tests for event daemon
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
efc5d3ca by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-daemon: Switch to starting new event daemon
>From this patch onwards, CTDB daemon is broken till the client code for
new eventd is integrated. This requires getting rid of the old eventd
protocol and client code and then switching to the new eventd protocol
and client code.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
26b19401 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-tools: Switch to using new event daemon tool
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
99fa3a34 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-tests: Remove tests for old event daemon
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
ce3db0d4 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-daemon: Remove old event daemon
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
b6938c09 by Amitay Isaacs at 2018-07-05T04:52:43Z
ctdb-tools: Remove old event daemon tool
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
0e444c96 by Amitay Isaacs at 2018-07-05T04:52:44Z
ctdb-client: Remove client code for old event daemon
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
8250072a by Amitay Isaacs at 2018-07-05T04:52:44Z
ctdb-protocol: Remove protocol for old event daemon
This breaks the build. The new eventd protocol cannot be introduced without
removing the old eventd protocol.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
db548f48 by Amitay Isaacs at 2018-07-05T04:52:44Z
ctdb-daemon: Add client code to talk to new event daemon
This fixes the build and now new eventd is integrated completely in CTDB.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
dda99e49 by Amitay Isaacs at 2018-07-05T07:39:33Z
ctdb-tests: Switch to using new event daemon
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Thu Jul 5 09:39:33 CEST 2018 on sn-devel-144
- - - - -
32e5b18d by Timur I. Bakeyev at 2018-07-05T07:40:59Z
Make sure that vfs*audit modules recognize and accept all the syslog facilities.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13436
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d63b24d5 by Timur I. Bakeyev at 2018-07-05T07:40:59Z
Make "none" the default setting for the successful and failed operations in the vfs_full_audit, so you don't blow up your server by just adding this module to the configuration.
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9f38df83 by Timur I. Bakeyev at 2018-07-05T07:40:59Z
Document that vfs_full_audit defaults are "none" for the successful and failed operations.
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9ff1fa56 by Andrew Bartlett at 2018-07-05T07:40:59Z
selftest: Use self.account_lockout_duration in self.update_lockout_settings for password_lockout tests
This allows the account_lockout_duration and
lockout_observation_window to be updated with longer values to cope
with slower build servers.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f0336457 by Andrew Bartlett at 2018-07-05T10:29:31Z
selftest: Use a longer self.account_lockout_duration and self.lockout_observation_window
This matches the changes made in the PSO tests and slows down the
whole testsuite but may make it more reliable on slower build hosts.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Jul 5 12:29:31 CEST 2018 on sn-devel-144
- - - - -
b2d75c01 by Amitay Isaacs at 2018-07-05T10:30:41Z
ctdb-common: Fix CID 437606
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
- - - - -
a30ac853 by Amitay Isaacs at 2018-07-05T13:22:16Z
ctdb-tests: Avoid segfault by initializing logging
This is in addition to af697008531.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Thu Jul 5 15:22:16 CEST 2018 on sn-devel-144
- - - - -
77be9637 by Andreas Schneider at 2018-07-06T15:14:44Z
nsswitch: Use a swtich in the wbinfo test to lookup users
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13503
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jul 6 17:14:44 CEST 2018 on sn-devel-144
- - - - -
20a837e8 by David Disseldorp at 2018-07-06T18:37:20Z
s3/service: use lp_const_servicename() where possible
The majority of these lp_servicename(talloc_tos(), ...) callers leak
onto the talloc stackframe. Drop the unnecessary heap allocations.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ce6c77d6 by David Disseldorp at 2018-07-06T18:37:20Z
s3/uid: use lp_const_servicename() where possible
The majority of these lp_servicename(talloc_tos(), ...) callers leak
onto the talloc stackframe. Drop the unnecessary heap allocations.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c53646bc by David Disseldorp at 2018-07-06T18:37:20Z
s3/service: convert lp_force_group() to const
set_conn_force_user_group() and change_to_user_internal() leak onto
the callers' talloc stackframe. Drop the unnecessary heap allocations.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c58194e3 by David Disseldorp at 2018-07-06T18:37:20Z
s3/service: convert lp_force_user() to const
Avoid set_conn_force_user_group() talloc stackframe leaks in doing so.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
887f9147 by David Disseldorp at 2018-07-06T18:37:20Z
s3/loadparm: fix a few talloc stackframe leaks
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
926ae506 by David Disseldorp at 2018-07-06T18:37:20Z
vfs_ceph: don't lie about flock support
Instead, match vfs_gluster behaviour and require that users explicitly
disable "kernel share modes".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13506
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0cd44821 by David Disseldorp at 2018-07-06T21:19:02Z
docs/vfs_ceph: add CTDB_SAMBA_SKIP_SHARE_CHECK=yes caveat
Mostly copied from the vfs_gluster manpage: the CephFS share path is not
locally mounted, which breaks the ctdb_check_directories_probe() check.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jul 6 23:19:02 CEST 2018 on sn-devel-144
- - - - -
4ad2a716 by Ralph Boehme at 2018-07-07T11:41:09Z
s3: smbd: fix a check in stat_cache_add()
As the comment above the if condition says:
/*
* If we are in case insentive mode, we don't need to
* store names that need no translation - else, it
* would be a waste.
*/
Ie if stat_cache_add() is called as
stat_cache_add("foo/bar", "foo/bar", false)
There's no need to cache the path, as a simple stat() on the client
supplied name (full_orig_name) matches the name used in the
filesystem (passed to stat_cache_add() as translated_path).
So fix the if condition to match the comment.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3430c9c3 by Christof Schmitt via samba-technical at 2018-07-07T11:41:09Z
lib:charset: Fix error messages from charset conversion
When e.g. trying to access a filename through Samba that does not adhere
to the encoding configured in 'unix charset', the log will show the
encoding problem, followed by "strstr_m: src malloc fail". The problem
is that strstr_m assumes that any failure from push/pull_ucs2_talloc is
a memory allocation problem, which is not correct.
Address this by removing the misleading messages and add a missing
message in convert_string_talloc_handle.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0a91ade5 by Ralph Boehme at 2018-07-07T11:41:09Z
s3: smbd/durable: remove dev and inode check from vfs_default_durable_reconnect_check_stat()
On a cluster filesystem the device numbers may differ on the cluster
nodes. We already verify the file_id in vfs_default_durable_reconnect(),
so we can safely remove the dev/inode checks.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13318
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e8b7aecf by Andreas Schneider at 2018-07-07T14:24:30Z
winbind_krb5_localauth: Fix a compiler warning
This can't used uninitialized but some compiler complains about it.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Sat Jul 7 16:24:30 CEST 2018 on sn-devel-144
- - - - -
2e4878a6 by Jeremy Allison at 2018-07-09T16:46:13Z
libsmbclient: Initialize written value before use.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13511
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
- - - - -
fe25bc79 by Bailey Berro at 2018-07-09T19:29:48Z
libsmbclient: Initialize written in cli_splice_fallback()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13511
Signed-off-by: Bailey Berro <baileyberro at chromium.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Mon Jul 9 21:29:48 CEST 2018 on sn-devel-144
- - - - -
3e5e7753 by David Disseldorp at 2018-07-09T19:30:58Z
Revert "s3/service: convert lp_force_user() to const"
This reverts commit c58194e3d296f4e14e7689bdf192c561635ae161.
As mentioned by Andrew, we shouldn't break environments where
"force user" has been configured to use substituted variables.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3796bb00 by David Disseldorp at 2018-07-09T22:12:19Z
Revert "s3/service: convert lp_force_group() to const"
This reverts commit c53646bccd87ef3b3133d3f7526ef85591909528.
As mentioned by Andrew, we shouldn't break environments where
"force group" has been configured to use substituted variables.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jul 10 00:12:19 CEST 2018 on sn-devel-144
- - - - -
47e57249 by Gary Lockyer at 2018-07-10T02:40:51Z
README.Coding disable include sorting in clang format
Update the clang format configuration to disable include sorting. This
is enabled by default and breaks samba code.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Tue Jul 10 04:40:51 CEST 2018 on sn-devel-144
- - - - -
03c7d1e9 by Tim Beale at 2018-07-10T02:42:10Z
netcmd: Add no-secrets option to domain backups
By default we include all the domain's secrets in the backup file. This
patch adds an extra option to exclude these secrets. In particular, this
is for the use case of creating a lab domain (where you might not feel
comfortable with the secrets for all your users being present).
Mostly this just involves passing the correct option to the join/clone.
I've also made sure that a password is also set for the Admin user
(samba does seem to start up without one set, but this behaviour is
closer to what happens during a provision).
The tests have been extended to use the new option, and to assert that
secrets are/aren't included as expected for some of the builtin testenv
users.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6a154fc5 by Tim Beale at 2018-07-10T02:42:10Z
netcmd: Add brief log file of what the backup actually contains
There are now several different permutations of backup file that can be
created (i.e. online, rename, with/without secrets). Hopefully the admin
users would organize their backup files sensibly, but it can't hurt to
keep track of what the backup-file actually contains in a simple
human-readable file within the backup tar. E.g. We really don't want
backups with secrets-included and secrets-excluded getting mixed up.
Recording the DC used to make the domain backup may be useful in the
event of a catastrophic failure of the domain, e.g. DC replication may
have been broken for some time prior to the failure.
Recording the samba-tool version string may also be useful if there are
ever any backwards-compatibility issues introduced to the backup files.
The intention is to say we only support restoring a backup with the same
version of samba-tool that actually created the backup, however, it'd be
polite to users to actually record that version somewhere.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7b70637e by Tim Beale at 2018-07-10T02:42:10Z
selftest: Add a 'LABDC' testenv to mimic a preproduction test-bed
One of the use-cases for the domain rename tool is to produce a lab
domain that can be used for pre-production testing of Samba.
Basically this involves taking a backup rename with --no-secrets (which
scrubs any sensitive info), and then restoring it.
This patch adds a testenv that mimics how a user would go about creating
a lab-domain. We run the same tests that we run against the restore and
rename testenvs.
Note that the rpc.echo tests for the testallowed and testdenied users
fail, because we don't backup the secrets for these users. So these
tests failing proves that the lab-DC testenv is correct.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c8f0b885 by Tim Beale at 2018-07-10T02:42:10Z
netcmd: Add sanity-check for invalid domain rename args
We are suggesting to users that it's safe to run a renamed domain in
parallel with the old backed-up domain. However, this would not be the
case if the user (foolishly) "renames" their domain using the exact same
NetBIOS name or DNS realm.
Using the same DNS realm fails later on (updating the dnsRoot values),
but using the same NetBIOS name actually succeeds. While we can't make
samba tools completely idiot-proof, we can protect users from the most
basic of (potentially unintended) errors with some simple sanity-checks.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b84c0a89 by Christof Schmitt at 2018-07-10T05:30:26Z
heimdal: Fix build with system provided heimdal library
Trying to compile with a system provided heimdal library
results in this compile error:
[ 876/3043] Compiling source4/auth/kerberos/srv_keytab.c
In file included from /usr/include/heimdal/krb5.h:949:0,
from ../lib/replace/system/kerberos.h:33,
from ../source4/auth/kerberos/srv_keytab.c:31:
/usr/include/heimdal/krb5-protos.h:3894:1: error: unknown type name ‘HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE’; did you mean ‘_WARN_UNUSED_RESULT_’?
HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_WARN_UNUSED_RESULT_
/usr/include/heimdal/krb5-protos.h:3895:1: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘krb5_generate_random’
krb5_generate_random (
The problem is that Samba provides a minimal krb5-types.h file
for the internal build that gets used during the build with
the system provided heimdal library. As the minimal file
does not provide all definitions, the build fails.
Fix this by having the krb-types.h file simply include the
include file from the system library, if the build is done
using the system provided heimdal library.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Jul 10 07:30:26 CEST 2018 on sn-devel-144
- - - - -
de5bde9f by Justin Stephenson at 2018-07-10T08:44:12Z
s3:client: Add --quiet option to smbclient
Add quiet command-line argument to allow suppressing the help log
message printed automatically after establishing a smbclient connection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13485
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Björn Baumbach <bb at sernet.de>
(cherry picked from commit 89a8b3ecd47b6d9a33e66f22d2786f0ae3b4cb72)
- - - - -
eaa3c9a2 by Justin Stephenson at 2018-07-10T08:44:12Z
s3:tests: Add test for smbclient --quiet
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13485
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Björn Baumbach <bb at sernet.de>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jun 26 20:29:19 CEST 2018 on sn-devel-144
(cherry picked from commit f90f434e041461fbea2e101066c79ec8caf35cce)
- - - - -
f4d7abd5 by Martin Schwenke at 2018-07-10T08:44:12Z
ctdb-client: Fix typo where CTDB_BROADCAST_ALL is repeated
Surely this is meant to be CTDB_BROADCAST_CONNECTED?
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 77db0b15b56f9921961bd753c210e6fdbaf97f6d)
- - - - -
1f25b710 by Martin Schwenke at 2018-07-10T08:44:12Z
ctdb-tests: Add check for non-lmaster node status in integration tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 4b008556d6b1f07fd5057af845526bf941497f18)
- - - - -
a2d35935 by Martin Schwenke at 2018-07-10T08:44:12Z
ctdb-tests: Add a simple test for database traverses
This tests that volatile databases traverse correctly, including the
case where a record was updated on a non-lmaster node.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit ec72fadecd5233234947633360fe46a3a4053c07)
- - - - -
7a701e28 by Martin Schwenke at 2018-07-10T08:44:12Z
ctdb-server: Rename CTDB_BROADCAST_VNNMAP -> CTDB_BROADCAST_ACTIVE
This broadcast is misnamed. Both places where this type of broadcast
is used expect the broadcast to go to all active nodes.
Make the corresponding change to the semantics in the daemon by
sending to all active nodes.
There is a mismatch between the ideas of VNN map and active nodes. A
node that is not in the VNN map but is active can still host database
records. These were the same until the LMASTER capability was
introduced and then the logic was not updated.
The only place where the VNN map is relevant is when finding the
location master of a record in the migration code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 36938bfdd075a174daecb466085702adfe6a6c09)
- - - - -
2819c0d9 by Martin Schwenke at 2018-07-10T08:44:12Z
ctdb-docs: Fix the documentation for VNN map
It is incorrectly says that nodes not in the VNN map can not be
DMASTER.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13499
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit af446d5209e37a38363911e5f339869b73d87963)
- - - - -
bf7ae2fb by Amitay Isaacs at 2018-07-10T08:44:12Z
replace: Add test for sin6_len in sockaddr_in6 structure
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 7eeba9c5a4541e581b062fb9ee26f13b7373c541)
- - - - -
9974975f by Amitay Isaacs at 2018-07-10T08:44:13Z
ctdb-common: Use sin6_len only if the structure supports it
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 79992dbb73ac9749ac987cb6a88964fa600b4c35)
- - - - -
ac5ca1d3 by Amitay Isaacs at 2018-07-10T08:44:13Z
ctdb: Fix build on AIX
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 40a8ab1ce0c1b291af7263da13c25c37cee69670)
- - - - -
a95e5286 by Amitay Isaacs at 2018-07-10T08:44:13Z
tdb: Fix build on AIX
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Here is the build error on AIX 7.1.
../../lib/tdb/tools/tdbtool.c:39:12: error: 'disable_lock' redeclared as different kind of symbol
static int disable_lock;
^~~~~~~~~~~~
In file included from /usr/include/sys/gfs.h:24:0,
from /usr/include/sys/vfs.h:27,
from ../../lib/replace/system/filesys.h:48,
from ../../lib/tdb/tools/tdbtool.c:26:
/usr/include/sys/lock_def.h:314:5: note: previous declaration of 'disable_lock' was here
int disable_lock(int,simple_lock_t);
^~~~~~~~~~~~
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit edffe4d16514fa0c87655e040842f6c20d89791c)
- - - - -
4561e668 by Amitay Isaacs at 2018-07-10T08:44:13Z
ctdb-common: Use correct return type for tevent_queue_add_entry
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit b977ded38a79e1eadd6965e8b7fd49f86322b4d6)
- - - - -
89de78ee by Amitay Isaacs at 2018-07-10T08:44:13Z
wafsamba: Add strict option to CHECK_CODE
Some compilers (e.g. xlc) ignores unsupported features, generates a
warning, but does not fail compilation.
This ensures that any compiler warnings are treated as errors and the
feature support is correctly identified. This adds equivalent compiler
option to -Werror for xlc.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit c08d65c3eea997d52e311f027d84bdc3f9c93059)
- - - - -
7a0807d6 by Amitay Isaacs at 2018-07-10T08:44:13Z
wafsamba: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit a9775c2429554e029164ad9b98dc8c8c749c50fe)
- - - - -
a4ada0b6 by Amitay Isaacs at 2018-07-10T08:44:13Z
socket_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 77cdfe3ecc06a9aef9ea4201a1a76a9a7b47a73f)
- - - - -
d3b773d7 by Amitay Isaacs at 2018-07-10T08:44:13Z
nss_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 9a670bde563b269587c051c655a7b3778c008c87)
- - - - -
81a05ba6 by Amitay Isaacs at 2018-07-10T08:44:13Z
pam_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 65b0746694a0cbd8f40c5e89dc9a680044f7a1a9)
- - - - -
e021b437 by Amitay Isaacs at 2018-07-10T08:44:13Z
resolv_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit c220e310b40c67b73248141b3af544bad19fd39d)
- - - - -
8af4bac8 by Amitay Isaacs at 2018-07-10T08:44:13Z
uid_wrapper: Be strict when checking __attribute__ features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13493
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Thu Jul 5 03:01:33 CEST 2018 on sn-devel-144
(cherry picked from commit 734ea271ab01e74d0694f3fbc9acdf980d866b30)
- - - - -
35128a93 by Martin Schwenke at 2018-07-10T08:44:13Z
ctdb-tests: Switch fake_ctdbd to use ctdb_get_peer_pid()
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 05a908d71c4b7484ba0243fa51bc05c79c8fb357)
- - - - -
7f46b392 by Martin Schwenke at 2018-07-10T08:44:13Z
ctdb-daemon: Only consider client ID for local database attach
The comment immediately above this code says "don't allow local
clients to attach" and then looks up the client ID regardless of
whether the request is local or remote.
This means that an intentional remote attach from a client will not
work correctly. No real client should ever do that since clients
attach so they an access databases locally. Perhaps some sanity
checks should be added.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13500
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 63255ef92552da92956c05160f33622d0bbc3a28)
- - - - -
0e3f149a by Amitay Isaacs at 2018-07-10T08:44:13Z
socket_wrapper: Add missing dependency on tirpc
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue May 22 13:57:07 CEST 2018 on sn-devel-144
(cherry picked from commit 7049b2153b08152f03a0fcbb1817b430fe0a8451)
- - - - -
6600f4b1 by Amitay Isaacs at 2018-07-10T08:44:13Z
ctdb-pmda: Use modified API in pcp library 4.0
Support backward compatibility by checking for __pmID_int type, which
was previously in <pcp/impl.h>. In the new version, this type is not
defined anymore and there is no need to include <pcp/impl.h>.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Mar 2 00:38:52 CET 2018 on sn-devel-144
(cherry picked from commit 426e4a5a20cff73a80d80b46f15826deac3f934f)
- - - - -
a19d52e6 by Amitay Isaacs at 2018-07-10T08:44:13Z
ctdb-tests: Avoid segfault by initializing logging
Setting DEBUGLEVEL before calling debug_init() causes segmentation
violation with gcc8. DEBUGLEVEL_CLASS is statically initialized to
debug_class_list_initial which is defined as const. Only after
debug_init() is called, DEBUGLEVEL_CLASS becomes a talloc'd array.
So before modifying DEBUGLEVEL, ensure debug_init() is called via
setup_logging(). (debug_init is a static function.)
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit af697008531bd74546656841dd3a1ed92522fc57)
- - - - -
b12f6c6f by Gary Lockyer at 2018-07-10T10:53:54Z
WHATSNEW add entries audit logging and lmdb.
Add WHATSNEW entries for dsdb, password and group change audit logging,
as well as the ldb lmdb backend
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Jul 10 12:53:54 CEST 2018 on sn-devel-144
- - - - -
b5d333c2 by Amitay Isaacs at 2018-07-10T13:09:24Z
ctdb-tests: Avoid segfault by initializing logging
This is in addition to af697008531.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Thu Jul 5 15:22:16 CEST 2018 on sn-devel-144
(cherry picked from commit a30ac853ff9bca023c53ad98775eabb23156c566)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Tue Jul 10 15:09:25 CEST 2018 on sn-devel-144
- - - - -
93f61639 by Ralph Boehme at 2018-07-10T18:31:13Z
ctdb: close the correct pipe fd in a test
This was discovered in an autobuild with a patched tevent that used the
"poll" backend by default. Test failure:
$ bin/sock_daemon_test /dev/shm/sock_daemon_test.pid /dev/shm/sock_daemon_test.sock 5
test5[28011]: daemon started, pid=28011
test5[28011]: listening on /dev/shm/sock_daemon_test.sock
sock_daemon_test: ../ctdb/tests/src/sock_daemon_test.c:980: test5: Assertion `ret == i+1' failed.
Abgebrochen (Speicherabzug geschrieben)
metze at SERNOX14:~/devel/samba/4.0/master4-test$ test5[28011]: PID 28010 gone away, exiting
test5[28011]: Shutting down
sock_daemon_test: ../ctdb/tests/src/sock_daemon_test.c:964: test5:
Assertion `ret == EINTR' failed.
After an epic debugging session we spotted the problem.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
d08efa7f by Stefan Metzmacher at 2018-07-10T18:31:13Z
python/tests: make the test_assoc_group_fail2() test more resilient against timing
On a busy system [e]poll() on the server will mark both the
old connection fd and also the listening fd as readable.
epoll() returns the events in order, so the server processes the
disconnect first.
With poll() we don't have an order of the events and the
server is likely to process the connect before the disconnect.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0503bbab by Stefan Metzmacher at 2018-07-10T18:31:13Z
s4:messaging: add local.messaging.multi_ctx.multi_ctx test
This tests the usage of multiple imessaging_contexts in one process
and also freeing two of them during a message handler.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13514
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1a9d6ce5 by Stefan Metzmacher at 2018-07-10T18:31:13Z
s3:messages: make the loop in msg_dgm_ref_recv() more robust against stale pointers
The interaction between msg_dgm_ref_recv() and msg_dgm_ref_destructor()
doesn't allow two references from messaging_dgm_ref() to be free'd
during the loop in msg_dgm_ref_recv().
In addition to the global 'refs' list, we also need to
have a global 'next_ref' pointer, which can be adjusted in
msg_dgm_ref_destructor().
As AD DC we hit this when using irpc in auth_winbind,
which uses imessaging_client_init().
In addition to the main messaging_dgm_ref() in smbd,
source3/auth/auth_samba4.c: prepare_gensec() and
make_auth4_context_s4() also generate a temporary
imessaging_context for auth_context->msg_ctx from within
auth_generic_prepare().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13514
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
621349d5 by Ralph Boehme at 2018-07-10T21:17:20Z
s3/rpc_server: Character Encode Spotlight Queries
Fix path escaping in Spotlight so paths with spaces or special
characters can be properly matched to tracker paths.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12688
Based-on-a-patch-from: Mike M Pestorich <mmpestorich at gmail.com>
(similar to github.com/netatalk/netatalk/commit/90aa43d)
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jul 10 23:17:20 CEST 2018 on sn-devel-144
- - - - -
36b4b565 by Pooja Mahadik at 2018-07-11T00:22:18Z
pass 'rdonly' or 'directory' flag to open a directory file.
Signed-off-by: Pooja Mahadik <pooja.mahadik at veritas.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Jul 11 02:22:18 CEST 2018 on sn-devel-144
- - - - -
0940f856 by Tim Beale at 2018-07-11T00:23:40Z
WHATSNEW: Added entries for PSOs, domain backup/restore, and rename
Added WHATSNEW blurbs for the following features:
- Password Settings Objects
- Domain backup and restore
- Domain rename tool
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
5c58ccba by Christof Schmitt at 2018-07-11T03:18:59Z
wscript: Add --with-system-heimdalkrb5
Add the configure option --with-system-heimdalkrb5 to build Samba
explicitly with a system Heimdal kerberos library. This does the same as
the more complicated syntax
--bundled-libraries='!heimdal,!asn1,!com_err,!roken,!hx509,!wind,!gssapi,!hcrypto,!krb5,!heimbase,!asn1_compile,!compile_et,!kdc,!hdb,!heimntlm'
and it also enforces the conflicts with MIT Kerbros and the AD DC
build.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jul 11 05:18:59 CEST 2018 on sn-devel-144
- - - - -
3d0ed62f by Timur I. Bakeyev at 2018-07-11T06:44:10Z
vfs_audit: Extend list of recognized syslog(3) facilities and wrap them into #ifdef's. That list should be comprehensive enough to cover most of the existing OSes.
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Wed Jul 11 08:44:10 CEST 2018 on sn-devel-144
- - - - -
99ea80d2 by Douglas Bagnall at 2018-07-11T06:45:39Z
WHATSNEW: samba-tool drs showrepl and visualize changes
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
998c4afd by Douglas Bagnall at 2018-07-11T06:45:39Z
doc: samba-tool visualize uptodateness
and --xdot option.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c20278b6 by Douglas Bagnall at 2018-07-11T06:45:39Z
doc: samba-tool drs showrepl --json and --summary
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
094c239f by Andrew Bartlett at 2018-07-11T09:47:09Z
WHATSNEW: Add more text about work done by Catalyst developers
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jul 11 11:47:09 CEST 2018 on sn-devel-144
- - - - -
1061f48d by Martin Schwenke at 2018-07-11T09:48:37Z
ctdb-tests: Replace hardcoded IP address in test results
Parameterise them with a variable instead.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b20c9173 by Martin Schwenke at 2018-07-11T09:48:37Z
ctdb-tests: Setup public addresses in 60.nfs unit tests
Even the monitor event runs update_tickles(), which needs public IP
addresses and FAKE_CTDB_NUMNODES to be initialised. Currently this
works by default but soon we'll need FAKE_CTDB_NUMNODES in another
context.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d0739b2e by Martin Schwenke at 2018-07-11T09:48:37Z
ctdb-daemon: Change default for tunable NoIPHostOnAllDisabled to 1
Defaulting to host public IP addresses when all nodes are unhealthy
does not obey the principle of least surprise. It has caused much
confusion over the years. It often leads to problems when all nodes
are unhealthy due to something like a cluster filesystem being
unmounted.
Change the default value for this tunable as the first step of
completely removing this behaviour.
Remove tests that set NoIPHostOnAllDisabled=1 and update the expected
result for other tests where no nodes are healthy.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
070469be by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-daemon: Mark NoIPHostOnAllDisabled tunable as obsolete
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
fda05910 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-daemon: Drop plumbing for obsolete tunable NoIPHostOnAllDisabled
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
709ef6b7 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-daemon: Stop inactive/disabled nodes from reporting available IPs
This can be done now that NoIPHostOnAllDisabled is gone and will allow
the public IP address failover logic to be simplified.
In the test code, still filter available IP addresses by node state.
This code can't currently read information about available IP
addresses but that will change in future
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7c4848a4 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-daemon: Drop the noiphost "node flags" bitmap
This is no longer needed because inactive/disabled nodes no longer
report any available public IP addresses.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
be1c3400 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-build: Add CTDB_DATADIR
Signed-off-by: Martin Schwenke <martin at meltin.net>
Pair-programmed-with: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3bebc5d8 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-common: Add path support for datadir
Signed-off-by: Martin Schwenke <martin at meltin.net>
Pair-programmed-with: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6742bf6c by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-event: Update event tool to handle symbolic links
Supports the case when scripts are installed in the data directory and
are linked to when enabled.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Pair-programmed-with: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
2546c439 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-event: Allow tool to enable/disable scripts without daemon
Only open the client socket when it is needed. Note that this only
works for enabling/disabling event scripts via symlinks.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
15c6552a by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-tools: All ctdb event commands to run without ctdbd
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
19071ac8 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-tests: New install path CTDB_SCRIPT_DATA_DIR
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f029e2a7 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-tests: Drop an unused case
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a3610d1c by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-tests: Clean up define_test() for event scripts
Factor out a little bit of common code. More coming.
Most of this is whitespace changes.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
06be1c85 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-build: Install event scripts in CTDB_DATADIR
Signed-off-by: Martin Schwenke <martin at meltin.net>
Pair-programmed-with: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0937ce04 by Martin Schwenke at 2018-07-11T09:48:38Z
ctdb-build: Enable some standard event scripts if none are enabled
CTDB needs the legacy/00.ctdb event script to be able to function
properly. If this script is not enabled then assume a first-time
install or an upgrade to a version that requires events scripts to be
enabled via symlinks. In these cases enable this script and other
commonly used scripts.
Only do this for a direct install. If DESTDIR is being used then
assume a package is being built and let the packager handle this case.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8fe6a027 by Martin Schwenke at 2018-07-11T09:48:39Z
ctdb-packaging: Enable some standard event scripts if none are enabled
CTDB needs the legacy/00.ctdb event script to be able to function
properly. If this script is not enabled then assume a first-time
install or an upgrade to a version that requires events scripts to be
enabled via symlinks. In these cases enable this script and other
commonly used scripts.
Remove links during uninstall (but not during upgrade).
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a757e076 by Martin Schwenke at 2018-07-11T09:48:39Z
ctdb-tests: Ensure some event scripts are enabled for cluster tests
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
c08c95c9 by Martin Schwenke at 2018-07-11T09:48:39Z
ctdb-tests: Drop event script tests where CTDB_MANAGED_<service>=no
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e081cafc by Martin Schwenke at 2018-07-11T09:48:39Z
ctdb-scripts: Drop event script CTDB_MANAGED_<service> variables
Enable required event scripts to manage services.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
451c6b66 by Martin Schwenke at 2018-07-11T09:48:39Z
ctdb-tests: Drop residual CTDB_MANAGED_<service> variables
These no longer do anything.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4628afa3 by Martin Schwenke at 2018-07-11T12:47:21Z
ctdb-scripts: Provide a gstack function if gstack is not available
gstack isn't widely available, so provide a simple function that does
the same thing if it gstack can't be found.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Wed Jul 11 14:47:21 CEST 2018 on sn-devel-144
- - - - -
8fe2fdc7 by Christof Schmitt at 2018-07-11T20:39:36Z
winbindd: Remove ads.h include from nss_info
nss_info does not use libads. Removing this include
fixes a compile error when trying to compile with a
system provided heimdal library:
[2188/3043] Compiling source3/winbindd/nss_info.c
In file included from ../source3/libads/kerberos_proto.h:33:0,
from ../source3/include/ads.h:154,
from ../source3/winbindd/nss_info.c:24:
../lib/replace/system/kerberos.h:33:10: fatal error: krb5.h: No such file or directory
#include <krb5.h>
^~~~~~~~
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Wed Jul 11 22:39:36 CEST 2018 on sn-devel-144
- - - - -
2cbed651 by Stefan Metzmacher at 2018-07-11T21:04:17Z
tevent: make use of tevent_common_wakeup() in the poll and poll_mt backends
This simplifies the "poll_mt" logic a lot.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f69bca61 by Stefan Metzmacher at 2018-07-11T21:04:17Z
tevent: rewrite/simplify tevent_poll and maintain ev->fd_events correctly
The following patches will rely on having all valid fd events in
ev->fd_events, even if they are temporary disabled with
tevent_set_fd_flags(fde, 0);
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
cd517516 by Ralph Boehme at 2018-07-11T21:04:17Z
tevent.h: improve tevent_req documentation
Document tevent_req naming conventions.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
1eccb2dd by Stefan Metzmacher at 2018-07-11T21:04:18Z
tevent/testsuite: return after torture_fail()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f8578e01 by Stefan Metzmacher at 2018-07-11T21:04:18Z
tevent: allow tevent_abort() to cope with ev == NULL
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
add485e4 by Stefan Metzmacher at 2018-07-11T21:04:18Z
tevent: make tevent_abort() available for backends
We'll undo the 0.9.36 ABI change on the 0.9.37 release
at the end of this patchset.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
049a06e6 by Stefan Metzmacher at 2018-07-11T21:04:18Z
tevent: use struct initializers for tevent_fd
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b983aca8 by Stefan Metzmacher at 2018-07-11T21:04:19Z
tevent: use struct initializers for tevent_timer
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
1c9a7a77 by Stefan Metzmacher at 2018-07-11T21:04:19Z
tevent: use struct initializers for tevent_signal
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
788187c0 by Stefan Metzmacher at 2018-07-11T21:04:19Z
tevent: use struct initializers for tevent_immediate
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0b91f6f0 by Stefan Metzmacher at 2018-07-11T21:04:19Z
tevent: use _tevent_schedule_immediate() to move events from a thread to the main_ev
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
157df4da by Stefan Metzmacher at 2018-07-11T21:04:19Z
tevent: add tevent_threaded_schedule_immediate_destructor that just aborts
This will be active while the event is part of the ev->scheduled_immediates
list.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
58fa08c8 by Stefan Metzmacher at 2018-07-11T21:04:19Z
tevent: add tevent_common_check_double_free() helper function
This will be used to generically support TALLOC_FREE() on
event which are currently running.
It aborts on every explicit talloc_free(), but ignores implicit
cleanup when the talloc parent is about to go.
We'll undo the 0.9.36 ABI change on the 0.9.37 release
at the end of this patchset.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8a947939 by Stefan Metzmacher at 2018-07-11T21:04:20Z
tevent: simplify tevent_cleanup_pending_signal_handlers()
Calling tevent_signal_destructor() does the same as se->event_ctx is already
NULL.
This also makes sure we correctly cleanup the SA_SIGINFO array.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
601fd81e by Stefan Metzmacher at 2018-07-11T21:04:20Z
tevent: use talloc_zero() in tevent_signal.c
This might not be strictly required, but it might
avoid problems in future...
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d1b347c4 by Stefan Metzmacher at 2018-07-11T21:04:20Z
tevent: simplify tevent_signal_destructor()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ddab2198 by Stefan Metzmacher at 2018-07-11T21:04:20Z
tevent: split out tevent_common_invoke_signal_handler()
As side effect this avoids tricks with tevent_se_exists_destructor() to
figure out if the event handler removed itself.
We'll undo the 0.9.36 ABI change on the 0.9.37 release
at the end of this patchset.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a85ee852 by Stefan Metzmacher at 2018-07-11T21:04:20Z
tevent: split out tevent_common_invoke_timer_handler()
As side effect this avoids tricks with an extra
tevent_common_timed_deny_destructor().
We'll undo the 0.9.36 ABI change on the 0.9.37 release
at the end of this patchset.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
6740718e by Stefan Metzmacher at 2018-07-11T21:04:20Z
tevent: split out tevent_common_invoke_immediate_handler()
We'll undo the 0.9.36 ABI change on the 0.9.37 release
at the end of this patchset.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
072e3b28 by Stefan Metzmacher at 2018-07-11T21:04:21Z
tevent: split out tevent_common_invoke_fd_handler()
We'll undo the 0.9.36 ABI change on the 0.9.37 release
at the end of this patchset.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e239cbc1 by Stefan Metzmacher at 2018-07-11T21:04:21Z
tevent: make use of #include "system/threads.h"
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ac9569b1 by Stefan Metzmacher at 2018-07-11T21:04:21Z
tevent: add tevent_context_wrapper_create() infrastructure
This allows to specify wrapper tevent_contexts, which adds the ability
to run functions before and after the event handler functions.
This can be used to implement impersonation hooks
or advanced debugging/profiling hooks.
We'll undo the 0.9.36 ABI change on the 0.9.37 release
at the end of this patchset.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4991c935 by Ralph Boehme at 2018-07-11T21:04:21Z
tevent: add a simple wrapper test
This checks that for all supported event types the before and after
handlers are called.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
6189446a by Ralph Boehme at 2018-07-11T21:04:22Z
tevent: add a test that frees wrapper_ev with pending events
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
3dae5061 by Volker Lendecke at 2018-07-11T21:04:22Z
tevent: Add tevent_req_profile
This allows detailed reporting where a tevent_req spends its time
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
f4fe3f77 by Stefan Metzmacher at 2018-07-11T21:04:22Z
tevent: version 0.9.37
* simplify "poll" and "poll_mt" backends
* make tevent_abort() reachable for backends
* add tevent_common_invoke_*_handler() functions
* add tevent_context_same_loop() function
* add tevent_context_wrapper_create() infrastructure
* add tevent_req_profile infrastructure
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9847848c by Volker Lendecke at 2018-07-11T21:04:22Z
lib: Multi-line a long line in wscript_build
Why? I'll add another file in a later commit
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
1e206553 by Volker Lendecke at 2018-07-11T21:04:22Z
lib: Add tevent_req_profile helpers
Print and marshall/unmarshall tevent_req_profile structs
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
86a548c6 by Volker Lendecke at 2018-07-11T21:04:23Z
torture: Test tevent_req_profile
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
5af9ecf6 by Volker Lendecke at 2018-07-11T21:04:23Z
winbindd: Convert process_request() to tevent_req
Having a central tevent_req per winbind child request is prerequisite
for request profiling
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
bb683535 by Volker Lendecke at 2018-07-11T21:04:23Z
winbindd: Do request profiling
By default we log a request that takes more than 60 seconds. This can be
changed by setting
winbind:request profile threshold = <seconds>
Another parameter controls the depth of the request hierarchy printed:
winbind:request profile depth = <n>
The default request logged to syslog via DEBUG(0) looks like the
following for a wbinfo -P:
[struct process_request_state] ../source3/winbindd/winbindd.c:683 [2018/06/19 13:33:14.190365] ../source3/winbindd/winbindd.c:853 [2018/06/19 13:33:14.192737] [0.002372] -> TEVENT_REQ_DONE (2 0))
[struct winbindd_ping_dc_state] ../source3/winbindd/winbindd_ping_dc.c:41 [2018/06/19 13:33:14.190369] ../source3/winbindd/winbindd_ping_dc.c:112 [2018/06/19 13:33:14.192681] [0.002312] -> TEVENT_REQ_DONE (2 0))
[struct dcerpc_wbint_PingDc_state] default/librpc/gen_ndr/ndr_winbind_c.c:4335 [2018/06/19 13:33:14.190383] default/librpc/gen_ndr/ndr_winbind_c.c:4396 [2018/06/19 13:33:14.192680] [0.002297] -> TEVENT_REQ_DONE (2 0))
[struct dcerpc_wbint_PingDc_r_state] default/librpc/gen_ndr/ndr_winbind_c.c:4251 [2018/06/19 13:33:14.190385] default/librpc/gen_ndr/ndr_winbind_c.c:4285 [2018/06/19 13:33:14.192678] [0.002293] -> TEVENT_REQ_DONE (2 0))
[struct dcerpc_binding_handle_call_state] ../librpc/rpc/binding_handle.c:371 [2018/06/19 13:33:14.190387] ../librpc/rpc/binding_handle.c:520 [2018/06/19 13:33:14.192675] [0.002288] -> TEVENT_REQ_DONE (2 0))
[struct dcerpc_binding_handle_raw_call_state] ../librpc/rpc/binding_handle.c:149 [2018/06/19 13:33:14.190400] ../librpc/rpc/binding_handle.c:203 [2018/06/19 13:33:14.192646] [0.002246] -> TEVENT_REQ_DONE (2 0))
[struct wbint_bh_raw_call_state] ../source3/winbindd/winbindd_dual_ndr.c:89 [2018/06/19 13:33:14.190402] ../source3/winbindd/winbindd_dual_ndr.c:204 [2018/06/19 13:33:14.192644] [0.002242] -> TEVENT_REQ_DONE (2 0))
[struct wb_domain_request_state] ../source3/winbindd/winbindd_dual.c:473 [2018/06/19 13:33:14.190404] ../source3/winbindd/winbindd_dual.c:708 [2018/06/19 13:33:14.192640] [0.002236] -> TEVENT_REQ_DONE (2 0))
[struct wb_child_request_state] ../source3/winbindd/winbindd_dual.c:198 [2018/06/19 13:33:14.190411] ../source3/winbindd/winbindd_dual.c:273 [2018/06/19 13:33:14.192638] [0.002227] -> TEVENT_REQ_DONE (2 0))
[struct tevent_queue_wait_state] ../lib/tevent/tevent_queue.c:336 [2018/06/19 13:33:14.190412] ../lib/tevent/tevent_queue.c:355 [2018/06/19 13:33:14.190415] [0.000003] -> TEVENT_REQ_DONE (2 0))
[struct wb_simple_trans_state] ../nsswitch/wb_reqtrans.c:375 [2018/06/19 13:33:14.190424] ../nsswitch/wb_reqtrans.c:432 [2018/06/19 13:33:14.192630] [0.002206] -> TEVENT_REQ_DONE (2 0))
[struct req_write_state] ../nsswitch/wb_reqtrans.c:158 [2018/06/19 13:33:14.190425] ../nsswitch/wb_reqtrans.c:194 [2018/06/19 13:33:14.190472] [0.000047] -> TEVENT_REQ_DONE (2 0))
[struct writev_state] ../lib/async_req/async_sock.c:263 [2018/06/19 13:33:14.190432] ../lib/async_req/async_sock.c:412 [2018/06/19 13:33:14.190470] [0.000038] -> TEVENT_REQ_DONE (2 0))
[struct resp_read_state] ../nsswitch/wb_reqtrans.c:222 [2018/06/19 13:33:14.190475] ../nsswitch/wb_reqtrans.c:275 [2018/06/19 13:33:14.192629] [0.002154] -> TEVENT_REQ_DONE (2 0))
[struct read_packet_state] ../lib/async_req/async_sock.c:458 [2018/06/19 13:33:14.190476] ../lib/async_req/async_sock.c:546 [2018/06/19 13:33:14.192626] [0.002150] -> TEVENT_REQ_DONE (2 0))
[struct resp_write_state] ../nsswitch/wb_reqtrans.c:307 [2018/06/19 13:33:14.192693] ../nsswitch/wb_reqtrans.c:344 [2018/06/19 13:33:14.192734] [0.000041] -> TEVENT_REQ_DONE (2 0))
[struct writev_state] ../lib/async_req/async_sock.c:263 [2018/06/19 13:33:14.192694] ../lib/async_req/async_sock.c:412 [2018/06/19 13:33:14.192732] [0.000038] -> TEVENT_REQ_DONE (2 0))
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7f2afc20 by Stefan Metzmacher at 2018-07-11T21:04:23Z
s3:messages: protect against usage of wrapper tevent_context objects for messaging
This makes a lot of assumtion easier to understand and the introduction
of wrapper tevent contexts will not change the existing behaviour.
We'll relax this a bit in the next commits.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
660cf866 by Stefan Metzmacher at 2018-07-11T21:04:23Z
s3:messages: allow messaging_{dgm,ctdb}_register_tevent_context() to use wrapper tevent_context
This is only allowed if the raw tevent context is already registered.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9dc33206 by Stefan Metzmacher at 2018-07-11T21:04:24Z
s3:messages: allow messaging_dgm_ref() to use wrapper tevent_context
This is only allowed if the raw tevent context is already registered.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
2b05f109 by Stefan Metzmacher at 2018-07-11T21:04:24Z
s3:messages: allow messaging_filtered_read_send() to use wrapper tevent_context
As it gets 'messaging_context' as argument, we're sure a messaging context
with a raw tevent context already exist.
It means we can allow a wrapper tevent context that wrapps the main tevent
context of the messaging context.
The use of tevent_req_defer_callback() makes sure that the callers
callback function calls messaging_filtered_read_recv() from the
correct "wrapped" environment.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a08ab294 by Stefan Metzmacher at 2018-07-11T21:04:24Z
s4:messaging: allow imessaging_post_handler() to free the messaging context from a handler
In usecases like using messaging_client_init() with irpc processing we may
free the imessaging_context during the messaging handler.
imessaging_post_handler() is not yet really used, but it will change in
the next commits. imessaging_post_state is a child of imessaging_context
and might be implicitly free'ed before the explicit TALLOC_FREE(state).
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e186d6a0 by Stefan Metzmacher at 2018-07-12T00:23:37Z
s4:messaging: make sure only imessaging_client_init() can be used with a wrapper tevent_context wrapper
imessaging_client_init() can be used with a wrapper tevent_context,
but only if a global messaging_dgm_ref() already exist.
All other uses of imessaging_init() and imessaging_client_init()
require a raw tevent_context.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Jul 12 02:23:37 CEST 2018 on sn-devel-144
- - - - -
d871e0c8 by Gary Lockyer at 2018-07-12T02:31:51Z
smb.conf: add dns_zone_scavenging
Add parameter dns_zone_scavenging to control dns zone scavenging.
Scavenging is disabled by default, as due to
https://bugzilla.samba.org/show_bug.cgi?id=12451 the ageing properties of
existing DNS entries are incorrect.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
c1552c70 by Aaron Haslett at 2018-07-12T02:31:52Z
dns: record aging tests
First basic DNS record aging tests. These check that we can
turn aging on and off, and that timestamps are written on DNS
add and update calls, but not RPC calls.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
19910bea by Aaron Haslett at 2018-07-12T02:31:52Z
rpc dns: setting timestamp to 0 on RPC processed records
All records created by RPC DNS server calls should have timestamp set to 0
according to [MS-DNSP]
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12451
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett<aaronhaslett at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b841da04 by Gary Lockyer at 2018-07-12T02:31:52Z
dns: Reformat DNS with clang-format
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b22ce976 by Aaron Haslett at 2018-07-12T02:31:53Z
rpc dns: reading zone properties from LDB
Reading zone properties from LDB on server connection initialisation, instead
of them being volatile fields.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d6e111ff by Aaron Haslett at 2018-07-12T02:31:53Z
rpc dns: reset dword aging related zone properties
This allows a user to set zone properties relevant to DNS record aging over RPC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
350029bd by Aaron Haslett at 2018-07-12T02:31:54Z
dns: moving name_equal func into common
This function is duplicated in the BIND9 and RPC DNS servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
418cd93f by Aaron Haslett at 2018-07-12T02:31:54Z
dns: server side implementation of record aging
Code for retrieving aging properties from a zone and using them for timestamp
setting logic during processing of DNS requests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
00002b8d by Aaron Haslett at 2018-07-12T02:31:54Z
dns: custom match rule for DNS records to be tombstoned
A custom match rule for records to be tombstoned by the scavenging process.
Needed because DNS records are a multi-valued attribute on name records, so
without a custom match rule we'd have entire zones into memory to search for
expired records.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6bd2f82b by Aaron Haslett at 2018-07-12T02:31:55Z
dns: Use ldb.SCOPE_SUBTREE in ldap_get_records() routine in tests/dns.py
DNS records have the odd property that the DN can be reliably determined by the
name only, so we do not need a subtree search.
However by using a subtree search under the zone we can without
trapping exceptions confirm if the record exists or not in the tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
50d961c1 by Aaron Haslett at 2018-07-12T02:31:55Z
dns: dns record scavenging function (without task)
DNS record scavenging function with testing. The logic of the custom match rule
in previous commit is inverted so that calculations using zone properties can
be taken out of the function's inner loop. Periodic task to come.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
86b61551 by Aaron Haslett at 2018-07-12T02:31:55Z
dns+kcc: adding dns scavenging to kcc periodic run
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Pair-Programmed-With: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8ef42d4d by Aaron Haslett at 2018-07-12T02:31:55Z
dns: update tool changed for scavenging
Now that scavenging is implemented, the DNS update tool needs to be changed so
that it always updates every name required by the DC. Otherwise, the records
might be scavenged.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f0210f5d by Aaron Haslett at 2018-07-12T02:31:56Z
dns: static records
Modifies bind9 and internal dns to match windows static records behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bc2e645a by Gary Lockyer at 2018-07-12T02:31:56Z
tests dns: fix rpc null byte test
Fix update_add_null_char_rpc_to_dns so that the test matches the name.
It was not passing the embedded null to the rpc call.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ae9dee4c by Gary Lockyer at 2018-07-12T02:31:57Z
tests dns: dns.py remove flake8 warnings
Remove flake8 warnings from the code, this highlighted the issue with
test_update_add_null_char_rpc_to_dns fixed in the preceding commit.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
aaffc4d1 by Gary Lockyer at 2018-07-12T02:31:57Z
tests dns: dns_base.py remove flake8 warnings
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
59657418 by Bob Campbell at 2018-07-12T02:31:58Z
python/tests: check setting values on dnsRecord attributes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12451
Signed-off-by: Bob Campbell <bobcampbell at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
356f3953 by Andrew Bartlett at 2018-07-12T02:31:58Z
WHATSNEW: Add entry for "Dynamic DNS record scavenging support"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
760e36dd by Joe Guo at 2018-07-12T02:31:59Z
pysmbd: add session_info arg to get_conn_tos
Add session_info arg, so caller can pass it in to reuse authentication info
later. This will improve performance a lot while doing ntacl operations
on large amount of files, e.g.: sysvolreset.
Modification for upstream caller will come in following patches.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
aec40e3a by Joe Guo at 2018-07-12T02:31:59Z
pysmbd: add session_info arg to py_smbd_set_nt_acl
Add session_info arg as optional and pass it down to get_conn_tos.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
a9c6ec66 by Joe Guo at 2018-07-12T02:31:59Z
smbd/msdfs: add null check for session_info.unix_info
When a session_info passed down to here, the unix_info could be NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
c9876def by Joe Guo at 2018-07-12T02:31:59Z
smbd/posix_acls: reuse secutiry token from session info if exist
If session info was passed down from upstream, then try to use it to get
security token, other then creating token every time.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
e2e6dd9d by Joe Guo at 2018-07-12T02:32:00Z
ntacls: reuse predefined SECURITY_SECINFO_FLAGS
Use predefined SECURITY_SECINFO_FLAGS to replace bitwise or operations
on flag list.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
8dc8b8d7 by Joe Guo at 2018-07-12T02:32:00Z
ntacls: add session_info arg to setntacl and pass down to set_nt_acl api
Then underneath code can reuse the authentication info in session to
improve performance.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
5dd25a65 by Joe Guo at 2018-07-12T02:32:00Z
provision/setsysvolacl: build session_info and pass down to setntacl
Get the admin session info, and pass it down to setntacl.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
8fb82152 by Joe Guo at 2018-07-12T02:32:01Z
provision/setsysvolacl: create helper function to simplify code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
cd9f6c5f by Joe Guo at 2018-07-12T02:32:01Z
tests/posixacl: rm commented code
The example is already in code, no need to keep it here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
197b4b85 by Joe Guo at 2018-07-12T02:32:02Z
tests/posixacl: define global DOM_SID to make code DRY
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d68c294a by Joe Guo at 2018-07-12T02:32:02Z
tests/posixacl: define global ACL to make code DRY
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
11e2c32b by Joe Guo at 2018-07-12T02:32:02Z
tests/posixacl: remove unused imports
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
002987ab by Joe Guo at 2018-07-12T02:32:03Z
tests/posixacl: use assertRaises to simplify code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
6875f435 by Joe Guo at 2018-07-12T02:32:03Z
tests/posixacl: rm duplicated test
There are 2 copy of `test_setposixacl_getposixacl`, this patch removed
the first copy, which was overwritten by the second one.
They are 99% the same except in the last line a_perm is 6 vs 7, and 7 is
the correct number.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
1c09fc2d by Joe Guo at 2018-07-12T02:32:03Z
tests/posixacl: move setUp and tearDown to top
Make it clear to find out what we have in test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
a8a9bb55 by Joe Guo at 2018-07-12T02:32:04Z
tests/posixacl: derive a new testcase to run same tests with session
1. existing tests still run with session_info=None
2. new class override `get_session_info` to return a session, so same
set of tests will run again, but with session.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
9502b72a by Timur I. Bakeyev at 2018-07-12T02:32:04Z
WHATSNEW: Add note about defaults changes for the vfs_full_audit and acceptance of all syslog facilities for all audit modules.
Signed-off-by: Timur I. Bakeyev <timur at iXsystems.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f87cde1e by Andrew Bartlett at 2018-07-12T02:32:04Z
docs: Explain that "max xmit" is SMB1 only
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c02023fb by Andrew Bartlett at 2018-07-12T02:32:05Z
WHATSNEW: Fix spelling
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
77ffadd3 by Andrew Bartlett at 2018-07-12T02:32:05Z
selftest: Add tests for samba.auth.admin_session()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Pair-programmed-with: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
eb6cb6e6 by Andrew Bartlett at 2018-07-12T02:32:06Z
python: Add samba.auth.session_info_fill_unix()
This fills in the unix portions of the token needed by smbd and the pysmbd bindings
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Pair-programmed-with: Joe Guo <joeg at catalyst.net.nz>
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7422df43 by Andrew Bartlett at 2018-07-12T02:32:06Z
tests/posixacl: Test with and without filling in the unix_token
Sadly the unix token cannot be created without a running winbindd,
which is not available during provision and a domain restore.
(Internally in smbd a backup API via passdb is used, but this
is not connected to this function at this time)
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
932dc282 by Andrew Bartlett at 2018-07-12T02:32:06Z
WHATSNEW: document sysvolreset improvement
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13521
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5a3690a4 by Andrew Bartlett at 2018-07-12T02:32:07Z
WHATSNEW: Explain that Jansson is requied for AD DC, mention --without-json-audit
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d55b1dc1 by Andrew Bartlett at 2018-07-12T02:32:07Z
docs: Remove mention of --without-json-audit from the AD DC
This is no longer optional for the AD DC.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1a559fd6 by Andrew Bartlett at 2018-07-12T02:32:08Z
ldb: Ban ldb 1.4.x with Samba 4.8 and earlier
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13519
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
52efa796 by Andrew Bartlett at 2018-07-12T02:32:08Z
ldb: Refuse to build Samba against a newer minor version of ldb
Samba is not compatible with new versions of ldb (except release versions)
Other users would not notice the breakages, but Samba makes many
more assuptions about the LDB internals than any other package.
(Specifically, LDB 1.2 and 1.4 broke builds against released
Samba versions)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13519
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
b9efc5a6 by Stefan Metzmacher at 2018-07-12T02:32:09Z
tdb: version 1.3.16
* Fix build on AIX
* Python3 compatibility fixes
* Use tdb_wipe_all in "erase" command
* Harden allocating the tdb recovery area
* Make sure the hash size fits
* Harden tdb_check_used_record against overflow
* Harden tdb_rec_read
* Handle TDB_NEXT_LOCK_ERR in tdb_traverse_internal
* Fix build warnings
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
df858ec1 by Stefan Metzmacher at 2018-07-12T02:32:09Z
talloc: version 2.1.14
* Fix some typos in the comments
* Remove extra 0x prefix for the "%p" format specifiers,
avoiding 0x0x0 strings in the output.
* make sure we link extra-python versions of libraries
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3eecdbcc by Stefan Metzmacher at 2018-07-12T05:43:22Z
ldb: version 1.4.1
* add some missing return value checks
* Fix several mem leaks in ldb_index ldb_search ldb_tdb (bug#13475)
* ldb_tdb: Use mem_ctx and so avoid leak onto long-term memory
on duplicated add. (bug#13471)
* ldb: Fix memory leak on module context (bug#13459)
* Refused build of Samba 4.8 with ldb 1.4 (bug #13519)
* Prevent similar issues in the future at configure time (bug #13519)
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Jul 12 07:43:22 CEST 2018 on sn-devel-144
- - - - -
c4be5a81 by Martin Schwenke at 2018-07-12T08:02:41Z
WHATSNEW.txt: CTDB updates for 4.9
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
de30faec by Andrew Bartlett at 2018-07-12T08:02:41Z
WHATSNEW: Add information on new GPO features
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d578e506 by Karolin Seeger at 2018-07-12T08:08:52Z
WHATSNEW: Add release notes for Samba 4.9.0rc1.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
7bc8b7f3 by Karolin Seeger at 2018-07-12T08:09:02Z
VERSION: Bump version up to 4.9.0rc1...
and disable GIT_SNAPSHOT for the release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ef0cae1f by Karolin Seeger at 2018-07-12T08:27:54Z
VERSION: Bump version up to 4.9.0rc2...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
2ea15c55 by Ralph Boehme at 2018-07-12T11:10:25Z
s4:torture/vfs/fruit: decrease large resource fork size in test from 1 GB to 64 MB
64 MB is a more realistic value and lets the test pass on FreeBSD with
fruit:resource=stream and vfs_streams_xattr.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 2729b4329af0ad0b6a8bd188450b8abd76670d8a)
- - - - -
c88aa5fb by Ralph Boehme at 2018-07-12T11:10:25Z
s4:torture: test setting EOF of a stream to 0 with enabled AAPL extensions
macOS SMB server uses xattrs as storage backend for streams, directly
exposing xattr get/set characteristics. Setting EOF on a stream to 0
just deletes the xattr as macOS doesn't support 0-byte sized xattrs.
Note that this does not apply to the AFP_AfpInfo and AFP_Resource
streams, they have even stranger semantics and we have other tests
for those.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit cf5d471544f0cb0d072e4af1ee36798580d32897)
- - - - -
af4cb57d by Ralph Boehme at 2018-07-12T11:10:25Z
vfs_fruit: delete 0 byte size streams if AAPL is enabled
macOS SMB server uses xattrs as storage backend for streams, directly
exposing xattr get/set characteristics. Setting EOF on a stream to 0
just deletes the xattr as macOS doesn't support 0-byte sized xattrs.
Note that this does not apply to the AFP_AfpInfo and AFP_Resource
streams, they have even stranger semantics and we have other tests
for those.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed May 30 02:34:29 CEST 2018 on sn-devel-144
(cherry picked from commit 46d127865f3fb14041797d395db3b3234ed3bd6c)
- - - - -
00b001b0 by Ralph Boehme at 2018-07-12T11:10:25Z
selftest: run smb2.streams tests against a share with vfs_streams_xattr
The tests are currently only run against streams_depot, where stream IO
is handle based, compared to streams_xattr which is path
based. vfs_streams_xattr is also used much more in real world setups, so
we should run our tests against it.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit aa096ab70a466388a9947f73a525b2dcbb9821e5)
- - - - -
36972fd6 by Ralph Boehme at 2018-07-12T11:10:25Z
s4:torture/smb2/streams: try to rename basefile while is has open streams
This tests the following:
- create a file with a stream
- open the the stream and keep it open
- on a second connection, try to rename the basefile, this should fail
with NT_STATUS_ACCESS_DENIED
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 00d19bdab15102083b8ba395ede161824c898be1)
- - - - -
93ec87ec by Ralph Boehme at 2018-07-12T11:10:25Z
s4:torture/vfs/fruit: adjust test testing basefile rename to expect failure
Renaming a basefile that has open streams must fail with
NT_STATUS_ACCESS_DENIED.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f166207fc0344b51879d863857055ab7ff36a09b)
- - - - -
85571d08 by Ralph Boehme at 2018-07-12T11:10:26Z
s3:smbd: add private option NTCREATEX_OPTIONS_PRIVATE_STREAM_BASEOPEN
This will be used to mark basefile opens of streams opens. This is
needed to later implement a function that can determine if a file has
stream opens.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 37e7ff05ab9443c0330e68f5c701ffecedf2d738)
- - - - -
dd78d9a6 by Ralph Boehme at 2018-07-12T11:10:26Z
s3:locking: add file_has_open_streams()
This can be used to check if a file opened by fsp also has stream opens.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit dd8cf54c79fe8536e34cde15801d60931cd47b8b)
- - - - -
425f513e by Ralph Boehme at 2018-07-12T11:10:26Z
s3:smbd: don't allow renaming basefile if streams are open
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 465b7d07e5db787c3d6330371e5e42ecbb1b57b9)
- - - - -
adef988e by Jeremy Allison at 2018-07-12T11:10:26Z
python: pysmbd: Additional error path leak fix.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13474
Signed-off-by: Jeremy Allison <jra at samba.org>
- - - - -
c7bedb9c by Ralph Boehme at 2018-07-12T11:10:26Z
lib: smb_threads: fix access before init bug
talloc_stackframe_internal() calls SMB_THREAD_GET_TLS(global_ts) which
calls smb_get_tls_pthread() in the POSIX pthread wrapper implementation.
If SMB_THREAD_SET_TLS() hasn't been called before, global_ts is NULL and
smb_get_tls_pthread dereferences it so it crashes.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13505
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit e311801e0e7171a2b50e39d3e0c2d2137f8b3d7e)
- - - - -
40c97843 by Jeremy Allison at 2018-07-12T11:10:26Z
libsmbclient: Initialize written value before use.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13511
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(cherry picked from commit 2e4878a69a62fb59d843ee53a1a9469b987e3a59)
- - - - -
6930bb96 by Bailey Berro at 2018-07-12T11:10:26Z
libsmbclient: Initialize written in cli_splice_fallback()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13511
Signed-off-by: Bailey Berro <baileyberro at chromium.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Mon Jul 9 21:29:48 CEST 2018 on sn-devel-144
(cherry picked from commit fe25bc793d30a64f06b19f737c652b0c7389ca92)
- - - - -
c5680ba4 by Ralph Boehme at 2018-07-12T15:42:50Z
s3: smbd/durable: remove dev and inode check from vfs_default_durable_reconnect_check_stat()
On a cluster filesystem the device numbers may differ on the cluster
nodes. We already verify the file_id in vfs_default_durable_reconnect(),
so we can safely remove the dev/inode checks.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13318
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0a91ade5272698c094137fa28d2ad4723b5963cf)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Thu Jul 12 17:42:50 CEST 2018 on sn-devel-144
- - - - -
516a440b by Ralph Boehme at 2018-07-26T19:24:08Z
s3: vfs: bump to version 39, Samba 4.9 will ship with that
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit b2ae22a310c07da61ca5d57cba1b403851e928d9)
Autobuild-User(v4-9-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-9-test): Thu Jul 26 21:24:08 CEST 2018 on sn-devel-144
- - - - -
bc280e8a by Alexander Bokovoy at 2018-07-31T10:36:24Z
s4-dns_server: Only build dns server Python code for AD DC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13542
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
c6a325c9 by Alexander Bokovoy at 2018-07-31T10:36:24Z
s4-dsdb: only build dsdb Python modules for AD DC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13542
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
d85dd185 by Alexander Bokovoy at 2018-07-31T10:36:24Z
python/samba/tests: make sure samba.tests can be imported without SamDB
We are using samba.tests Python module __init__.py file as a catch-all
for all types of helpers. Some of these helpers are only usable with
Samba AD DC targets.
When SamDB is not available in a non-Samba AD DC target, provide a
dummy replacement that simply returns None. This allows to complete
initialization for non-Samba AD DC target tests which do not use
connect_samdb() helper.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13542
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
7e960210 by Stefan Metzmacher at 2018-07-31T10:36:24Z
librpc: add binding handle support for [smb1]
This will be used to force smb1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 062b518cabd9fb5f72f96cdf400c978c0b844619)
- - - - -
a8cd7046 by Stefan Metzmacher at 2018-07-31T10:36:24Z
s4:libcli: split out smb_raw_negotiate_fill_transport()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 17b12a9b9a9dfd859679de77aa0c7ffbc782f1bc)
- - - - -
00e5ea1f by Stefan Metzmacher at 2018-07-31T10:36:24Z
s4:libcli: add smbcli_transport_raw_init()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit b7e99c2571e31971a6d7f1898e7458c16dc1031e)
- - - - -
71a13551 by Stefan Metzmacher at 2018-07-31T10:36:24Z
s4:libcli: use talloc_zero() for struct smb_composite_connect in fetchfile.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 87d73397f9a9dee8fa0055a2ff08244b2c85e120)
- - - - -
f9b685e9 by Stefan Metzmacher at 2018-07-31T10:36:24Z
s4:libcli: allow passing an already negotiated connection to smb_composite_connect()
It will just do the session setup and tree connect steps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 2b68f9b8b0dd944fa89b9e0037886ddd4fb4e5f9)
- - - - -
c85c9b58 by Stefan Metzmacher at 2018-07-31T10:36:24Z
s4:libcli: add smb2_transport_raw_init()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit ce2248c4b5aad2d00155a2e77b3e6340ce824979)
- - - - -
a3a5797e by Stefan Metzmacher at 2018-07-31T10:36:24Z
s4:libcli: split out smb2_connect_session_start()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 5ad5b81b6ef601596583b4ad7d6a14241fa99a71)
- - - - -
4d7023f8 by Stefan Metzmacher at 2018-07-31T10:36:24Z
s4:libcli: allow passing an already negotiated connection to smb2_connect_send()
It will just do the session setup and tree connect steps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit f20e607c15b4c8ae56ade5d7e68d832542a2cd5e)
- - - - -
02f7b652 by Stefan Metzmacher at 2018-07-31T10:36:24Z
s4:libcli: add fallback_to_anonymous to smb2_connect_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit ca000d8901e6acb8a7c59d26d4f75c9d92bafece)
- - - - -
3d8c4bf8 by Stefan Metzmacher at 2018-07-31T10:36:24Z
s4:libcli: allow a fallback to NTLMSSP if SPNEGO is not supported locally
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 5188454bdce80f6e2bfc45deca18bd1b7289a7a6)
- - - - -
b1753afa by Stefan Metzmacher at 2018-07-31T10:36:25Z
s4:libcli: add smb_connect_nego_{send,recv}()
This can be used to create a connection up to a negotiated
smbXcli_conn.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit e4910f35eab008a41cfcac3d97b3647c721ac679)
- - - - -
373406a1 by Alexander Bokovoy at 2018-07-31T10:36:25Z
tests/auth_log: Permit SMB2 service description if empty binding is used for kerberos authentication
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 70a9cf9ccfc4075cc08209191db1bce2c9b432fc)
- - - - -
25405ee6 by Stefan Metzmacher at 2018-07-31T10:36:25Z
python/tests: use explicit "client ipc max protocol = NT1" for samba.tests.net_join_no_spnego
The tests rely on SMB1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 802e43bf742e756896fa73fcd139feca9ae293dd)
- - - - -
e3e64256 by Stefan Metzmacher at 2018-07-31T10:36:25Z
s4:librpc: autonegotiate SMB1/2/3
Windows Server 1709 defaults to SMB2 and does not have SMB1 enabled.
When establishing trust, samba-tool does not specify SMB protocol
version and fail by default.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 4422f7382aad3090cb959ade030a02bf4fef81ac)
- - - - -
a3c26b35 by Stefan Metzmacher at 2018-07-31T10:36:25Z
s3:selftest: run rpc.lsa.lookupsids also with explicit [smb1] and [smb2]
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 6800077c5c57c257326573537d1f2bb7a8066149)
- - - - -
0b3e00a6 by Alexander Bokovoy at 2018-07-31T10:36:25Z
samba-tool trust: support discovery via netr_GetDcName
In case a remote DC does not support netr_DsRGetDCNameEx2(),
use netr_GetDcName() instead.
This should help with FreeIPA where embedded smbd runs as a domain
controller but does not implement full Active Directory compatibility.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13538
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Tue Jul 24 09:55:23 CEST 2018 on sn-devel-144
(cherry picked from commit c390728819e73cefbf02e0d52d22805930f4c45b)
- - - - -
5abe6e67 by Martin Schwenke at 2018-07-31T10:36:25Z
ctdb-tests: Simplify pstree output in eventd unit tests
pstree truncates output when it exceeds a maximum width - the default
is 132 columns. A couple of recent
commits (12fd8d7a5c5d14d403aac6cd9e318afcd0a8e159,
b23f3f996038626f618c5b5aa552686c1b852f44) lengthened the command
string in the output so that it is more likely to exceed this limit
and be truncated, as below:
==================================================
Running "cat /memdisk/autobuild/fl/b1851760/ctdb/ctdb/tests/var/eventd/debug_script.log"
--------------------------------------------------
Output (Exit status: 0):
--------------------------------------------------
02.enabled.scri,PID /memdisk/autobuild/fl/b1851760/ctdb/ctdb/tests/var/eventd/events/random/02.enabled.script ...
`-sleep,PID 99
01.disabled DISABLED
02.enabled TIMEDOUT DATETIME
OUTPUT: Sleeping for 99 seconds
--------------------------------------------------
Required output (Exit status: 0):
--------------------------------------------------
02.enabled.scri,PID /memdisk/autobuild/fl/b1851760/ctdb/ctdb/tests/var/eventd/events/random/02.enabled.script verbosetimeout
`-sleep,PID 99
01.disabled DISABLED
02.enabled TIMEDOUT DATETIME
OUTPUT: Sleeping for 99 seconds
FAILED
It isn't clear that the above example exceeds 132 characters, given
that the PID has been filtered into a fixed string, but it certainly
goes close. Whether or not it is truncated probably depends on the
width of the PID in the unfiltered output. This would explain why the
test flaps.
Avoid the output truncation by dropping the -a and -p options to
simplify the pstree output.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13531
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit da115efd2b89e10767e9bec7343dce65ffd3c68b)
- - - - -
c775cda6 by Martin Schwenke at 2018-07-31T10:36:25Z
ctdb-tests: Loosen match against pstree output in simple test
As per previous commit, pstree can truncate output if it gets too
wide. Instead of matching against the script's full path and
arguments, just match against the script name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13531
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Wed Jul 18 14:53:39 CEST 2018 on sn-devel-144
(cherry picked from commit 359e52187fbc9b5f94570ff8d12607b4fc42e4f2)
- - - - -
3b7a39bd by Ralph Boehme at 2018-07-31T10:36:25Z
s4: torture: run test_durable_v2_open_reopen2_lease() in a subdirectory
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13535
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 725319743f1f2de934cbde477ca84430f5b2b4b4)
- - - - -
9ad7af68 by Ralph Boehme at 2018-07-31T10:36:25Z
s3: smbd: fix path check in smbd_smb2_create_durable_lease_check()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13535
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e60e9368cb3cb512e2506620d814187a692108e0)
- - - - -
14963928 by Gary Lockyer at 2018-07-31T10:36:25Z
dns wildcards: tests to confirm BUG 13536
DNS wildcard matching failing if more than one label to the left of the
wildcard. This commits adds tests to confirm the bug.
Wildcard entry: *.example.org
bar.example.com matches
foo.bar.example.com does not, but it it should.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0d3aec18679a2637430263a55de5e210a9201e21)
- - - - -
a6dab26a by Gary Lockyer at 2018-07-31T10:36:25Z
dns wildcards: fix BUG 13536
The current position in the dns name was not advanced past the '.'
character
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jul 20 04:40:31 CEST 2018 on sn-devel-144
(cherry picked from commit cef1b31cd1f33074e8ab6de52aa0fb74e9b57a9f)
- - - - -
76d3abee by Jeremy Allison at 2018-07-31T10:36:25Z
s3: smbd: Fix Linux sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 809967b3eab7a1b48c186517701538ca93536246)
- - - - -
8652ab1b by Jeremy Allison at 2018-07-31T10:36:25Z
s3: smbd: Fix Solaris sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 16a587075c8c62c1160869358ca56a133e90247a)
- - - - -
8b54ad07 by Jeremy Allison at 2018-07-31T10:36:25Z
s3: smbd: Fix HPUX sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit d222caa449d9c00bb2dd9da6c79ea509960d47c6)
- - - - -
a221165e by Jeremy Allison at 2018-07-31T10:36:26Z
s3: smbd: Fix FreeBSD sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 456e520a3be7e4b54f1f144324c3671b8f6e35ea)
- - - - -
4c2e666a by Jeremy Allison at 2018-07-31T10:36:26Z
s3: smbd: Fix AIX sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Jul 20 15:14:24 CEST 2018 on sn-devel-144
(cherry picked from commit 582ce5d6b599516d6d8d619529a2aa809139a175)
- - - - -
23b5be4f by Martin Schwenke at 2018-07-31T10:36:26Z
ctdb-tools: Improve portability by not using /bin/bash directly
FreeBSD and others do not have /bin/bash, so use "/usr/bin/env bash"
for better flexibility.
There are still many integration tests that use /bin/bash but this at
least lets FreeBSD start running tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 73298ac8a9a87dcf3b3699dfdd39a8e865291620)
- - - - -
7d28f016 by Martin Schwenke at 2018-07-31T10:36:26Z
ctdb-tests: Improve portability by not using /bin/bash directly
FreeBSD and others do not have /bin/bash, so use "/usr/bin/env bash"
for better flexibility.
There are still many integration tests that use /bin/bash but this at
least lets FreeBSD start running tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit dd9d8a20aa6948a5d1e7fb532842b7ff5bc0f550)
- - - - -
e4b703ed by Martin Schwenke at 2018-07-31T10:36:26Z
ctdb-tools: Avoid use of non-portable getopt in onnode
getopt is being used with non-portable options. Use simpler,
POSIX-compliant getopts instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 4a39bc4aaad541f1e89c0eb3e98d4104bcc25025)
- - - - -
04a9667f by Martin Schwenke at 2018-07-31T10:36:26Z
ctdb-tests: Avoid use of non-portable getopt in run_tests.sh
getopt is being used with non-portable options. Use simpler,
POSIX-compliant getopts instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 56ffca3e79923a028ff96fbd50706d808b9dd215)
- - - - -
ebeecc34 by Martin Schwenke at 2018-07-31T10:36:26Z
ctdb-tests: Avoid use of non-portable getopt in stubs
getopt is being used with non-portable options. In most cases use
simpler, POSIX-compliant getopts instead.
In the case of the ctdb test stub command, options can appear after
other arguments, so this requires an additional nested loop.
In the case of smnotify, there are no short options, so handle the
long options manually.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 896c77df1ce2645c6dd7898b59ea802e204dc7d9)
- - - - -
58671b00 by Martin Schwenke at 2018-07-31T10:36:26Z
ctdb-tests: Improve portability by not using mktemp --tmpdir option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 2f2c35a1cb4afe38e869882e8f18a62d4daac981)
- - - - -
f6be6615 by Martin Schwenke at 2018-07-31T10:36:26Z
ctdb-tests: Switch some test stubs to use /bin/sh
They don't use any bash features.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit f13824b291fca9cdaa936c238d7e9bcb73927da7)
- - - - -
3f757916 by Amitay Isaacs at 2018-07-31T10:36:26Z
ctdb-tests: Add errno matching utility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit af8c31ead80d6c74b0e9d057cb47dff6552178a9)
- - - - -
d49d03db by Amitay Isaacs at 2018-07-31T10:36:26Z
ctdb-tests: Add required_error() to match on error codes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit e8a1b3db7abfa9e4a53e98a0aa21dfc268a21c92)
- - - - -
43cd4e47 by Amitay Isaacs at 2018-07-31T10:36:26Z
ctdb-common: Switch to ETIMEDOUT from ETIME
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit a42a7232990fa163d046fb07be351ea3e0467046)
- - - - -
0782860b by Amitay Isaacs at 2018-07-31T10:36:26Z
ctdb-event: Switch to ETIMEDOUT instead of ETIME
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit c8756ec17be11e40bc7e75aac7afdb323acb42e2)
- - - - -
60ef2960 by Amitay Isaacs at 2018-07-31T10:36:26Z
ctdb-daemon: Switch to using ETIMEDOUT instead of ETIME
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit b886a95eca306d0062240e5710ae0ed4505b1068)
- - - - -
ed503603 by Amitay Isaacs at 2018-07-31T10:36:26Z
ctdb-client: Switch to ETIMEDOUT instead of ETIME
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit e1236a855ffc493efb5e9cb7b295034376e56d3a)
- - - - -
adc4c784 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Add ps output filter for freebsd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit b7dbe9f306fda0d8f1dcc8dd81864539f6ff2632)
- - - - -
0ec4783c by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Add signal code matching utility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit b0028dd5bf2d5466a50dfd12a82a23f30e9ccf48)
- - - - -
16838f3c by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Use sigcode to match signals
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 23952c9165bbdcae8f34b7dfefdbb4a499a55362)
- - - - -
fcae5c60 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Porting tests should ignore unsupported features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 0273171c30a5bcfdfc0b3f74c1d5a89dbaa5b204)
- - - - -
b21efa24 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-common: Add line based I/O
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit c7041b0faf490661818244dd032ad413ce906e5c)
- - - - -
ea5643fe by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-protocol: Avoid fgets in ctdb_connection_list_read
C library buffering API can behave in unexpected fashion if underlying
fd for stdin, stdout or stderr is closed and re-opened.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit c9b42d27e6cf9e6ae36f44970f0a388edc737a7a)
- - - - -
eb1279e6 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-common: Add fd argument to ctdb_connection_list_read()
This makes testing easier.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 3bf753e830c20183ef4f3278880d3be362e53bef)
- - - - -
18aa6548 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Do not try to match pstree output in eventd tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 4152e98c0e95a938e17f95c543c2114bbf54b136)
- - - - -
33df4f98 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Simplify pattern matching for ctime output
On freebsd, sed does not accept multiple pattern strings.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 68542dbb5ab7b9d17b476937d1c84fe19d893255)
- - - - -
55fe4b56 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-scripts: date "+%N" is non-portable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 96d5c7de82f795e33e9998e0fe94ddcb50e7421d)
- - - - -
862aedcd by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Use portable wc -c instead of stat -c "%s"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 07844c2ec9583362594241e607d81aaead8f1a99)
- - - - -
0be07aec by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Replace md5sum with posix cksum
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 22c3078c8b10c88f8aff22caa7c92a06f387f17d)
- - - - -
0733f133 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Use errcode to translate ETIMEDOUT
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 65cc36f24d8a92c749dbc3700802e1d83a9ceb9f)
- - - - -
23e41315 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Fix a typo
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 6f5ed2b8b829e01fc675537e47095868ff8b5aa2)
- - - - -
e4aa9b98 by Amitay Isaacs at 2018-07-31T10:36:27Z
ctdb-tests: Strip all spaces from od output
On freebsd, there are trailing spaces in od output.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 3047202ce733d1a767fbc83c7021cb83bb83e0e1)
- - - - -
eb3f8ae4 by Amitay Isaacs at 2018-07-31T10:36:28Z
ctdb-common: Fix the TCP packet length check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit be43e08072ebce937ed0a02cd8d9d1c6072b178d)
- - - - -
d4e9454f by Martin Schwenke at 2018-07-31T10:36:28Z
ctdb-common: Fix compilation issue with strncpy()
When configured with --picky-developer and using -O3 with gcc 8.1:
../common/system_socket.c: In function ‘parse_ip_mask’:
../common/system_socket.c:229:2: error: ‘strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
strncpy(s, str, len+1);
^~~~~~~~~~~~~~~~~~~~~~
../common/system_socket.c:223:8: note: length computed here
len = strlen(str);
^~~~~~~~~~~
Use strlcpy() instead and check the result.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13545
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 5dd84bf5d73e4afab094834bc317da7884b9b9b3)
- - - - -
5c2513d8 by Martin Schwenke at 2018-07-31T10:36:28Z
ctdb-protocol: Fix compilation issue with strncpy()
When configured with --picky-developer and using -O3 with gcc 8.1:
../protocol/protocol_util.c: In function ‘ctdb_sock_addr_from_string’:
../protocol/protocol_util.c:282:2: error: ‘strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
strncpy(s, str, len+1);
^~~~~~~~~~~~~~~~~~~~~~
../protocol/protocol_util.c:277:8: note: length computed here
len = strlen(str);
^~~~~~~~~~~
Use strlcpy() instead and check the result.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13545
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 3b56f2002a35b55b46958178c79aee519f0c5880)
- - - - -
d197d11a by Martin Schwenke at 2018-07-31T10:36:28Z
ctdb-docs: Replace obsolete reference to CTDB_DEBUG_HUNG_SCRIPT option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13546
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Sat Jul 28 07:26:24 CEST 2018 on sn-devel-144
(cherry picked from commit a44e6987b1e469ae202777cd575fd81c19e1ac6c)
- - - - -
cb1292d6 by Martin Schwenke at 2018-07-31T10:36:28Z
WHATSNEW: Add further CTDB updates for 4.9
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Karolin Seeger <kseeger at samba.org>
- - - - -
f24f0f13 by Martin Schwenke at 2018-07-31T10:36:28Z
ctdb-doc: Provide an example script for migrating old configuration
Include an example ctdbd.conf-style file for testing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13550
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Mon Jul 30 14:30:06 CEST 2018 on sn-devel-144
(cherry picked from commit 4fcbaae57b129deaacfab0a226cefca99aa78256)
- - - - -
34aba6f9 by Martin Schwenke at 2018-07-31T10:36:28Z
ctdb-event: Fix "ctdb event status" usage message
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 56e248de6072063308786ea83282aaecc8d7e62a)
- - - - -
4cce86e8 by Martin Schwenke at 2018-07-31T10:36:28Z
ctdb-common: Factor out basic script abstraction
Provides for listing of scripts and chmod enable/disable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit a7a4ee439dc1cf262b4da9fbcb38a2f69c62744c)
- - - - -
0c65347e by Martin Schwenke at 2018-07-31T10:36:28Z
ctdb-common: Use script abstraction in run_event
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 82e62488027302e541739628210292c2d95717e1)
- - - - -
792e1702 by Martin Schwenke at 2018-07-31T10:36:28Z
ctdb-event: Change event-tool script enable/disable to chmod file directly
They no longer go over the socket to eventd to enable and disable
scripts. Use the event script abstraction to chmod them directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 295826f1b83b6e59d24e4da43b290242c17f44af)
- - - - -
8932003d by Martin Schwenke at 2018-07-31T10:36:28Z
ctdb-event: Implement event tool "script list" command
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 5017325c2ef84b10ccd23328f5d62ac5b246bbb3)
- - - - -
d666a5e0 by Martin Schwenke at 2018-07-31T13:27:32Z
ctdb-docs: Update documentation for "ctdb event" command
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Sat Jul 28 20:03:52 CEST 2018 on sn-devel-144
(cherry picked from commit e3ce1a2dfc4cbba4bf22381b91e9a14c8f240f5d)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Tue Jul 31 15:27:32 CEST 2018 on sn-devel-144
- - - - -
9fc6a2eb by Karolin Seeger at 2018-07-31T16:27:29Z
WHATSNEW: Add release notes for Samba 4.9.0rc2.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
7f744ab6 by Karolin Seeger at 2018-07-31T16:27:29Z
VERSION: Disable GIT_SNAPSHOT for the 4.9.0rc2 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
7894067d by Karolin Seeger at 2018-07-31T16:27:29Z
VERSION: Bump version up to 4.9.0rc3...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
4954a6da by Karolin Seeger at 2018-08-11T06:16:00Z
VERSION: Bump version up to 4.8.4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
(cherry picked from commit 1df7f93b6ede803ec01424c48d2f1f3526c9818c)
- - - - -
677fad5e by Jeremy Allison at 2018-08-11T06:16:00Z
CVE-2018-10858: libsmb: Ensure smbc_urlencode() can't overwrite passed in buffer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453
CVE-2018-10858: Insufficient input validation on client directory
listing in libsmbclient.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5923c3cc by Jeremy Allison at 2018-08-11T06:16:01Z
CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453
CVE-2018-10858: Insufficient input validation on client directory
listing in libsmbclient.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
87aa8361 by Andrew Bartlett at 2018-08-11T06:16:01Z
CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user
This regression was introduced in Samba 4.7 by bug 12842 and in
master git commit eb2e77970e41c1cb62c041877565e939c78ff52d.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13552
CVE-2018-10918: Denial of Service Attack on AD DC DRSUAPI server.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
bbb72cfc by Tim Beale at 2018-08-11T06:16:01Z
CVE-2018-10919 security: Move object-specific access checks into separate function
Object-specific access checks refer to a specific section of the
MS-ADTS, and the code closely matches the spec. We need to extend this
logic to properly handle the Control-Access Right (CR), so it makes
sense to split the logic out into its own function.
This patch just moves the code, and should not alter the logic (apart
from ading in the boolean grant_access return variable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
a81f32e7 by Tim Beale at 2018-08-11T06:16:01Z
CVE-2018-10919 security: Add more comments to the object-specific access checks
Reading the spec and then reading the code makes sense, but we could
comment the code more so it makes sense on its own.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
77421f33 by Tim Beale at 2018-08-11T06:16:01Z
CVE-2018-10919 tests: Add tests for guessing confidential attributes
Adds tests that assert that a confidential attribute cannot be guessed
by an unprivileged user through wildcard DB searches.
The tests basically consist of a set of DB searches/assertions that
get run for:
- basic searches against a confidential attribute
- confidential attributes that get overridden by giving access to the
user via an ACE (run against a variety of ACEs)
- protecting a non-confidential attribute via an ACL that denies read-
access (run against a variety of ACEs)
- querying confidential attributes via the dirsync controls
These tests all pass when run against a Windows Dc and all fail against
a Samba DC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
03dba18b by Tim Beale at 2018-08-11T06:16:01Z
CVE-2018-10919 tests: Add test case for object visibility with limited rights
Currently Samba is a bit disclosive with LDB_OP_PRESENT (i.e.
attribute=*) searches compared to Windows.
All the acl.py tests are based on objectClass=* searches, where Windows
will happily tell a user about objects they have List Contents rights,
but not Read Property rights for. However, if you change the attribute
being searched for, suddenly the objects are no longer visible on
Windows (whereas they are on Samba).
This is a problem, because Samba can tell you about which objects have
confidential attributes, which in itself could be disclosive.
This patch adds a acl.py test-case that highlights this behaviour. The
test passes against Windows but fails against Samba.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
a90cb03e by Tim Beale at 2018-08-11T06:16:01Z
CVE-2018-10919 security: Fix checking of object-specific CONTROL_ACCESS rights
An 'Object Access Allowed' ACE that assigned 'Control Access' (CR)
rights to a specific attribute would not actually grant access.
What was happening was the remaining_access mask for the object_tree
nodes would be Read Property (RP) + Control Access (CR). The ACE mapped
to the schemaIDGUID for a given attribute, which would end up being a
child node in the tree. So the CR bit was cleared for a child node, but
not the rest of the tree. We would then check the user had the RP access
right, which it did. However, the RP right was cleared for another node
in the tree, which still had the CR bit set in its remaining_access
bitmap, so Samba would not grant access.
Generally, the remaining_access only ever has one bit set, which means
this isn't a problem normally. However, in the Control Access case there
are 2 separate bits being checked, i.e. RP + CR.
One option to fix this problem would be to clear the remaining_access
for the tree instead of just the node. However, the Windows spec is
actually pretty clear on this: if the ACE has a CR right present, then
you can stop any further access checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
7016bfd3 by Gary Lockyer at 2018-08-11T06:16:02Z
CVE-2018-10919 tests: test ldap searches for non-existent attributes.
It is perfectly legal to search LDAP for an attribute that is not part
of the schema. That part of the query should simply not match.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
6e35ae37 by Tim Beale at 2018-08-11T06:16:02Z
CVE-2018-10919 acl_read: Split access_mask logic out into helper function
So we can re-use the same logic laster for checking the search-ops.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
f9fa4e5c by Tim Beale at 2018-08-11T06:16:02Z
CVE-2018-10919 acl_read: Small refactor to aclread_callback()
Flip the dirsync check (to avoid a double negative), and use a helper
boolean variable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
1575ba42 by Tim Beale at 2018-08-11T06:16:02Z
CVE-2018-10919 acl_read: Flip the logic in the dirsync check
This better reflects the special case we're making for dirsync, and gets
rid of a 'if-else' clause.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
9891df45 by Tim Beale at 2018-08-11T06:16:02Z
CVE-2018-10919 acl_read: Fix unauthorized attribute access via searches
A user that doesn't have access to view an attribute can still guess the
attribute's value via repeated LDAP searches. This affects confidential
attributes, as well as ACLs applied to an object/attribute to deny
access.
Currently the code will hide objects if the attribute filter contains an
attribute they are not authorized to see. However, the code still
returns objects as results if confidential attribute is in the search
expression itself, but not in the attribute filter.
To fix this problem we have to check the access rights on the attributes
in the search-tree, as well as the attributes returned in the message.
Points of note:
- I've preserved the existing dirsync logic (the dirsync module code
suppresses the result as long as the replPropertyMetaData attribute is
removed). However, there doesn't appear to be any test that highlights
that this functionality is required for dirsync.
- To avoid this fix breaking the acl.py tests, we need to still permit
searches like 'objectClass=*', even though we don't have Read Property
access rights for the objectClass attribute. The logic that Windows
uses does not appear to be clearly documented, so I've made a best
guess that seems to mirror Windows behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
a915e23a by Tim Beale at 2018-08-11T06:16:02Z
CVE-2018-10919 tests: Add extra test for dirsync deleted object corner-case
The acl_read.c code contains a special case to allow dirsync to
work-around having insufficient access rights. We had a concern that
the dirsync module could leak sensitive information for deleted objects.
This patch adds a test-case to prove whether or not this is happening.
The new test case is similar to the existing dirsync test except:
- We make the confidential attribute also preserve-on-delete, so it
hangs around for deleted objcts. Because the attributes now persist
across test case runs, I've used a different attribute to normal.
(Technically, the dirsync search expressions are now specific enough
that the regular attribute could be used, but it would make things
quite fragile if someone tried to add a new test case).
- To handle searching for deleted objects, the search expressions are
now more complicated. Currently dirsync adds an extra-filter to the
'!' searches to exclude deleted objects, i.e. samaccountname matches
the test-objects AND the object is not deleted. We now extend this to
include deleted objects with lastKnownParent equal to the test OU.
The search expression matches either case so that we can use the same
expression throughout the test (regardless of whether the object is
deleted yet or not).
This test proves that the dirsync corner-case does not actually leak
sensitive information on Samba. This is due to a bug in the dirsync
code - when the buggy line is removed, this new test promptly fails.
Test also passes against Windows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
- - - - -
c775bd8b by Douglas Bagnall at 2018-08-11T06:16:02Z
selftest/tests.py: remove always-needed, never-set with_cmocka flag
We have cmocka in third_party, so we are never without it.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(Backported from commit 33ef0e57a4f08eae5ea06f482374fbc0a1014de6
by Andrew Bartlett)
- - - - -
3454eae9 by Andrew Bartlett at 2018-08-11T06:16:03Z
CVE-2018-1139 libcli/auth: Add initial tests for ntlm_password_check()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5fb35b7f by Günther Deschner at 2018-08-11T06:16:03Z
CVE-2018-1139 libcli/auth: fix debug messages in hash_password_check()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
f0bd8cc7 by Günther Deschner at 2018-08-11T06:16:03Z
CVE-2018-1139 s3-utils: use enum ntlm_auth_level in ntlm_password_check().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6993f39d by Günther Deschner at 2018-08-11T06:16:03Z
CVE-2018-1139 selftest: verify whether ntlmv1 can be used via SMB1 when it is disabled.
Right now, this test will succeed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a5245e46 by Günther Deschner at 2018-08-11T06:16:03Z
CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth".
This fixes a regression that came in via 00db3aba6cf9ebaafdf39ee2f9c7ba5ec2281ea0.
Found by Vivek Das <vdas at redhat.com> (Red Hat QE).
In order to demonstrate simply run:
smbclient //server/share -U user%password -mNT1 -c quit \
--option="client ntlmv2 auth"=no \
--option="client use spnego"=no
against a server that uses "ntlm auth = ntlmv2-only" (our default
setting).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
95c95a4a by Andrej Gessel at 2018-08-11T06:16:03Z
CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr()
Signed-off-by: Andrej Gessel <Andrej.Gessel at janztec.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
73317239 by Andrew Bartlett at 2018-08-11T06:16:03Z
CVE-2018-1140 ldb: Check for ldb_dn_get_casefold() failure in ldb_sqlite
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
a36db4fc by Andrew Bartlett at 2018-08-11T06:16:04Z
CVE-2018-1140 ldb_tdb: Ensure the dn in distinguishedName= is valid before use
ldb_dn_from_ldb_val() does not validate this untrusted input, so a later
call to ldb_dn_get_casefold() can fail if the input is not valid.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
ebc3a1a1 by Andrew Bartlett at 2018-08-11T06:16:04Z
CVE-2018-1140 ldb_tdb: Check for DN validity in add, rename and search
This ensures we fail with a good error code before an eventual ldb_dn_get_casefold() which
would otherwise fail.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
47bf6f6e by Andrew Bartlett at 2018-08-11T06:16:04Z
CVE-2018-1140 ldb: Add tests for search add and rename with a bad dn= DN
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
5ad366eb by Andrew Bartlett at 2018-08-11T06:16:04Z
ldb: Release LDB 1.3.5 for CVE-2018-1140
* Security fix for CVE-2018-1140 (NULL pointer de-reference, bug 13374)
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
43aba6bd by Kai Blin at 2018-08-11T06:16:04Z
CVE-2018-1140 dns: Add a test to trigger the LDB casefolding issue on invalid chars
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13466
Signed-off-by: Kai Blin <kai at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
032a6a46 by Karolin Seeger at 2018-08-11T06:16:04Z
WHATSNEW: Add release notes for Samba 4.8.4.
o CVE-2018-1139 (Weak authentication protocol allowed.)
o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
o CVE-2018-10858 (Insufficient input validation on client directory
listing in libsmbclient.)
o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
server.)
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
626c489c by Karolin Seeger at 2018-08-11T06:16:26Z
VERSION: Disable GIT_SNAPSHOT for the Samba 4.8.4 release.
o CVE-2018-1139 (Weak authentication protocol allowed.)
o CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.)
o CVE-2018-10858 (Insufficient input validation on client directory
listing in libsmbclient.)
o CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
o CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
server.)
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
b336179c by Ralph Boehme at 2018-08-13T10:56:32Z
s3: smbd: always set vuid in check_user_ok()
A SMB session reauth will have invalidated conn->vuid via
conn_clear_vuid_caches().
Ensure conn->vuid always has the vuid of the current user in
check_user_ok().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13351
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Mar 22 18:26:04 CET 2018 on sn-devel-144
(cherry picked from commit 42d6dd2f30b6c3b3176bd1f378422a2eb62b1008)
- - - - -
d23a1c1f by Stefan Metzmacher at 2018-08-13T10:56:33Z
librpc: add binding handle support for [smb1]
This will be used to force smb1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 062b518cabd9fb5f72f96cdf400c978c0b844619)
- - - - -
6b5e4a71 by Günther Deschner at 2018-08-13T10:56:33Z
s3-tldap: do not install test_tldap
Guenther
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13529
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat Jul 14 03:09:00 CEST 2018 on sn-devel-144
(cherry picked from commit 26fd7096b1f99a2754f634669d5432109023bfa5)
- - - - -
92b6b909 by Stefan Metzmacher at 2018-08-13T10:56:33Z
s4:libcli: split out smb_raw_negotiate_fill_transport()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 17b12a9b9a9dfd859679de77aa0c7ffbc782f1bc)
- - - - -
8b98831d by Noel Power at 2018-08-13T10:56:33Z
s3/lib: Fix misleading typo in debug message
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
19e65aff by Stefan Metzmacher at 2018-08-13T10:56:33Z
s4:libcli: add smbcli_transport_raw_init()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit b7e99c2571e31971a6d7f1898e7458c16dc1031e)
- - - - -
1d7b1dc0 by Noel Power at 2018-08-13T10:56:33Z
s3/libsmb: Avoid potential smbpanic calling parse_user_quota_list.
Calling parse_user_quota_list with a NULL buffer can cause a panic, while
this shouldn't happen, I managed to trigger this with an early implementation
of SMB2 quota support in smbd which didn't pass back NT_STATUS_NO_MORE_ENTRIES
when handling a SMB2_0_INFO_QUOTA GETINFO message.
OTHOH the Windows client handled the same situation gracefully.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
77ab463c by Stefan Metzmacher at 2018-08-13T10:56:33Z
s4:libcli: use talloc_zero() for struct smb_composite_connect in fetchfile.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 87d73397f9a9dee8fa0055a2ff08244b2c85e120)
- - - - -
6c24eaea by Noel Power at 2018-08-13T10:56:33Z
s3/smbd: Don't stat when doing a quota operation (as it's a fake file)
calling SMB_VFS_STAT on the quota fake file fails and caused
FS_INFO/FileFsControlInfo request to error out early, in turn stopped a
Win8.1 client from proceeding with quota queries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1136ff22 by Stefan Metzmacher at 2018-08-13T10:56:33Z
s4:libcli: allow passing an already negotiated connection to smb_composite_connect()
It will just do the session setup and tree connect steps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 2b68f9b8b0dd944fa89b9e0037886ddd4fb4e5f9)
- - - - -
59bb7dde by Noel Power at 2018-08-13T10:56:33Z
librpc/idl Add some query [getset]info quota related structures
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dbf268e6 by Stefan Metzmacher at 2018-08-13T10:56:33Z
s4:libcli: add smb2_transport_raw_init()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit ce2248c4b5aad2d00155a2e77b3e6340ce824979)
- - - - -
0ccd34a5 by Noel Power at 2018-08-13T10:56:33Z
s3/libsmb: adjust smb1 cli code to use idl structs and ndr push/pull funcs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2635c625 by Stefan Metzmacher at 2018-08-13T10:56:33Z
s4:libcli: split out smb2_connect_session_start()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 5ad5b81b6ef601596583b4ad7d6a14241fa99a71)
- - - - -
bdfcecc3 by Noel Power at 2018-08-13T10:56:33Z
s3/libsmb: adjust smb2 code for new idl structs & generated ndr push/pull funcs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2fd61b0e by Stefan Metzmacher at 2018-08-13T10:56:34Z
s4:libcli: allow passing an already negotiated connection to smb2_connect_send()
It will just do the session setup and tree connect steps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit f20e607c15b4c8ae56ade5d7e68d832542a2cd5e)
- - - - -
3212bc76 by Stefan Metzmacher at 2018-08-13T10:56:34Z
s4:libcli: add fallback_to_anonymous to smb2_connect_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit ca000d8901e6acb8a7c59d26d4f75c9d92bafece)
- - - - -
046d3a3d by Noel Power at 2018-08-13T10:56:34Z
s3/smbd: adjust smb1 server to use idl structs and generated ndr push/pull funcs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dcaa67ff by Stefan Metzmacher at 2018-08-13T10:56:34Z
s4:libcli: allow a fallback to NTLMSSP if SPNEGO is not supported locally
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 5188454bdce80f6e2bfc45deca18bd1b7289a7a6)
- - - - -
b65c3de5 by Noel Power at 2018-08-13T10:56:34Z
s3/smbd: smb2 server implementation for query get/set info.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5b60ffce by Stefan Metzmacher at 2018-08-13T10:56:34Z
s4:libcli: add smb_connect_nego_{send,recv}()
This can be used to create a connection up to a negotiated
smbXcli_conn.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit e4910f35eab008a41cfcac3d97b3647c721ac679)
- - - - -
a9d0df49 by Noel Power at 2018-08-13T10:56:34Z
s3/script/test: modify existing smbcquota test to use SMB2 in addition to SMB1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
94ab84ff by Alexander Bokovoy at 2018-08-13T10:56:34Z
tests/auth_log: Permit SMB2 service description if empty binding is used for kerberos authentication
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 70a9cf9ccfc4075cc08209191db1bce2c9b432fc)
- - - - -
951722d6 by Noel Power at 2018-08-13T10:56:34Z
s3/script/tests: Add simple (smb1 & smb2) get/set/list tests for smbcquotas
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e9494f9b by Stefan Metzmacher at 2018-08-13T10:56:34Z
python/tests: use explicit "client ipc max protocol = NT1" for samba.tests.net_join_no_spnego
The tests rely on SMB1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 802e43bf742e756896fa73fcd139feca9ae293dd)
- - - - -
134f17ce by Noel Power at 2018-08-13T10:56:34Z
s3/smbd: allow set quota for non root user (when built with --enable-selftest)
Currently it appears you need to be root to set quotas, for test purposes
this requirement needs to be relaxed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ecf9e20e by Stefan Metzmacher at 2018-08-13T10:56:34Z
s4:librpc: autonegotiate SMB1/2/3
Windows Server 1709 defaults to SMB2 and does not have SMB1 enabled.
When establishing trust, samba-tool does not specify SMB protocol
version and fail by default.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 4422f7382aad3090cb959ade030a02bf4fef81ac)
- - - - -
b0c0a19d by Noel Power at 2018-08-13T10:56:34Z
s3/utils: fix regression where specifying -Unetbios/root works
Usually you need to be root on a linux server to modify quotas. Even
with a linux server joined to a windows AD you could always log in as
local root with smbcquotas. However in recent builds this has changed.
This patch fixes this
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Jul 31 19:45:59 CEST 2018 on sn-devel-144
- - - - -
4b3ac377 by Stefan Metzmacher at 2018-08-13T10:56:35Z
s3:selftest: run rpc.lsa.lookupsids also with explicit [smb1] and [smb2]
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13308
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 6800077c5c57c257326573537d1f2bb7a8066149)
- - - - -
04a8995f by Alexander Bokovoy at 2018-08-13T10:56:35Z
samba-tool trust: support discovery via netr_GetDcName
In case a remote DC does not support netr_DsRGetDCNameEx2(),
use netr_GetDcName() instead.
This should help with FreeIPA where embedded smbd runs as a domain
controller but does not implement full Active Directory compatibility.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13538
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Tue Jul 24 09:55:23 CEST 2018 on sn-devel-144
(cherry picked from commit c390728819e73cefbf02e0d52d22805930f4c45b)
- - - - -
2a546235 by Andrew Bartlett at 2018-08-13T10:56:35Z
ldb: Refuse to build Samba against a newer minor version of ldb
Samba is not compatible with new versions of ldb (except release versions)
Other users would not notice the breakages, but Samba makes many
more assuptions about the LDB internals than any other package.
(Specifically, LDB 1.2 and 1.4 broke builds against released
Samba versions)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13519
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
(cherry picked from commit 52efa796538ae004ca62ea32fc8c833472991be6)
- - - - -
ec224963 by Volker Lendecke at 2018-08-13T10:56:35Z
ctdb: Fix a cut&paste error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13554
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 33d012c3cebb5625e02450ac3b08c4245a3e985d)
- - - - -
35587653 by David Disseldorp at 2018-08-13T10:56:35Z
vfs_ceph: don't lie about flock support
Instead, match vfs_gluster behaviour and require that users explicitly
disable "kernel share modes".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13506
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 926ae50627d536735cee9b3931ee35bc19060261)
- - - - -
39dc0db8 by Amitay Isaacs at 2018-08-13T10:56:35Z
ctdb-eventd: Fix CID 1438155
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13554
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Aug 3 11:14:01 CEST 2018 on sn-devel-144
(cherry picked from commit f7b2e5eec5ba1fa5f26694e6555a98cab0594a27)
- - - - -
a96f69a3 by David Disseldorp at 2018-08-13T10:56:35Z
docs/vfs_ceph: add CTDB_SAMBA_SKIP_SHARE_CHECK=yes caveat
Mostly copied from the vfs_gluster manpage: the CephFS share path is not
locally mounted, which breaks the ctdb_check_directories_probe() check.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jul 6 23:19:02 CEST 2018 on sn-devel-144
(cherry picked from commit 0cd44821f3889067620d685344c3eaf913a31329)
- - - - -
b1558f17 by Oleksandr Natalenko at 2018-08-13T10:56:35Z
systemd: Only start smb when network interfaces are up
For smb, if the smb.conf contains explicit bindings to the network
interfaces, the service must wait till network interfaces are up,
otherwise the service won't be operational.
The 0e571054a61e commit and the BZ 13184 have fixed this for nmb and
samba, so do exactly the same here, for smb.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13559
Signed-off-by: Oleksandr Natalenko <oleksandr at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit a3d248f284eb2e5f4fe886310e481b28c9f1c392)
- - - - -
41302b40 by Jeremy Allison at 2018-08-13T10:56:35Z
s3: torture: Test SMB1 cli_splice() fallback path when doing a non-full file splice.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13527
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
(cherry picked from commit 1c8d1cceff852acaca4a0ec0da37b053ed03fe4a)
(cherry picked from commit 49d6c3f061284aac31c3ef21f88f9d69bdd86bd8)
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Jul 14 00:14:13 CEST 2018 on sn-devel-144
- - - - -
1a0d1421 by Andreas Schneider at 2018-08-13T10:56:35Z
s3:waf: Install eventlogadm to /usr/sbin
The eventlogadm binary needs write access to the registry which, by
default, is only possible as root.
https://bugzilla.samba.org/show_bug.cgi?id=13561
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0530cccc41f683cb35d065ddcb3968cf4ef759f4)
- - - - -
a970d45d by Jeremy Allison at 2018-08-13T10:56:35Z
s3: libsmbclient: Fix cli_splice() fallback when reading less than a complete file.
We were always asking for SPLICE_BLOCK_SIZE even when the
remaining bytes we wanted were smaller than that. This works
when using cli_splice() on a complete file, as the cli_read()
terminated the read at the right place. We always have the
space to read SPLICE_BLOCK_SIZE bytes so this isn't an overflow.
Found by Bailey Berro <baileyberro at google.com>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13527
Signed-off-by: Bailey Berro <baileyberro at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Fri Jul 13 14:57:14 CEST 2018 on sn-devel-144
(cherry picked from commit c9656fd2977557ab20ec4e3d87c385a9b2f1bf43)
- - - - -
31e07ebf by Justin Stephenson at 2018-08-13T10:56:35Z
Shorten description in vfs_linux_xfs_sgid manual
this fixes a lexgrog parse error, the NAME subheader description
of the vfs_linux_xfs_sgid(8) manual was too long, this will shorten
the description and allow it to be correctly detected by mandb.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13562
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 9b105651c754c7c98297a23c0c1e43d7d2e28139)
- - - - -
a7348763 by Ralph Boehme at 2018-08-13T10:56:36Z
s4: torture: run test_durable_v2_open_reopen2_lease() in a subdirectory
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13535
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 725319743f1f2de934cbde477ca84430f5b2b4b4)
- - - - -
25e23c27 by Ralph Boehme at 2018-08-13T10:56:36Z
s3: smbd: fix path check in smbd_smb2_create_durable_lease_check()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13535
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e60e9368cb3cb512e2506620d814187a692108e0)
- - - - -
a01a9818 by Gary Lockyer at 2018-08-13T10:56:36Z
dns wildcards: tests to confirm BUG 13536
DNS wildcard matching failing if more than one label to the left of the
wildcard. This commits adds tests to confirm the bug.
Wildcard entry: *.example.org
bar.example.com matches
foo.bar.example.com does not, but it it should.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0d3aec18679a2637430263a55de5e210a9201e21)
- - - - -
357d2b65 by Gary Lockyer at 2018-08-13T10:56:36Z
dns wildcards: fix BUG 13536
The current position in the dns name was not advanced past the '.'
character
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jul 20 04:40:31 CEST 2018 on sn-devel-144
(cherry picked from commit cef1b31cd1f33074e8ab6de52aa0fb74e9b57a9f)
- - - - -
37e2ff72 by Jeremy Allison at 2018-08-13T10:56:36Z
s3: smbd: Fix Linux sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 809967b3eab7a1b48c186517701538ca93536246)
- - - - -
4e0c9718 by Jeremy Allison at 2018-08-13T10:56:36Z
s3: smbd: Fix Solaris sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 16a587075c8c62c1160869358ca56a133e90247a)
- - - - -
b21e833e by Jeremy Allison at 2018-08-13T10:56:36Z
s3: smbd: Fix HPUX sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit d222caa449d9c00bb2dd9da6c79ea509960d47c6)
- - - - -
91c15b49 by Jeremy Allison at 2018-08-13T10:56:37Z
s3: smbd: Fix FreeBSD sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 456e520a3be7e4b54f1f144324c3671b8f6e35ea)
- - - - -
aeb57feb by Jeremy Allison at 2018-08-13T10:56:37Z
s3: smbd: Fix AIX sendfile() for SMB2. Ensure we don't spin on EAGAIN.
For SMB2 the socket is set non-blocking. Ensure sendfile()
calls complete if they return EAGAIN by saving the socket state,
setting it blocking, doing the sendfile until completion and then
restoring the socket state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Jul 20 15:14:24 CEST 2018 on sn-devel-144
(cherry picked from commit 582ce5d6b599516d6d8d619529a2aa809139a175)
- - - - -
acacc786 by Noel Power at 2018-08-13T10:56:37Z
s3/lib: Fix misleading typo in debug message
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f4a456a9 by Noel Power at 2018-08-13T10:56:37Z
s3/libsmb: Avoid potential smbpanic calling parse_user_quota_list.
Calling parse_user_quota_list with a NULL buffer can cause a panic, while
this shouldn't happen, I managed to trigger this with an early implementation
of SMB2 quota support in smbd which didn't pass back NT_STATUS_NO_MORE_ENTRIES
when handling a SMB2_0_INFO_QUOTA GETINFO message.
OTHOH the Windows client handled the same situation gracefully.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d10a32cf by Noel Power at 2018-08-13T10:56:37Z
s3/smbd: Don't stat when doing a quota operation (as it's a fake file)
calling SMB_VFS_STAT on the quota fake file fails and caused
FS_INFO/FileFsControlInfo request to error out early, in turn stopped a
Win8.1 client from proceeding with quota queries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
964626ec by Noel Power at 2018-08-13T10:56:37Z
librpc/idl Add some query [getset]info quota related structures
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f1e7ffd8 by Noel Power at 2018-08-13T10:56:37Z
s3/libsmb: adjust smb1 cli code to use idl structs and ndr push/pull funcs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
34208d31 by Noel Power at 2018-08-13T10:56:37Z
s3/libsmb: adjust smb2 code for new idl structs & generated ndr push/pull funcs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
aa7fb239 by Noel Power at 2018-08-13T10:56:38Z
s3/smbd: adjust smb1 server to use idl structs and generated ndr push/pull funcs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
87bf2440 by Noel Power at 2018-08-13T10:56:38Z
s3/smbd: smb2 server implementation for query get/set info.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6938ec99 by Noel Power at 2018-08-13T10:56:38Z
s3/script/test: modify existing smbcquota test to use SMB2 in addition to SMB1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2162b45b by Noel Power at 2018-08-13T10:56:38Z
s3/script/tests: Add simple (smb1 & smb2) get/set/list tests for smbcquotas
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
807611fe by Noel Power at 2018-08-13T10:56:38Z
s3/smbd: allow set quota for non root user (when built with --enable-selftest)
Currently it appears you need to be root to set quotas, for test purposes
this requirement needs to be relaxed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4b91f852 by Noel Power at 2018-08-13T10:56:38Z
s3/utils: fix regression where specifying -Unetbios/root works
Usually you need to be root on a linux server to modify quotas. Even
with a linux server joined to a windows AD you could always log in as
local root with smbcquotas. However in recent builds this has changed.
This patch fixes this
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Jul 31 19:45:59 CEST 2018 on sn-devel-144
- - - - -
e93a716a by Oleksandr Natalenko at 2018-08-13T10:56:38Z
systemd: Only start smb when network interfaces are up
For smb, if the smb.conf contains explicit bindings to the network
interfaces, the service must wait till network interfaces are up,
otherwise the service won't be operational.
The 0e571054a61e commit and the BZ 13184 have fixed this for nmb and
samba, so do exactly the same here, for smb.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13559
Signed-off-by: Oleksandr Natalenko <oleksandr at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit a3d248f284eb2e5f4fe886310e481b28c9f1c392)
- - - - -
77519371 by Noel Power at 2018-08-13T13:53:27Z
s3/smbd: Ensure quota code is only called when quota support detected
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13563
Signed-off-by: Noel Power <noel.power at suse.com>
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Mon Aug 13 15:53:27 CEST 2018 on sn-devel-144
- - - - -
6f44ef85 by Noel Power at 2018-08-13T15:25:22Z
s3/smbd: Ensure quota code is only called when quota support detected
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13563
Signed-off-by: Noel Power <noel.power at suse.com>
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Mon Aug 13 17:25:23 CEST 2018 on sn-devel-144
- - - - -
47081d9d by Karolin Seeger at 2018-08-14T10:16:21Z
Merge tag 'samba-4.8.4' into v4-8-test
samba: tag release samba-4.8.4
- - - - -
04c66d80 by Karolin Seeger at 2018-08-14T10:19:44Z
VERSION: Bump version up to 4.8.5.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
3579ac44 by Andrew Bartlett at 2018-08-14T15:42:10Z
CVE-2018-1139 libcli/auth: Add initial tests for ntlm_password_check()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d171f8d1 by Günther Deschner at 2018-08-14T15:42:11Z
CVE-2018-1139 libcli/auth: fix debug messages in hash_password_check()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
48f5dbd7 by Günther Deschner at 2018-08-14T15:42:11Z
CVE-2018-1139 s3-utils: use enum ntlm_auth_level in ntlm_password_check().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
e2b2c006 by Günther Deschner at 2018-08-14T15:42:11Z
CVE-2018-1139 selftest: verify whether ntlmv1 can be used via SMB1 when it is disabled.
Right now, this test will succeed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
3e89172f by Günther Deschner at 2018-08-14T15:42:11Z
CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth".
This fixes a regression that came in via 00db3aba6cf9ebaafdf39ee2f9c7ba5ec2281ea0.
Found by Vivek Das <vdas at redhat.com> (Red Hat QE).
In order to demonstrate simply run:
smbclient //server/share -U user%password -mNT1 -c quit \
--option="client ntlmv2 auth"=no \
--option="client use spnego"=no
against a server that uses "ntlm auth = ntlmv2-only" (our default
setting).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
31a001f2 by Andrej Gessel at 2018-08-14T15:42:11Z
CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr()
Signed-off-by: Andrej Gessel <Andrej.Gessel at janztec.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
504cff7a by Andrew Bartlett at 2018-08-14T15:42:11Z
CVE-2018-1140 ldb: Check for ldb_dn_get_casefold() failure in ldb_sqlite
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
8fed2cc0 by Andrew Bartlett at 2018-08-14T15:42:11Z
CVE-2018-1140 ldb_tdb: Ensure the dn in distinguishedName= is valid before use
ldb_dn_from_ldb_val() does not validate this untrusted input, so a later
call to ldb_dn_get_casefold() can fail if the input is not valid.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
dc2898f1 by Andrew Bartlett at 2018-08-14T15:42:11Z
CVE-2018-1140 ldb_tdb: Check for DN validity in add, rename and search
This ensures we fail with a good error code before an eventual ldb_dn_get_casefold() which
would otherwise fail.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
bf988acd by Andrew Bartlett at 2018-08-14T15:42:12Z
CVE-2018-1140 ldb: Add tests for search add and rename with a bad dn= DN
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
- - - - -
e2d6ad51 by Andrew Bartlett at 2018-08-14T15:42:12Z
Release LDB 1.4.2 for CVE-2018-1140
* Security fix for CVE-2018-1140 (NULL pointer de-reference, bug 13374)
* Fix memory leaks and missing error checks (bug 13459, 13471, 13475)
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
164766b8 by Kai Blin at 2018-08-14T15:42:12Z
CVE-2018-1140 dns: Add a test to trigger the LDB casefolding issue on invalid chars
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13466
Signed-off-by: Kai Blin <kai at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5bcbf5a3 by Tim Beale at 2018-08-14T15:42:12Z
CVE-2018-10919 security: Move object-specific access checks into separate function
Object-specific access checks refer to a specific section of the
MS-ADTS, and the code closely matches the spec. We need to extend this
logic to properly handle the Control-Access Right (CR), so it makes
sense to split the logic out into its own function.
This patch just moves the code, and should not alter the logic (apart
from ading in the boolean grant_access return variable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
17b7206a by Tim Beale at 2018-08-14T15:42:12Z
CVE-2018-10919 security: Add more comments to the object-specific access checks
Reading the spec and then reading the code makes sense, but we could
comment the code more so it makes sense on its own.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
10a2c8da by Tim Beale at 2018-08-14T15:42:12Z
CVE-2018-10919 tests: Add tests for guessing confidential attributes
Adds tests that assert that a confidential attribute cannot be guessed
by an unprivileged user through wildcard DB searches.
The tests basically consist of a set of DB searches/assertions that
get run for:
- basic searches against a confidential attribute
- confidential attributes that get overridden by giving access to the
user via an ACE (run against a variety of ACEs)
- protecting a non-confidential attribute via an ACL that denies read-
access (run against a variety of ACEs)
- querying confidential attributes via the dirsync controls
These tests all pass when run against a Windows Dc and all fail against
a Samba DC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
e2574d09 by Tim Beale at 2018-08-14T15:42:12Z
CVE-2018-10919 tests: Add test case for object visibility with limited rights
Currently Samba is a bit disclosive with LDB_OP_PRESENT (i.e.
attribute=*) searches compared to Windows.
All the acl.py tests are based on objectClass=* searches, where Windows
will happily tell a user about objects they have List Contents rights,
but not Read Property rights for. However, if you change the attribute
being searched for, suddenly the objects are no longer visible on
Windows (whereas they are on Samba).
This is a problem, because Samba can tell you about which objects have
confidential attributes, which in itself could be disclosive.
This patch adds a acl.py test-case that highlights this behaviour. The
test passes against Windows but fails against Samba.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
9c9f50b3 by Gary Lockyer at 2018-08-14T15:42:12Z
CVE-2018-10919 tests: test ldap searches for non-existent attributes.
It is perfectly legal to search LDAP for an attribute that is not part
of the schema. That part of the query should simply not match.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
605a7f3b by Tim Beale at 2018-08-14T15:42:13Z
CVE-2018-10919 security: Fix checking of object-specific CONTROL_ACCESS rights
An 'Object Access Allowed' ACE that assigned 'Control Access' (CR)
rights to a specific attribute would not actually grant access.
What was happening was the remaining_access mask for the object_tree
nodes would be Read Property (RP) + Control Access (CR). The ACE mapped
to the schemaIDGUID for a given attribute, which would end up being a
child node in the tree. So the CR bit was cleared for a child node, but
not the rest of the tree. We would then check the user had the RP access
right, which it did. However, the RP right was cleared for another node
in the tree, which still had the CR bit set in its remaining_access
bitmap, so Samba would not grant access.
Generally, the remaining_access only ever has one bit set, which means
this isn't a problem normally. However, in the Control Access case there
are 2 separate bits being checked, i.e. RP + CR.
One option to fix this problem would be to clear the remaining_access
for the tree instead of just the node. However, the Windows spec is
actually pretty clear on this: if the ACE has a CR right present, then
you can stop any further access checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
03950558 by Tim Beale at 2018-08-14T15:42:13Z
CVE-2018-10919 acl_read: Split access_mask logic out into helper function
So we can re-use the same logic laster for checking the search-ops.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
4c201d0a by Tim Beale at 2018-08-14T15:42:13Z
CVE-2018-10919 acl_read: Small refactor to aclread_callback()
Flip the dirsync check (to avoid a double negative), and use a helper
boolean variable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
a5cd47d8 by Tim Beale at 2018-08-14T15:42:13Z
CVE-2018-10919 acl_read: Flip the logic in the dirsync check
This better reflects the special case we're making for dirsync, and gets
rid of a 'if-else' clause.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
52b5ed82 by Tim Beale at 2018-08-14T15:42:13Z
CVE-2018-10919 acl_read: Fix unauthorized attribute access via searches
A user that doesn't have access to view an attribute can still guess the
attribute's value via repeated LDAP searches. This affects confidential
attributes, as well as ACLs applied to an object/attribute to deny
access.
Currently the code will hide objects if the attribute filter contains an
attribute they are not authorized to see. However, the code still
returns objects as results if confidential attribute is in the search
expression itself, but not in the attribute filter.
To fix this problem we have to check the access rights on the attributes
in the search-tree, as well as the attributes returned in the message.
Points of note:
- I've preserved the existing dirsync logic (the dirsync module code
suppresses the result as long as the replPropertyMetaData attribute is
removed). However, there doesn't appear to be any test that highlights
that this functionality is required for dirsync.
- To avoid this fix breaking the acl.py tests, we need to still permit
searches like 'objectClass=*', even though we don't have Read Property
access rights for the objectClass attribute. The logic that Windows
uses does not appear to be clearly documented, so I've made a best
guess that seems to mirror Windows behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
4897bf3d by Tim Beale at 2018-08-14T15:42:13Z
CVE-2018-10919 tests: Add extra test for dirsync deleted object corner-case
The acl_read.c code contains a special case to allow dirsync to
work-around having insufficient access rights. We had a concern that
the dirsync module could leak sensitive information for deleted objects.
This patch adds a test-case to prove whether or not this is happening.
The new test case is similar to the existing dirsync test except:
- We make the confidential attribute also preserve-on-delete, so it
hangs around for deleted objcts. Because the attributes now persist
across test case runs, I've used a different attribute to normal.
(Technically, the dirsync search expressions are now specific enough
that the regular attribute could be used, but it would make things
quite fragile if someone tried to add a new test case).
- To handle searching for deleted objects, the search expressions are
now more complicated. Currently dirsync adds an extra-filter to the
'!' searches to exclude deleted objects, i.e. samaccountname matches
the test-objects AND the object is not deleted. We now extend this to
include deleted objects with lastKnownParent equal to the test OU.
The search expression matches either case so that we can use the same
expression throughout the test (regardless of whether the object is
deleted yet or not).
This test proves that the dirsync corner-case does not actually leak
sensitive information on Samba. This is due to a bug in the dirsync
code - when the buggy line is removed, this new test promptly fails.
Test also passes against Windows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
61e34a20 by Jeremy Allison at 2018-08-14T15:42:13Z
libsmb: Ensure smbc_urlencode() can't overwrite passed in buffer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453
CVE-2018-10858: Insufficient input validation on client directory
listing in libsmbclient.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4a2880b6 by Jeremy Allison at 2018-08-14T15:42:13Z
libsmb: Harden smbc_readdir_internal() against returns from malicious servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453
CVE-2018-10858: Insufficient input validation on client directory
listing in libsmbclient.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7ed470b1 by Andrew Bartlett at 2018-08-14T15:42:14Z
cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user
This regression was introduced in Samba 4.7 by bug 12842 and in
master git commit eb2e77970e41c1cb62c041877565e939c78ff52d.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13552
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
81b0d5cd by Anoop C S at 2018-08-14T15:42:14Z
s3/libsmb: Explicitly set delete_on_close token for rmdir
The current implementation of `rmdir` hopes to get the directory deleted
on closing last open handle when FILE_DELETE_ON_CLOSE is set on it. But
for non-empty directories Windows doesn't error out during an open call.
Following that we internally refuse to set initial delete_on_close while
opening a non-empty directory. This prevents us from trying to delete
the directory when last open handle is closed.
Instead of relying on FILE_DELETE_ON_CLOSE during an open we explicitly
set delete_on_close token on directory handle once it is available. This
ensures that NT_STATUS_DIRECTORY_NOT_EMPTY is returned for `rmdir` on
non-empty directories while closing open directory handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 6b68e3eca631c04d6d57c489daf60f64732fc86d)
- - - - -
921a5bbd by Anoop C S at 2018-08-14T15:42:14Z
s4/torture: Add new test for DELETE_ON_CLOSE on non-empty directories
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 6a7f11746c9cc3cdc5307e540bdd1f3f10fed05b)
- - - - -
b09fdd03 by Jeremy Allison at 2018-08-14T15:42:14Z
s3: tests: smbclient. Regression test to ensure we get NT_STATUS_DIRECTORY_NOT_EMPTY on rmdir.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Aug 10 21:08:14 CEST 2018 on sn-devel-144
(cherry picked from commit bca400847f2fcc3dd1398e166c1964cb88822071)
- - - - -
609109dd by David Disseldorp at 2018-08-14T15:42:14Z
ctdb/build: link ctdb_mutex_ceph_rados_helper against ceph-common
ceph-common linkage is needed with new versions of Ceph.
Also respect the --libcephfs_dir=<path> parameter when provided.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit bd64af6b8861f892e6ae2840a493f037d1e0a06c)
- - - - -
eae828b3 by Samuel Cabrero at 2018-08-14T15:42:14Z
ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler
Set a handler for SIGINT to release the lock.
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 85706bd27535eaa4ec653f99b1910fbd8f2aab88)
- - - - -
5f3548bc by David Disseldorp at 2018-08-14T15:42:14Z
ctdb_mutex_ceph_rados_helper: use talloc destructor for cleanup
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 8d30fd591600ac17c742cd78c7bc4056bba6b877)
- - - - -
2849d577 by David Disseldorp at 2018-08-14T15:42:14Z
ctdb_mutex_ceph_rados_helper: rename timer_ev to ppid_timer_ev
In preparation for adding a lock refresh timer.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 91a89c146453ca203a83dc2ba555bb93276c4d7f)
- - - - -
37b4e0bc by David Disseldorp at 2018-08-14T15:42:15Z
ctdb_mutex_ceph_rados_helper: fix deadlock via lock renewals
RADOS locks without expiry persist indefinitely. This results in CTDB
deadlock during failover if the recovery master dies unexpectedly, as
subsequently elected recovery master nodes can't obtain the recovery
lock.
Avoid deadlock by using a lock expiration time (10s by default), and
renewing it periodically.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13540
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit ce289e89e5c469cf2c5626dc7f2666b945dba3bd)
- - - - -
2d5c574f by David Disseldorp at 2018-08-14T15:42:15Z
ctdb: add expiry test for ctdb_mutex_ceph_rados_helper
Kill the ctdb_mutex_ceph_rados_helper with SIGKILL and then confirm
that the lock is automatically released following expiry.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Thu Aug 9 16:26:36 CEST 2018 on sn-devel-144
(cherry picked from commit 4abf348ec4cbb78d3216d5e8c5f3020d4499f10a)
- - - - -
e30cf1a2 by Volker Lendecke at 2018-08-14T15:42:15Z
smbd: Align integer types
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0eaef7ee by Volker Lendecke at 2018-08-14T15:42:15Z
smbd: Fix CID 1438246 Unchecked return value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
33c7d3ce by Volker Lendecke at 2018-08-14T15:42:15Z
smbd: Fix CID 1438245 Dereference before null check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
601eb6bc by Volker Lendecke at 2018-08-14T15:42:15Z
libsmb: Fix CID 1438244 Unsigned compared against 0
ndr_size_dom_sid returns a size_t, so that can't be <0. Also, the only
case that ndr_size_dom_sid returns 0 is a NULL sid
pointer. ndr_size_dom_sid can reasonably be assumed to not overflow, the
number of sub-auths is a uint8. That times 4 plus 8 always fits into a
size_t.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bf3bb82d by Volker Lendecke at 2018-08-14T18:49:09Z
libsmb: Fix CID 1438243 Unchecked return value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Aug 8 23:10:22 CEST 2018 on sn-devel-144
Autobuild-User(v4-9-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-9-test): Tue Aug 14 20:49:09 CEST 2018 on sn-devel-144
- - - - -
dd609d77 by Mathieu Parent at 2018-08-15T01:50:57Z
Changelog for previous commits
- - - - -
ce9eaf97 by Mathieu Parent at 2018-08-15T02:09:29Z
New upstream version 4.8.4+dfsg
- - - - -
031cbc5b by Mathieu Parent at 2018-08-15T02:16:47Z
Merge tag 'upstream/4.8.4+dfsg'
Upstream version 4.8.4+dfsg
- - - - -
6f1fdf95 by Karolin Seeger at 2018-08-15T09:40:05Z
WHATSNEW: Add release notes for Samba 4.9.0rc3.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
ba2ef7fa by Karolin Seeger at 2018-08-15T09:42:37Z
VERISON: Disable GIT_SNAPSHOT for 4.9.0rc3 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
6244e6ab by Karolin Seeger at 2018-08-15T09:43:54Z
VERSION: Bump version up to 4.9.0rc4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
5dc3c24f by Mathieu Parent at 2018-08-16T21:11:35Z
Bump ldb Build-depends to 2:1.4.0+really1.3.5
- - - - -
f9819549 by Mathieu Parent at 2018-08-17T14:29:27Z
Standards-Version: 4.2.0
- - - - -
25a59f4e by Mathieu Parent at 2018-08-17T14:29:27Z
Set Rules-Requires-Root: binary-targets as chmod is used
- - - - -
c00ec4d1 by Mathieu Parent at 2018-08-17T14:29:27Z
Remove override_dh_strip target as dbgsym migration is complete
- - - - -
47ad83c0 by Mathieu Parent at 2018-08-17T14:31:05Z
Release 2:4.8.4+dfsg-1
- - - - -
f5705fad by Mathieu Parent at 2018-08-17T23:47:30Z
Fix typo in previous release: s/usefull/useful/
- - - - -
f262fc54 by Mathieu Parent at 2018-08-19T08:07:53Z
Prepend 1.4.0+really to ldb version to allow samba-dsdb-modules install (Closes: #906562, #906568)
- - - - -
7c183619 by Mathieu Parent at 2018-08-19T08:09:13Z
Release 2:4.8.4+dfsg-2
- - - - -
8bf5c11c by Anoop C S at 2018-08-23T08:38:26Z
s3/libsmb: Explicitly set delete_on_close token for rmdir
The current implementation of `rmdir` hopes to get the directory deleted
on closing last open handle when FILE_DELETE_ON_CLOSE is set on it. But
for non-empty directories Windows doesn't error out during an open call.
Following that we internally refuse to set initial delete_on_close while
opening a non-empty directory. This prevents us from trying to delete
the directory when last open handle is closed.
Instead of relying on FILE_DELETE_ON_CLOSE during an open we explicitly
set delete_on_close token on directory handle once it is available. This
ensures that NT_STATUS_DIRECTORY_NOT_EMPTY is returned for `rmdir` on
non-empty directories while closing open directory handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 6b68e3eca631c04d6d57c489daf60f64732fc86d)
- - - - -
694c8908 by Anoop C S at 2018-08-23T08:38:26Z
s4/torture: Add new test for DELETE_ON_CLOSE on non-empty directories
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 6a7f11746c9cc3cdc5307e540bdd1f3f10fed05b)
- - - - -
9e3bc4e5 by Jeremy Allison at 2018-08-23T08:38:26Z
s3: tests: smbclient. Regression test to ensure we get NT_STATUS_DIRECTORY_NOT_EMPTY on rmdir.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Aug 10 21:08:14 CEST 2018 on sn-devel-144
(cherry picked from commit bca400847f2fcc3dd1398e166c1964cb88822071)
- - - - -
f9f1102b by Andreas Schneider at 2018-08-23T08:38:26Z
krb5_plugin: Install plugins to krb5 modules dir
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit eba2eb8a15c7a25b1436907a5339241492c81097)
- - - - -
756feb90 by Andreas Schneider at 2018-08-23T08:38:27Z
krb5_plugin: Move krb5 locator plugin to krb5_plugin subdir
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 4a7e0f259bb7f1ebce48523767262addda08fe14)
- - - - -
e9e85a18 by Andreas Schneider at 2018-08-23T08:38:27Z
docs: Move winbind_krb5_locator manpage to volume 8
The vfs and idmap manpages are in volume 8 too.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 6b7fcec01524ea1c4f2d923cc9cc2c17af3c3a21)
- - - - -
0a49817d by Andreas Schneider at 2018-08-23T08:38:27Z
docs: Add manpage for winbind_krb5_localauth.8
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Jun 27 18:45:56 CEST 2018 on sn-devel-144
(cherry picked from commit e88d68c253b4398eaed701d1a9bcc1b83882e127)
- - - - -
30c37fca by David Disseldorp at 2018-08-23T08:38:27Z
ctdb/build: link ctdb_mutex_ceph_rados_helper against ceph-common
ceph-common linkage is needed with new versions of Ceph.
Also respect the --libcephfs_dir=<path> parameter when provided.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit bd64af6b8861f892e6ae2840a493f037d1e0a06c)
- - - - -
6dc7dc93 by Samuel Cabrero at 2018-08-23T08:38:27Z
ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler
Set a handler for SIGINT to release the lock.
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 85706bd27535eaa4ec653f99b1910fbd8f2aab88)
- - - - -
af08da45 by David Disseldorp at 2018-08-23T08:38:27Z
ctdb_mutex_ceph_rados_helper: use talloc destructor for cleanup
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 8d30fd591600ac17c742cd78c7bc4056bba6b877)
- - - - -
c245fdce by David Disseldorp at 2018-08-23T08:38:27Z
ctdb_mutex_ceph_rados_helper: rename timer_ev to ppid_timer_ev
In preparation for adding a lock refresh timer.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 91a89c146453ca203a83dc2ba555bb93276c4d7f)
- - - - -
7cebb489 by David Disseldorp at 2018-08-23T08:38:27Z
ctdb_mutex_ceph_rados_helper: fix deadlock via lock renewals
RADOS locks without expiry persist indefinitely. This results in CTDB
deadlock during failover if the recovery master dies unexpectedly, as
subsequently elected recovery master nodes can't obtain the recovery
lock.
Avoid deadlock by using a lock expiration time (10s by default), and
renewing it periodically.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13540
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit ce289e89e5c469cf2c5626dc7f2666b945dba3bd)
- - - - -
c57c54eb by David Disseldorp at 2018-08-23T08:38:27Z
ctdb: add expiry test for ctdb_mutex_ceph_rados_helper
Kill the ctdb_mutex_ceph_rados_helper with SIGKILL and then confirm
that the lock is automatically released following expiry.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Thu Aug 9 16:26:36 CEST 2018 on sn-devel-144
(cherry picked from commit 4abf348ec4cbb78d3216d5e8c5f3020d4499f10a)
- - - - -
c45fb4b6 by Volker Lendecke at 2018-08-23T08:38:27Z
smbd: Align integer types
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2e285845 by Volker Lendecke at 2018-08-23T08:38:27Z
smbd: Fix CID 1438246 Unchecked return value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d4e8fd5f by Volker Lendecke at 2018-08-23T08:38:28Z
smbd: Fix CID 1438245 Dereference before null check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b1b882c2 by Volker Lendecke at 2018-08-23T08:38:28Z
libsmb: Fix CID 1438244 Unsigned compared against 0
ndr_size_dom_sid returns a size_t, so that can't be <0. Also, the only
case that ndr_size_dom_sid returns 0 is a NULL sid
pointer. ndr_size_dom_sid can reasonably be assumed to not overflow, the
number of sub-auths is a uint8. That times 4 plus 8 always fits into a
size_t.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0eaf84a4 by Volker Lendecke at 2018-08-23T08:38:28Z
libsmb: Fix CID 1438243 Unchecked return value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Aug 8 23:10:22 CEST 2018 on sn-devel-144
- - - - -
e35fd268 by Andrew Bartlett at 2018-08-23T08:38:28Z
ldb: Fix missing NULL terminator in ldb_mod_op_test testsuite
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13575
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
(cherry picked from commit f8b368c9f0c2a34b6d15303a9d6facd762e1a517)
- - - - -
6b37dea9 by Andrew Bartlett at 2018-08-23T08:38:28Z
ldb: Release LDB 1.3.6
* make test fails on ldb 1.3.4 due to missing NULL terminator in tests (bug 13575)
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
fd137bc1 by Douglas Bagnall at 2018-08-23T08:38:28Z
unittests.lib_util_modules: test module probe with "skel", not "unix"
The unix module is not available as a module on some systems.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit cb5f1f3b262467faba59b3b323e240d1351d5fc0)
- - - - -
84b78655 by Douglas Bagnall at 2018-08-23T08:38:28Z
selftest: subunithelper needs to follow the subunit spec more closely
In particular allow ]\n without \n]\n as used by cmocka
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7d79575de8e47a0ce03e30c3ea84176be696269f)
- - - - -
06cf8c46 by Ralph Wuerthner at 2018-08-23T08:38:28Z
s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13568
Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 4909b966050c921b0a6a32285fee55f5f14dc3ff)
- - - - -
03e73ff6 by Christof Schmitt at 2018-08-23T08:38:28Z
selftest: Load time_audit and full_audit modules for all tests
Previously the only test was to load these modules to trigger the
smb_vfs_assert_all_fns check. As these modules just pass through the
calls, they can be loaded for all tests to ensure that the codepaths are
exercised. This would have found the problem in
smb_time_audit_offload_read_recv.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13568
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Aug 13 22:35:20 CEST 2018 on sn-devel-144
(cherry picked from commit a98f09a09db2fc7be85f9171b586e65344a39e92)
- - - - -
3cc8f9d7 by Andreas Schneider at 2018-08-23T08:38:28Z
s3:winbind: Do not lookup local system accounts in AD
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13503
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 9f28d30633af721efec02d8816a9fa48f795a01c)
- - - - -
1c0be1fc by Volker Lendecke at 2018-08-23T08:38:28Z
vfs_fruit: Fix a leak of "br_lck"
Fix a panic if fruit_access_check detects a locking conflict.
do_lock() returns a valid br_lck even in case of a locking conflict.
Not free'ing it leads to a invalid lock order panic later, because
"br_lck" corresponds to a dbwrap lock on brlock.tdb.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13584
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 51d57073798f76ec4f1261945e0ba779b2530009)
- - - - -
ec475511 by Tim Beale at 2018-08-23T08:39:14Z
netcmd: Improve domain backup targetdir checks
+ Added check that specified targetdir is actually a directory (if it
exists)
+ Deleted a redundant 'Creating targetdir' check that would never be hit
+ Move code into a separate function so we can reuse it for offline
backups (which take a different set of parameters, but still have a
targetdir)
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
(cherry picked from commit 4f532cc177cd1e95d8ccf8e69f50b315354df34c)
Backported to v4.9 for:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13566
- - - - -
69583d1d by Tim Beale at 2018-08-23T08:39:14Z
netcmd: domain backup didn't support prompting for password
The online/rename backups only worked if you specified both the username
and password in the actual command itself. If you just entered the
username (expecting to be prompted for the password later), then the
command was rejected.
The problem was the order the code was doing things in. We were checking
credopts.creds.get_password() *before* we'd called
credopts.get_credentials(lp), whereas it should be the other way
around.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13566
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit 14077b6682d7dc1b16e1ccb42ef61e9f4c0a1715)
- - - - -
15e1a411 by Tim Beale at 2018-08-23T08:39:15Z
netcmd: Fix kerberos option for domain backups
The previous fix still didn't work if you specified --kerberos=yes (in
which case the creds still doesn't have a password).
credopts.get_credentials(lp) should be enough to ensure a user/password
is set (it's all that the other commands seem to do).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13566
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit 8fb706c34682bf6dc6033963518c7eccffc3944f)
- - - - -
b9315fa1 by Tim Beale at 2018-08-23T08:39:15Z
netcmd: Delete unnecessary function
Minor code cleanup. The last 2 patches gutted this function, to the
point where there's no longer any value in keeping it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13566
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
(cherry picked from commit d2d039515119523192676b311d5997afd34f4c90)
- - - - -
12a8f206 by Tim Beale at 2018-08-23T08:39:15Z
netcmd: Fix --kerberos=yes and --no-secrets domain backups
The --kerberos=yes and --no-secrets options didn't work in combination
for domain backups. The problem was creds.get_username() might not
necessarily match the kerberos user (such as in the selftest
environment). If this was the case, then trying to reset the admin
password failed (because the creds.get_username() didn't exist in
the DB).
Because the admin user always has a fixed RID, we can work out the
administrator based on its object SID, instead of relying on the
username in the creds.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13566
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Aug 15 10:19:09 CEST 2018 on sn-devel-144
(cherry picked from commit f249bea1e0538300288e7cf1dcb6037c45f92276)
- - - - -
2431f543 by Andreas Schneider at 2018-08-23T08:39:15Z
wbinfo: Free memory when we leave wbinfo_dsgetdcname()
Found by covscan.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Pair-Programmed-With: Justin Stephenson <jstephen at redhat.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e6689c3e14c2dfaebaf1109f21e53184fea45d41)
- - - - -
1000cbe1 by Andreas Schneider at 2018-08-23T08:39:15Z
s3:passdb: Don't leak memory on error in fetch_ldap_pw()
Found by covscan.
A candidate to use tallac ...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Pair-Programmed-With: Justin Stephenson <jstephen at redhat.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e4f4f5eb7303a0cce4f426dd9cfd1d6a488495b0)
- - - - -
cdb6f015 by Andreas Schneider at 2018-08-23T08:39:15Z
s3:utils: Do not overflow the destination buffer in net_idmap_restore()
Found by covsan.
error[invalidScanfFormatWidth]: Width 128 given in format string (no. 2)
is larger than destination buffer 'sid_string[128]', use %127s to
prevent overflowing it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Pair-Programmed-With: Justin Stephenson <jstephen at redhat.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f20150fb1ea5292f099862af6268d06844954d5e)
- - - - -
6ffa7000 by Andreas Schneider at 2018-08-23T08:39:15Z
s3:utils: Do not leak memory in new_user()
Found by covscan.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Pair-Programmed-With: Justin Stephenson <jstephen at redhat.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b7b4fc51d0eadbbc94576dda75ae80098a205a24)
- - - - -
98e70217 by Andreas Schneider at 2018-08-23T08:39:15Z
s4:lib: Fix a possible fd leak in gp_get_file()
Found by covscan.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Pair-Programmed-With: Justin Stephenson <jstephen at redhat.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit d4fb124adfc10de8b7eb1f72b74d7ca83f8415dd)
- - - - -
f1c2e682 by Andreas Schneider at 2018-08-23T08:39:16Z
s3:client: Avoid a possible fd leak in do_get()
Found by covscan.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Pair-Programmed-With: Justin Stephenson <jstephen at redhat.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 3d32c0263b072e19335eba1451840284409ecb61)
- - - - -
8f655788 by Andreas Schneider at 2018-08-23T08:39:16Z
s3:libads: Fix memory leaks in ads_krb5_chg_password()
Found by covscan.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Pair-Programmed-With: Justin Stephenson <jstephen at redhat.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit dbdbd4875ecac3e7334750f46f1f494b7afe6628)
- - - - -
bd0b6937 by Andreas Schneider at 2018-08-23T08:39:16Z
s3:registry: Fix possible memory leak in _reg_perfcount_multi_sz_from_tdb()
Found by covscan.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Pair-Programmed-With: Justin Stephenson <jstephen at redhat.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Aug 11 04:43:15 CEST 2018 on sn-devel-144
(cherry picked from commit 3e6ce5c6e679fdb39ed8142bf5e1ed4105164826)
- - - - -
14eed16e by Andreas Schneider at 2018-08-23T08:39:16Z
s3:winbind: Fix memory leak in nss_init()
Found by covscan.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Pair-Programmed-With: Justin Stephenson <jstephen at redhat.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 4c0b49b3f982a3a3013a3b6fef3c10b1ca7d2ab0)
- - - - -
96a74abe by Andreas Schneider at 2018-08-23T08:39:16Z
s3:libads: Free addr before we free the context
Introduced by dbdbd4875ecac3e7334750f46f1f494b7afe6628
CID 1438395
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13567
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 14 22:02:06 CEST 2018 on sn-devel-144
(cherry picked from commit 9eccf6a16f5b198181a4fa80b835b1a65b40ed76)
- - - - -
b0e1a034 by Ralph Wuerthner at 2018-08-23T08:39:16Z
s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13568
Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 4909b966050c921b0a6a32285fee55f5f14dc3ff)
- - - - -
a89ec4ea by Christof Schmitt at 2018-08-23T08:39:16Z
selftest: Load time_audit and full_audit modules for all tests
Previously the only test was to load these modules to trigger the
smb_vfs_assert_all_fns check. As these modules just pass through the
calls, they can be loaded for all tests to ensure that the codepaths are
exercised. This would have found the problem in
smb_time_audit_offload_read_recv.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13568
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Aug 13 22:35:20 CEST 2018 on sn-devel-144
(cherry picked from commit a98f09a09db2fc7be85f9171b586e65344a39e92)
- - - - -
ccbc9c19 by Alexander Bokovoy at 2018-08-23T08:39:16Z
wafsamba/samba_abi: always hide ABI symbols which must be local
binutils 2.31 is going to change how shared libraries are linked, such
that they always provide their own local definitions of the _end, _edata
and _bss_start symbols. This would all be fine, except for shared
libraries that export all symbols be default. (Rather than just
exporting those symbols that form part of their API).
According to binutils developers, we should only export the symbols we
explicitly want to be used. We don't use this principle for all our
libraries and deliberately don't want to have ABI versioning control for
all of them, so the change I introduce here is to explicitly mark those
symbols that will always be added by default linker configuration with
binutils 2.31 as local. Right now these are '_end', '_edata', and
'__bss_start' symbols.
Fixes: https://bugzilla.samba.org/show_bug.cgi?id=13579
Cherry-picked from commit 4e123c46820e737968fa3d1c594aa016cca39637
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
018550f1 by Andreas Schneider at 2018-08-23T08:39:16Z
python: Fix print in dns_invalid.py
https://bugzilla.samba.org/show_bug.cgi?id=13580
Signed-off-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Sat Aug 18 15:21:39 CEST 2018 on sn-devel-144
(cherry picked from commit 9ee4d9466e42ef419ddbb39efbc476532cd221d3)
- - - - -
2f932468 by Volker Lendecke at 2018-08-23T08:39:17Z
vfs_fruit: Fix a leak of "br_lck"
Fix a panic if fruit_access_check detects a locking conflict.
do_lock() returns a valid br_lck even in case of a locking conflict.
Not free'ing it leads to a invalid lock order panic later, because
"br_lck" corresponds to a dbwrap lock on brlock.tdb.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13584
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 51d57073798f76ec4f1261945e0ba779b2530009)
- - - - -
729ac56b by Volker Lendecke at 2018-08-23T12:28:49Z
torture: Demonstrate the invalid lock order panic
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13584
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 21 02:33:05 CEST 2018 on sn-devel-144
(cherry picked from commit ec3c37ee53f21d8c0e80b1d3b3d7e95a4ac8e0bc)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Thu Aug 23 14:28:49 CEST 2018 on sn-devel-144
- - - - -
2ce60d72 by Volker Lendecke at 2018-08-23T13:39:45Z
torture: Demonstrate the invalid lock order panic
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13584
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 21 02:33:05 CEST 2018 on sn-devel-144
(cherry picked from commit ec3c37ee53f21d8c0e80b1d3b3d7e95a4ac8e0bc)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Thu Aug 23 15:39:45 CEST 2018 on sn-devel-144
- - - - -
020b14ac by Karolin Seeger at 2018-08-24T07:53:34Z
WHATSNEW: Add release notes for Samba 4.8.5.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
9fc7ccfb by Karolin Seeger at 2018-08-24T07:54:22Z
VERSION: Disable GIT_SNAPSHOT for the 4.8.5 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
d207d479 by Mathieu Parent at 2018-08-27T12:35:29Z
New upstream version 4.8.5+dfsg
- - - - -
1084035e by Mathieu Parent at 2018-08-27T12:41:25Z
Merge tag 'upstream/4.8.5+dfsg'
Upstream version 4.8.5+dfsg
- - - - -
950b95a1 by Mathieu Parent at 2018-08-27T12:44:33Z
Bump ldb Build-depends to 2:1.4.0+really1.3.6
- - - - -
b5c8c343 by Mathieu Parent at 2018-08-27T13:04:35Z
Standards-Version: 4.2.1
- - - - -
3fd839ae by Jeremy Allison at 2018-08-28T08:59:15Z
s3: smbd: Ensure get_real_filename() copes with empty pathnames.
Needed for vfs_glusterfs, as Gluster requires "." not '\0'.
Based on a fix from Anoop C S <anoopcs at redhat.com>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13585
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ira Cooper <ira at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Aug 22 21:50:41 CEST 2018 on sn-devel-144
(cherry picked from commit 9c71f61ed8a31d287d343d4f2e68cb40c57a2b89)
- - - - -
7e38e950 by Martin Schwenke at 2018-08-28T08:59:15Z
ctdb-common: Fix aliasing issue in IPv6 checksum
Since commit 9c51b278b1700cd5f3e2addc19b7c711cc2ea10b the compiler has
been able to inline the affected call to uint16_checksum(). Given
that the data (phdr) is being accessed by an incompatible
pointer (data) there is an aliasing problem when the call is inlined.
This results in incorrect behaviour with -O2/-O3 when compiling with
at least GCC 6, 7, and 8.
Fix this by making the types compatible.
Also fixes CID 1437604 (Reliance on integer endianness). This is a
false positive because the uint16_checksum doesn't depend on the order
of the input uint16_t items.
https://bugzilla.samba.org/show_bug.cgi?id=13588
Pair-programmed-with: Amitay Isaacs <amitay at gmail.com>
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 48335725deecdbdb24a9176cf31e9611c9deda49)
- - - - -
97048c0c by Martin Schwenke at 2018-08-28T08:59:15Z
ctdb-doc: Make config migration script notice removed CTDB_BASE option
This should never have been a user-level option, but some people used
it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit d4afb60a24b932a0b7a0c2f27526f41d0bf38fc2)
- - - - -
34b4bdcf by Martin Schwenke at 2018-08-28T08:59:15Z
ctdb-doc: Handle boolean options in config migration more carefully
Values for ctdb.conf options are now returned by
get_ctdb_conf_option(). The main goal is to allow old boolean options
to be replaced by new logically negated options.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 64d4a7ae5ac3aed2b1b9e7ab85c372e6900826ac)
- - - - -
d51434b5 by Martin Schwenke at 2018-08-28T08:59:15Z
ctdb-config: Change option "no realtime" option to "realtime scheduling"
Negative options can be confusing, so switch to a positive option.
This was supposed to be done months ago but was forgotten.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 17068e756b9e46f7a6c77d533ef1777173bb3795)
- - - - -
73c884c5 by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-doc: Change option "no realtime" option to "realtime scheduling"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 43adcd717cee689c2d0386bd2aa2878006aa9217)
- - - - -
5f346ce0 by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-doc: Add support for migrating tunables to ctdb.conf options
This will become common, so will be useful to have support for.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 8ddfc26d79fda2fd0265f370a4c08dc584e6a6ac)
- - - - -
75261d6a by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-config: Switch tunable TDBMutexEnabled to a config option
Use the "database:tdb mutexes" option instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit f42486e8912eee45eb75d27b753bb74c3b37d80b)
- - - - -
55674458 by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-doc: Switch tunable TDBMutexEnabled to a config option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit a9758f413d06b0d114f4e5a0e053bbc8956c60b7)
- - - - -
624b4d15 by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-common: Allow boolean configuration values to have yes/no values
This make the new configuration style more consistent with the old one.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 21de59ab7fe53240380b9a9a5b32d5af32d34237)
- - - - -
089d3b90 by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-daemon: Pass DisableIPFailover tunable via environment variable
Preparation for obsoleting this tunable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 914e9f22d85b9274871b7c7d5486354928080e51)
- - - - -
4a30fb0a by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-tests: Drop DisableIPFailover simple test
This is about to become a config file option that can't be dynamically
changed at run-time, so drop this test for now. This test will be added
once the tunable becomes a config file option.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 8e160d331aaccd64b1a767c0bde9e310c80afe06)
- - - - -
f518865e by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-failover: Add failover configuration options
Only a "disabled" option for now. Not documented because it isn't
used yet.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 893dd623dfdec4d5c5da07f933069e4534fe58ae)
- - - - -
83b79f5b by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-config: Integrate failover options into conf-tool
Update and add tests accordingly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit d003a41a9cb9ea97a7da9dbb5bd3138f82da6cf1)
- - - - -
79a3befc by Martin Schwenke at 2018-08-28T08:59:16Z
ctdb-config: Switch tunable DisableIPFailover to a config option
Use the "failover:disabled" option instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 929634126a334e380f16c080b59d062873b4e5f9)
- - - - -
512149a8 by Martin Schwenke at 2018-08-28T08:59:17Z
ctdb-doc: Switch tunable DisableIPFailover to a config option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 78aad7623e100f05a7dfc142fba7ff2b0eba1913)
- - - - -
6620173e by Martin Schwenke at 2018-08-28T08:59:17Z
ctdb-tests: Add an extra conf loading test case
This shows that config file loading continues in spite of unknown keys
if ignore_unknown is true.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 55893bf8d2cc7e01b3a93d8e1fde16408244cb65)
- - - - -
e67b397f by Martin Schwenke at 2018-08-28T08:59:17Z
ctdb-tests: Check that no IPs are assigned when failover is disabled
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Aug 24 14:13:12 CEST 2018 on sn-devel-144
(cherry picked from commit 6fb80cbffb9cb8cba6abc3fbce228811d36e8c9a)
- - - - -
927c1996 by Martin Schwenke at 2018-08-28T12:08:58Z
WHATSNEW: More CTDB updates for 4.9
This includes descriptions of some final configuration changes as well
as an overall mapping between old and new configuration options.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Tue Aug 28 14:08:58 CEST 2018 on sn-devel-144
- - - - -
46aedae1 by Karolin Seeger at 2018-08-29T08:57:05Z
WHATSNEW: Add changes since RC3.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
8fd169a3 by Karolin Seeger at 2018-08-29T10:00:46Z
VERSION: Disable GIT_SNAPSHOT for the 4.9.0rc4 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
3b31caef by Karolin Seeger at 2018-08-29T10:02:21Z
VERSION: Bump version up to 4.9.0rc5...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
ceff9a1b by Mathieu Parent at 2018-08-30T17:32:19Z
d/rules: winbind_krb5_locator is now in the correct path
- - - - -
57f7ff29 by Mathieu Parent at 2018-08-30T17:32:19Z
winbind_krb5_locator manpage has moved from section 7 to 8
See e9e85a183c7b4602e89f741bba9e4ed8c63974d4
- - - - -
25ee556a by Mathieu Parent at 2018-08-30T17:32:40Z
Release 2:4.8.5+dfsg-1
- - - - -
46297461 by Jeremy Allison at 2018-08-31T10:08:02Z
s3: VFS: vfs_full_audit: Add $cwd arg to smb_fname_str_do_log().
Not yet used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13565
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 59f13347260f5c4367c709eb07139f2ba7ddad72)
- - - - -
4c2dfd71 by Jeremy Allison at 2018-08-31T13:29:32Z
s3: VFS: vfs_full_audit: Ensure smb_fname_str_do_log() only returns absolute pathnames.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13565
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Aug 27 20:23:55 CEST 2018 on sn-devel-144
(cherry picked from commit 4d72ebb821518c25e4759ad697d5e18257f80765)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Fri Aug 31 15:29:32 CEST 2018 on sn-devel-144
- - - - -
8d9c6619 by Paulo Alcantara at 2018-09-04T10:14:26Z
s3: util: Do not take over stderr when there is no log file
In case we don't have either a /var/log/samba directory, or pass a
non-existent log directory through '-l' option, all commands that are
daemonized with '-D' option hang when executed within a subshell.
An example on how to trigger that:
# rm -r /var/log/samba
# s=$(nmbd -D -s /etc/samba/smb.conf -l /foo123)
(never returns)
So, when the above command is executed within a subshell the following
happens:
(a) Parent shell creates a pipe, sets write side of it to fd 1
(stdout), call read() on read-side fd, forks off a new child process
and then executes nmbd in it.
(b) nmbd sets up initial logging to go through fd 1 (stdout) by
calling setup_logging(..., DEBUG_DEFAULT_STDOUT). 'state.fd' is now
set to 1.
(c) reopen_logs() is called by the first time which then calls
reopen_logs_internal()
(d) in reopen_logs_internal(), it attempts to create log.nmbd file in
/foo123 directory and fails because directory doesn't exist.
(e) Regardless whether the log file was created or not, it calls
dup2(state.fd, 2) which dups fd 1 into fd 2.
(f) At some point, fd 0 and 1 are closed and set to /dev/null
The problem with that is because parent shell in (a) is still blocked in
read() call and the new write side of the pipe is now fd 2 -- after
dup2() in (e) -- and remains unclosed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13578
Signed-off-by: Paulo Alcantara <palcantara at suse.de>
Reviewed-by: Jim McDonough <jmcd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Aug 18 01:32:25 CEST 2018 on sn-devel-144
(cherry picked from commit 41aa55f49233ea7682cf14e5a7062617274434ce)
- - - - -
0070d21b by Martin Schwenke at 2018-09-04T10:14:27Z
ctdb-daemon: Drop incorrect log message
The message is incorrect because the actual failure was loading the
config file. Instead of fixing the message, drop it because
ctdb_config_load() already logs the failure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit b5453bc27add11a7288772a59adcc605328b9098)
- - - - -
8b711e8d by Martin Schwenke at 2018-09-04T10:14:27Z
ctdb-common: Fix log message for conf option with unknown section
This covers both options that appear before a section and options in
unknown sections.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 421d828f6cb7c13d5f33c6cc1c6be254554588a4)
- - - - -
42b2c12f by Martin Schwenke at 2018-09-04T10:14:28Z
ctdb-common: Log a message for unknown conf option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit ebb28c57a17777ea15afab63cd0742dd79b30ffe)
- - - - -
372b79c4 by Martin Schwenke at 2018-09-04T10:14:29Z
ctdb-common: Log a message when an invalid conf value is encountered
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit a017d3181ac1062b66ae506a8a523f7455630fce)
- - - - -
40dff2ce by Martin Schwenke at 2018-09-04T10:14:29Z
ctdb-common: Avoid ENOENT for unknown conf type tags
Only use ENOENT for missing configuration file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit f1084400387c0b1257b6d92ee6e8a89504d788fc)
- - - - -
7db0f189 by Martin Schwenke at 2018-09-04T10:14:30Z
ctdb-common: Avoid ENOENT for unknown conf options
Only use ENOENT for missing configuration file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 920ed66ba7e874ca23d72fff9342fbd64a1e329f)
- - - - -
a242e101 by Martin Schwenke at 2018-09-04T10:14:30Z
ctdb-common: Process the whole config file even if an error occurs
At the moment multiple errors will be encountered one at a time, on
each load or validate. Instead, allow all configuration errors to
printed in a single pass.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 4f1727fe0bf2b0962a5d131d60a416b8f459ad94)
- - - - -
35242cfb by Martin Schwenke at 2018-09-04T10:14:31Z
ctdb-common: Add support for sock daemon to notify of successful startup
The daemon writes 0 into the specified file descriptor when it is up
and listening. This can be used to avoid loops in clients that
attempt to connect until they succeed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13592
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit dc6040c121c65d5551c686f3f1be2891795f48aa)
- - - - -
1a171bc5 by Martin Schwenke at 2018-09-04T10:14:32Z
ctdb-event: Add support to eventd for the startup notification FD
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13592
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 11ee92d1bfd73c509d90e7a7386af60a4e1a7fca)
- - - - -
abb63370 by Martin Schwenke at 2018-09-04T10:14:32Z
ctdb-daemon: Improve error handling consistency
Other errors free argv, so do it here too.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13592
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit e357b62fe556609750bdb8d27cf48dfb85c62ec8)
- - - - -
0155635c by Martin Schwenke at 2018-09-04T10:14:33Z
ctdb-daemon: Open eventd pipe earlier
The pipe will soon be needed earlier, so initialise it earlier.
Ensure the file descriptors are closed on error.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13592
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit c446ae5e1382d5e32c33ce92243daf6b4338e15a)
- - - - -
46de8d24 by Martin Schwenke at 2018-09-04T10:14:34Z
ctdb-daemon: Wait for eventd to be ready before connecting
The current method of retrying the connection to eventd means that
messages get logged for each failure.
Instead, pass a pipe file descriptor to eventd and wait for it to
write 0 to the pipe to indicate that it is ready to accept client
connections.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13592
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 62ec1ab1470206d6a2cf300f30ca0b4a39413a38)
- - - - -
9987cc39 by Martin Schwenke at 2018-09-04T10:14:34Z
ctdb-daemon: Do not retry connection to eventd
Confirmation is now received from eventd that it is accepting
connections, so this is no longer needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13592
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit b430a1ace69bcef3336907557ab5bf04271c1110)
- - - - -
02f01fa7 by Martin Schwenke at 2018-09-04T10:14:35Z
ctdb-daemon: Log complete eventd startup command
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13592
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 6d3d9a85e5630ba398ac953ad1515155f10224d9)
- - - - -
176c9c38 by Volker Lendecke at 2018-09-04T10:14:35Z
smbd: Fix a memleak in async search ask sharemode
fetch_share_mode_unlocked_parser() takes a "struct
fetch_share_mode_unlocked_state *" as
"private_data". fetch_share_mode_send() used a talloc_zero'ed "struct
share_mode_lock". This lead to the parser putting a "struct
share_mode_lock on the NULL talloc_context where nobody really picked it
up.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13602
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 0bd109b733fbce774feae2142d25f7e828b56bcb)
- - - - -
0a1df2a4 by Stefan Metzmacher at 2018-09-04T10:14:36Z
s4:torture/rpc/netlogon: assert that cli_credentials_get_{workstation,password} don't return NULL
This is better that generating a segfault while dereferencing a NULL
pointer later.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit dffc182c6943d21513d8db9f6cf66bdc09206b17)
- - - - -
5556a67f by Stefan Metzmacher at 2018-09-04T10:14:37Z
s4:torture/rpc/netlogon: verify the trusted domains output of LogonGetDomainInfo()
This makes sure we don't treat trusted domains in the same way we treat
our primary domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit d5dd8fdc647d6a202c5da0451d395116c2cd92b9)
- - - - -
53f225cd by Stefan Metzmacher at 2018-09-04T10:14:37Z
dsdb/util_trusts: domain_dn is an input parameter of dsdb_trust_crossref_tdo_info()
We should not overwrite it within the function.
Currently it doesn't matter as we don't have multiple domains
within our forest, but that will change in future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f5f96f558b499770cdeb3d38998167a387e058b9)
- - - - -
7aab1f19 by Stefan Metzmacher at 2018-09-04T10:14:38Z
dsdb:util_trusts: add dsdb_trust_local_tdo_info() helper function
This is similar to dsdb_trust_xref_tdo_info(), but will also work
if we ever support more than one domain in our forest.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit c1b0ac95db5c6112d90356c7ada8c3d445e9b668)
- - - - -
c7ca8588 by Stefan Metzmacher at 2018-09-04T10:14:38Z
s4:dsdb/common: add samdb_domain_guid() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 0e442e094240abbf79aaca00a9d1a053a200a7e8)
- - - - -
39823476 by Stefan Metzmacher at 2018-09-04T10:14:39Z
s4:rpc_server/netlogon: use samdb_domain_guid()/dsdb_trust_local_tdo_info() to build our netr_OneDomainInfo values
The logic for constructing the values for our own primary domain differs
from the values of trusted domains. In order to make the code easier to
understand we have a new fill_our_one_domain_info() helper that
only takes care of our primary domain.
The cleanup for the trust case will follow in a separate commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 61333f7787d78e3ec5c7bd2874d5a0f1f536275a)
- - - - -
c6cfdf0d by Stefan Metzmacher at 2018-09-04T10:14:40Z
s4:rpc_server/netlogon: make use of talloc_zero_array() for the netr_OneDomainInfo array
It's much safer than having uninitialized memory when we hit an error
case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit ef0b489ad0d93199e08415dd895da5cfe2d1c11a)
- - - - -
7a3dbadb by Stefan Metzmacher at 2018-09-04T10:14:41Z
s4:rpc_server/netlogon: don't treet trusted domains as primary in LogonGetDomainInfo()
We need to handle trusted domains differently than our primary
domain. The most important part is that we don't return
NETR_TRUST_FLAG_PRIMARY for them.
NETR_TRUST_FLAG_{INBOUND,OUTBOUND,IN_FOREST} are the relavant flags
for trusts.
This is an example of what Windows returns in a complex trust
environment:
netr_LogonGetDomainInfo: struct netr_LogonGetDomainInfo
out: struct netr_LogonGetDomainInfo
return_authenticator : *
return_authenticator: struct netr_Authenticator
cred: struct netr_Credential
data : f48b51ff12ff8c6c
timestamp : Tue Aug 28 22:59:03 2018 CEST
info : *
info : union netr_DomainInfo(case 1)
domain_info : *
domain_info: struct netr_DomainInformation
primary_domain: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0014 (20)
size : 0x0016 (22)
string : *
string : 'W2012R2-L4'
dns_domainname: struct lsa_StringLarge
length : 0x0020 (32)
size : 0x0022 (34)
string : *
string : 'w2012r2-l4.base.'
dns_forestname: struct lsa_StringLarge
length : 0x0020 (32)
size : 0x0022 (34)
string : *
string : 'w2012r2-l4.base.'
domain_guid : 0a133c91-8eac-4df0-96ac-ede69044a38b
domain_sid : *
domain_sid : S-1-5-21-2930975464-1937418634-1288008815
trust_extension: struct netr_trust_extension_container
length : 0x0000 (0)
size : 0x0000 (0)
info : NULL
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domain_count : 0x00000006 (6)
trusted_domains : *
trusted_domains: ARRAY(6)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x000e (14)
size : 0x0010 (16)
string : *
string : 'FREEIPA'
dns_domainname: struct lsa_StringLarge
length : 0x0018 (24)
size : 0x001a (26)
string : *
string : 'freeipa.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 00000000-0000-0000-0000-000000000000
domain_sid : *
domain_sid : S-1-5-21-429948374-2562621466-335716826
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0016 (22)
size : 0x0018 (24)
string : *
string : 'S1-W2012-L4'
dns_domainname: struct lsa_StringLarge
length : 0x0036 (54)
size : 0x0038 (56)
string : *
string : 's1-w2012-l4.w2012r2-l4.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : afe7fbde-af82-46cf-88a2-2df6920fc33e
domain_sid : *
domain_sid : S-1-5-21-1368093395-3821428921-3924672915
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000023 (35)
1: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000004 (4)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000020 (32)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
1: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0006 (6)
size : 0x0008 (8)
string : *
string : 'BLA'
dns_domainname: struct lsa_StringLarge
length : 0x0010 (16)
size : 0x0012 (18)
string : *
string : 'bla.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 00000000-0000-0000-0000-000000000000
domain_sid : *
domain_sid : S-1-5-21-4053568372-2049667917-3384589010
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x000c (12)
size : 0x000e (14)
string : *
string : 'S4XDOM'
dns_domainname: struct lsa_StringLarge
length : 0x0016 (22)
size : 0x0018 (24)
string : *
string : 's4xdom.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 00000000-0000-0000-0000-000000000000
domain_sid : *
domain_sid : S-1-5-21-313966788-4060240134-2249344781
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0014 (20)
size : 0x0016 (22)
string : *
string : 'W2012R2-L4'
dns_domainname: struct lsa_StringLarge
length : 0x001e (30)
size : 0x0020 (32)
string : *
string : 'w2012r2-l4.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 0a133c91-8eac-4df0-96ac-ede69044a38b
domain_sid : *
domain_sid : S-1-5-21-2930975464-1937418634-1288008815
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x0000001d (29)
1: NETR_TRUST_FLAG_IN_FOREST
0: NETR_TRUST_FLAG_OUTBOUND
1: NETR_TRUST_FLAG_TREEROOT
1: NETR_TRUST_FLAG_PRIMARY
1: NETR_TRUST_FLAG_NATIVE
0: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000000 (0)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0016 (22)
size : 0x0018 (24)
string : *
string : 'S2-W2012-L4'
dns_domainname: struct lsa_StringLarge
length : 0x004e (78)
size : 0x0050 (80)
string : *
string : 's2-w2012-l4.s1-w2012-l4.w2012r2-l4.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 29daace6-cded-4ce3-a754-7482a4d9127c
domain_sid : *
domain_sid : S-1-5-21-167342819-981449877-2130266853
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000001 (1)
1: NETR_TRUST_FLAG_IN_FOREST
0: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
0: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000001 (1)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000000 (0)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
lsa_policy: struct netr_LsaPolicyInformation
policy_size : 0x00000000 (0)
policy : NULL
dns_hostname: struct lsa_StringLarge
length : 0x0036 (54)
size : 0x0038 (56)
string : *
string : 'torturetest.w2012r2-l4.base'
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
workstation_flags : 0x00000003 (3)
1: NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS
1: NETR_WS_FLAG_HANDLES_SPN_UPDATE
supported_enc_types : 0x0000001f (31)
1: KERB_ENCTYPE_DES_CBC_CRC
1: KERB_ENCTYPE_DES_CBC_MD5
1: KERB_ENCTYPE_RC4_HMAC_MD5
1: KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96
1: KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96
0: KERB_ENCTYPE_FAST_SUPPORTED
0: KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED
0: KERB_ENCTYPE_CLAIMS_SUPPORTED
0: KERB_ENCTYPE_RESOURCE_SID_COMPRESSION_DISABLED
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
result : NT_STATUS_OK
Best viewed with: git show --histogram -w
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 2099add0657126e4a5427ec2db0fe8025478b355)
- - - - -
7c5883a5 by Ralph Boehme at 2018-09-04T10:14:41Z
vfs_delay_inject: adding delay to VFS calls
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 44840ba5b32a2ce7959fd3d7c87822b3159416d3)
- - - - -
99ef099d by Ralph Boehme at 2018-09-04T10:14:42Z
s4:selftest: reformat smb2_s3only list
No change besides reformatting the list to one entry per line.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 3255822f75163cb38e53f634a5c6b03d46bfaff1)
- - - - -
c77edea0 by Ralph Boehme at 2018-09-04T10:14:42Z
selftest: add a durable handle test with delayed disconnect
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 5508024a861e7c85e6c837552ad142aa1d5e8eca)
- - - - -
b5d78343 by Ralph Boehme at 2018-09-04T10:14:43Z
s3:smbd: reorder tcon global record deletion and closing files of a tcon
As such, this doesn't change overall behaviour, but in case we ever add
semantics acting on tcon record changes via an API like
dbwrap_watch_send(), this will make a difference as it enforces
ordering.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b70b8503faded81b10859131f08486349876d132)
- - - - -
71b77451 by Ralph Boehme at 2018-09-04T10:14:43Z
s3:smbd: let session logoff close files and tcons before deleting the session
This avoids a race in durable handle reconnects if the reconnect comes
in while the old session is still in the tear-down phase.
The new session is supposed to rendezvous with and wait for destruction
of the old session, which is internally implemented with
dbwrap_watch_send() on the old session record.
If the old session deletes the session record before calling
file_close_user() which marks all file handles as disconnected, the
durable handle reconnect in the new session will fail as the records are
not yet marked as disconnected which is a prerequisite.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 8f6edcc1645e0ed35eaec914bd0b672500ce986c)
- - - - -
52657164 by Ralph Boehme at 2018-09-04T10:14:44Z
s3:smbd: add a comment stating that file_close_user() is redundant for SMB2
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Sep 1 01:26:35 CEST 2018 on sn-devel-144
(cherry picked from commit 5d95f79f604d90c2646225a0f2470f05dd71e19e)
- - - - -
5dad448c by Volker Lendecke at 2018-09-04T10:14:44Z
torture: Make sure that fruit_ftruncate only unlinks streams
Follow-up to
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit c39ec64231b261fe4ada02f1f1b9aa344cf35bb5)
- - - - -
bcba25d3 by Volker Lendecke at 2018-09-04T13:59:02Z
vfs_fruit: Don't unlink the main file
The original fix for bug 13441 was missing a check that verifies that
fruit_ftruncate() is actually called on a stream.
Follow-up to
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441
Pair-Programmed-With: Volker Lendecke <vl at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Aug 23 15:28:48 CEST 2018 on sn-devel-144
(cherry picked from commit 8c14234871820eacde46670d722a676fb5f3a46c)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Tue Sep 4 15:59:02 CEST 2018 on sn-devel-144
- - - - -
ab0e26af by Alexander Bokovoy at 2018-09-05T08:32:08Z
s4:selftest: test kinit with the interdomain trust user account
To test it, add a blackbox test that ensures we pass a keytab-based
authentication with the trust user account for a trusted domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7df505298f71432d5adbcffccde8f97c117a57a6)
- - - - -
58b3c864 by Stefan Metzmacher at 2018-09-05T08:32:08Z
samba-tool: add virtualKerberosSalt attribute to 'user getpassword/syncpasswords'
This might be useful for someone, but at least it's very useful for
tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 39c281a23673691bab621de1a632d64df2c1c102)
- - - - -
a8be75bd by Stefan Metzmacher at 2018-09-05T08:32:08Z
testprogs/blackbox: add testit[_expect_failure]_grep() to subunit.sh
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 8526feb100e59bc5a15ceb940e6cecce0de59247)
- - - - -
3dba82d3 by Stefan Metzmacher at 2018-09-05T08:32:08Z
testprogs/blackbox: let test_trust_user_account.sh check the correct kerberos salt
This demonstrates the bug we currently have.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 1b31fa62567ec549e32c9177b322cfbfb3b6ec1a)
- - - - -
c53bf98a by Alexander Bokovoy at 2018-09-05T13:40:53Z
krb5-samba: interdomain trust uses different salt principal
Salt principal for the interdomain trust is krbtgt/DOMAIN at REALM where
DOMAIN is the sAMAccountName without the dollar sign ($)
The salt principal for the BLA$ user object was generated wrong.
dn: CN=bla.base,CN=System,DC=w4edom-l4,DC=base
securityIdentifier: S-1-5-21-4053568372-2049667917-3384589010
trustDirection: 3
trustPartner: bla.base
trustPosixOffset: -2147483648
trustType: 2
trustAttributes: 8
flatName: BLA
dn: CN=BLA$,CN=Users,DC=w4edom-l4,DC=base
userAccountControl: 2080
primaryGroupID: 513
objectSid: S-1-5-21-278041429-3399921908-1452754838-1597
accountExpires: 9223372036854775807
sAMAccountName: BLA$
sAMAccountType: 805306370
pwdLastSet: 131485652467995000
The salt stored by Windows in the package_PrimaryKerberosBlob
(within supplementalCredentials) seems to be
'W4EDOM-L4.BASEkrbtgtBLA' for the above trust
and Samba stores 'W4EDOM-L4.BASEBLA$'.
While the salt used when building the keys from
trustAuthOutgoing/trustAuthIncoming is
'W4EDOM-L4.BASEkrbtgtBLA.BASE', which we handle correct.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Sep 5 03:57:22 CEST 2018 on sn-devel-144
(cherry picked from commit f3e349bebc443133fdbe4e14b148ca8db8237060)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Wed Sep 5 15:40:53 CEST 2018 on sn-devel-144
- - - - -
85edcc56 by Karolin Seeger at 2018-09-06T07:56:09Z
WHATSNEW: Add release notes for Samba 4.9.0rc5.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
71aa4d15 by Karolin Seeger at 2018-09-06T07:56:43Z
VERSION: Disable GIT_SNAPSHOT for the 4.9.0rc5 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
fa4c7f43 by Karolin Seeger at 2018-09-06T07:57:44Z
VERSION: Bump version up to 4.9.0rc6...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
c9743bac by Andreas Schneider at 2018-09-11T10:01:22Z
wafsamba: Fix 'make -j<jobs>'
Currently only 'make -j' enables parallel builds and e.g. 'make -j4'
results in no parallel compile jobs at all.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13606
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Sep 7 20:24:46 CEST 2018 on sn-devel-144
(cherry picked from commit 70169d4789fe8b2ee4efe5e88eeaa80e1a641b32)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Tue Sep 11 12:01:22 CEST 2018 on sn-devel-144
- - - - -
b94c676e by Stefan Metzmacher at 2018-09-13T06:38:16Z
WHATSNEW.txt: announce 4.9.0 trust improvements
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
9bb128fc by Björn Baumbach at 2018-09-13T06:38:16Z
samba_dnsupdate: honor 'dns zone scavenging' option, only update if needed
Since scavenging is implemented the samba_dnsupdate command always updates all
dns records required by the dc. This is not needed if dns zone scavenging
is not enabled.
This avoids the repeating TSIG error messages:
# samba_dnsupdate --option='dns zone scavenging = yes' 2>&1 | uniq -c
29 ; TSIG error with server: tsig verify failure
1 Failed update of 29 entries
# echo ${PIPESTATUS[0]}
29
# samba_dnsupdate --option='dns zone scavenging = no' 2>&1 | uniq -c
# echo ${PIPESTATUS[0]}
0
Note that this results in about 60 lines in the log file,
which triggered every 10 minutes ("dnsupdate:name interval=600" is the default).
This restores the behavior before 8ef42d4dab4dfaf5ad225b33f7748914f14dcd8c,
if "dns zone scavenging" is not switched on (which is still the default).
Avoiding the message from happening at all is subject for more debugging,
most likely they are caused by bugs in 'nsupdate -g' (from the bind package).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13605
Pair-programmed-with: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
efbb8424 by Björn Baumbach at 2018-09-13T09:36:40Z
WHATSNEW: 'samba-tool ou' command: manage organizational units
Signed-off-by: Björn Baumbach <bb at sernet.de>
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Thu Sep 13 11:36:40 CEST 2018 on sn-devel-144
- - - - -
834631be by Karolin Seeger at 2018-09-13T09:51:21Z
WHATSNEW: Fix typo.
Thanks to garming at catalyst.net.nz for catching!
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
ea7784ab by Karolin Seeger at 2018-09-13T09:51:21Z
WHATSNEW: Add release notes for Samba 4.9.0.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
4fc4ae29 by Karolin Seeger at 2018-09-13T09:51:21Z
VERSION: Disable GIT_SNAPSHOT for the 4.9.0 release
and bump version up to 4.9.0.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
cab67cb6 by Karolin Seeger at 2018-09-13T09:51:21Z
VERSION: Bump version up to 4.9.1...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
f66ecfc8 by Mathieu Parent at 2018-09-14T15:02:10Z
Update d/gbp.conf, d/watch and d/README.source for 4.9
- - - - -
76c3e172 by Mathieu Parent at 2018-09-14T15:04:10Z
New upstream version 4.9.0+dfsg
- - - - -
5a0bdef6 by Mathieu Parent at 2018-09-14T15:09:40Z
Update upstream source from tag 'upstream/4.9.0+dfsg'
Update to upstream version '4.9.0+dfsg'
with Debian dir 931b7faf0cfd4bee0cf432c0e906f8c28bfa71c3
- - - - -
52b820c7 by Jelmer Vernooij at 2018-09-14T15:10:17Z
Always specify rpath for private libraries
Last-Update: 2012-02-24
Applied-Upstream: no
- - - - -
0ac09d86 by Christian Perrier at 2018-09-14T15:10:17Z
64 bit fix for libsmbclient
Bug-Debian: http://bugs.debian.org/221618
Forwarded: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=221618#27
- - - - -
d39f437a by Christian Perrier at 2018-09-14T15:10:17Z
Mention smbldap-tools package in examples/LDAP/README
Bug-Debian: http://bugs.debian.org/341934
Forwarded: not-needed
- - - - -
06d9035e by Steve Langasek at 2018-09-14T15:10:17Z
Use the pager alternative as pager is PAGER is undefined
Bug-Debian: http://bugs.debian.org/135603
Forwarded: not-needed
- - - - -
10fc0f70 by mathiaz at ubuntu.com at 2018-09-14T15:10:17Z
Enable net usershares by default at build time
Enable net usershares by default at build time, with a limit of 100, and update
the corresponding documentation.
Bug-Debian: http://bugs.debian.org/443230
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/128548
Forwarded: not-needed
- - - - -
73216771 by Eloy A. Paris at 2018-09-14T15:10:17Z
Add "Debian" as vendor suffix
Forwarded: not-needed
- - - - -
b76aa6b2 by Jeroen Dekkers at 2018-09-14T15:10:17Z
Add so version number to private libraries for dpkg-shlibdeps
We also want dpkg-shlibdeps to generate correct dependency information
for the private libraries in our binary packages, but dpkg-shlibdeps
only works when the library has a version number.
Origin: vendor
Forwarded: not-needed
- - - - -
e0e955e9 by Brian May at 2018-09-14T15:10:17Z
Patch in symbol table from rfc3454, for Heimdal scripts
Status: cherry-picked from heimdal package
- - - - -
46015857 by Mathieu Parent at 2018-09-14T15:14:06Z
Remove Fix-pidl-manpage-sections.patch, Fix-spelling.patch and Improve-vfs_linux_xfs_sgid-manpage.patch, merged upstream
- - - - -
2bc71864 by Mathieu Parent at 2018-09-14T16:00:32Z
Bump build-depends talloc >= 2.1.14, tdb >= 1.3.16, tevent >= 0.9.37 and ldb >= 2:1.4.2
- - - - -
54ff7737 by Mathieu Parent at 2018-09-17T13:31:50Z
Revert "Prepend 1.4.0+really to ldb version to allow samba-dsdb-modules install"
We now use 1.4 really :-P
This reverts commit f262fc54c9e3bf6fe52ca9da5ee6e04c954d1d7d.
- - - - -
054c973e by Mathieu Parent at 2018-09-17T13:31:50Z
Changelog for previous commits
- - - - -
78fbf101 by Günther Deschner at 2018-09-20T07:11:18Z
s3-spoolss: Make spoolss client os_major,os_minor and os_build configurable.
Similar to spoolss server options, make the client advertised OS version
values configurable to allow overriding the defaults provided to the print server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13597
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
06c566c5 by Justin Stephenson at 2018-09-20T07:11:18Z
s3-rpc_client: Advertise Windows 7 client info
Client printing operations currently fail against Windows
Server 2016 with Access Denied if a client os build number
lower than 6000 is advertised. Increase the default build number,
major, and minor versions to values associated with client
OS versoins Windows 7 and Windows Server 2008 R2.
The build number value specifically needs to be increased to
allow these operations to succeed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13597
Signed-off-by: Justin Stephenson <jstephen at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
ff7b2314 by Günther Deschner at 2018-09-20T07:11:19Z
s3-rpcclient: Use spoolss_init_spoolss_UserLevel1 in winspool cmds
Use spoolss initialization function to set client version information for
iremotewinspool printer operations
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
04209558 by Ralph Wuerthner at 2018-09-20T07:11:19Z
ctdb-doc: Remove PIDFILE option from ctdbd_wrapper man page
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13610
Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Ralph Böhme <slow at samba.org>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Wed Sep 12 21:50:57 CEST 2018 on sn-devel-144
(cherry picked from commit e52abc8a44de6791dceb6f43af1db472a3d9ec37)
- - - - -
de452413 by Martin Schwenke at 2018-09-20T07:11:19Z
ctdb-cluster-mutex: Reset SIGTERM handler in cluster mutex child
If SIGTERM is received and the tevent signal handler setup in the
recovery daemon is still enabled then the signal is handled and a
corresponding event is queued. The child never runs an event loop so
the signal is effectively ignored.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 5a6b139884f08ee2ee10f9d16fe56ad8fb5352a6)
- - - - -
7187d7db by Martin Schwenke at 2018-09-20T07:11:19Z
ctdb-cluster-mutex: Block signals around fork
If SIGTERM is received and the tevent signal handler setup in the
recovery daemon is still enabled then the signal is handled and a
corresponding event is queued. The child never runs an event loop so
the signal is effectively ignored.
Resetting the SIGTERM handler isn't enough. A signal can arrive
before that.
Block SIGTERM before forking and then immediately unblock it in the
parent.
In the child, unblock SIGTERM after the signal handler is reset. An
explicit unblock is needed because according to sigprocmask(2) "the
signal mask is preserved across execve(2)".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit e789d0da57fc3fc6d22bfa00577a2e65034ca27a)
- - - - -
3819f795 by Martin Schwenke at 2018-09-20T07:11:19Z
ctdb-recoverd: Clean up taking of recovery lock
No functional changes, just coding style cleanups and debug message
tweaks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 59fc01646c7d65ba90b0a1a34c3795ff842351c5)
- - - - -
7bd0e802 by Martin Schwenke at 2018-09-20T07:11:19Z
ctdb-recoverd: Re-check master on failure to take recovery lock
If the master changed while trying to take the lock then fail gracefully.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit c516e58ce92c420dc993bd9b7f1433641bd764bd)
- - - - -
773a6474 by Martin Schwenke at 2018-09-20T07:11:19Z
ctdb-recoverd: Rename hold_reclock_state to ctdb_recovery_lock_handle
This will be a longer lived structure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit af22f03dbe9040f5f743eb85bb50d411269bbab4)
- - - - -
54820e3d by Martin Schwenke at 2018-09-20T07:11:19Z
ctdb-recoverd: Use talloc() to allocate recovery lock handle
At the moment this is still local and is freed after the mutex is
successfully taken.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit a53b264aee7d620ee8ecf9114b0014c5bb678484)
- - - - -
49130402 by Martin Schwenke at 2018-09-20T07:11:20Z
ctdb-recoverd: Store recovery lock handle
... not just cluster mutex handle.
This makes the recovery lock handle long-lived and with allow the
releasing code to cancel an in-progress attempt to take the recovery
lock.
The cluster mutex handle is now allocated off the recovery lock
handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit c52216740bd81b68876de06e104822bbbca86df9)
- - - - -
a9c7c641 by Martin Schwenke at 2018-09-20T07:11:20Z
ctdb-recoverd: Return early when the recovery lock is not held
This makes upcoming changes simpler.
Update to modern debug macro while touching relevant line.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit a755d060c13b65dfb6d73979aaf111c489882bfb)
- - - - -
e6bcccbc by Martin Schwenke at 2018-09-20T07:11:20Z
ctdb-recoverd: Handle cancellation when releasing recovery lock
If the recovery lock is in the process of being taken then free the
cluster mutex handle but leave the recovery lock handle in place.
This allows ctdb_recovery_lock() to fail.
Note that this isn't yet live because rec->recovery_lock_handle is
still only set at the completion of the attempt to take the lock.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit b1dc5687844e90b0e3c39cb46a1116c86118fbf4)
- - - - -
10d1b4d9 by Martin Schwenke at 2018-09-20T10:35:23Z
ctdb-recoverd: Set recovery lock handle at start of attempt
This allows the attempt to be cancelled if an election is lost and an
unlock is done before the attempt is completed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Tue Sep 18 02:18:30 CEST 2018 on sn-devel-144
(cherry picked from commit 486022ef8f43251258f255ffa15f1a01bc6aa2b7)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Thu Sep 20 12:35:23 CEST 2018 on sn-devel-144
- - - - -
95b08d10 by Andrew Bartlett at 2018-09-21T10:15:13Z
s3: nmbd: Stop nmbd network announce storm.
Correct fix for. On announce, work->lastannounce_time is set
to current time t, so we must check that 't >= work->lastannounce_time',
not 't > work->lastannounce_time' otherwise we end up not
doing the comparison, and always doing the announce.
Reported by Reuben Farrelly
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13620
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Revviewe-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 1d1cd28adaba691ba434a47031fb52ff8887c728)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-9-test): Fri Sep 21 12:15:13 CEST 2018 on sn-devel-144
- - - - -
f4ef2c4f by Mathieu Parent at 2018-09-21T18:32:38Z
Update paths
- - - - -
0a05762f by Mathieu Parent at 2018-09-22T05:56:03Z
Add ctdb.NEWS: "Configuration has been completely overhauled"
- - - - -
ff3dc790 by Mathieu Parent at 2018-09-22T06:57:58Z
Update libsmbclient.symbols
- - - - -
7d9e313c by Mathieu Parent at 2018-09-22T15:06:16Z
ctdb.lintian-override: Remove script-not-executable override
- - - - -
2c218c70 by Mathieu Parent at 2018-09-22T21:03:10Z
ctdb: Enable/disable legacy script in postinst/presinst
- - - - -
e5f5e13b by Mathieu Parent at 2018-09-22T21:05:53Z
Release 2:4.9.0+dfsg-1 to experimental
- - - - -
7483205b by Karolin Seeger at 2018-09-24T06:40:54Z
WHATSNEW: Add release notes for Samba 4.9.1.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
8fb6b0f4 by Karolin Seeger at 2018-09-24T06:40:54Z
VERSION: Disable GIT_SNAPSHOT for the 4.9.1 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
02013cb9 by Mathieu Parent at 2018-09-24T10:46:47Z
New upstream version 4.9.1+dfsg
- - - - -
61ac884b by Mathieu Parent at 2018-09-24T10:52:28Z
Merge tag 'upstream/4.9.1+dfsg'
Upstream version 4.9.1+dfsg
- - - - -
3816cbac by Mathieu Parent at 2018-09-24T11:33:42Z
Release 2:4.9.1+dfsg-1
- - - - -
6bb87170 by Mathieu Parent at 2018-10-08T20:01:13Z
Enable --accel-aes=intelaesni on DEB_HOST_ARCH_CPU=amd64 instead of DEB_HOST_ARCH=amd64. This matches samba-libs.install and adds x32
- - - - -
89858065 by Andreas Schneider at 2018-10-09T07:58:25Z
third_party: Update pam_wrapper to version 1.0.7
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 1fd2a79a92fc30d7667eb97d0846043a9d29b5cf)
- - - - -
7c170cd2 by Mathieu Parent at 2018-10-09T07:58:46Z
third_party: Add pam_set_items.so from pam_wrapper
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 7dd388a1f9fa30beb2f814bd16463d1643638587)
- - - - -
0702d237 by Mathieu Parent at 2018-10-09T07:59:20Z
nsswitch: Add try_authtok option to pam_winbind
Same as the use_authtok option, except that if the new password is not
valid, PAM will prompt for a password.
Bug-Debian: https://bugs.debian.org/858923
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/570944
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit ad5debcbe5215e9a45f92ea45f20cc93781e93fa)
- - - - -
5403c81c by Mathieu Parent at 2018-10-09T08:01:09Z
tests: Check pam_winbind pw change with different options
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Oct 2 17:30:29 CEST 2018 on sn-devel-144
(cherry picked from commit 6240022488464deee8ac5924059a593e377bc538)
- - - - -
106bf049 by Mathieu Parent at 2018-10-09T08:05:01Z
Patch for previous 4 commits
- - - - -
9677ef15 by Mathieu Parent at 2018-10-09T08:06:17Z
pam_winbind: Use the new try_authtok option allowing password change while preserving current behavior with password strength modules (Closes: #858923, LP: #570944)
- - - - -
30 changed files:
- + .gitlab-ci-private.yml
- .gitlab-ci.yml
- .travis.yml
- .ycm_extra_conf.py
- README.Coding
- VERSION
- WHATSNEW.txt
- auth/auth_log.c
- auth/auth_sam_reply.c
- auth/auth_sam_reply.h
- auth/common_auth.h
- auth/credentials/credentials.c
- auth/credentials/credentials_krb5.c
- auth/credentials/credentials_secrets.c
- auth/credentials/pycredentials.c
- auth/credentials/tests/bind.py
- auth/credentials/wscript_build
- auth/gensec/spnego.c
- auth/kerberos/gssapi_pac.c
- auth/ntlmssp/gensec_ntlmssp_server.c
- auth/ntlmssp/ntlmssp_client.c
- auth/ntlmssp/ntlmssp_server.c
- auth/wscript_build
- − auth/wscript_configure
- buildtools/wafsamba/nothreads.py
- buildtools/wafsamba/samba_abi.py
- buildtools/wafsamba/samba_autoconf.py
- buildtools/wafsamba/samba_bundled.py
- buildtools/wafsamba/samba_conftests.py
- buildtools/wafsamba/samba_dist.py
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/samba-team/samba/compare/7808a17c18221d3fd95f09bcd3ab18f4a4011165...9677ef154ac26bf357f80bbb1e3d73c502ec726c
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/compare/7808a17c18221d3fd95f09bcd3ab18f4a4011165...9677ef154ac26bf357f80bbb1e3d73c502ec726c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20181009/b5e33c94/attachment-0001.html>
More information about the Pkg-samba-maint
mailing list