[Pkg-samba-maint] [Git][samba-team/samba][upstream_4.12] 3105 commits: VERSION: Bump version up to 4.12.0pre1...

Mathieu Parent gitlab at salsa.debian.org
Thu Jun 25 08:19:47 BST 2020



Mathieu Parent pushed to branch upstream_4.12 at Debian Samba Team / samba


Commits:
42c299b0 by Karolin Seeger at 2019-07-09T11:49:13+02:00
VERSION: Bump version up to 4.12.0pre1...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
9cb028d6 by Karolin Seeger at 2019-07-09T12:02:07+02:00
VERSION: Bump version up to 4.12.0.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
36f021f7 by Karolin Seeger at 2019-07-09T12:04:27+02:00
WHATSNEW: Start release notes for Samba 4.12.0pre1.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
6fe2193b by Andreas Schneider at 2019-07-09T12:16:10+00:00
s3:profile: Use SHA1 for hashing in profiling functions.

This can use SHA NI instructions if the CPU supports it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a31a40b4 by Andreas Schneider at 2019-07-09T12:16:11+00:00
lib:crypto: Fix path to header file in gnutls_helpers.h

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
31a943fa by Andreas Schneider at 2019-07-09T12:16:11+00:00
lib:crypto: Add GNUTLS_FIPS140_SET_(LAX|STRICT)_MODE to helpers

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ccf3e766 by Andreas Schneider at 2019-07-09T13:31:46+00:00
s3:profile: Allow profile subsystem to use SHA1 in FIPS mode

This is non-cryptographic use.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jul  9 13:31:46 UTC 2019 on sn-devel-184

- - - - -
abc58a4a by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Add dptr_activecnum(), not yet used.

Will be used to help remove the SMB1 idle directory
code.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
461001cb by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Don't idle connections with active SMB1 directory scans.

When all scans are via file handles this code can
be removed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
609c9a58 by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Don't idle SMB1 directory scans after DPTR_IDLE_TIMEOUT.

Only broken SMB1 clients leave directory scans hanging
and we shouldn't support that.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
80ae1eba by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Remove unused DPTR_IDLE_TIMEOUT.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
a43e6771 by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Remove now unused dptr_idlecnum().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
7b98319f by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Remove MAX_OPEN_DIRECTORIES check in dptr_create().

This is a bug in that it's artificially limiting the number
of open directories an SMB2 client can have. If this code
was needed it should by SMB1 specific.

However we should allow the clients to decide for themselves
how many directory handles they need, not limit to MAX_OPEN_DIRECTORIES.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
7b6129d1 by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Remove SMB1 idle unused directory handles code.

This is only needed for broken SMB1 DOS clients, and
we're a long way from needing this anymore.

ifdef out dptr_idleoldest() and dptr_idle()
functions as otherwise we get "unused function"
compile errors. Remove in next commit.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
288d7167 by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Remove unused dptr_idleoldest() and dptr_idle() functions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
ab65fa9a by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Remove now unused MAX_OPEN_DIRECTORIES define.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
096a98f6 by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: Add a note explaining MAX_DIRECTORY_HANDLES only applies to SMB1.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
d9d00ad0 by Jeremy Allison at 2019-07-09T23:12:16+00:00
s3: smbd: We no longer need to keep a count of dirhandles open.

It's not per-connection struct anyway, so doesn't
help for anything.

Remove now unused variable struct smbd_server_connection *sconn
otherwise we get compile errors.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
e21b7516 by Jeremy Allison at 2019-07-09T23:12:17+00:00
s3: smbd: globals - remove dirhandles_open from internal search struct.

It wasn't used for SMB2 anyway, and isn't useful for anything.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
ff8c8b34 by Jeremy Allison at 2019-07-09T23:12:17+00:00
s3: smbd: Remove now unused parameter 'forclose' to dptr_get().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1376dc3b by Jeremy Allison at 2019-07-09T23:12:17+00:00
s3: smbd: Remove the 'close oldest' logic in SMB1search processing.

Expect the client to manage their handles properly.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
6134922f by Jeremy Allison at 2019-07-09T23:12:17+00:00
s3: smbd: Remove the 'close oldest' logic in SMB1 trans2 search processing.

Will be removed in next commit.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
09ddad6c by Jeremy Allison at 2019-07-10T00:28:51+00:00
s3: smbd: Remove ifdef'ed out dptr_close_oldest().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jul 10 00:28:51 UTC 2019 on sn-devel-184

- - - - -
19a13cbe by Douglas Bagnall at 2019-07-10T04:32:13+00:00
ldb: do not allow adding a DN as a base to itself

If you try to add a dn to itself, it expands as it goes. The resulting
loop cannot end well.

It looks like this in Python:

    dn = ldb.Dn(ldb.Ldb(), 'CN=y,DC=x')
    dn.add_base(dn)

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f5e0339a by Douglas Bagnall at 2019-07-10T04:32:13+00:00
pyldb: add pyldb_check_type()

This will be used by pyldb_Ldb_AsLdbContext().

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e075f52a by Douglas Bagnall at 2019-07-10T04:32:13+00:00
pyldb: fork pyldb_Ldb_AsLdbContext macro to reflect unsafeness

In the Python/C API, conversion functions which check the types of their arguments
have names like:

double PyFloat_AsDouble(PyObject *pyfloat);

while conversion macros that don't check have names like:

PyFloat_AS_DOUBLE(pyfloat)

The pyldb_Ldb_AsLdbContext() macro looks like one of the checking functions
but it actually isn't. This has fooled us more than once. Here we fork
the macro into two -- one which performs checks and keeps the camel
case, and one with a shouty name that keeps the check-free behaviour.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
339f8bbd by Douglas Bagnall at 2019-07-10T04:32:13+00:00
pyldb: check for errors in PyLdb_GetPyType()

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
1d6b472c by Douglas Bagnall at 2019-07-10T04:32:13+00:00
pyldb: rename pyldb_Dn_AsDn() to pyldb_Dn_AS_DN()

Following the python/C convention for checking vs non-checking
convertors.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
545e9538 by Douglas Bagnall at 2019-07-10T04:32:13+00:00
py segfault test: ldb.register_module

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
3af57daa by Douglas Bagnall at 2019-07-10T04:32:13+00:00
py segfault test: ldb.open

There seems to be no way of using ldb.open without causing a segfault

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
192386ed by Douglas Bagnall at 2019-07-10T04:32:13+00:00
pyldb: remove ldb.open, which was never survivable

There was no way to call ldb.open without evoking signal 11, so it is
unlikely anyone was using it.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
fdb9a590 by Douglas Bagnall at 2019-07-10T04:32:13+00:00
pyldb: ldb.register_module() checks arguments a little bit

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
c8060627 by Douglas Bagnall at 2019-07-10T05:48:52+00:00
ldb ABI bump for pyldb_Ldb_AsLdbContext change

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Wed Jul 10 05:48:52 UTC 2019 on sn-devel-184

- - - - -
c19f1c9a by Noel Power at 2019-07-11T04:08:13+00:00
nsswitch/libwbclient: clang Fix Potential leak of memory

Fixes:

nsswitch/libwbclient/wbc_sid.c:848:2: warning: Potential leak of memory pointed to by 'extra_data'
        free(extra_data);
        ^
1 warning generated.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
c38a7745 by Noel Power at 2019-07-11T04:08:13+00:00
s4/dsdb/common: clang: Fix access results in null pointer deref.

Fixes:

source4/dsdb/common/util_trusts.c:2915:21: warning: Access to field 'sid' results in a dereference of a null pointer (loaded from field 'tdo') <--[clang]
        d->di.domain_sid = d->tdo->sid;
                           ^  ~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
3a59a70d by Noel Power at 2019-07-11T04:08:13+00:00
nsswitch/libwbclient: clang: Fix Value stored to 'wbc_status' is never read

Fixes:

nsswitch/libwbclient/wbc_util.c:123:3: warning: Value stored to 'wbc_status' is never read <--[clang]
                wbc_status = WBC_ERR_SUCCESS;
                ^            ~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
d6c67f7c by Noel Power at 2019-07-11T04:08:13+00:00
s4/auth/gensec: clang: Fix 'initialization value is never read'

Fixes:

source4/auth/gensec/gensec_gssapi.c:431:11: warning: Value stored to 'nt_status' during its initialization is never read <--[clang]
        NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
                 ^~~~~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f004f8a2 by Noel Power at 2019-07-11T04:08:13+00:00
auth/gensec: clang: Fix 'Value stored to 'status' is never read'

Fixes:

auth/gensec/spnego.c:877:2: warning: Value stored to 'status' is never read <--[clang]
        status = sub_status;
        ^        ~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
71943ab5 by Noel Power at 2019-07-11T04:08:13+00:00
libcli/smb: clang: Fix 'value stored to 'p' is never read'

Fixes:

libcli/smb/smb1cli_session.c:226:2: warning: Value stored to 'p' is never read <--[clang]
        p += ret;
        ^    ~~~
libcli/smb/smb1cli_session.c:517:2: warning: Value stored to 'p' is never read <--[clang]
        p += ret;
        ^    ~~~
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
fa551bf0 by Noel Power at 2019-07-11T04:08:13+00:00
libcl/smb: clang: Fix 'Value stored to 'next_offset' is never read'

Fixes:

 libcli/smb/smb2_create_blob.c:146:3: warning: Value stored to 'next_offset' is never read <--[clang]
                next_offset += next_pad;
                ^              ~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
9f6b87d3 by Garming Sam at 2019-07-11T05:25:26+00:00
ldap_server: Regression in 0559430ab6e5c48d6e853fda0d8b63f2e149015c

Extended DN requests seem to have been incorrectly handled.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Thu Jul 11 05:25:26 UTC 2019 on sn-devel-184

- - - - -
c7bb5244 by Ralph Boehme at 2019-07-12T21:31:29+00:00
vfs_fruit: convert adouble accessor macros to functions

The functions will be moved to a different compilation unit in a subsequent
commit and struct adouble will become a private struct so callers can't access
it directly.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1bf4175a by Ralph Boehme at 2019-07-12T21:31:29+00:00
vfs_fruit: add flags to ad_convert()

A subsequent commmit will move all AppleDouble related functionality, including
ad_convert(), to a different compilation unit. We must therefor remove the
dependency on struct fruit_config_data.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f9df2b67 by Ralph Boehme at 2019-07-12T21:31:29+00:00
vfs_fruit: pass catia mappings as argument to ad_convert()

This removes the direct use of fruit_catia_maps from ad_convert(), to make it
possible to move the whole AppleDouble functionality to a dedicated subsystem.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
dbc840e7 by Ralph Boehme at 2019-07-12T21:31:29+00:00
vfs_fruit: move AppleDouble functionality to a dedicated subsystem

It's still tied to the VFS, therefor it lives in source3/modules/. Reduces code
bloat in vfs_fruit and makes it possible to use it from other parts of the
codebase in future.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3093c374 by Ralph Boehme at 2019-07-12T21:31:29+00:00
s3:lib: move Mac streams util functions to s3/lib

While at it, change the functions to work on the stream name directly instead of
struct smb_filename. A later commit wants to use the function on the resulting
stream names coming from vfs_streaminfo().

Also use the simple string compare version, not the multibyte ones, as the afp*
stream names are simple ASCII string, so there's no need to become fancy.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
79e0110e by Ralph Boehme at 2019-07-12T21:31:29+00:00
adouble: remove redundant calls to ad_pack()

ad_fset() calls ad_pack() anyway...

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5e52d9eb by Ralph Boehme at 2019-07-12T21:31:29+00:00
adouble: pass VFS handle and fsp to ad_pack()

Unused for now, that comes next.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1c464232 by Ralph Boehme at 2019-07-12T21:31:29+00:00
adouble: use runtime size when writing out AppleDouble header

We're calling SMB_VFS_NEXT_PWRITE() to write out the AppleDouble header
data. Until now this header always had a fixed sizeof AD_DATASZ_DOT_UND bytes,
but a subsequent commit will change that. Use the correct size which is the
offset of the begining of the resource fork data.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0f5fde7b by Ralph Boehme at 2019-07-12T21:31:29+00:00
adouble: add some ASCII art

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a2a30e63 by Ralph Boehme at 2019-07-12T21:31:29+00:00
adouble: remove xattrs after successfull conversion

This ensure the subsequent ad_fset() does not attempt to put back the xattrs on
disk in the AppleDouble file. It's not yet a problem as we don't have the code
that would do that, but that will be added in the next commit...

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f820647f by Ralph Boehme at 2019-07-12T21:31:29+00:00
adouble: ensure stat info is marked invalid on new path

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2bd926ac by Ralph Boehme at 2019-07-12T21:31:29+00:00
s3:modules: pass a TALLOC_CTX to string_replace_init_map()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1acdca75 by Ralph Boehme at 2019-07-12T21:31:29+00:00
vfs_fruit: remove duplicate catia mappings

0x0d:0xf00d is already given a few lines above.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
cd3b4187 by Ralph Boehme at 2019-07-12T21:31:29+00:00
s3:{modules => lib}/string_replace.[c|h]

This is now also consumed by something outside source3/modules/.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
145c54e4 by Ralph Boehme at 2019-07-12T21:31:29+00:00
s3: move fruit catia string replace mappings to s3/lib/

This will be needed by another component soonish.

Signed-off-by: Ralph Boehme <slow at samba.org>

- - - - -
a331b15e by Ralph Boehme at 2019-07-12T21:31:29+00:00
adouble: add ad_unconvert()

This collects a file's stream data and packs it into a AppleDouble file.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
17496a39 by Ralph Boehme at 2019-07-12T21:31:29+00:00
s3:net: add 'vfs' hierarchy with 'stream2adouble' command

This adds a new top-level command hierarchy 'vfs' that can be used to add
commands that access the smbd VFS stack.

The first command to be implemented is 'stream2adouble' which can be used to
convert stream metadata to AppleDouble files.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
bb37a88e by Ralph Boehme at 2019-07-12T21:31:30+00:00
s4/torture: add a vfs_fruit unconversion test

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
36b48aa7 by Ralph Boehme at 2019-07-12T22:59:58+00:00
s3:net: add 'net vfs getntacl' command

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jul 12 22:59:58 UTC 2019 on sn-devel-184

- - - - -
5522aa1a by Michael Adam at 2019-07-13T22:54:56+00:00
vfs:glusterfs_fuse: ensure fileids are constant across nodes

Instead of adding a new gluster-specific mode to the fileid module,
this patches provides a fileid algorithm as part of the glusterfs_fuse
vfs module. This can not be configured further, simply adding the
glusterfs_fuse vfs module to the vfs objects configuration will enable
the new fileid mode.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13972

Signed-off-by: Michael Adam <obnox at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>

Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Sat Jul 13 22:54:56 UTC 2019 on sn-devel-184

- - - - -
15196c75 by Gary Lockyer at 2019-07-16T08:13:12+00:00
s4 echo_server: Enable prefork process model

Enable the prefork process model, for the echo server.  This is allows
it to be used in the prefork_restart tests.

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1c4b9ba3 by Gary Lockyer at 2019-07-16T08:13:12+00:00
prefork restart tests: Use echo server for back off

Use the echo server for the restart back off tests in the
samba.tests.prefork_restart tests instead of the kdc.  The kdc is not enabled
when the ADDC is built to run MIT Kerberos.  Changing the test to use
the echo server means it can be run when MIT Kerberos is enabled.

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
da9472a9 by Gary Lockyer at 2019-07-16T10:10:23+00:00
prefork tests: re-enable restart tests for MIT Kerberos

Previously the restart back off tests were disabled for MIT Kerberos, as
they used the kdc, which is not run in that case.  Tests now use the
echo server.

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jul 16 10:10:23 UTC 2019 on sn-devel-184

- - - - -
9cf3379a by Andreas Schneider at 2019-07-16T17:20:31+00:00
third_party: Update uid_wrapper to version 1.2.7

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jul 16 17:20:31 UTC 2019 on sn-devel-184

- - - - -
57e9b358 by Noel Power at 2019-07-16T22:52:24+00:00
s3/lib: clang: Fix 'Value stored during its initialization is never read'

Fixes:

source3/lib/messages.c:483:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
0ca6d34a by Noel Power at 2019-07-16T22:52:24+00:00
s3/lib/dwrap: clang: Fix 'Array access results in a null pointer dereference'

Fixes:

source3/lib/dbwrap/dbwrap_watch.c:55:3: warning: Array access (from variable 'wkey') results in a null pointer dereference <--[clang]
                SIVAL(wkey, 0, db_id_len);
                ^
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
80f5461a by Noel Power at 2019-07-16T22:52:24+00:00
s3/lib: clang: Fix 'Value stored to 'b' is never read'

Fixes:

source3/lib/substitute.c:516:7: warning: Value stored to 'b' is never read <--[clang]
        for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
             ^   ~~~~~~~~~~~~
source3/lib/substitute.c:709:7: warning: Value stored to 'b' is never read <--[clang]
        for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
             ^   ~~~~~~~~~~~~
source3/lib/substitute.c:811:7: warning: Value stored to 'b' is never read <--[clang]
        for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
             ^   ~~~~~~~~~~~~
3 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
8aed7e9a by Noel Power at 2019-07-16T22:52:24+00:00
s4/libcli/ldab: clang: Fix 'Access results in a deref of a null pointer'

Fixes:

source4/libcli/ldap/ldap_client.c:1023:6: warning: Access to field 'type' results in a dereference of a null pointer <--[clang]
        if ((*msg)->type != type) {
            ^~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
9cfdb9f1 by Noel Power at 2019-07-16T22:52:24+00:00
libcls/netlogon: clang: Fix 'initialization value is never read'

Fixes:

libcli/netlogon/netlogon.c:183:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_INVALID_NETWORK_RESPONSE;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
libcli/netlogon/netlogon.c:224:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_INVALID_NETWORK_RESPONSE;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.

Note: although use of default seems unecessary but gcc
(with --picky-developer) detects the possibiliy still that status
may be undefined (presumably by a non enum value leaking
into the switch)

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a901c576 by Noel Power at 2019-07-16T22:52:24+00:00
libcli/cldap: clang: Fix 'Dereference of null pointer'

Fixes:

libcli/cldap/cldap.c:144:8: warning: Dereference of null pointer <--[clang]
                ev = c->searches.list->caller.ev;
                     ^
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
be319e24 by Noel Power at 2019-07-16T22:52:24+00:00
s4/libcli: clang: Fix 'initialization value is never read'

Fixes:

source4/libcli/smb_composite/fetchfile.c:91:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
06c3a493 by Noel Power at 2019-07-16T22:52:24+00:00
s4/libcli/raw: clang: Fix 'initialization value is never read'

Fixes:

source4/libcli/raw/rawnegotiate.c:157:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_INTERNAL_ERROR;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
4f61a998 by Noel Power at 2019-07-16T22:52:24+00:00
s3/param: clang: Fix 'Value stored to 'bRetval' is never read'

Fixes:

source3/param/loadparm.c:2770:2: warning: Value stored to 'bRetval' is never read <--[clang]
        bRetval = false;
        ^         ~~~~~
source3/param/loadparm.c:3868:2: warning: Value stored to 'bRetval' is never read <--[clang]
        bRetval = false;
        ^         ~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
7b8ec24c by Noel Power at 2019-07-16T22:52:24+00:00
s4/libcli/raw: Fix 'Value stored to 'p' is never read'

Fixes:

source4/libcli/raw/clitree.c:138:3: warning: Value stored to 'p' is never read <--[clang]
                p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->tconx.out.fs_type,
                ^    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
7a86c99c by Noel Power at 2019-07-16T22:52:24+00:00
libcli/smb: clang: Fix 'array access results in a null pointer deref'

Fixes:

smbXcli_base.c:1239:9: warning: Array access (via field 'pending') results in a null pointer dereference <--[clang]
                req = conn->pending[0];
                      ^

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
3594c3ae by Noel Power at 2019-07-16T22:52:24+00:00
libcli/smb: clang: Fix 'Array access results in a null pointer deref'

Fixes:

smbXcli_base.c:4393:10: warning: Array access (from variable 'inhdr') results in a null pointer dereference <--[clang]
        flags = CVAL(inhdr, HDR_FLG);

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
fb49e411 by Noel Power at 2019-07-16T22:52:25+00:00
libcli/smb: clang: Fix 'Dereference of null pointer'

Fixes:

smbXcli_base.c:4885:20: warning: Dereference of null pointer <--[clang]
        body = (uint8_t *)iov[1].iov_base;
                          ^~~~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
6ea9c795 by Noel Power at 2019-07-16T22:52:25+00:00
libcli/smb: clang: Fix ' 2nd function call argument is an uninitialized value'

Fixes:

/home/samba/samba/libcli/smb/smbXcli_base.c:5120:8: warning: 2nd function call argument is an uninitialized value <--[clang]
                rc = gnutls_hash(hash_hnd,

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e3e93306 by Noel Power at 2019-07-16T22:52:25+00:00
s3/lib: clang: Fix 'passed-by-value struct argument contains uninit-ed data'

Fixed:

g_lock.c:358:21: warning: Passed-by-value struct argument contains uninitialized data (e.g., field: 'pid') <--[clang]
        state->watch_req = dbwrap_watched_watch_send(
                           ^
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
80e57a10 by Noel Power at 2019-07-16T22:52:25+00:00
s3/registry: clang: Fix 'initialization value is never read'

Fixes:

source3/registry/reg_api.c:139:14: warning: Value stored to 'result' during its initialization is never read <--[clang]
        WERROR          result = WERR_OK;
                        ^~~~~~   ~~~~~~~
ource3/registry/reg_api.c:958:9: warning: Value stored to 'werr' during its initialization is never read <--[clang]
        WERROR werr = WERR_OK;
               ^~~~   ~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
963f58fb by Noel Power at 2019-07-16T22:52:25+00:00
s3/registry: clang: Fix 'initialization value is never read'

Fixes:

source3/registry/reg_backend_db.c:853:9: warning: Value stored to 'result' during its initialization is never read <--[clang]
        WERROR result = WERR_OK;
               ^~~~~~   ~~~~~~~

source3/registry/reg_backend_db.c:1677:2: warning: Value stored to 'len' is never read <--[clang]
        len = 0;
        ^     ~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
b388c217 by Noel Power at 2019-07-16T22:52:25+00:00
s3/lib: clang: 'Value stored to 'rta' is never read'

Fixes:
source3/lib/addrchange.c:217:2: warning: Value stored to 'rta' is never read <--[clang]
        rta = IFA_RTA(ifa);
        ^     ~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
c4613521 by Noel Power at 2019-07-17T00:07:48+00:00
s3/lib/smbconf: clang: 'Value stored during its initialization is never read'

Fixes:

source3/lib/smbconf/smbconf_reg.c:123:9: warning: Value stored to 'werr' during its initialization is never read <--[clang]
        WERROR werr = WERR_OK;
               ^~~~   ~~~~~~~
source3/lib/smbconf/smbconf_reg.c:178:9: warning: Value stored to 'werr' during its initialization is never read <--[clang]
        WERROR werr = WERR_OK;
               ^~~~   ~~~~~~~
source3/lib/smbconf/smbconf_reg.c:444:9: warning: Value stored to 'werr' during its initialization is never read <--[clang]
        WERROR werr = WERR_OK;
               ^~~~   ~~~~~~~
source3/lib/smbconf/smbconf_reg.c:583:9: warning: Value stored to 'werr' during its initialization is never read <--[clang]
        WERROR werr = WERR_OK;
               ^~~~   ~~~~~~~
source3/lib/smbconf/smbconf_reg.c:712:9: warning: Value stored to 'werr' during its initialization is never read <--[clang]
        WERROR werr = WERR_OK;
               ^~~~   ~~~~~~~
source3/lib/smbconf/smbconf_reg.c:995:9: warning: Value stored to 'werr' during its initialization is never read <--[clang]
        WERROR werr = WERR_OK;
               ^~~~   ~~~~~~~
source3/lib/smbconf/smbconf_reg.c:1103:9: warning: Value stored to 'werr' during its initialization is never read <--[clang]
        WERROR werr = WERR_OK;
               ^~~~   ~~~~~~~
7 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Wed Jul 17 00:07:48 UTC 2019 on sn-devel-184

- - - - -
ee2fe56b by Aaron Haslett at 2019-07-17T06:17:10+00:00
drepl: memory leak fix

Fixes a memory leak where schema reference attached to ldb
instance is lost before it can be freed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14042

Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>

Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Wed Jul 17 06:17:10 UTC 2019 on sn-devel-184

- - - - -
79e3b1c7 by Volker Lendecke at 2019-07-17T11:27:20+00:00
smbd: Increase a debug level

This is not a real error, it happens when the share mode record is not
around.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
69cca061 by Volker Lendecke at 2019-07-17T12:45:51+00:00
lib: Optimize file_compare

Triggered by two coverity false positives. Loading both files into
talloc'ed memory seems inefficient to me. Rely on stdio to do proper
buffering. This removes the restriction from ae95d611: "It is meant for
small files".

This is more lines, but to me it has less implicit complexity.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

Autobuild-User(master): Uri Simchoni <uri at samba.org>
Autobuild-Date(master): Wed Jul 17 12:45:51 UTC 2019 on sn-devel-184

- - - - -
664eed2e by Andreas Schneider at 2019-07-18T01:30:20+00:00
lib:util: Use GnuTLS random number generator in genrand.c

FIPS requires that a random number generator from a certified crypto
library is used.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Jul 18 01:30:20 UTC 2019 on sn-devel-184

- - - - -
b0fc1ca6 by Volker Lendecke at 2019-07-18T12:55:30+00:00
lib: Fix the 32-bit build

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Jul 18 12:55:30 UTC 2019 on sn-devel-184

- - - - -
0bcfc550 by Garming Sam at 2019-07-19T02:20:47+00:00
gp_inf: Read/write files with a UTF-16LE BOM in GptTmpl.inf

Regression caused by 16596842a62bec0a9d974c48d64000e3c079254e

[MS-GPSB] 2.2 Message Syntax says that you have to write a BOM which I
didn't do up until this patch. UTF-16 as input encoding was marked much
higher up in the inheritance tree, which got overriden with the Python 3
fixes. I've now marked the encoding much more obviously for this file..

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14004

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Fri Jul 19 02:20:47 UTC 2019 on sn-devel-184

- - - - -
c0b1884c by Samuel Cabrero at 2019-07-22T16:49:12+00:00
s3:rpc_server: Rename create_dcerpc_ncalrpc_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
3153814d by Samuel Cabrero at 2019-07-22T16:49:12+00:00
s3:rpc_server: Return NTSTATUS for dcesrv_create_ncalrpc_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
05507d4d by Samuel Cabrero at 2019-07-22T16:49:12+00:00
s3:rpc_server: Switch to new debug macros for dcesrv_create_ncalrpc_socket

Additionally new debug messages are added and the existing ones improved.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
af576d33 by Samuel Cabrero at 2019-07-22T16:49:12+00:00
s3:rpc_server: Rename dcerpc_ncalrpc_listener

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
7f8f857d by Samuel Cabrero at 2019-07-22T16:49:12+00:00
s3:rpc_server: Rename create_named_pipe_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
4a5c440b by Samuel Cabrero at 2019-07-22T16:49:12+00:00
s3:rpc_server: Return NTSTATUS for dcesrv_create_ncacn_np_socket

The 'fd' state struct member is initialized after allocation because it
is checked in the error path.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
3fdd4dc0 by Samuel Cabrero at 2019-07-22T16:49:12+00:00
s3:rpc_server: Switch to new debug macros for dcesrv_create_ncacn_np_socket

Additionally messages are improved.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b6537c15 by Samuel Cabrero at 2019-07-22T16:49:12+00:00
s3:rpc_server: Rename setup_named_pipe_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
e05ce7b9 by Samuel Cabrero at 2019-07-22T16:49:12+00:00
s3:rpc_server: Return NTSTATUS for dcesrv_setup_ncacn_np_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
fc3d582c by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Switch to new debug macros for dcesrv_setup_ncacn_np_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b52d58d6 by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Rename named_pipe_listener

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5ed7ee72 by Stefan Metzmacher at 2019-07-22T16:49:13+00:00
s3:rpc_server: simplify the error checking of create_tcpip_socket() callers

create_tcpip_socket() never returns a valid fd and left port as 0.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
b7817eaf by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Rename create_tcpip_socket

Additionally move function declaration from proto.h to rpc_server.h

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
e3999a14 by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Return NTSTATUS for dcesrv_create_ncacn_ip_tcp_socket

Additionally to the fd number, check the port number has been correctly
assigned. This check was performed by the callers of this function.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
6b2aefc5 by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Use new debug macros for dcesrv_create_ncacn_ip_tcp_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
edc8ef72 by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Rename dcerpc_ncacn_tcpip_listener

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
3f4be0b9 by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Rename rpc_create_tcpip_sockets

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
a6b58998 by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Rename setup_dcerpc_ncacn_tcpip_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ae14c510 by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Return NTSTATUS for dcesrv_setup_ncacn_ip_tcp_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
cbf497dc by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Use new debug macros in dcesrv_setup_ncacn_ip_tcp_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
1a1f31e0 by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Rename setup_dcerpc_ncalrpc_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5a544864 by Samuel Cabrero at 2019-07-22T16:49:13+00:00
s3:rpc_server: Return NTSTATUS for dcesrv_setup_ncalrpc_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
1f2caa41 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:rpc_server: Use new debug macros in dcesrv_setup_ncalrpc_socket

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
2cb4a9c6 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:rpc_server: Use talloc_zero for dcerpc_ncacn_listen_state

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
fd62ab62 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:spoolss: Exit if fork call fails

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f527964f by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:rpc_server: Set the endpoint name to "IP" on ncacn_ip_tcp listener

This matchs what lsasd and mdssd does.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
60b7b791 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:rpc_server: Fix code formatting and improve debug messages

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
0a65fa8a by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:utils: New struct to fix strict aliasing issues with sockets API

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
8cb921d2 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
lib:tsocket: New function to build a tsocket_context from samba_address

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
7ee4dff9 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:rpc_server: Fix hidden strict aliasing issues

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
d1d37a0a by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:rpc_server: Return NTSTATUS in rpc_ep_setup and setup functions

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
6ac17026 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3-prefork: Add header inclusion guards

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
fdfa0e0a by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:epmapper: Rename conflicting struct

Rename an epmapper internal struct which will conflict when merging s3
and s4 rpc servers.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
d8d7c981 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:rpc_server: Set dcerpc_ncacn_connection destructor

And call disconnection callback from there if it is set.
Additionally change named_pipe_termination_fn to have * in typedef.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
cc6342e7 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:rpc_server: Move dcerpc_ncanc_conn to header file

Next commits will remove named_pipe_client and dcerpc_ncacn_connection
will be used in its place. It has to be moved to a header file as it
will be used by functions in rpc_server.c and rpc_ncacn_np.c.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
61fb17f8 by Samuel Cabrero at 2019-07-22T16:49:14+00:00
s3:rpc_server: Add termination function and data to dcerpc_ncacn_conn

In preparation to remove the named_pipe_client structure, this function
will be called from ncacn_conn destructor passing the private data pointer
as argument. It is mainly used by preforked childs in "process model" to
attend the next client as soon as the previous client ends the connection..

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
52c3bebd by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Split dcerpc_ncacn_accept to deal with tstream_npa

In preparation to remove the named_pipe_client struct split the function
if two parts and build the tstream context as soon as possible, as it
will take care of closing the socket when the tstream_context is freed.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
2e938e22 by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Add a function to initialize the dcerpc_ncacn_conn struct

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
c976d456 by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Make dcerpc_ncacn_packet_process public

In preparation to remove the named_pipe_client struct, this function
will be set as tevent callback from rpc_ncacn_np.c

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
82759189 by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Check remote address supplied to dcerpc_ncacn_accept

Check if the supplied tsocket_address is valid before changing the
talloc chunk parent to the ncacn_conn struct.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
85201cc7 by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Remove named_pipe_client struct and use dcerpc_ncacn_conn

Now NCACN_NP connections run the same loop as NCACN_IP_TCP and NCALRPC
connections.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
6964348b by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:prefork: Allow to associate private data with listening socket

Prepare for merger RPC server codebase, where it will be necessary to
stablish an association between the listening socket and the
dcesrv_endpoint that the socket is serving.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
01c6602d by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Initialize auxiliary variable checked in error path

The auxiliary variable is checked in the function's exit code so reset
it after each usage.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
6f07f467 by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Set debug class in all rpc server related files

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5d8e1341 by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Return NTSTATUS in make_internal_rpc_pipe_p

Also make it static as it is not used outside rpc_ncacn_np.c

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5865cf4d by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:spoolss: Set remote and local address for accepted connections

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
cdaf06ab by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Unify RPC client disconnect and termination functions

These functions are used by endpoint mapper to delete the endpoints
when a NCALRPC connection from an external daemon is lost and by
preforked childs to accept the next client as soon as the current
connection terminates. We can use the same function for both purposes.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
0c04daf5 by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Rename dcesrv_handle struct

The name conflicts with the S4 name.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
4d42b7cd by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Check pointer before dereference

The debug message dereference the pointer, but as close_policy_by_pipe
is called from pipes_struct destructor it may be not initialized yet if
an error occur in the initialization code.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f7529fff by Samuel Cabrero at 2019-07-22T16:49:15+00:00
s3:rpc_server: Make make_external_rpc_pipe_p and np_proxy_state private

This function and struct is not used outside rpc_ncacn_np.c

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
dde08e8f by Samuel Cabrero at 2019-07-22T16:49:16+00:00
s3:rpc_server: Return NTSTATUS in is_known_pipename function

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
a2c943f5 by Samuel Cabrero at 2019-07-22T16:49:16+00:00
s3:rpc_server:spoolssd: Move socket creation to its own function

The function also handles the registration in the endpoint mapper.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
6be10e6d by Samuel Cabrero at 2019-07-22T16:49:16+00:00
s3:rpc_server: Improve debug messages

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
7a167b37 by Samuel Cabrero at 2019-07-22T16:49:16+00:00
s3:rpc_server: Call server exit routines in sigterm handler

The exit server routines already call rpc shutdown functions

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
63a39ef6 by Samuel Cabrero at 2019-07-22T16:49:16+00:00
s3:rpc_server: Call fsrvp RPC shutdown function from server exit routines

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ee6fb27c by Samuel Cabrero at 2019-07-22T16:49:16+00:00
s3:rpc_server: Call epmapper RPC shutdown function from server exit routines

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
c1e649fd by Samuel Cabrero at 2019-07-22T18:04:53+00:00
s3:rpc_server: Call server exit routines in sigterm handler

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Jul 22 18:04:53 UTC 2019 on sn-devel-184

- - - - -
c3a52e4c by Douglas Bagnall at 2019-07-22T22:20:25+00:00
py segfault test: registry.open_hive

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3383390b by Douglas Bagnall at 2019-07-22T22:20:25+00:00
tests/py-segfault: add messaging.deregister()

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4496e073 by Douglas Bagnall at 2019-07-22T22:20:25+00:00
talloc: add pytalloc_get_name() helper

In several places we go

   talloc_get_name(pytalloc_get_ptr(py_obj))

which is a certain NULL derefernce if py_obj is not a talloc object.

This is a helper function that chooses to say "non-talloc object"
rather than crash.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
dc20e7c6 by Douglas Bagnall at 2019-07-22T22:20:25+00:00
talloc: pytalloc_get_checked_type: survive non-talloc objects

If the python object is not a talloc object, we will end up
with a NULL pointer. We weren't checking for that properly

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
ac23eeb4 by Douglas Bagnall at 2019-07-22T22:20:25+00:00
talloc/py_util: remove tautologically dead code

Being careful is good and all, but if we don't trust the

       static PyTypeObject *type = NULL;

two lines up, we need to reconsider our entire software universe.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
cd20e387 by Andrew Bartlett at 2019-07-22T22:20:25+00:00
talloc: Release talloc 2.3.0

* add pytalloc_get_name() to safely access te talloc name in Python bindings
* Use a new minor version to allow talloc updates in the 4.11 release stream

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz

- - - - -
99c43354 by Douglas Bagnall at 2019-07-22T22:20:25+00:00
libcli/pysecurity: use pytalloc_get_name to avoid NULL deref

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5405f2ad by Douglas Bagnall at 2019-07-22T22:20:25+00:00
s4/py_dsdb: avoid NULL deref in set_domain_sid()

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2d1c269a by Douglas Bagnall at 2019-07-22T22:20:25+00:00
s4/rpc/py_security: don't deref NULL for invalid values

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
c9c1d444 by Douglas Bagnall at 2019-07-22T22:20:25+00:00
auth/pycredentials: always check self is a Credentials object

This prevents a segfault with

    credentials.Credentials.guess(x)

where x is not a Credentials object.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0d0a88fc by Douglas Bagnall at 2019-07-22T22:20:26+00:00
pycredentials.h: use import to ensure python type correctness

Because we include pyrpc_util.h, pycredentials doesn't need its own
PyStringFromStringOrNull().

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
95a5140d by Douglas Bagnall at 2019-07-22T22:20:26+00:00
pysecurity: use unsigned int, not int to approximate uint32_t

the "I" flag for unsigned int has been available since Python 2.3

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
f8fb6f32 by Douglas Bagnall at 2019-07-22T22:20:26+00:00
auth/pycreds/encrypt_netr_crypt_password: don't segfault

Non-talloc objects were treated as talloc objects, to no good effect

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a5e8a5e0 by Douglas Bagnall at 2019-07-22T22:20:26+00:00
auth/pycreds/encrypt_netr_crypt_password: don't pretend arg is optional

The "|O" signature is saying the password argument is optional, which
makes no sense in terms of the funxtion and immediately leads to a
TypeError (or until last commit, segfault). Removing the "|" leaves it
with a TypeError, but it is better worded and faster.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
57fc8b6c by Douglas Bagnall at 2019-07-22T22:20:26+00:00
s4/auth/pygensec: don't segfault when reporting bad types

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a2680b44 by Douglas Bagnall at 2019-07-22T22:20:26+00:00
s3/libsmb/py: avoid null deref with bad python arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
f3b65ff4 by Douglas Bagnall at 2019-07-22T22:20:26+00:00
s3/smbd/py: avoid null deref with bad python arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
936c9662 by Douglas Bagnall at 2019-07-22T22:20:26+00:00
s4/gensec/py: avoid null deref with bad python arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3d33e336 by Douglas Bagnall at 2019-07-22T22:20:26+00:00
s4/auth/py: avoid null deref with bad python arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0348dd4b by Douglas Bagnall at 2019-07-22T23:37:56+00:00
dcerpc: use anon creds for unknown transport

Otherwise we get a segfault when the NULL creds are dereferenced in cli_credentials_is_anonymous()

 $  python3 -c"from samba.dcerpc.dnsserver import dnsserver; d = dnsserver('addc')"

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Jul 22 23:37:57 UTC 2019 on sn-devel-184

- - - - -
42bd3a72 by Christof Schmitt at 2019-07-23T18:27:25+00:00
Revert "nfs4acl: Fix owner mapping with ID_TYPE_BOTH"

This reverts commit 5d4f7bfda579cecb123cfb1d7130688f1d1c98b7.

That patch broke the case with ID_TYPE_BOTH where a file is owned by a
group (e.g. using autorid and having a file owned by
BUILTIN\Administrators). In this case, the ACE entry for the group gets
mapped a to a user ACL entry and the group no longer has access (as in
the user's token the group is not mapped to a uid).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a06486bb by Christof Schmitt at 2019-07-23T18:27:25+00:00
nfs4_acls: Remove fsp from smbacl4_win2nfs4

Only the information whether the ACL is for a file or a directory is
required. Replacing the fsp with a flag is clearer and allows for unit
testing of the mapping functions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8fb906a1 by Christof Schmitt at 2019-07-23T18:27:25+00:00
selftest: Start implementing unit test for nfs4_acls

Existing smbtorture tests set and query ACLs through SMB, only working
with the DACLs in the Security Descriptors, but never check the NFSv4
ACL representation. This patch introduces a unit test to verify the
mapping between between Security Descriptors and NFSv4 ACLs. As the
mapping code queries id mappings, the id mapping cache is first primed
with the mappings used by the tests and those mappings are removed again
during teardown.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
00f494b2 by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add tests for mapping of empty ACLs

This is a fairly simple test that ensures the mapping of empty ACLs
(without any ACL entries) is always done the same way.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
dd593479 by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add tests for mapping of ACL types

Add testcases for mapping the type field (ALLOW or DENY) between NFSv4
ACLs and security descriptors.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
16eb61a9 by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add test for flags mapping from NFS4 ACL to DACL

Add testcase for the mapping of inheritance flags when mapping from a
NFSv4 ACL to a DACL in the security descriptor. The mapping is different
between files and directories, as some inheritance flags should never be
present for files. Some defined flags like SUCCESSFUL_ACCESS are also
not mapped at this point, also verify this behavior.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
bccd2612 by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add test for flags mapping from DACL to NFS4 ACL

Add testcase for the mapping of inheritance flags from the DACL in the
security descriptor to the NFSv4 ACL. The mapping is different for files
and directories as some inheritance flags should not be present for
files. Also other flags are not mapped at all, verify this behavior.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1767027b by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add test for mapping permissions from NFS4 ACL to DACL

Add testcase for mapping permissions from the NFSv4 ACL to DACL in the
security descriptor. The mapping is simple as each permission bit exists
on both sides.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e4840e68 by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add test for mapping permissions from DACL to NFS4 ACL

Add testcase for mapping the permission flags from the DACL in the
Security Descriptor to a NFSv4 ACL. The mapping is straight-forward as
the same permission bits exist for Security Descriptors and NFSv4 ACLs.
In addition, the code also maps from the generic DACL permissions to a
set of NFSv4 permissions, also verify this mapping.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f8614894 by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add test for mapping of special NFS4 ACL entries to DACL entries

In addition to entries for users and groups, NFSv4 ACLs have the concept
of entries for "special" entries. Only the "owner", "group" and
"everyone" entries are currently used in the ACL mapping.

Add a testcase that verifies the mapping from NFSv4 "special" entries to
the DACL in the security descriptor. Verify that only "owner", "group"
and "everyone" are mapped and all other "special" entries are ignored.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1f1fa5bd by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add test for mapping from DACL to special NFS4 ACL entries

Add testcase for mapping from entries in the DACL security descriptor to
"special" entries in the NFSv4 ACL. Verify that the WORLD well-known SID
maps to "everyone" in the NFSv4 ACL. Verify that the "Unix NFS" SID is
ignored, as there is no meaningful mapping for this entry. Verify that
SID entries matching the owner or group are mapped to "special owner"
or "special group", but only if no inheritance flags are used. "special
owner" and "special group" with inheritance flags have the meaning of
CREATOR OWNER and CREATOR GROUP and will be tested in another testcase.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
bfcc19b7 by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add test for mapping CREATOR entries to NFS4 ACL entries

Add testcase for mapping DACL entries CREATOR OWNER and CREATOR GROUP
with inheritance flag in the security descriptor to NFSv4 "special
owner" and "special group" entries. This is the correct mapping for
these entries as inheriting "special owner" and "special group" grants
permissions to the actual owner and owning group of the new file or
directory, similar to what CREATOR entries do.

The other side is that CREATOR entries without any inheritance flags do
not make sense, so these are not mapped to NFSv4 ACL entries.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3c9cda0f by Christof Schmitt at 2019-07-23T18:27:25+00:00
test_nfs4_acls: Add test for mapping from NFS4 to DACL CREATOR entries

Add testcase for mapping from NFSv4 ACL entries for "special owner" and
"special group" to DACL entries in the security descriptor. Each NFSv4
entry here with INHERIT_ONLY maps directly to a CREATOR OWNER or CREATOR
GROUP entry in the DACL. Entries without INHERIT_ONLY map to the CREATOR
entry and an additional explicit entry granting permission on the
current object.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
30677df4 by Christof Schmitt at 2019-07-23T18:27:26+00:00
test_nfs4_acls: Add test for 'map full control' option

"map full control" when enabled adds the DELETE_CHILD permission, when
all other permissions are present. This allows Windows clients to
display the "FULL CONTROL" permissions.

Add a testcase that verifies this mapping when mapping from NFSv4 ACL to
the DACL in the security descriptor. Also verify that switching the
option off disables this behavior.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
9671bf2b by Christof Schmitt at 2019-07-23T18:27:26+00:00
test_nfs4_acls: Add test for acedup settings

The NFSv4 ACL mapping code has a setting nfs4:acedup. Depending on the
setting, when mapping from DACLs to NFSv4 ACLs, duplicate ACL entries
are either merged, ignored or rejected. Add a testcase that has
duplicate ACL entries and verify the expected behavior for all possible
settings of the nfs4:acedup option.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f55cdf42 by Christof Schmitt at 2019-07-23T18:27:26+00:00
test_nfs4_acls: Add test for matching DACL entries for acedup

The NFSv4 mapping code has a config option nfs4:acedup for the mapping
path from DACLs to NFSv4 ACLs. Part of this codepath is detecting
duplicate ACL entries. Add a testcase with different ACL entries and
verify that only exactly matching entries are detected as duplicates and
treated accordingly.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7ae06d96 by Christof Schmitt at 2019-07-23T18:27:26+00:00
test_nfs4_acls: Add test for mapping from DACL to NFS4 ACL with config special

The mapping code between NFSv4 ACLs and security descriptors still has
the deprecated config setting "nfs4:mode = special". This should not be
used as it has security problems: All entries matching owner or group
are mapped to "special owner" or "special group", which can change its
meaning when being inherited to a new file or directory with different
owner and owning group.

This mode should eventually be removed, but as long as it still exists
add testcases to verify the expected behavior. This patch adds the
testcase for "nfs4:mode = special" when mapping from the DACL in the
security descriptor to the NFSv4 ACL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
829c5ea9 by Christof Schmitt at 2019-07-23T18:27:26+00:00
test_nfs4_acls: Add test for mapping from NFS4 to DACL in config mode special

The mapping code between NFSv4 ACLs and security descriptors still has
the deprecated config setting "nfs4:mode = special". This should not be
used as it has security problems: All entries matching owner or group
are mapped to "special owner" or "special group", which can change its
meaning when being inherited to a new file or directory with different
owner and owning group.

This mode should eventually be removed, but as long as it still exists
add testcases to verify the expected behavior. This patch adds the
testcase for "nfs4:mode = special" when mapping from the NFS4 ACL to the
DACL in the security descriptor.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
86480410 by Christof Schmitt at 2019-07-23T18:27:26+00:00
test_nfs4_acls: Add test for mapping from NFS4 ACL to DACL with IDMAP_TYPE_BOTH

When id mappings use IDMAP_TYPE_BOTH, the NFSv4 ACL mapping code is not
aware whether a particular entry is for a user or a group. The
underlying assumption then is that is should not matter, as both the ACL
mapping maps everything to NFSv4 ACL group entries and the user's token
will contain gid entries for the groups.

Add a testcase to verify that when mapping from NFSv4 ACL entries to
DACLs with IDMAP_TYPE_BOTH, all entries are mapped as expected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
38331b00 by Christof Schmitt at 2019-07-23T18:27:26+00:00
test_nfs4_acls: Add test for mapping from DACL to NFS4 ACL with IDMAP_TYPE_BOTH

When id mappings use IDMAP_TYPE_BOTH, the NFSv4 ACL mapping code is not
aware whether a particular entry is for a user or a group. The
underlying assumption then is that is should not matter, as both the ACL
mapping maps everything to NFSv4 ACL group entries and the user's token
will contain gid entries for the groups.

Add a testcase to verify that when mapping from DACLS to NFSv4 ACL
entries with IDMAP_TYPE_BOTH, all entries are mapped as expected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d9a2ff55 by Christof Schmitt at 2019-07-23T18:27:26+00:00
nfs4_acls: Use sids_to_unixids to lookup uid or gid

This is the newer API to lookup id mappings and will make it easier to
add to the IDMAP_TYPE_BOTH case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f198a086 by Christof Schmitt at 2019-07-23T18:27:26+00:00
nfs4_acls: Use switch/case for checking idmap type

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3b3d722c by Christof Schmitt at 2019-07-23T18:27:26+00:00
nfs4_acls: Use correct type when checking ownerGID

uid and gid are members of the same union so this makes no difference,
but for type correctness and readability use the gid to check for
ownerGID.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
336e8668 by Christof Schmitt at 2019-07-23T18:27:26+00:00
nfs4_acls: Add helper function for checking INHERIT flags.

This avoids some code duplication. Do not make this static, as it will
be used in a later patch.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmit <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ba73d236 by Christof Schmitt at 2019-07-23T18:27:26+00:00
nfs4_acls: Add missing braces in smbacl4_win2nfs4

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
44790721 by Christof Schmitt at 2019-07-23T18:27:26+00:00
nfs4_acls: Remove i argument from smbacl4_MergeIgnoreReject

This is only used for logging of a rejected ACL, but does not provide
additional useful information. Remove it to simplify the function a bit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3499d974 by Christof Schmitt at 2019-07-23T18:27:26+00:00
nfs4_acls: Move smbacl4_MergeIgnoreReject function

This static function will be called earlier in later patches.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
abb58b17 by Christof Schmitt at 2019-07-23T18:27:27+00:00
nfs4_acls: Move adding of NFS4 ACE to ACL to smbacl4_fill_ace4

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7ab0003f by Christof Schmitt at 2019-07-23T18:27:27+00:00
nfs4_acls: Remove redundant logging from smbacl4_fill_ace4

Logging flags in case they do not match seems unnecessary. Other log
messages should show the flags as well.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
aa464419 by Christof Schmitt at 2019-07-23T18:27:27+00:00
nfs4_acls: Remove redundant pointer variable

The previous patch introduced a pointer to a local variable to reduce
the amount of lines changed. Remove that pointer and adjust all usage
accordingly.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b796119e by Christof Schmitt at 2019-07-23T18:27:27+00:00
nfs4_acls: Add additional owner entry when mapping to NFS4 ACL with IDMAP_TYPE_BOTH

With IDMAP_TYPE_BOTH, all entries have to be mapped to group entries.
In order to have the file system reflect the owner permissions in the
POSIX modebits, create a second entry for the user. This will be mapped
to the "special owner" entry.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
16981294 by Christof Schmitt at 2019-07-23T18:27:27+00:00
nfs4_acls: Rename smbacl4_fill_ace4 function

As this function now maps the ACE and also adds it to the NFSv4 ACE,
change the name to better describe its behavior.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
9c886021 by Christof Schmitt at 2019-07-23T18:27:27+00:00
nfs4_acls: Remove duplicate entries when mapping from NFS4 ACL to DACL

The previous patch added an additional entry for IDMAP_TYPE_BOTH. When
mapping back to a DACL, there should be no additional entry. Add a loop
that will check and remove entries that are exact duplicates.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1a137a2f by Christof Schmitt at 2019-07-23T18:27:27+00:00
nfs4_acls: Add test for merging duplicates when mapping from NFS4 ACL to DACL

The previous patch introduced merging of duplicates on the mapping path
from NFS4 ACL entries to DACL entries. Add a testcase to verify the
expected behavior of this codepath.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
86f7af84 by Christof Schmitt at 2019-07-23T18:27:27+00:00
nfs4_acls: Use correct owner information for ACL after owner change

After a chown, the cached stat data is obviously no longer valid. The
code in smb_set_nt_acl_nfs4 checked the file correctly, but did only use
a local buffer for the stat data. So later checks of the stat buffer
under the fsp->fsp_name->st would still see the old information.

Fix this by removing the local stat buffer and always update the one
under fsp->fsp_name->st.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
0aca678f by Christof Schmitt at 2019-07-23T18:27:27+00:00
vfs_gpfs: Remove merge_writeappend parameter

All supported GPFS versions now support setting WRITE and APPEND in the
ACLs independently. Remove this now unused parameter to simplify the
code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8bd79ecc by Christof Schmitt at 2019-07-23T18:27:27+00:00
docs: Remove gpfs:merge_writeappend from vfs_gpfs manpage

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
fbf3a090 by Christof Schmitt at 2019-07-23T18:27:27+00:00
vfs_gpfs: Move mapping from generic NFSv ACL to GPFS ACL to separate function

This is not functional change. It cleans up the code a bit and makes
expanding this codepath in a later patch easier.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c1770ed9 by Christof Schmitt at 2019-07-23T18:27:27+00:00
vfs_gpfs: Implement special case for denying owner access to ACL

In GPFS, it is not possible to deny ACL or attribute access through a
SPECIAL_OWNER entry. The best that can be done is mapping this to a
named user entry, as this one can at least be stored in an ACL. The same
cannot be done for inheriting SPECIAL_OWNER entries, as these represent
CREATOR OWNER entries, and the limitation of not being able to deny
owner access to ACL or attributes remains.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8f3ebad2 by Christof Schmitt at 2019-07-23T18:27:27+00:00
nfs4_acls: Remove unused SMB_ACLTYPE_ defines

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3a71d619 by Christof Schmitt at 2019-07-23T18:27:28+00:00
nfs4_acls: Change type of smbacl4_substitute_simple to void

The function always returned true and the return code was never checked,
so simply change to void.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
54a0b1ca by Christof Schmitt at 2019-07-23T18:27:28+00:00
nfs4_acls: Use C99 initializer instead of ZERO_STRUCTP for params struct

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
728de597 by Christof Schmitt at 2019-07-23T18:27:28+00:00
nfs4_acls: Add warning for deprecated setting nfs4:mode special

The documentation states this has been deprecated for years. Add logging
a warning when this is set. Maybe this can be removed in the future.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
de4a1158 by Christof Schmitt at 2019-07-23T18:27:28+00:00
nfs4_acls: Update copyright header

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ab4e91d2 by Christof Schmitt at 2019-07-23T18:27:28+00:00
docs: Update nfs4:mode example for vfs_zfs

nfs4:mode special has been deprecated. Switch the example to "simple" to
avoid the deprecated setting in the example.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b52b5de7 by Christof Schmitt at 2019-07-23T18:27:28+00:00
nfs4_acls: Mark nfs4:acedup ignore and reject as deprecated

The default setting for nfs4:acedup is "dontcare". The only
recommendation i could find is setting this to "merge". The setting of
"ignore" is dangerous as it would silently drop ACEs. "reject" also
seems less useful as it would disallow setting of ACLs that can easily
be stored.

Report "ignore" and "reject" as deprecated. Maybe these can be removed
in the future to simplify the code.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4aac7d37 by Christof Schmitt at 2019-07-23T18:27:28+00:00
docs: Update manpages for deprecated nfs4:acedup settings

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f81191d5 by Christof Schmitt at 2019-07-23T18:27:28+00:00
nfs4_acls: Change default of nfs4:acedup to "merge"

All tutorials i could find that configure Samba with NFSv4 ACLs set this
parameter to "merge". As this seems to be the main usecase, make this
setting the default.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f466f4d3 by Christof Schmitt at 2019-07-23T18:27:28+00:00
docs: Update vfs_gpfs manpage for the new default of nfs4:acedup

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d28b5519 by Christof Schmitt at 2019-07-23T18:27:28+00:00
WHATSNEW: Document change of default for nfs4:acedup parameter

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a073799d by Christof Schmitt at 2019-07-23T19:45:05+00:00
nfs4_acls: Use fsp stat buffer in smb_fget_nt_acl_nfs4

Instead of having a local buffer for the stat data, update the one kept
in the fsp. With this change the local stat buffer and the helper
function smbacl4_fGetFileOwner are no longer needed and can be removed.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Tue Jul 23 19:45:05 UTC 2019 on sn-devel-184

- - - - -
9f504fd5 by Tim Beale at 2019-07-24T02:24:27+00:00
traffic_replay: Store total conversations on the replay context

This is useful info to know, and will be used in subsequent commits.

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
6b1f9b4a by Tim Beale at 2019-07-24T02:24:27+00:00
traffic_replay: Make use of SCOPE_BASE explicit

i.e. avoid hard-coded numbers.

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
6d6fe499 by Gary Lockyer at 2019-07-24T02:24:27+00:00
traffic replay: Store the instance id in the replay context

Store the traffic runner instance id in the replay context.  Will be
used in subsequent commits.

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
7abfa677 by Gary Lockyer at 2019-07-24T02:24:27+00:00
traffic replay test: Populate total_converations and instance_id

Ensure that the total_conversations and instance_id attributes are
assigned a value in the replay contexts passed to test cases.

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
630857c7 by Tim Beale at 2019-07-24T02:24:27+00:00
traffic_replay: Avoid DB full scans in LDAP searches

When generating LDAP search traffic, a full DB scan can be very costly.
Avoiding full-scan LDAP searches means that we can run traffic_replay
against a 100K user DB and get some sane results.

Because the traffic_learner doesn't record the LDAP search filter at all,
the traffic_replay LDAP searches default to being full scans.
Doing full scans meant that the LDAP search was usually the first packet
type to exceed the max latency and fail the test. It could also skew
results for the other packet types by creating big demands on memory/CPU/
DB-lock-time.

It's hard to know for sure exactly what real-world LDAP searches will
look like, but let's assume full scan searches will be fairly rare.
In traffic-model files we've collected previously, some of the
attributes are fairly unique (e.g. pKIExtendedKeyUsage), and as there
are some LDAP queries specified in MS specs (such as MS-GPOL and
MS-WCCE), it allows us to infer what the search filter might be.

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
256684c7 by Tim Beale at 2019-07-24T04:18:21+00:00
join: Use a specific attribute order for the DsAddEntry nTDSDSA object

Joining a Windows domain can throw an error if the HasMasterNCs
attribute occurs before msDS-HasMasterNCs. This patch changes the
attribute order so that msDS-HasMasterNCs is always first.

Previously on python2, the dictionary hash order was arbitrary but
constant. By luck, msDS-HasMasterNCs was always before HasMasterNCs, so
we never noticed any problem. With python3, the dictionary hash order
now changes everytime you run the command, so the order is
unpredictable.

To enforce a order, we can change to use an OrderedDict, which will
return the keys in the order they're added.

I've asked Microsoft to clarify the protocol requirement here WRT
attribute order. However, in the meantime we may as well fix the problem
for users.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14046
RN: When trying to join a Windows domain (with functional level 2008R2)
as an AD domain controller, the 'samba-tool domain join' command could
throw a python exception: 'RuntimeError ("DsAddEntry failed")'. When
this problem occurred, you would also see the message "DsAddEntry failed
with status WERR_ACCESS_DENIED info (8363, 'WERR_DS_NO_CROSSREF_FOR_NC')"
in the command output. This issue has now been resolved. Note that this
problem would only occur on Samba v4.10 when using the Python3 packages.

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jul 24 04:18:21 UTC 2019 on sn-devel-184

- - - - -
765fc314 by Noel Power at 2019-07-24T04:19:27+00:00
s4/auth/kerberos: clang: Fix 'value stored to 'ret' is never read '

Fixes:

source4/auth/kerberos/kerberos_pac.c:116:2: warning: Value stored to 'ret' is never read <--[clang]
        ret = smb_krb5_make_pac_checksum(mem_ctx,
        ^     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
6f733b58 by Noel Power at 2019-07-24T04:19:27+00:00
s4/auth/kerberos: clang: Fix Value stored to 'code' is never read

Fixes:

source4/auth/kerberos/kerberos_util.c:645:3: warning: Value stored to 'code' is never read <--[clang]
                code = 0;
                ^      ~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
79d58568 by Noel Power at 2019-07-24T04:19:27+00:00
s4/dsdb/common: clang: Fix 'function call argument is an uninitialized value'

Fixes:

source4/dsdb/common/util.c:1804:8: warning: 3rd function call argument is an uninitialized value <--[clang]
        ret = samdb_reference_dn(ldb, mem_ctx, server_ref_dn, "rIDSetReferences", dn);

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
bd86df91 by Noel Power at 2019-07-24T04:19:27+00:00
s4/dsdb/common: clang: Fix 'The left operand of '&' is a garbage value'

Fixes:

source4/dsdb/common/util.c:1964:18: warning: The left operand of '&' is a garbage value <--[clang]
        return (options & DS_NTDSDSA_OPT_IS_GC) != 0;
                ~~~~~~~ ^

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
55f18757 by Noel Power at 2019-07-24T04:19:27+00:00
s4/dsdb/common: clang: Fix 'Access results in a deref of a null pointer'

Fixes:

source4/dsdb/common/util.c:2000:6: warning: Access to field 'count' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
        if (res->count != 1) {
            ^~~

source4/dsdb/common/util.c:3281:28: warning: Access to field 'msgs' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
        el = ldb_msg_find_element(res->msgs[0], attr);
                                  ^~~
source4/dsdb/common/util.c:3568:6: warning: Access to field 'count' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
        if (res->count != 1 || ret != LDB_SUCCESS) {
            ^~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
c7c40e20 by Noel Power at 2019-07-24T04:19:27+00:00
s4/dsdb/common: clang: Fix 'Value stored to 'cps_stdin' is never read'

Fixes:

source4/dsdb/common/util.c:2125:4: warning: Value stored to 'cps_stdin' is never read <--[clang]
                        cps_stdin = -1;

                        ^           ~~
source4/dsdb/common/util.c:2132:3: warning: Value stored to 'cps_stdin' is never read <--[clang]
                cps_stdin = -1;

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
54af94ff by Noel Power at 2019-07-24T05:49:14+00:00
s4/source4/common: clang: Fix 'Dereference of undefined pointer value'

Fixes:

source4/dsdb/common/util.c:3131:6: warning: Dereference of undefined pointer value <--[clang]
        if (res->count < 1) {
            ^

/source4/dsdb/common/util.c:3207:6: warning: Dereference of undefined pointer value <--[clang]
        if (res->count < 1) {
            ^~~~~~~~~~
source4/dsdb/common/util.c:4004:39: warning: Dereference of undefined pointer value <--[clang]
        (*wkguid_dn) = talloc_steal(mem_ctx, res->msgs[0]->dn);
                                             ^
source4/dsdb/common/util.c:4191:35: warning: Dereference of undefined pointer value <--[clang]
        ouv_value = ldb_msg_find_ldb_val(r->msgs[0], "replUpToDateVector");

source4/dsdb/common/util.c:5757:13: warning: 1st function call argument is an uninitialized value <--[clang]
        same_nc = (ldb_dn_compare(source_nc, target_nc) == 0);
                   ^
This fix also fixes the associated 'Access to field 'xyx' results in a
dereference of a null pointer' warnings that also will happen when this
is fixed

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Wed Jul 24 05:49:14 UTC 2019 on sn-devel-184

- - - - -
7f4bc0ea by Aaron Haslett at 2019-07-24T05:50:23+00:00
partition: correcting lock ordering

A schema reading bug was traced to a lock ordering issue in partition.c.
This patch fixes the problem by:
1. Releasing locks/transactions in the order they were acquired.
2. Always lock/start_trans on metadata.tdb first, before any other
databases, and release it last, after all others. This is so that we are
never exposed to MDB's lock semantics, which we don't support.

Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
6c691bf8 by Aaron Haslett at 2019-07-24T05:50:23+00:00
partition: reversing partition unlocking

Unlock partition databases in the reverse order from which they were
acquired. This is separated from the previous commit for future
bisecting purposes, since the last commit was made to fix specific CI
failures, while this one is a speculative fix made based on code
inspection.

Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
9d2fd082 by Tim Beale at 2019-07-24T07:07:01+00:00
netcmd: Better error message for backup with no RID pool

Add a better error message (and what to do about it) if the user tries
to back up a DC that hasn't initialized its RID pool yet.

Seems to be a fairly common problem hit by users.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14048
RN: Added more informative error message if the 'samba-tool domain
backup' command fails due to no RID pool being present on the DC.

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jul 24 07:07:01 UTC 2019 on sn-devel-184

- - - - -
41c94b8b by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: OpenDir() is merely a wrapper around open_dir_safely().

Preparatory work.

Separate these out internal to source3/smbd/dir.c so I can
give the internal and external uses separate destructor functions
to allow all client requested directory enumeration to move to handle
based functions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
d1441089 by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: Move the setting of the destructor of struct smb_Dir * up two levels.

Previously, open_dir_safely() called OpenDir_internal() which
set the destructor.

Move setting the destructor into the callers of open_dir_safely()
as this will allow us to have different destructors for handle-based
calls.

The reason this is important is that I have a follow up patchset
that depends on this which makes all client directory enumerations
handle-based, calling OpenDir_fsp() only, and so the destructor there
will take care of the fsp back pointer.

Trying to keep a common destructor for handle-based and non-handle
based calls broke my brain when trying to separate the handle-based
calls from the non-handle based ones in my later patchset.

NB. The change in OpenDir_fsp() isn't a logic change as instead
of doing an early return from a function that sets the destructor,
we now fallthrough to setting the destructor then return, which
is identical.

Eventually the whole codepath using the fallback for non-handle
opens inside dptr_create() will go away and this simplifies the
code immensely. Some short term pain for long-term gain :-).

Added doxygen documentation as requested.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
eb5fa8ac by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: Use a separate simple destructor for the OpenDir() codepath.

This will help greatly in understanding the code changes later.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
79eae9e3 by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.

Fixes smb_Dir_destructor(). No logic changes.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
8e65157e by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.

Fixes DirCacheAdd(). No logic changes.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
8ad519c4 by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.

Fixes OpenDir_internal(). No logic changes.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
cc4ac86b by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.

Fixes OpenDir_fsp(). No logic changes.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
ec072f1a by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.

Fixes ReadDirName(). No logic changes.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
a5b876f3 by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.

Fixes RewindDir(). No logic changes.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
3d95064c by Jeremy Allison at 2019-07-24T07:40:23+00:00
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.

Fixes TellDir(). No logic changes.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
4db886db by Jeremy Allison at 2019-07-24T08:57:05+00:00
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.

Fixes SearchDir(). No logic changes.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Jul 24 08:57:05 UTC 2019 on sn-devel-184

- - - - -
e7a6c709 by Douglas Bagnall at 2019-07-24T09:35:24+00:00
s4/dsdb/replmd: replicated_handle_rename free temp_ctx

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5d75ab3e by Douglas Bagnall at 2019-07-24T09:35:24+00:00
s4/dsdb/replmd: add a helper for common calculations

We currently do exactly this work, in exactly these words (ignoring
formatting) in two different places. The next two commits will make
those places use this helper function. We do this over three commits
so that we can more easily compare the next two and be sure they are
doing the same thing.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b9dab848 by Douglas Bagnall at 2019-07-24T09:35:24+00:00
s4/dsdb/replmd: use incoming_dn_should_be_renamed() 1/2

In replmd_op_possible_conflict_callback().

The helper function was introduced in the previous commit and consists
of a large common stretch of this and replmd_replicated_handle_rename().

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e77237bb by Douglas Bagnall at 2019-07-24T11:21:50+00:00
s4/dsdb/replmd: use incoming_dn_should_be_renamed() 2/2

In replmd_replicated_handle_rename().

The helper function was introduced two commits ago and consists of
a large common stretch of this and the function modified in the previous
commit.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jul 24 11:21:50 UTC 2019 on sn-devel-184

- - - - -
90e36ef7 by Noel Power at 2019-07-24T21:33:20+00:00
libcli/smb: clang: Fix Value stored to 'next_offset' is never read

Fixes:

ibcli/smb/smb2_negotiate_context.c:117:3: warning: Value stored to 'next_offset' is never read <--[clang]
                next_offset += next_pad;
                ^              ~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
849ffbc8 by Noel Power at 2019-07-24T21:33:20+00:00
lib/adnss: clang: Fix The left operand of '!=' is a garbage value

Fixes:

lib/addns/dnssock.c:143:3: warning: The left operand of '!=' is a garbage value <--[clang]
                TALLOC_FREE(conn);
                ^
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
6858c83d by Noel Power at 2019-07-24T21:33:20+00:00
s3/lib/dwrap: clang: Fix 'Value stored to 'ret' is never read'

Fixes:

source3/lib/dbwrap/dbwrap_ctdb.c:95:2: warning: Value stored to 'ret' is never read <--[clang]
        ret = ctdbd_init_connection(mem_ctx,
        ^     ~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
637cd1a6 by Noel Power at 2019-07-24T21:33:20+00:00
s3/lib/dbwrap: clang: Fix 'Access to field results in a deref of a null'

Fixes:

source3/lib/dbwrap/dbwrap_ctdb.c:530:39: warning: Access to field 'm_write' results in a dereference of a null pointer (loaded from field 'transaction') <--[clang]
        if (pull_newest_from_marshall_buffer(ctx->transaction->m_write, key,

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
6baf0208 by Noel Power at 2019-07-24T21:33:21+00:00
libcls/nbt: clang: Fix 'initialization value is never read'

Fixes:

libcli/nbt/nbtsocket.c:65:27: warning: Value stored to 'req' during its initialization is never read <--[clang]
        struct nbt_name_request *req = nbtsock->send_queue;
                                 ^~~   ~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
da4c1c5f by Noel Power at 2019-07-24T21:33:21+00:00
lib/addns: clang: Fix 'Value stored to 'err' is never read'

Fixes:

/home/samba/samba/lib/addns/dnsmarshall.c:406:2: warning: Value stored to 'err' is never read <--[clang]
        err = ERROR_DNS_NO_MEMORY;
        ^     ~~~~~~~~~~~~~~~~~~~
/home/samba/samba/lib/addns/dnsmarshall.c:447:3: warning: Value stored to 'err' is never read <--[clang]
                err = buf->error;
                ^     ~~~~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
be2b69fe by Noel Power at 2019-07-24T21:33:21+00:00
lib/addns: clang: Fix 'Assigned value is garbage or undefined'

Fixes:

lib/addns/dnsquery.c:222:10: warning: Assigned value is garbage or undefined <--[clang]
        *numdcs = num_srvs;     /* size_t->int */
                ^
1 warning generated.

Also fixes the out param being modified even on failure

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
1d651a8d by Noel Power at 2019-07-24T21:33:21+00:00
s3/lib: clang: Fix 'Acces to field results in a deref of a null pointer'

Fixes:

source3/lib/ctdbd_conn.c:415:6: warning: Access to field 'operation' results in a dereference of a null pointer (loaded from variable 'hdr') <--[clang]
        if (hdr->operation == CTDB_REQ_MESSAGE) {

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
81f8cbfb by Noel Power at 2019-07-24T21:33:21+00:00
s3/lib: clang: Fix 'function call argument is an uninitialized value'

Fixes:

source3/lib/ctdbd_conn.c:1066:3: warning: 3rd function call argument is an uninitialized value <--[clang]
                DEBUG(0,("ctdbd_control failed: %s, %d\n", strerror(ret),
                ^

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
3913b9a4 by Noel Power at 2019-07-24T22:50:27+00:00
s3/lib: clang: Fix 'access to field results in a deref of a null pointer'

Fixes:

source3/lib/ctdbd_conn.c:1953:6: warning: Access to field 'operation' results in a dereference of a null pointer (loaded from variable 'hdr') <--[clang]
        if (hdr->operation != CTDB_REPLY_CALL) {
            ^~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Wed Jul 24 22:50:27 UTC 2019 on sn-devel-184

- - - - -
5e62358f by Andreas Schneider at 2019-07-26T01:48:22+00:00
lib:crypto: Document gnutls_error_to_ntstatus()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e43678b8 by Andreas Schneider at 2019-07-26T01:48:22+00:00
lib:crypto: Document gnutls_error_to_werror()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
baa96ef2 by Andreas Schneider at 2019-07-26T01:48:22+00:00
lib:crypto: Document samba_gnutls_arcfour_confounded_md5()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4b9b1dbe by Andreas Schneider at 2019-07-26T01:48:22+00:00
s3:rpc_client: Return NTSTATUS for init_samr_CryptPassword()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
7915a48e by Andreas Schneider at 2019-07-26T01:48:22+00:00
s3:rpc_client: Return NTSTATUS for init_samr_CryptPasswordEx()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
57dd415b by Andreas Schneider at 2019-07-26T01:48:22+00:00
libcli:auth: Return NTSTATUS for encode_or_decode_arc4_passwd_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
7ccc76f9 by Andreas Schneider at 2019-07-26T01:48:22+00:00
libcli:auth: Add test for decoding an RC4 password buffer

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2075019c by Andreas Schneider at 2019-07-26T01:48:22+00:00
s3:rpc_client: Use samba_gnutls_arcfour_confounded_md5 in init_samr_CryptPasswordEx

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
95db9a81 by Andreas Schneider at 2019-07-26T01:48:23+00:00
s3:rpc_client: Use GnuTLS RC4 in init_samr_CryptPassword()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
dea16082 by Andreas Schneider at 2019-07-26T01:48:23+00:00
libcli:auth: Use samba_gnutls_arcfour_confounded_md5() for rc4 passwd buffer

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
89f8b028 by Andreas Schneider at 2019-07-26T01:48:23+00:00
libcli:auth: Rename encode_or_decode_arc4_passwd_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
79ca72ec by Andreas Schneider at 2019-07-26T01:48:23+00:00
libcli:auth: Pass samr_CryptPasswordEx to decode_rc4_passwd_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
06d46c44 by Andreas Schneider at 2019-07-26T01:48:23+00:00
libcli:auth: Add encode_rc4_passwd_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fe00b373 by Andreas Schneider at 2019-07-26T01:48:23+00:00
libcli:auth: Add test for encode_rc4_passwd_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
f0c0cf29 by Andreas Schneider at 2019-07-26T01:48:23+00:00
s3:rpc_client: Use encode_rc4_passwd_buffer() in init_samr_CryptPasswordEx()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5afa402b by Andreas Schneider at 2019-07-26T01:48:23+00:00
s4:libnet: Use encode_rc4_passwd_buffer() in libnet_SetPassword_samr_handle_26()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e44ba039 by Andreas Schneider at 2019-07-26T01:48:23+00:00
s4:libnet: Use encode_rc4_passwd_buffer() in libnet_SetPassword_samr_handle_25()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
18937f9c by Andreas Schneider at 2019-07-26T01:48:23+00:00
s4:libnet: Use GnuTLS RC4 in libnet_SetPassword_samr_handle_24()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
cdb4e127 by Andreas Schneider at 2019-07-26T01:48:23+00:00
s4:libnet: Use GnuTLS RC4 in libnet_SetPassword_samr_handle_23()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
9ea73659 by Andreas Schneider at 2019-07-26T01:48:23+00:00
s4:libnet: Use GnuTLS RC4 in libnet_ChangePassword_samr()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
576bcf61 by Andreas Schneider at 2019-07-26T01:48:24+00:00
libcli:auth: Return WERROR for encode_wkssvc_join_password_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
f4a16bfb by Andreas Schneider at 2019-07-26T01:48:24+00:00
libcli:auth: Add test for (encode|decode)_wkssvc_join_password_buffer

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
85e2a3c9 by Andreas Schneider at 2019-07-26T01:48:24+00:00
libcli:auth: Use samba_gnutls_arcfour_confounded_md5() in encode_wkssvc_join_password_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
bcf7808d by Andreas Schneider at 2019-07-26T01:48:24+00:00
libcli:auth: Use samba_gnutls_arcfour_confounded_md5() in decode_wkssvc_join_password_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
cb4025a5 by Andreas Schneider at 2019-07-26T01:48:24+00:00
auth:ntlmssp: Use GnuTLS RC4 in ntlmssp client

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
7bd502dc by Andreas Schneider at 2019-07-26T01:48:24+00:00
auth:ntlmssp: Use GnuTLS RC4 for ntlmssp signing

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0947d838 by Andreas Schneider at 2019-07-26T01:48:24+00:00
s3:libsmb: Use GnuTLS RC4 in clirap

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a95647e1 by Andreas Schneider at 2019-07-26T01:48:24+00:00
s3:rpc_client: Use init_samr_CryptPassword in cli_samr rpc_client

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
d31f6a68 by Andreas Schneider at 2019-07-26T01:48:24+00:00
s3:rpc_server: Use GnuTLS RC4 in samr password check

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
cd0b5e5d by Andreas Schneider at 2019-07-26T01:48:24+00:00
s3:rpc_server: Use GnuTLS RC4 to decrypt samr password buffers

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
359ae5be by Andreas Schneider at 2019-07-26T01:48:24+00:00
s3:utils: Use GnuTLS RC4 in ntlm_auth

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
9363abfb by Andrew Bartlett at 2019-07-26T01:48:24+00:00
s4:rpc_server: Use samba_gnutls_arcfour_confounded_md5() in samr_set_password_ex()

This allows the use of GnuTLS for the underlying RC4 crypto operations.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
4326e7de by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:rpc_server: Use GnuTLS RC4 for samr password

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
811c412d by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:torture: Use GnuTLS RC4 for RAP SAM test

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
80f5beb4 by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:torture: Use init_samr_CryptPassword(Ex) in samba3rpc test

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
70e05d7e by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:torture: Use init_samr_CryptPassword in test_SetUserPass

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b0b9cabc by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:torture: Use init_samr_CryptPassword in test_SetUserPass_23

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e398ecbd by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:torture: Use init_samr_CryptPassword in test_SetUserPassEx

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3b9496d9 by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:torture: Use init_samr_CryptPassword in test_SetUserPass_25

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
f45ba47a by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:torture: Use init_samr_CryptPassword in test_SetUserPass_level_ex

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b512b597 by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:torture: Use GnuTLS RC4 in test_OemChangePasswordUser2

This uses STR_ASCII for password encoding!

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
dfda4947 by Andrew Bartlett at 2019-07-26T01:48:25+00:00
s4:torture: Use init_samr_CryptPassword in test_ChangePasswordUser2

This allows the use of GnuTLS for the RC4 crypto operation

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1b1c302a by Andrew Bartlett at 2019-07-26T01:48:25+00:00
s4:torture: Use init_samr_CryptPassword in test_ChangePasswordUser2_ntstatus

This allows the use of GnuTLS for the RC4 crypto operation

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
9cbdf7b2 by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4_torture: Use GnuTLS RC4 in test_ChangePasswordUser2

This uses STR_ASCII as string encodings.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a476a2e3 by Andreas Schneider at 2019-07-26T01:48:25+00:00
s4:torture: Use GnuTLS RC4 in test_ChangePasswordUser2_ntstatus

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5b7c21fc by Andreas Schneider at 2019-07-26T01:48:26+00:00
s4:torture: Use init_samr_CryptPassword in test_ChangePasswordUser3

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
8380668b by Andrew Bartlett at 2019-07-26T01:48:26+00:00
s4:torture: clarify comments and variable names in "ChangePasswordUser3 tests

There is no session key here, the buffers are directly encrypted
with the long-term passwords.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
19d9c2c0 by Andrew Bartlett at 2019-07-26T01:48:26+00:00
s4:torture: Use init_samr_CryptPassword in test_ChangePasswordRandomBytes

This allows the use of GnuTLS for the underlying RC4 crypto

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
82a64806 by Andreas Schneider at 2019-07-26T01:48:26+00:00
s4:torture: Use GnuTLS RC4 in test_ChangePasswordRandomBytes

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5740e951 by Andrew Bartlett at 2019-07-26T01:48:26+00:00
s4:torture: Use samba_gnutls_arcfour_confounded_md5() in test_ChangePasswordRandomBytes

This ensures GnuTLS is used as the underlying RC4 crypto engine

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
301544ab by Andreas Schneider at 2019-07-26T01:48:26+00:00
s4:torture: Use init_samr_CryptPassword in testjoin RPC test

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fc4ae060 by Andreas Schneider at 2019-07-26T01:48:26+00:00
lib:crypto: Use GnuTLS RC4 in py_crypto

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
14c4a075 by Andreas Schneider at 2019-07-26T01:48:26+00:00
lib:crypto: Remove arcfour.h from crypto.h

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
9ede63fb by Andreas Schneider at 2019-07-26T01:48:26+00:00
lib:crypto: Don't build RC4 if we have GnuTLS >= 3.4.7

We have a GnuTLS DCEPRC backupkey implementation for the server and the
test. However this is only working with GnuTLS >= 3.4.7. So we need to
keep this around till we can require at least GnuTLS in a newer version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fa09e811 by Andreas Schneider at 2019-07-26T01:48:26+00:00
s3:lib: Use the passed mem_ctx instead of talloc_tos()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
9158a6ba by Andreas Schneider at 2019-07-26T01:48:26+00:00
s3:rpcclient: Use a stackframe for temporary memory

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
52b3f921 by Andreas Schneider at 2019-07-26T01:48:26+00:00
s3:utils: Use a stackframe for temporary memory

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
1c84bda3 by Andreas Schneider at 2019-07-26T01:48:27+00:00
s3:rpc_server: Use a stackframe for temporary memory

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
93d42452 by David Disseldorp at 2019-07-26T01:48:27+00:00
netlogon: Fix potential use of uninitialized variable

The _netr_NetrEnumerateTrustedDomains()->dcerpc_lsa_open_policy2() error
path checks the policy handle and closes it if non-empty. The policy
handle may be uninitialized in this code-path - fix this.

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
1f923e06 by Andreas Schneider at 2019-07-26T03:05:01+00:00
s3:rpc_server: Only dump passwords in developer builds

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Jul 26 03:05:01 UTC 2019 on sn-devel-184

- - - - -
242ea955 by Amitay Isaacs at 2019-07-26T03:34:16+00:00
ctdb-tests: Use required_error instead of required_result

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
efd0c45a by Amitay Isaacs at 2019-07-26T03:34:16+00:00
ctdb-common: Fix empty value handling in conf

In tini, allow_empty_value=false causes the parser to ignore the lines
without '=' sign, but lines with nothing after '=' sign are allowed and
cause empty string ("") to be passed as a value.

This is counter-intuitive, so conf requires special handling for empty
values (which are treated as invalid).

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
6b7b1e80 by Amitay Isaacs at 2019-07-26T03:34:16+00:00
ctdb-tests: Add tests for empty values in config file

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
f2559ef8 by Martin Schwenke at 2019-07-26T03:34:16+00:00
ctdb-recoverd: Log the master at the end of elections

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
6fe963c3 by Martin Schwenke at 2019-07-26T03:34:16+00:00
ctdb-recoverd: Periodically log recovery master of incomplete cluster

Only do this if the recovery lock is unset.  Log every minute for the
first 10 minutes, then every 10 minutes, then every hour.

This is useful for determining whether a split brain occurred.  It is
particularly useful if logging failed or was throttled at startup, so
there is no evidence of the split brain when it began.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
c276723d by Martin Schwenke at 2019-07-26T03:34:16+00:00
ctdb-tests: Set LANG=C for consistency of command output

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
98169241 by Martin Schwenke at 2019-07-26T03:34:16+00:00
ctdb-mutex: Update to use modern debug macro

One of these had a missing space, so this implicitly fixes it.  It
also drops the need to unnecessarily include common.h, which comes
with some dependency baggage.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
76ab0a2b by Martin Schwenke at 2019-07-26T03:34:16+00:00
ctdb-mutex: Drop unneeded assignment

clang warns:

  ctdb/server/ctdb_mutex_fcntl_helper.c:61:3: warning: Value stored to 'fd' is never read

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
2b6f1a8e by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-mutex: Drop dependency on ctdb_set_helper

This makes the code more explicit and makes testing easier due to less
dependencies.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
adcf313c by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-tests: Add cluster mutex tests

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
d716be19 by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-tests: Add test to confirm need for cluster mutex lock file rechecking

Remove the lock and a second locker can take the it.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
2f768a09 by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-mutex: Exit immediately if the lock isn't taken

There is no need to wait until the parent kills the helper.  The
parent will get the initial response, indicating contention or
similar, and will then get a separate event indicating that the pipe
is gone.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
fae8e438 by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-mutex: Change parent checking to use an asynchronous computation

Put the checking for the process being immediately re-parented into
the computation too.  This will be very rare and doing it
consistently makes testing saner.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
af8de1bc by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-mutex: Add an intermediate asynchronous computation for waiting

This will allow more conditions to be waited on via additional
sub-requests.  At the moment this just completes when the parent wait
completes.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
41cd4472 by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-mutex: Add support for exiting if the lock file disappears

If the lock file is inaccessible or the inode number changes then the
lock is lost, so exit.  This allows the recovery daemon to trigger an
election.  The ensuing recovery will re-take the lock.

By default the lock file is checked every 60 seconds.  A lot can
happen in 60 seconds but being more aggressive and accessing the lock
too often could result in a performance issue for the cluster
filesystem.

An new optional 2nd argument is added, which is the lock file re-check
time in seconds.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
2bd316d0 by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-tests: Add tests for cluster mutex lost handling

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
ecef4411 by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-tests: Fix 01.reclock.script tests for non-default lock

These tests currently do not do what is expected.  They test the
default case.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
5701f4ae by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-tests: Add some 01.reclock.script init event tests

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
38898775 by Martin Schwenke at 2019-07-26T03:34:17+00:00
ctdb-scripts: Drop monitoring of recovery lock

The fcntl helper now does a more meaningful check.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
ea7708d8 by Martin Schwenke at 2019-07-26T04:52:04+00:00
ctdb-scripts: Simplify 01.reclock.script

The "init" event is only run once so don't bother caching the
configured value of the recovery lock.  Add some extra error checking.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Jul 26 04:52:04 UTC 2019 on sn-devel-184

- - - - -
57695ad4 by Volker Lendecke at 2019-07-30T22:37:25+00:00
torture3: Add oplock5 kernel-oplock test

Show that the current smb1 server does not properly retry a nonblocking
open of a kernel-oplocked file

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ef582ffc by Volker Lendecke at 2019-07-30T22:37:26+00:00
smbd: Always open files with O_NONBLOCK

It's perfectly possible that someone else takes a kernel oplock and
makes us block, independent of our own kernel oplock setting.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2b590e16 by Volker Lendecke at 2019-07-31T00:12:34+00:00
smbd: Fix retry for kernel-oplocked files

This now removed comment describes the bug correctly:
/*
 * As this timer event is owned by req, it will
 * disappear if req it talloc_freed.
 */

In smb1, "req" disappears once the reply_whatever routine is done. Thus
the timer goes away and we never look at "req" again.

This change moves the valid data (xconn and mid) to
deferred_open_record, and changes the talloc hierarchy such that the
timer is now a child of open_rec, which is a child of the deferred
message.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jul 31 00:12:34 UTC 2019 on sn-devel-184

- - - - -
d90ccce5 by Garming Sam at 2019-07-31T02:50:24+00:00
netcmd: Allow drs replicate --local to create partitions

Currently, neither the offline (--local) or online (normal replica sync)
methods allow partition creation post-join. This overrides the Python
default to not create the DB, which allows TDB + MDB to work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
7d2875bd by Garming Sam at 2019-07-31T02:50:24+00:00
tests: Add samba_upgradedns to the list of possible cmds

This will be used to test the replication scenario with no DNS partitions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
35c54007 by Garming Sam at 2019-07-31T02:50:24+00:00
tests/drs_no_dns: Check dbcheck and ldapcmp pass

When joining a DC without DNS partitions, make sure that the alternate
flow of creating them afterwards results in a database with everything
that is necessary.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051
RN: Allow a DC join without DNS partitions, to add them later

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a5ec857a by Douglas Bagnall at 2019-07-31T02:50:24+00:00
CID 1452109: dsdb/util: do not check for NULL after deref

This is all strictly unnecessary, as ret is always != LDB_SUCCESS when
res is NULL, but we want to make peace between clang and converity.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0c001a7b by Douglas Bagnall at 2019-07-31T04:08:48+00:00
CID 1452121: dsdb/mod/partition: protect whole function with NULL check

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jul 31 04:08:48 UTC 2019 on sn-devel-184

- - - - -
1a7f2a23 by Andrew Bartlett at 2019-08-01T05:01:15+00:00
dsdb: Quiet CID 1452117 1452119 1452114 (STRAY_SEMICOLON)

Try to make clear what is being done here, we are trying to count the partitions so that
we can then walk them in reverse.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
e5452a37 by Garming Sam at 2019-08-01T05:01:15+00:00
tldap: Make memcpy of no controls safe

Static analyzers sometimes complain about this case.

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029

- - - - -
bff46694 by Garming Sam at 2019-08-01T05:01:15+00:00
tldap: Paged searches fail when they get to the end

The normal case hit the goto label, and should have just returned.

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029

- - - - -
85a7b594 by Garming Sam at 2019-08-01T05:01:15+00:00
tests/tldap: Actually check the paging return code

The test never worked correctly because the code was overlooked. It was
also the case that the connection was never authenticated, and so an
LDAP BIND call has now been added.

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029

- - - - -
464fef34 by Garming Sam at 2019-08-01T06:20:28+00:00
tests/ldap: Use TLDAP to check the extended DN return

Tests commit 9f6b87d3f6cc9930d75c1f8d38ad4f5a37da34ab

To run: make test TESTS="samba3.smbtorture_s3.plain.TLDAP"

Reverting the above commit makes this test fail:

'GUID format in control (no hyphens) doesn't match output
tldap_search with extended dn (no val) failed: LDAP error 0 (TLDAP_SUCCESS),
TEST TLDAP FAILED!'

This behaviour couldn't be tested via LDB libraries because they never
deal with the underlying DN string.

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Aug  1 06:20:28 UTC 2019 on sn-devel-184

- - - - -
f258cfaa by Michael Adam at 2019-08-01T09:49:04+00:00
vfs:glusterfs_fuse: build only if we have setmntent()

FreeBSD and other platforms that don't have setmntent() and friends can
not compile this module. This patch lets changes the build to only
compile this module if the setmntent() function is found.

This is the a follow-up fix to the actual fix for bug #13972.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13972

Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Thu Aug  1 09:49:04 UTC 2019 on sn-devel-184

- - - - -
e10b90f3 by Stefan Metzmacher at 2019-08-01T14:21:36+00:00
libcli/smb: add new COMPRESSION and NETNAME negotiate context ids

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14055

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Aurelien Aptel <aaptel at suse.com>

- - - - -
21f6cece by Stefan Metzmacher at 2019-08-01T14:21:36+00:00
libcli/smb: send SMB2_NETNAME_NEGOTIATE_CONTEXT_ID

Note: Unlike the current documentation, the utf16 string
is not null-terminated, that matches Windows Server 1903
as a client.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14055
RN: Add the target server name of SMB 3.1.1 connections
as a hint to load balancers or servers with "multi-tenancy"
support.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Aurelien Aptel <aaptel at suse.com>

- - - - -
10e140d2 by Volker Lendecke at 2019-08-01T14:21:36+00:00
s3:torture: Fix the FreeBSD build

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
c226dc6e by Volker Lendecke at 2019-08-01T15:39:12+00:00
smbd: Fix use-after-free from exit_server_common()

We need to keep the smbXsrv_connection structures around until all
pending requests have had their chance to clean up behind them. If you
look at srv_send_smb(), it's exactly prepared already to just drop
anything on the floor when the transport has been declared dead:

	if (!NT_STATUS_IS_OK(xconn->transport.status)) {
		/*
		 * we're not supposed to do any io
		 */
		return true;
	}

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14064

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Aug  1 15:39:13 UTC 2019 on sn-devel-184

- - - - -
ff2f2043 by Stefan Metzmacher at 2019-08-01T15:40:17+00:00
tests/dcerpc/raw_protocol: split test_spnego_connect_request() into 2 parts

This can be a generic test that can be used for more auth_levels.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
e0e68ea2 by Stefan Metzmacher at 2019-08-01T15:40:17+00:00
tests/dcerpc/raw_protocol: split test_spnego_integrity_request into 2 parts

This can be a generic test that can be used for more auth_levels.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
4b88e1d9 by Günther Deschner at 2019-08-01T16:59:02+00:00
tests/dcerpc/raw_protocol: Add more tests for DCERPC_AUTH_LEVEL_PACKET

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Aug  1 16:59:02 UTC 2019 on sn-devel-184

- - - - -
81186651 by Aaron Haslett at 2019-08-02T02:29:42+00:00
ldb: skip indexes on full_search

Use iterate_range kv op to skip the index section of the database when
running a full search. Quick local testing showed 18% improved throughput
on a full search with no results on a 50k database. With more results,
improvement is smaller but still noticeable.

Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Aug  2 02:29:42 UTC 2019 on sn-devel-184

- - - - -
0df28b3d by Stefan Metzmacher at 2019-08-06T06:32:28+00:00
script/autobuild.py: remove explicit --picky-developer"

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Noel Power <npower at samba.org>

- - - - -
bed7fc5a by Stefan Metzmacher at 2019-08-06T07:50:13+00:00
wafsamba: change --picky-developer into --disable-warnings-as-errors

By default we're using -Werror now if --enable-developer is
specified.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Noel Power <npower at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Aug  6 07:50:14 UTC 2019 on sn-devel-184

- - - - -
eebcc88d by Björn Jacke at 2019-08-06T13:40:21+00:00
doc: improve vfs objects parameter description

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Karolin Seeger <kseeger at samba.org>

Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Tue Aug  6 13:40:21 UTC 2019 on sn-devel-184

- - - - -
23d0555c by Jeremy Allison at 2019-08-06T14:23:32+00:00
s3: smbd: dptr_close() can only be called from SMB1 code.

SMB_ASSERT this is the case.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f61dae76 by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Move the strange OS/2 directory key == -1 close semantics to the caller.

This will allow us to change dptr_closecnum() to close outstanding fsp
handles for SMB1 later.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2ba48f76 by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Add dptr_fsp() to return any stored files_struct pointer.

Will allow [find/search]_next() calls to find and close any associated
fsp. This function is temporary and will eventually go away once I
modify dptr_fetch() to return an fsp.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5a038f51 by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Make dptr_close() safe to call with an fsp handle stored in dptr->dir_hnd.

SMB1 doesn't currently do this, but subsequent changes will add handle based
calls to SMB1 so dptr_close() has to be able to cleanly remove any back pointers.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a5f8769c by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Change dptr_closecnum() to use dptr_close() instead of dptr_close_internal().

This will allow us to close any outstanding handles on
an SMB1 connection as later commits move us to using directory
handles instead of pathname directory opens.

This is inefficient, as it means walking the list twice,
but this will only be called with active dptrs in the
OS/2 -1 case, in the connection shutdown case the
directory handles will already have been closed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
aa3a0871 by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Prepare for SMB1 directory handle opens in dptr_closecnum().

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e686e7b6 by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Prepare for SMB1 directory handle opens in reply_search()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b055f1ac by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Prepare for SMB1 directory handle opens in reply_fclose()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
61c239fc by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Prepare for SMB1 directory handle opens in reply_findclose()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
264d6b40 by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Prepare for SMB1 directory handle opens in call_trans2findfirst()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5388df78 by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Prepare for SMB1 directory handle opens in call_trans2findnext()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
043443ee by Jeremy Allison at 2019-08-06T14:23:33+00:00
s3: smbd: Convert SMB1 call_trans2findfirst() to use handle-based directory enumeration.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a130760f by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Convert SMB1 reply_search() to use handle-based directory enumeration.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d485c43c by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Now we always use handle for directory enumeration, we can delete the fallback code.

The code inside open_dir_safely() is root safe
and can replace the deleted open_dir_with_privilege()
fallback code.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
84312fc5 by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Now we're using OpenDir_fsp() all the time, make sure we don't leak file handles.

We must always set dir_hnd->fsp, even in the fallback to
SMB_VFS_OPENDIR() case. Remember if we had to fall back
and fix the destructor to close the additional file
descriptor if we did.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
24751598 by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Now we are always using fsp handle-based client searches, simplify smb_Dir_destructor().

We know we always have a dir_hnd->dir and dir_hnd->fsp.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
492b3222 by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Now we properly open file handles for directory enumerations, we don't need this code in SMB1rmdir.

The share mode exclusion will prevent deletion of open directory
enumeration handles.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
de216766 by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Remove now unused dptr_closepath().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
916afa37 by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: All directory enumeration is now via file handles - remove unneeded code in idle connections.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5a7aaa80 by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Remove now unused dptr_activecnum().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
96e8175d by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Add dptr_fetch_fsp() for SMB1 code. We will use this to replace dptr_fetch().

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
68e403fa by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Replace dptr_fetch() with dptr_fetch_fsp() in reply_fclose().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a2ef44b7 by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Replace dptr_fetch() with dptr_fetch_fsp() in reply_search().

We now no longer use dptr_fetch().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e6340084 by Jeremy Allison at 2019-08-06T14:23:34+00:00
s3: smbd: Remove dptr_fetch() - replace internals with dptr_fetch_fsp().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b922f6e7 by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Add dptr_fetch_lanman2_fsp() - to replace dptr_fetch_lanman2().

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d6e709c4 by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Convert call_trans2findnext() to use dptr_fetch_lanman2_fsp().

dptr_fetch_lanman2() is now no longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b4431ad3 by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove dptr_fetch_lanman2() - unused.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
37e1dd5a by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Replace dptr_fsp() with dptr_fetch_lanman2_fsp() in reply_findclose().

Now we have no users of dptr_fsp() left.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f5eebfc7 by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove dptr_fsp(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
24722da0 by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove dptr_close() from reply_search().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
63e1220a by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove dptr_close() from reply_fclose().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
269fbc91 by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove dptr_close() from call_trans2findfirst().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
779dd3f1 by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove dptr_close() from call_trans2findnext().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a8ca5dc4 by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove dptr_close() from reply_findclose().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
196fe53e by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove dptr_close() from dptr_closecnum().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
043c2321 by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove dptr_close().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d84c048e by Jeremy Allison at 2019-08-06T14:23:35+00:00
s3: smbd: Remove call to dptr_closecnum() on connection shutdown.

Now all client enumerations use fsp file handles we will
aleady close them in file_close_conn() above.

The only user of dptr_closecnum() is for the strange old OS/2
semantics, so I can't get rid of it until SMB1 is removed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6d0924d8 by Ralph Boehme at 2019-08-06T14:23:36+00:00
s3: smbd: remove redundant smb_dname arg from dptr_create()

Now that dptr_create() is handle based, we can simply used the fsp name.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
7d72cf02 by Ralph Boehme at 2019-08-06T14:23:36+00:00
s3: smbd: simplify dptr_CloseDir()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3e0cafc2 by Ralph Boehme at 2019-08-06T14:23:36+00:00
s3: smbd: inline dptr_close_internal()

There's now only one caller left.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
37bb6229 by Ralph Boehme at 2019-08-06T14:23:36+00:00
s3: smbd: fix a comment in fd_close()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f5388f97 by Ralph Boehme at 2019-08-06T14:23:36+00:00
ctdb: fix compilation on systems with glibc robust mutexes

On older systems like SLES 11 without POSIX robust mutexes, but with glib robust
mutexes where all the functions are available but have a "_np" suffix,
compilation fails in:

ctdb/tests/src/test_mutex_raw.c.239.o: In function `worker':
/root/samba-4.10.6/bin/default/../../ctdb/tests/src/test_mutex_raw.c:129: undefined reference to `pthread_mutex_consistent'
ctdb/tests/src/test_mutex_raw.c.239.o: In function `main':
/root/samba-4.10.6/bin/default/../../ctdb/tests/src/test_mutex_raw.c:285: undefined reference to `pthread_mutex_consistent'
/root/samba-4.10.6/bin/default/../../ctdb/tests/src/test_mutex_raw.c:332: undefined reference to `pthread_mutexattr_setrobust'
/root/samba-4.10.6/bin/default/../../ctdb/tests/src/test_mutex_raw.c:363: undefined reference to `pthread_mutex_consistent'
collect2: ld returned 1 exit status

This could be fixed by using libreplace system/threads.h instead of pthreads.h
directly, but as there has been a desire to keep test_mutex_raw.c standalone and
compilable without other external depenencies then libc and libpthread, make the
tool developer build only. This should get the average user over the cliff.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14038
RN: Fix compiling ctdb on older systems lacking POSIX robust mutexes

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
ea17bd55 by Ralph Boehme at 2019-08-06T14:23:36+00:00
s3:smbd: Incomplete conversion of former parametric options

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14069
RN: Incomplete conversion of former parametric options

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
5d4aa6e8 by Ralph Boehme at 2019-08-06T15:40:18+00:00
s3:smbd: Fix sync dosmode fallback in async dosmode codepath

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14070
RN: Fix sync dosmode fallback in async dosmode codepath

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Aug  6 15:40:18 UTC 2019 on sn-devel-184

- - - - -
b136f153 by Douglas Bagnall at 2019-08-06T17:00:38+00:00
ldb_dn: free dn components on explode failure

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>

- - - - -
d6a82edd by Douglas Bagnall at 2019-08-06T17:00:38+00:00
s4/messaging/py: don't DECREF borrowed references

This made Message.deregister() a decref machine, with talloc crashes
and segfaults available thus:

    from samba import messaging
    m = messaging.Messaging()
    for i in range(20):
        m.deregister(m)

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>

- - - - -
fe9b12b2 by Douglas Bagnall at 2019-08-06T18:17:11+00:00
pidl/ndr/python: avoid memory errors in getsetters

This:

   $ python3 -c'from samba.dcerpc import lsa; x = lsa.EnumAccounts(); x.in_handle'

should not raise a MemoryError, which is very unfriendly given that
'x.in_handle' is just named, not called, as far as the user is
concerned. Returning None is the proper thing.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>

Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Aug  6 18:17:11 UTC 2019 on sn-devel-184

- - - - -
885ba572 by Volker Lendecke at 2019-08-06T21:49:27+00:00
tdb: Rename tdb_oob() to tdb_notrans_oob()

tdb_oob() will become a public function encapsulating the pointer
dereferences.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5a388453 by Volker Lendecke at 2019-08-06T21:49:27+00:00
tdb: Introduce tdb_oob()

Initially just encapsulate the pointer dereferences

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
897bffa8 by Volker Lendecke at 2019-08-06T21:49:27+00:00
tdb: Speed up tdb_oob()

This is common between both implementations of tdb_oob(). It's
faster if we don't have to dereference function pointers.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f5735e2c by Volker Lendecke at 2019-08-06T21:49:27+00:00
tdb: Inline the common part of tdb_oob

When you set

in tdbtorture.c to make it more similar to locking.tdb use,

bin/tdbtorture -m -n 1 -l 100000 -s

becomes twice as fast. This is a pretty extreme case, but all other
tests that I did improve significantly as well.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2ef382fa by Volker Lendecke at 2019-08-06T21:49:27+00:00
smbd: Avoid a separate "request_time" variable in open_file_ntcreate

We have "smb_request->request_time" that is already set up by
init_smb_request().

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e5ad2d37 by Volker Lendecke at 2019-08-06T21:49:27+00:00
smbd: Use "req->request_time" in schedule_defer_open()

Both callers passed that in.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d5b5ef3e by Volker Lendecke at 2019-08-06T21:49:27+00:00
smbd: Use "req->request_time" in defer_open()

Both callers passed that in.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2d05524e by Volker Lendecke at 2019-08-06T21:49:27+00:00
smbd: Use "req->request_time" in setup_kernel_oplock_poll_open()

Both callers passed that in.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
af97381b by Volker Lendecke at 2019-08-06T21:49:27+00:00
smbd: Use "req->request_time" in schedule_async_open()

The one caller passed that in.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
bb81b9a7 by Volker Lendecke at 2019-08-06T21:49:28+00:00
smbd: Use "req->request_time" in schedule_async_open()

All callers passed that in

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3ca52f11 by Volker Lendecke at 2019-08-06T21:49:28+00:00
smbd: Pass in "struct smb_request" to request_timed_out()

It seems more natural to pass in a request to a routine called
request_timed_out(), and it's a few bytes less .text

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a8a1ca3f by Volker Lendecke at 2019-08-06T21:49:28+00:00
smbd: Fix the build with clang

clang correctly complains that "close_fsp" is used uninitialized if
"get_posix_fsp" fails and we end up in "goto out;".

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d8ae2811 by Volker Lendecke at 2019-08-06T21:49:28+00:00
dsdb: Fix the FreeBSD build

My FreeBSD install does not have __compar_fn_t. libreplace has the
QSORT_CAST for systems that do.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d103af28 by Volker Lendecke at 2019-08-06T21:49:28+00:00
vfs: Fix the FreeBSD nfs4acl build

I get error messages telling SMB4ACL_T isn't defined in the
prototype. Take the easy way to just define that anonymously.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a8e03479 by Volker Lendecke at 2019-08-06T21:49:28+00:00
winbind: Fix the clang build

clang complains that lm_resp and nt_resp is used uninitialized. This
is true for the "goto done;" in line 2644. This directly calls
log_authentication without having initialized those two blobs.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9bae499d by Volker Lendecke at 2019-08-06T21:49:28+00:00
wscript: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d2d4e03b by Volker Lendecke at 2019-08-06T21:49:28+00:00
build: Correctly detect rpc/xdr.h on FreeBSD

FreeBSD needs rpc/types.h included before rpc/xdr.h

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
42e72f1a by Volker Lendecke at 2019-08-06T21:49:28+00:00
vfs: Fix the nfs4acl build on FreeBSD

FreeBSD needs rpc/types.h before rpc/xdr.h

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
04dcae23 by Volker Lendecke at 2019-08-06T21:49:28+00:00
build: Only check rpc/xdr.h in tirpc if required

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e049ef3e by Volker Lendecke at 2019-08-06T21:49:28+00:00
lib: Remove a duplicate prototype for set_blocking()

This is now in lib/util/blocking.h

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
df1caf29 by Volker Lendecke at 2019-08-06T21:49:28+00:00
torture3: Don't duplicate set_blocking()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4c6f12c3 by Volker Lendecke at 2019-08-06T21:49:28+00:00
smbd: Remove a false comment

Looking at the code we do respect the kernel_flock failure.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2181221d by Volker Lendecke at 2019-08-06T21:49:28+00:00
smbd: Fix a signed/unsigned comparison

In the 2nd for-loop we need a signed int as we are comparing to >=0.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
aedfee8f by Volker Lendecke at 2019-08-06T21:49:28+00:00
smbd: Fix a signed/unsigned warning

For whatever reason, "st_size" in "struct stat" is an off_t, which is a
signed integer. Negative sizes don't really make sense, so this cast
should be safe.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
88768fde by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Use timeval_str_buf() in defer_open()

Also make this a hires timestamp for better debugging.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
303c4829 by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Enhance debugging in push_deferred_open_message_smb()

Real timestamps are easier to read

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a7d4d5ef by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1d997073 by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
41ab2b8e by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Pass share_access/access_mask explicitly to set_share_mode()

Makes the interface more obvious to me. Also, I want to remove
fsp->share_access, which is not really used anywhere after the fsp has
been fully established.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
71c6da46 by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Pass share_access/access_mask explicitly to grant_fsp_oplock_type()

Why? While restructuring open_file_ntcreate() I found the data flow for
these values confusing: grant_fsp_oplock_type() depends on
fsp->access_mask, which changes its value inside
open_file_ntcreate(). I find the data flow easier to follow if it
happens in explicit variables.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
81731c91 by Volker Lendecke at 2019-08-06T21:49:29+00:00
vfs_gpfs: Avoid "fsp->share_access" in vfs_gpfs_kernel_flock()

This was in vfs_gpfs.c from day one, no idea why both "share_mode" and
"fsp->share_access" were used as if they were two different things.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
13921645 by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Remove "share_access" from files_struct

Nobody used this (except vfs_gpfs, which did not need it really). If
you *really* need this, you can always look in locking.tdb, but this
should never happen in any hot code path, as no runtime decisions are
made on the share access after the open is done.

Bump VFS interface number to 42.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c56be509 by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Remove "share_access" from dup_file_fsp()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ef0cf081 by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Remove "share_access" from fcb_or_dos_open()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e94ebc70 by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Slightly optimize reply_open_and_X()

Well, this is just a drive-by patch: We don't use "mtime" if we
exit early. So it's not really a worthwhile optimization, to me
it's more a code clarity thing.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
38510629 by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Move fsp_client_guid() to locking/

Yes, this adds another peek from locking/ back into smbd/proto.h, but
locking/locking.c does the same already.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e4d5c53e by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Slightly simplify set_share_mode()

The fsp carries all required information also for leases. There's no
need to pass that as additional parameters

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e28c2ee9 by Volker Lendecke at 2019-08-06T21:49:29+00:00
smbd: Make remove_oplock_under_lock static

We have support for nested get_share_mode_lock calls, so we can avoid
this additional function.

It's one more talloc/free per close, but I hope this can't be
measurable. Our open/close path is pretty expensive anyway.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2d4e2ea2 by Volker Lendecke at 2019-08-06T21:49:30+00:00
smbd: Inline remove_oplock_under_lock() into its only caller

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6e7d28c8 by Volker Lendecke at 2019-08-06T21:49:30+00:00
smbd: Factor out remove_lease_if_stale()

remove_lease_if_stale() does not have the check

		if (e == e2) {
			/* Not ourselves. */
			continue;
		}

that remove_share_mode_lease() had. However, remove_share_mode_lease()
has already set e->op_type=NO_OPLOCK, so that the

		if (e->op_type != LEASE_OPLOCK) {
			continue;
		}

statement has the same effect.

Why? The next commit will need it for proper error path cleanup.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fbc36759 by Volker Lendecke at 2019-08-06T21:49:30+00:00
smbd: Clean up leases.tdb if set_share_mode() fails

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
67c50345 by Volker Lendecke at 2019-08-06T21:49:30+00:00
smbd: Remove "deferred_open_record->id"

Nobody used this

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
61765c7e by Volker Lendecke at 2019-08-06T21:49:30+00:00
smbd: Remove "id" from deferred_open_record_create()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fc09be5b by Volker Lendecke at 2019-08-06T21:49:30+00:00
smbd: Remove "deferred_open_record->delayed_for_oplocks"

Nobody used this

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
718c4e27 by Volker Lendecke at 2019-08-06T21:49:30+00:00
smbd: Remove "delayed_for_oplocks" from deferred_open_record_create()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5e05686e by Volker Lendecke at 2019-08-06T21:49:30+00:00
smbd: Remove deferred_open_record_create()

This hides a talloc off the NULL context: The caller needs to make sure
this is put on a real talloc context later. Make that more
obvious. Also, it passes down a boolean flag, making its purpose a bit
opaque to the caller sites.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
aab17124 by Volker Lendecke at 2019-08-06T23:06:41+00:00
smbd: Assert that INTERNAL_OPEN_ONLY never gets real oplocks

Slightly simplify assumptions in the code

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug  6 23:06:41 UTC 2019 on sn-devel-184

- - - - -
dd5f8732 by Michael Hanselmann at 2019-08-07T06:07:28+00:00
Add fuzzing support to build system

LibFuzzer, Honggfuzz and other programs implement simple interfaces for
fuzzing appropriately prepared code. Samba contains quite a lot of
parsing code, often a good target for fuzzing.

With this change the build system is amended to support building fuzzing
binaries (added in later changes).

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
404278d9 by Michael Hanselmann at 2019-08-07T06:07:28+00:00
Add fuzzing binary for tiniparser

The "tiniparser_load" function is made into a wrapper for the newly
added "tiniparser_load_stream" function which accepts a FILE pointer.
This way no actual files have to be opened for fuzzing (memfd_create(2)
isn't readily available on all systems yet).

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
39e2f6d5 by Michael Hanselmann at 2019-08-07T06:07:28+00:00
Add fuzzing binary for oLschema2ldif

Use the oLschema2ldif library functions introduced in commit
0c7c44a284a26790081c000f5b8f4ed32f9f21d7 to implement a fuzzing utility.

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
323f8521 by Ralph Boehme at 2019-08-07T06:07:28+00:00
torture: add torture_assert_errno_equal_goto()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
10702079 by Ralph Boehme at 2019-08-07T06:07:28+00:00
charset: add support for Unicode normalisation with libicu

This adds a direct conversion hook using libicu to perform NFC <-> NFD
conversion on UTF8 strings. The defined charset strings are "UTF8-NFC" and
"UTF8-NFD", to convert from one to the other the caller calls smb_iconv_open()
with the desired source and target charsets, eg

  smb_iconv_open("UTF8-NFD", "UTF8-NFC");

for converting from NFC to NFD.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2a902020 by Ralph Boehme at 2019-08-07T07:25:39+00:00
charset: add tests for Unicode NFC <-> NFD conversion

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Aug  7 07:25:39 UTC 2019 on sn-devel-184

- - - - -
31404382 by Ralph Boehme at 2019-08-07T12:54:40+00:00
s4:lib/http: add http_[dis]connect_send and recv

Not used for now, that comes later.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>

- - - - -
3ffd74e9 by Ralph Boehme at 2019-08-07T12:54:40+00:00
s4:lib/http: move struct http_send_request_state to the implementation

This is only used by the implemementation of http_send_request_send/recv, no
need to have this in the header file.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>

- - - - -
ab389bca by Ralph Boehme at 2019-08-07T12:54:40+00:00
s4:lib/http: move struct http_read_response_state to the implementation

This is only used by the implemementation of http_send_request_send/recv, no
need to have this in the header file.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>

- - - - -
94fe9afa by Ralph Boehme at 2019-08-07T12:54:40+00:00
s4:lib/http: remove stream and send_queue from state

They're not used, so remove them.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>

- - - - -
53007b77 by Ralph Boehme at 2019-08-07T12:54:40+00:00
s4:librpc/rpc: use http_connect_send/recv in ncacn_http

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>

- - - - -
5ae51524 by Ralph Boehme at 2019-08-07T12:54:40+00:00
s4:lib/http: use http_conn in http_send_request_send() and http_read_response_send()

Works, tested with

  $ bin/smbtorture -W RIVERSIDE --realm=RIVERSIDE.SITE -s /dev/null \
    -U Administrator%Passw0rd \
    ncacn_http:10.10.11.164[HttpProxy=10.10.11.164:593,HttpUseTls=false,HttpAuthOption=basic,HttpConnectOption=UseHttpProxy] \
    rpc.epmapper.epmapper.Lookup_simple

I get an ACCESS_DENIED error, but I get it over HTTP. :)

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>

- - - - -
a0065c57 by Ralph Boehme at 2019-08-07T12:54:40+00:00
s4:lib/http: add support for http POST

Even though GET would work as well, only adding POST, as that's the only method
that's going to be exersized in code and tests (RPC mdssvc elasticsearch
backend).

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>

- - - - -
fc0371b9 by Ralph Boehme at 2019-08-07T12:54:40+00:00
s4:lib/http: move to the toplevel

This is going to be used from the s3 RPC server soon...

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at suse.de>

- - - - -
7189eb44 by Samuel Cabrero at 2019-08-07T12:54:40+00:00
s4:librpc/rpc: Add roh_connect_channel_send/recv

Generic function to connect a ROH channel. The use comes later to avoid
duplicated code.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
959b7798 by Samuel Cabrero at 2019-08-07T14:12:40+00:00
s4:librpc/rpc: Use generic roh_connect_channel_send/recv

The HTTP connection code is common to in and out channels.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Aug  7 14:12:40 UTC 2019 on sn-devel-184

- - - - -
2e3f644f by Jeremy Allison at 2019-08-07T16:40:30+00:00
s3: VFS: Make unlink return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e8e1b00a by Jeremy Allison at 2019-08-07T16:40:30+00:00
s3: VFS: Make chmod return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
68330458 by Jeremy Allison at 2019-08-07T16:40:30+00:00
s3: VFS: Make chown return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
15761609 by Jeremy Allison at 2019-08-07T16:40:30+00:00
s3: VFS: Make ntimes return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2e43661a by Jeremy Allison at 2019-08-07T16:40:31+00:00
s3: VFS: Make mknod return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
9d35f747 by Jeremy Allison at 2019-08-07T16:40:31+00:00
s3: VFS: Make mkdir return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d81570e5 by Jeremy Allison at 2019-08-07T16:40:31+00:00
s3: VFS: Make rmdir return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5ed5d544 by Jeremy Allison at 2019-08-07T16:40:31+00:00
s3: VFS: Make chflags return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
fc405e91 by Jeremy Allison at 2019-08-07T16:40:31+00:00
s3: VFS: Make removexattr return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
551e3590 by Jeremy Allison at 2019-08-07T17:59:25+00:00
s3: VFS: Make setxattr return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Aug  7 17:59:25 UTC 2019 on sn-devel-184

- - - - -
2c653515 by Volker Lendecke at 2019-08-07T23:45:49+00:00
smbd: Remove access check on SHARING_VIOLATION

This piece of code predates our user-space access checks, which we
nowadays always do in open_file()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
939a1097 by Volker Lendecke at 2019-08-07T23:45:49+00:00
smbd: Avoid exit_server() in setup_kernel_oplock_poll_open()

Failure to postpone a request is not really fatal: We just don't retry
as wanted but return an error to the client that might have resolved
itself after a few seconds. From my point of view such a spurious and
rare error, which is highly unlikely anyway does not justify to kill
that client's connection.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
832b9eb6 by Volker Lendecke at 2019-08-07T23:45:49+00:00
smbd: Make setup_kernel_oplock_poll_open() more general

This is a generic "open retry without locking.tdb waiter" loop: Take
the specific timeouts as parameters.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
50a3d086 by Volker Lendecke at 2019-08-07T23:45:49+00:00
smbd: Make setup_poll_open() return bool

This is for callers who don't want to call open_was_deferred()
afterwards

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1bc7d18b by Volker Lendecke at 2019-08-07T23:45:50+00:00
smbd: Do not exceed the req's max timeout in setup_poll_open()

This will become important in the next commits when the SMB1 sharing
violation delay will use this. We want to be able to reduce the
timeout to less than 200msec, see the next commits.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
305ea37c by Volker Lendecke at 2019-08-07T23:45:50+00:00
smbd: Get "req->request_time" early in create_file_default()

This is necessary for the following case:

We want to delete a file with an open stream that is not open with
FILE_SHARE_DELETE. In SMB1, we need to defer the sharing violation
reply (we don't do that right now, test to follow). However, when we
move that sharing violation delay to where it belongs, into the outer
layers, only very deep in the nested open_streams_for_delete smb1
sharing violation delay handling call we will hit the sharing
violation in the 1-second retry case. However, that
open_streams_for_delete itself is INTERNAL_OPEN_ONLY and thus not
deferred itself. This means that it will not overwrite
req->request_time at all.

Exec summary: We only have one request_time now, set it properly as
early as possible.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c7e110e5 by Volker Lendecke at 2019-08-07T23:45:50+00:00
smbd: Add defer_sharing_violation_smb1

This is close to what Windows SMB1 does: Instead of waiting for the
share entry causing the SHARING_VIOLATION to disappear, retry every
200msec up to one second. Windows does it a little differently: Retry
up to 5 times. But up to one second should be close enough.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4c08043e by Volker Lendecke at 2019-08-07T23:45:50+00:00
smbd: Move handling the 1sec sharing_violation delay into smb1 code

Simplify the flow in open_file_ntcreate, streamline it for SMB2

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
897c36f2 by Volker Lendecke at 2019-08-08T01:05:38+00:00
torture: SMB1 unlink needs delay for a stream's SHARING_VIOLATION

Survives against W2k12R2

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Aug  8 01:05:38 UTC 2019 on sn-devel-184

- - - - -
a16477e6 by Swen Schillig at 2019-08-08T06:44:12+00:00
registry: Free memory at the end of each loop run to prevent mem leak

Found during torture test runs with enable address-sanitizer.

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Aug  8 06:44:12 UTC 2019 on sn-devel-184

- - - - -
d167fb40 by Swen Schillig at 2019-08-08T10:08:32+00:00
ldb: Fix mem allocation in torture test to satisfy sanitizer

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
235288ac by Swen Schillig at 2019-08-08T10:08:32+00:00
util: Free memory in genrand torture test to satisfy sanitizer

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
bb8cc595 by Swen Schillig at 2019-08-08T10:08:32+00:00
ndr: Free memory in torture test to satisfy sanitizer

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
84e519f3 by Swen Schillig at 2019-08-08T10:08:32+00:00
util: Free memory in charset torture test to satisfy sanitizer

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
f9a32767 by Swen Schillig at 2019-08-08T10:08:32+00:00
ldb: Free memory in torture test to satisfy sanitizer

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
3bf91584 by Swen Schillig at 2019-08-08T11:33:32+00:00
tfork: Free memory in torture test to satisfy sanitizer

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Aug  8 11:33:32 UTC 2019 on sn-devel-184

- - - - -
9e0b6f66 by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3:rpc_server: factor out rpc_mdssvc_sources

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
17f29fa8 by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3:mdssvc: README.Coding fixes, long lines, modernize debug macros

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f80f8c5f by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3:mdssvc: move debug macro to header file

This is going to be used from other parts of the code soon.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1ef96e09 by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3-mdssvc: factor out Tracker backend logic

This moves all Tracker backend logic into a modularized component.

This should not result in any change in behaviour, it just paves the way
for adding additional backends. Currently the only available backend is
Gnome Tracker.

slq_destroy_send/recv is not needed anymore as the problem is solved now by
correctly checking if an async Tracker request was cancelled and we got
G_IO_ERROR_CANCELLED in tracker_con_cb() or tracker_query_cb() and avoid using
user_data in that the case.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
66b8d86d by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3:mdssvc: pass down sharename and SNUM

Not used for now, will be needed in the upcoming Elasticsearch backend.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1b897df4 by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3:mdssvc: new option "spotlight backend"

Currently there's only the tracker backend, but subsequent commits will add
other backends.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b5731a94 by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3:mdssvc: add Unicode normalisation

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f58026b3 by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3:mdssvc: mds_dalloc_dump() -> dalloc_dump()

Move mds_dalloc_dump() to dalloc and rename it to dalloc_dump().

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2d98fb57 by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3:mdssvc: move some code to a subsystem

We need this in a later patchset when adding a mdssvc client library and for
unit tests.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e5a4114b by Ralph Boehme at 2019-08-08T20:24:31+00:00
s3:mdssvc: log inode number in ino_path_map_destr_cb()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c742ab7a by Ralph Boehme at 2019-08-08T20:24:32+00:00
s3:mdssvc: add noindex backend

Add a new default backend that, while allowing mdsvc RPC and search queries from
clients, always returns no results.

Shares using this backend will behave the same way as shares on a macOS SMB
server where indexing is disabled.

This change will later also allow us to compile the Spotlight RPC service by
default which is a big step in the direction of adding tests to CI.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0b1d9d40 by Ralph Boehme at 2019-08-08T20:24:32+00:00
s3:mdssvc: supposed status field is in fact a fragment indicator

Spotted this in mdssvc response that containied many results for a search
request: if the mdssvc response blob is larger then ~32k, the server fragments
the response in 32k fragments and sets the "fragment" field to 1.

Note that mdssvc implemenets result set "fragmentation" at the result set layer,
not at the marshalled response buffer layer. Therefor mdssvc always sets this
field to 0.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9e706ee5 by Ralph Boehme at 2019-08-08T20:24:32+00:00
unittest: workaround dependency problem in test_lib_util_modules

waf somehow screws the dependencies and the module ends up with a bunch of
missing RPC related symbols once an RPC service has special dependencies like
the mdssvc RPC service.

  $ bin/test_lib_util_modules
  test: test_samba_module_probe
  success: test_samba_module_probe
  test: test_samba_module_probe_dummy
  Error loading module '/home/samba/src/bin/modules/rpc/test_dummy_module.so':
  /home/samba/src/bin/modules/rpc/test_dummy_module.so: undefined symbol:
  rpc_service_mode
  failure: test_samba_module_probe_dummy [
  NT_STATUS_IS_OK(status)
  ../../testsuite/unittests/test_lib_util_modules.c:39: error: Failure!
  ]
  test: test_samba_module_probe_slash
  success: test_samba_module_probe_slash

This is currently not noticed as mdssvc is not enabled in selftest, but that is
going to change with a subsequent commit.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
25c5012c by Ralph Boehme at 2019-08-08T20:24:32+00:00
s3:mdssvc: avoid strncpy when marshalling strings

Avoids failure when at O3 level:

  [2082/4232] Compiling source3/rpc_server/mdssvc/marshalling.c

  ==> /builds/samba-team/devel/samba/samba-o3.stderr <==
  In file included from /usr/include/string.h:494,
                   from /usr/include/bsd/string.h:30,
                   from ../../lib/tevent/../replace/replace.h:164,
                   from ../../source3/include/includes.h:23,
                   from ../../source3/rpc_server/mdssvc/marshalling.c:21:
  In function ‘strncpy’,
      inlined from ‘sl_pack_string’ at ../../source3/rpc_server/mdssvc/marshalling.c:493:2,
      inlined from ‘sl_pack_loop’ at ../../source3/rpc_server/mdssvc/marshalling.c:607:13:
  /usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’ output
  truncated before terminating nul copying as many bytes from a string as its
  length [-Werror=stringop-truncation]
    106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
        |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  ../../source3/rpc_server/mdssvc/marshalling.c: In function ‘sl_pack_loop’:
  ../../source3/rpc_server/mdssvc/marshalling.c:458:8: note: length computed here
    458 |  len = strlen(s);
        |        ^~~~~~~~~
  cc1: all warnings being treated as errors

Marshalled strings are not 0 terminated.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
12ef7b38 by Ralph Boehme at 2019-08-08T20:24:32+00:00
s3:wscript: enable Spotlight by default

Now that we have a no-op backend that is always available, we can compile mdssvc
by default.

The new behaviour is:

option not used       Default: build mdsvc with available backends
                      from autodetection
--disable-spotlight   Do not build mdssvc
--enable-spotlight    Build mdssvc and require a real backend
		      (currently Tracker, in the future also Elasticsearch)

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9d6794df by Ralph Boehme at 2019-08-08T20:24:32+00:00
librpc: add RPC_NDR_MDSSVC

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c282d76d by Ralph Boehme at 2019-08-08T20:24:32+00:00
torture: start of a mdssvc packet (un)marshalling testsuite

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ed37f2d3 by Ralph Boehme at 2019-08-08T20:24:32+00:00
s3:mdssvc: marshalling: add a newline to a DEBUG message

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d67c9818 by Ralph Boehme at 2019-08-08T20:24:32+00:00
s3:mdssvc: marshalling: fix unpacking empty filemeta structure

This is how a correct dump of an empty sl_filemeta_t container should look like:

DALLOC_CTX(#1): {
	sl_array_t(#3): {
		uint64_t: 0x0023
		CNIDs: unkn1: 0x0, unkn2: 0x0
			DALLOC_CTX(#0): {
			}
		sl_filemeta_t(#0): {
		}
	}
}

This is basically the response from macOS mdssvc for a query that yields no
results: sl_filemeta_t is empty, the CNIDs array as well.

Looking at the raw packet data, the empty sl_filemeta_t container as a size of 8
bytes which fails the following check in sl_unpack_cpx():

        case SQ_CPX_TYPE_FILEMETA:
                ...
		if (tag.size < 16) {
		        *boom*
                }

Only tag.size=0 is invalid, tag.size=8 denotes an empty container and tag.size>=16
denotes a sl_filemeta_t container with actual content must be unpacked by
calling sl_unpack(). Note that size is always a muliple of 8.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
29ef0306 by Ralph Boehme at 2019-08-08T20:24:32+00:00
s3:mdssvc: marshalling: fix unpacking empty CNID structure

Pass the correct tag member tag.size to sl_unpack_CNID(), not
tag.length. tag.size is the size actually used in a buffer of size tag.length.

Cf other users of tag.size that already do this correctly, this was only wrong
in this place.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b34fd5b9 by Ralph Boehme at 2019-08-08T20:24:32+00:00
s3:mdssvc: fix unmarshalling of empty CNID array

len=0 is invalid, len=8 is an empty array, len>8 is an array with members, so
for the len=8 case we must add the empty cnid array.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4162ba78 by Ralph Boehme at 2019-08-08T20:24:32+00:00
lib:torture: add torture_assert_u32_[not_]equal[_goto] macros

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2cb978b6 by Ralph Boehme at 2019-08-08T20:24:32+00:00
rpcclient: domain_sid is only needed for SAMR

This allows using rpcclient commands with servers that don't implement LSA
QueryInfoPolicy.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b45a09f0 by Ralph Boehme at 2019-08-08T20:24:32+00:00
rpcclient: add some simple commands for Spotlight RPC

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
017af5d5 by Ralph Boehme at 2019-08-08T20:24:33+00:00
torture: beginning of a mdssvc RPC service test-suite

Yikes! Most tests fail atm.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5750f38c by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvc: fix error handling of mdssvc RPC requests

It seems for certain error cases macOS just sends an empty response
blob. So if our mdssvc request processing fails, we should just return an empty
response blob, but not fail the mdssvc request at the DCERPC layer.

Example, passing "xxx" as sharename which does not exist at the server:

  $ bin/rpcclient -U slow%pass macmini -c "fetch_attributes xxx /foo/bar 123" -d 10
  ....
  Got pdu len 56, data_len 32
  rpc_api_pipe: got frag len of 56 at offset 0: NT_STATUS_OK
  rpc_api_pipe: host macmini returned 32 bytes.
  mdssvc_cmd: struct mdssvc_cmd
     out: struct mdssvc_cmd
         fragment                 : *
             fragment                 : 0x00000000 (0)
         response_blob            : *
             response_blob: struct mdssvc_blob
                 length                   : 0x00000000 (0)
                 size                     : 0x00010000 (65536)
                 spotlight_blob           : *
                     spotlight_blob: ARRAY(0)
         unkn9                    : *
             unkn9                    : 0x00000000 (0)
  ...

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a3cb4fca by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvc: macOS returns UINT64_MAX, not 0 for closeQueryForContext mdscmd

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c4b2dc95 by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvc: macOS returns the client values in the open command

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fef3a4c7 by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvc: initialize the returned share_path with the empty string

macOS returns the empty path for an unknown share. This paves the way for that
change. Currently we still fail the RPC request if the share is not known with
DCERPC_FAULT_CANT_PERFORM, but this is wrong and is going to be changed in the
next commit.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
940c3b31 by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvv: don't fail the RPC request if the share name is unknown

Taken from macOS. We have to return an empty share_path and an empty policy
handle, but not fail the RPC request.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
68a9d120 by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvc: update a few debug macros to modern style

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
520175e2 by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvc: use an early return if spotlight is not enabled.

No change in behaviour, best viewed with git show -w.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
63366996 by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvc: the open command must work on shares with Spotlight disabled

Move the implementation of this setting down to the actual search query
processing. macOS has no notion of "spotlight = false" at the DCERPC layer and
the open request will always succeed even on all shares.

When later the client issues search requests on such shares, we ensure we use
the noindex backend.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a5e70550 by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvc: failing the RPC request if the mdssvc policy handle is not found

Turns out macOS mdssvc doesn't fail the RPC request if the policy handle is all
zero. Also, if it fails with a non-all-zero handle, it returns a different RPC
error, namely DCERPC_NCA_S_PROTO_ERROR, not DCERPC_FAULT_CONTEXT_MISMATCH (or
rather their mapped NT_STATUS codes).

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b2bf13ec by Ralph Boehme at 2019-08-08T20:24:33+00:00
s3:mdssvc: close mdssvc rpc command must return in handle

Checked against macOS mdssvc.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
64f18241 by Ralph Boehme at 2019-08-08T21:43:14+00:00
s3:mdssvc: fix slrpc_fetch_attributes() when CNID is not known

Samba currenlty fails the whole RPC request, macOS returns returns a nil entry
for the requested CNID:

DALLOC_CTX(#1): {
	sl_array_t(#3): {
		uint64_t: 0x0000
		CNIDs: unkn1: 0xfec, unkn2: 0x6b000020
			DALLOC_CTX(#1): {
				uint64_t: 0xe4bbf314c03b1e
			}
		sl_filemeta_t(#1): {
			sl_array_t(#2): {
				nil
				nil
			}
		}
	}
}

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Aug  8 21:43:14 UTC 2019 on sn-devel-184

- - - - -
76bf8a1a by Volker Lendecke at 2019-08-09T07:34:04+00:00
mdssvc: Fix the clang build

clang complains about "%lu" not to match size_t on 32-bit FreeBSD

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Aug  9 07:34:05 UTC 2019 on sn-devel-184

- - - - -
9f457799 by Jeremy Allison at 2019-08-09T16:48:36+00:00
s3: VFS: vfs_ceph_snapshots: Make unlink return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
a5af9ac8 by Jeremy Allison at 2019-08-09T16:48:36+00:00
s3: VFS: vfs_ceph_snapshots: Make chmod return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
d1d3d8f3 by Jeremy Allison at 2019-08-09T16:48:36+00:00
s3: VFS: vfs_ceph_snapshots: Make chown return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
eac2ca75 by Jeremy Allison at 2019-08-09T16:48:36+00:00
s3: VFS: vfs_ceph_snapshots: Make ntimes return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
5b1f5455 by Jeremy Allison at 2019-08-09T16:48:36+00:00
s3: VFS: vfs_ceph_snapshots: Make mknod return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
9c2c9414 by Jeremy Allison at 2019-08-09T16:48:36+00:00
s3: VFS: vfs_ceph_snapshots: Make mkdir return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
b3a5c50a by Jeremy Allison at 2019-08-09T16:48:37+00:00
s3: VFS: vfs_ceph_snapshots: Make rmdir return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
0ebb15a6 by Jeremy Allison at 2019-08-09T16:48:37+00:00
s3: VFS: vfs_ceph_snapshots: Make chflags return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
a7921ded by Jeremy Allison at 2019-08-09T16:48:37+00:00
s3: VFS: vfs_ceph_snapshots: Make removexattr return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
64e594e5 by Jeremy Allison at 2019-08-09T18:08:03+00:00
s3: VFS: vfs_ceph_snapshots: Make setxattr return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Aug  9 18:08:03 UTC 2019 on sn-devel-184

- - - - -
e2572242 by Volker Lendecke at 2019-08-09T22:48:46+00:00
smbd: Nobody uses the changed "lease" from grant_fsp_oplock_type

.. except for the DEBUG message

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d2aaef2e by Volker Lendecke at 2019-08-09T22:48:46+00:00
smbd: Make "lease" const in grant_fsp_oplock_type()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
91b479fb by Volker Lendecke at 2019-08-09T22:48:46+00:00
smbd: Make "lease" const in open_file_ntcreate()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
bfa60454 by Volker Lendecke at 2019-08-09T22:48:46+00:00
smbd: Make "lease_key" const in lease_match()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
665e3f02 by Volker Lendecke at 2019-08-09T22:48:46+00:00
smbd: Make "lease" const in create_file_unixpath()

This is the one place where *lease actually got modified. We can
easily make a copy, "struct smb2_lease" is not too large, and this
case is pretty rare anyway.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c2a779f5 by Volker Lendecke at 2019-08-09T22:48:46+00:00
smbd: Make "lease" const in create_file_default()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2c20954a by Volker Lendecke at 2019-08-09T22:48:46+00:00
smbd: Make "lease" const in SMB_VFS_CREATE_FILE()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
16b56549 by Volker Lendecke at 2019-08-09T22:48:46+00:00
smbd: FTRUNCATE regular files only

I don't really have a test case, but to me a positive test for a
regular file makes more sense here than just ruling out FIFOs. While
we probably only ever hit regular files (or FIFOs), there might be
more that we catch and don't properly handle.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fe26ff6e by Volker Lendecke at 2019-08-10T00:07:28+00:00
smbd: Simplify fd_open_atomic()

* Assign *file_created on every exit.

* Directly assign curr_flags without &= / |=

Both of these changes make the routine easier to understand for me,
less jumping around in the code to see where the values came from.

* Do the retry in a "positive" if-clause

Normally I'm a big fan of early returns, but this single retry is so
simple that to me it's easier to understand this way.

Overall, 13 lines less code. YMMV :-)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Aug 10 00:07:28 UTC 2019 on sn-devel-184

- - - - -
6bf6cb16 by Andreas Schneider at 2019-08-10T19:24:29+00:00
libcli:smb: Add forward declaration for gnutls_hmac_hd_t

This file is basically included everywhere. So use a forward declaration
for gnutls_hmac_hd_t. This way we don't have to link everthing against
gnutls to get access to the header path.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b81cb04d by Andreas Schneider at 2019-08-10T19:24:29+00:00
s3:modules: Link vfs_acl_common against gnutls

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5eb4d705 by Andreas Schneider at 2019-08-10T19:24:29+00:00
gitlab-ci: Install compat-gnutls34 on CentOS7

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
99b4791c by Swen Schillig at 2019-08-10T19:24:29+00:00
ldb: Fix mem-leak if talloc_realloc fails

In case of a failing talloc_realloc(), the only reference
to the originally allocated memory is overwritten.
Instead use a temp var until success is verified.

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
16104768 by Swen Schillig at 2019-08-10T19:24:29+00:00
torture: fix mem leak found by ASAN

==14507==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 112 byte(s) in 1 object(s) allocated from:
    #0 0x7f3c76fe5c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
    #1 0x7f3c7680df33 in __talloc_with_prefix ../../lib/talloc/talloc.c:782
    #2 0x7f3c7680df33 in __talloc ../../lib/talloc/talloc.c:824
    #3 0x7f3c7680df33 in _talloc_named_const ../../lib/talloc/talloc.c:981
    #4 0x7f3c7680df33 in _talloc_zero ../../lib/talloc/talloc.c:2422
    #5 0x7f3c7680e2a5 in _talloc_zero_array ../../lib/talloc/talloc.c:2775
    #6 0x557a50d4a09f in torture_bench_treeconnect ../../source4/torture/raw/tconrate.c:165
    #7 0x7f3c730e4772 in wrap_simple_test ../../lib/torture/torture.c:633
    #8 0x7f3c730e875e in internal_torture_run_test ../../lib/torture/torture.c:442
    #9 0x7f3c730e9543 in torture_run_tcase_restricted ../../lib/torture/torture.c:507
    #10 0x7f3c730e9dd5 in torture_run_suite_restricted ../../lib/torture/torture.c:357
    #11 0x7f3c730ea434 in torture_run_suite ../../lib/torture/torture.c:339
    #12 0x557a50c1b54a in run_matching ../../source4/torture/smbtorture.c:93
    #13 0x557a50c1cf56 in torture_run_named_tests ../../source4/torture/smbtorture.c:143
    #14 0x557a50c2099d in main ../../source4/torture/smbtorture.c:691
    #15 0x7f3c6b406412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
dbf26d7e by Swen Schillig at 2019-08-10T19:24:29+00:00
torture: fix mem leak found by ASAN (smb2_scan)

Direct leak of 96 byte(s) in 1 object(s) allocated from:
    #0 0x7f63e6938c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
    #1 0x7f63e615fa5c in __talloc_with_prefix ../../lib/talloc/talloc.c:782
    #2 0x7f63e615fa5c in __talloc ../../lib/talloc/talloc.c:824
    #3 0x7f63e615fa5c in _talloc_named_const ../../lib/talloc/talloc.c:981
    #4 0x7f63e615fa5c in talloc_named_const ../../lib/talloc/talloc.c:1748
    #5 0x55609e7530cf in torture_smb2_scan ../../source4/torture/smb2/scan.c:203
    #6 0x7f63e2a37772 in wrap_simple_test ../../lib/torture/torture.c:633
    #7 0x7f63e2a3b75e in internal_torture_run_test ../../lib/torture/torture.c:442
    #8 0x7f63e2a3c543 in torture_run_tcase_restricted ../../lib/torture/torture.c:507
    #9 0x7f63e2a3cdd5 in torture_run_suite_restricted ../../lib/torture/torture.c:357
    #10 0x7f63e2a3cf25 in torture_run_suite_restricted ../../lib/torture/torture.c:362
    #11 0x7f63e2a3d434 in torture_run_suite ../../lib/torture/torture.c:339
    #12 0x55609e3a154a in run_matching ../../source4/torture/smbtorture.c:93
    #13 0x55609e3a2f56 in torture_run_named_tests ../../source4/torture/smbtorture.c:143
    #14 0x55609e3a699d in main ../../source4/torture/smbtorture.c:691
    #15 0x7f63dad59412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
9f193b74 by Swen Schillig at 2019-08-10T20:42:39+00:00
loadparm: fix mem leak found by ASAN

==24948==ERROR: LeakSanitizer: detected memory leaks

Indirect leak of 232 byte(s) in 1 object(s) allocated from:
    #0 0x7fc44b971c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
    #1 0x7fc44a2fe7b0 in __talloc_with_prefix ../../lib/talloc/talloc.c:782
    #2 0x7fc44a2fe7b0 in __talloc ../../lib/talloc/talloc.c:824
    #3 0x7fc44a2fe7b0 in _talloc_named_const ../../lib/talloc/talloc.c:981
    #4 0x7fc44a2fe7b0 in _talloc_array ../../lib/talloc/talloc.c:2764
    #5 0x7fc44a1239bc in str_list_make_v3 ../../lib/util/util_strlist_v3.c:58
    #6 0x7fc44a123e3b in str_list_make_v3_const ../../lib/util/util_strlist_v3.c:127
    #7 0x7fc44b14cc1a in init_globals ../../source3/param/loadparm.c:547
    #8 0x7fc44b14deef in lp_load_ex ../../source3/param/loadparm.c:3876
    #9 0x7fc44b14f97c in lp_load_initial_only ../../source3/param/loadparm.c:4025
    #10 0x7fc44b479235 in cmdline_messaging_context ../../source3/lib/cmdline_contexts.c:34
    #11 0x557cf59d642c in process_options ../../source3/utils/smbpasswd.c:200
    #12 0x557cf59d642c in main ../../source3/utils/smbpasswd.c:633
    #13 0x7fc4419f5412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat Aug 10 20:42:39 UTC 2019 on sn-devel-184

- - - - -
0b64e84c by Jeremy Allison at 2019-08-12T00:00:40+00:00
s3: VFS: vfs_snapper: Make unlink return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
8eb79cd0 by Jeremy Allison at 2019-08-12T00:00:40+00:00
s3: VFS: vfs_snapper: Make chmod return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
872cd6fb by Jeremy Allison at 2019-08-12T00:00:40+00:00
s3: VFS: vfs_snapper: Make chown return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
78b3784f by Jeremy Allison at 2019-08-12T00:00:40+00:00
s3: VFS: vfs_snapper: Make ntimes return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
f5dbda6f by Jeremy Allison at 2019-08-12T00:00:40+00:00
s3: VFS: vfs_snapper: Make mknod return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
6539d3be by Jeremy Allison at 2019-08-12T00:00:40+00:00
s3: VFS: vfs_snapper: Make mkdir return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
2022338b by Jeremy Allison at 2019-08-12T00:00:41+00:00
s3: VFS: vfs_snapper: Make rmdir return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
5d791718 by Jeremy Allison at 2019-08-12T00:00:41+00:00
s3: VFS: vfs_snapper: Make chflags return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
3beffd18 by Jeremy Allison at 2019-08-12T00:00:41+00:00
s3: VFS: vfs_snapper: Make removexattr return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
e6b7d782 by Jeremy Allison at 2019-08-12T01:18:44+00:00
s3: VFS: vfs_snapper: Make setxattr return errno = EROFS on a shadow copy path.

smbd has no business modifying a shadow copy filesystem, it should be read-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Mon Aug 12 01:18:45 UTC 2019 on sn-devel-184

- - - - -
70ff2169 by Andreas Schneider at 2019-08-12T09:23:39+00:00
lib:util: Add generate_nonce_buffer()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b2506f24 by Andreas Schneider at 2019-08-12T09:23:40+00:00
libcli:smb: Use generate_nonce_buffer() for AES-CCM and AES-GCM nonce

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2b2df6cd by Andreas Schneider at 2019-08-12T09:23:40+00:00
s3:smbd: Use generate_nonce_buffer() for AES-CCM and AES-GCM nonce

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
bf52ab7d by Andreas Schneider at 2019-08-12T09:23:40+00:00
lib:util: Add better documentation for generate_secret_buffer()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4b248051 by Andreas Schneider at 2019-08-12T09:23:40+00:00
s4:rpc_server: Use generate_secret_buffer() to create a session key

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5a62056b by Andreas Schneider at 2019-08-12T09:23:40+00:00
s4:rpc_server: Use generate_secret_buffer() for backupkey wap_key

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a21770cf by Andreas Schneider at 2019-08-12T09:23:40+00:00
s4:rpc_server: Use generate_secret_buffer() for netlogon challange

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
c3ba556f by Andreas Schneider at 2019-08-12T10:42:34+00:00
libcli:auth: Use generate_secret_buffer() for netlogon challenge

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Aug 12 10:42:35 UTC 2019 on sn-devel-184

- - - - -
5e9a25ae by David Disseldorp at 2019-08-12T23:23:31+00:00
ctdb/doc: fix some double-word typos

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f2472f48 by David Disseldorp at 2019-08-13T00:42:09+00:00
s3/pdb: fix debug message typos

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 13 00:42:09 UTC 2019 on sn-devel-184

- - - - -
a3dad846 by Volker Lendecke at 2019-08-14T07:39:38+00:00
librpc: Fix CID 1452292 Null pointer dereferences  (REVERSE_INULL)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
02eb2c92 by Volker Lendecke at 2019-08-14T07:39:38+00:00
smbd: Fix CID 1452291 Null pointer dereferences  (NULL_RETURNS)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f1b749ee by Volker Lendecke at 2019-08-14T07:39:38+00:00
smbd: Fix CID 1452290 Null pointer dereferences  (REVERSE_INULL)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
77ae0429 by Volker Lendecke at 2019-08-14T07:39:38+00:00
lib: CID 1452289: API usage errors  (USE_AFTER_FREE)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
dee721af by Volker Lendecke at 2019-08-14T08:59:23+00:00
torture: Fix CID 1452288 Null pointer dereferences  (NULL_RETURNS)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Aug 14 08:59:23 UTC 2019 on sn-devel-184

- - - - -
758962a0 by Martin Schwenke at 2019-08-14T09:11:34+00:00
ctdb-tools: Drop 'o' option from getopts command

Commit 90de5e0594b9180226b9a13293afe31f18576b3d remove the processing
for this option but forgot to remove it from the getopts command.

Versions of ShellCheck >= 0.4.7 warn on this, so it is worth fixing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14086
RN: Fix onnode test failure with ShellCheck >= 0.4.7
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
83f73b5a by Martin Schwenke at 2019-08-14T09:11:34+00:00
ctdb-tests: Avoid shellcheck warning SC2086

SC2086 Double quote to prevent globbing and word splitting

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
034f4cfa by Martin Schwenke at 2019-08-14T09:11:34+00:00
ctdb-tests: Avoid shellcheck warning SC2164

SC2164 Use 'cd ... || exit' or 'cd ... || return' in case cd fails

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
664968e5 by Martin Schwenke at 2019-08-14T09:11:34+00:00
ctdb-tests: Avoid shellcheck warning SC2004

SC2004 $/${} is unnecessary on arithmetic variables

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
45c9fe3a by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Avoid shellcheck warning SC2155

SC2155 Declare and assign separately to avoid masking return values

The wscript changes require an identical change in local_daemons.sh.

While touching the lines in wscript, escape the backslashes to make
them literal backslashes.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
93b3b010 by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Avoid shellcheck warning SC2188

SC2188 This redirection doesn't have a command...

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
b198de03 by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Avoid shellcheck warning SC2230

SC2230 which is non-standard...

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
7d95cb22 by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Avoid shellcheck warning SC2034

SC2034 summary appears unused. Verify use (or export if used externally)

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
b1d36e94 by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Avoid shellcheck warning SC2045

SC2045 Iterating over ls output is fragile. Use globs.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
061656d3 by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Simplify test_wrap script

Given other improvements, this is now needlessly complex.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
ba55306f by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Rename CTDB_SCRIPTS_TESTS_BINDIR to CTDB_SCRIPTS_TESTS_LIBEXEC_DIR

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
027b7ca0 by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: New variable CTDB_SCRIPTS_TESTS_BIN_DIR

This can be used to find ctdb_run_tests and ctdb_local_daemons.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
da33fb27 by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Add shellcheck test for some test scripts and includes

These files now pass, so we might as well keep them in good shape.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
91e6fc20 by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Factor out main test loop into run_tests()

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
b3b44ae5 by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Add -I <count> option for iterating tests

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
7c01bf3d by Martin Schwenke at 2019-08-14T09:11:35+00:00
ctdb-tests: Drop mention of non-existent -s option

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
695b3a96 by Martin Schwenke at 2019-08-14T09:11:36+00:00
ctdb-tests: Don't print summary on failure if -e option is specified

If there is a failure it will always be the last test run.  Don't
obscure this by following it with a summary.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
a074dbf6 by Martin Schwenke at 2019-08-14T09:11:36+00:00
ctdb-tools: Fix usage for "ctdb cattdb"

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
3ea95ab4 by Martin Schwenke at 2019-08-14T09:11:36+00:00
ctdb-tests: Add function select_test_node()

Should be used when public IP addresses are not assigned.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
f7f9f57d by Martin Schwenke at 2019-08-14T09:11:36+00:00
ctdb-tests: Use select_test_node() in ctdb setdebug simple test

There is no requirement for IP addresses here.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
5a3d99dc by Martin Schwenke at 2019-08-14T09:11:36+00:00
ctdb-common: Return value of ctdb_queue_length() should be unsigned

Compiling with -Wsign-compare complains:

ctdb/server/ctdb_daemon.c: scope_hint: In function ‘daemon_queue_send’
ctdb/server/ctdb_daemon.c:259:40: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare]
...

The struct ctdb_queue member out_queue_length is actually uint32_t, so
just return that type.

Found by csbuild.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
4bdfbbd8 by Martin Schwenke at 2019-08-14T09:11:36+00:00
ctdb-daemon: Avoid signed/unsigned comparison by declaring as unsigned

Compiling with -Wsign-compare complains:

ctdb/server/ctdb_call.c:831:12: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare]
  831 |  if (count <= ctdb_db->statistics.hot_keys[0].count) {
      |            ^~

and

ctdb/server/ctdb_call.c:844:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare]
  844 |   if (count <= ctdb_db->statistics.hot_keys[i].count) {
      |             ^~

Found by cs-build.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
6c9d1f85 by Martin Schwenke at 2019-08-14T10:29:59+00:00
ctdb-daemon: Avoid signed/unsigned comparison by casting

Compiling with -Wsign-compare complains:

 1047 |  &&  (call->call_id == CTDB_FETCH_WITH_HEADER_FUNC)) {
      |                     ^~

struct ctdb_call is a protocol element, so we can't simply change it.

Found by csbuild.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Wed Aug 14 10:29:59 UTC 2019 on sn-devel-184

- - - - -
2dd7ebe0 by Volker Lendecke at 2019-08-14T11:48:42+00:00
smbd: Fix CID 1452293 Incorrect expression (NO_EFFECT)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Aug 14 11:48:42 UTC 2019 on sn-devel-184

- - - - -
317bc6a7 by Alexander Bokovoy at 2019-08-14T11:49:33+00:00
torture/rpc/lsa: allow testing different lookup levels

Convert torture/rpc/lsa LookupNames/LookupSids code to allow testing
different LSA_LOOKUP_NAMES_* levels. Keep existing level 1
(LSA_LOOKUP_NAMES_ALL) for the current set of tests.

Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
685bb03d by Alexander Bokovoy at 2019-08-14T11:49:33+00:00
lookup_name:  allow own domain lookup when flags == 0

In 2007, we've added support for multiple lookup levels for LSA
LookupNames family of calls. However, forest-wide lookups, as described
in MS-LSAT 2.2.16, never worked because flags passed to lookup_name()
were always set to zero, expecting at least default lookup on a DC to
apply. lookup_name() was instead treating zero flags as 'skip all
checks'.

Allow at least own domain lookup in case domain name is the same.
This should allow FreeIPA DC to respond to LSA LookupNames3 calls from a
trusted AD DC side.

For the reference, below is a request Windows Server 2016 domain
controller sends to FreeIPA domain controller when attempting to look up
a user from a trusted forest root domain that attemps to login to the
domain controller. Notice the level in the lsa_LookupNames3 call and
resulting flags in lookup_name().

[2019/08/03 07:14:24.156065,  1, pid=23639, effective(967001000, 967001000), real(967001000, 0), class=rpc_parse] ../../librpc/ndr/ndr.c:471(ndr_print_function_debug)
       lsa_LookupNames3: struct lsa_LookupNames3
          in: struct lsa_LookupNames3
              handle                   : *
                  handle: struct policy_handle
                      handle_type              : 0x00000000 (0)
                      uuid                     : 0000004c-0000-0000-455d-3018575c0000
              num_names                : 0x00000001 (1)
              names: ARRAY(1)
                  names: struct lsa_String
                      length                   : 0x000a (10)
                      size                     : 0x000c (12)
                      string                   : *
                          string                   : 'XS\ab'
              sids                     : *
                  sids: struct lsa_TransSidArray3
                      count                    : 0x00000000 (0)
                      sids                     : NULL
              level                    : LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 (6)
              count                    : *
                  count                    : 0x00000000 (0)
              lookup_options           : LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
              client_revision          : LSA_CLIENT_REVISION_2 (2)
[2019/08/03 07:14:24.156189,  6, pid=23639, effective(967001000, 967001000), real(967001000, 0), class=rpc_srv] ../../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
  Found policy hnd[0] [0000] 00 00 00 00 4C 00 00 00   00 00 00 00 45 5D 30 18   ....L... ....E]0.
  [0010] 57 5C 00 00                                        W\..
[2019/08/03 07:14:24.156228,  4, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../source3/smbd/sec_ctx.c:215(push_sec_ctx)
  push_sec_ctx(967001000, 967001000) : sec_ctx_stack_ndx = 2
[2019/08/03 07:14:24.156246,  4, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../source3/smbd/uid.c:552(push_conn_ctx)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2019/08/03 07:14:24.156259,  4, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../source3/smbd/sec_ctx.c:319(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2019/08/03 07:14:24.156273,  5, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2019/08/03 07:14:24.156285,  5, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../source3/auth/token_util.c:865(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2019/08/03 07:14:24.156311,  5, pid=23639, effective(0, 0), real(0, 0), class=rpc_srv] ../../source3/rpc_server/lsa/srv_lsa_nt.c:244(lookup_lsa_sids)
  lookup_lsa_sids: looking up name XS\ab
[2019/08/03 07:14:24.156327, 10, pid=23639, effective(0, 0), real(0, 0)] ../../source3/passdb/lookup_sid.c:112(lookup_name)
  lookup_name: XS\ab => domain=[XS], name=[ab]
[2019/08/03 07:14:24.156340, 10, pid=23639, effective(0, 0), real(0, 0)] ../../source3/passdb/lookup_sid.c:114(lookup_name)
  lookup_name: flags = 0x00

Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
4d276a93 by Alexander Bokovoy at 2019-08-14T13:07:42+00:00
smbtorture: extend rpc.lsa to lookup machine over forest-wide LookupNames

Add a simple test to resolve DOMAIN\MACHINE$ via LSA LookupNames3
using LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 level. This level would pass
zero lookup flags to lookup_name().

Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Wed Aug 14 13:07:42 UTC 2019 on sn-devel-184

- - - - -
97c441d7 by Andreas Schneider at 2019-08-14T15:07:24+00:00
lib:util: Fix documentation for random number functions

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
689760f2 by Andreas Schneider at 2019-08-14T15:07:24+00:00
Revert "libcli:auth: Use generate_secret_buffer() for netlogon challenge"

This reverts commit c3ba556f52b15dd80efc26e4fb8f43ce2ee3a7f0.

Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
1c680854 by Andreas Schneider at 2019-08-14T15:07:24+00:00
Revert "s4:rpc_server: Use generate_secret_buffer() for netlogon challange"

This reverts commit a21770cfdffd2a21045a1bc87e489af0f4c6f130.

Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
38b0695d by Andreas Schneider at 2019-08-14T15:07:24+00:00
Revert "s4:rpc_server: Use generate_secret_buffer() for backupkey wap_key"

This reverts commit 5a62056b4530e4c509444be9164a1fca1dce193f.

Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
d73be972 by Andreas Schneider at 2019-08-14T15:07:24+00:00
Revert "s4:rpc_server: Use generate_secret_buffer() to create a session key"

This reverts commit 4b2480518bd3887be3a6cfb713523ac084e09fd5.

Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
93196dd8 by Andreas Schneider at 2019-08-14T15:07:24+00:00
lib:util: Use generate_secret_buffer() for long term passwords

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
a3e36dd8 by Andreas Schneider at 2019-08-14T15:07:24+00:00
s4:samdb: Use generate_nonce_buffer() for AEC GCM nonce

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
6fa3e4de by Andreas Schneider at 2019-08-14T15:07:24+00:00
s3:passdb: Use generate_secret_buffer() for generating passwords

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
9b7825d2 by Andreas Schneider at 2019-08-14T16:26:47+00:00
auth:ntlmssp: Use generate_random_buffer() for session keys

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Wed Aug 14 16:26:47 UTC 2019 on sn-devel-184

- - - - -
02b7e6c7 by Christof Schmitt at 2019-08-14T16:27:43+00:00
quotas: Check group quota for directory when SGID is set

On directories with the "set group id" (SGID) bit is set, new files and
subfolders will be created with the group of the directory, and not with
the primary group of the user. Checking for free space in this case
should query the group quota for the gid of the directory.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
72c4e33d by Christof Schmitt at 2019-08-14T16:27:43+00:00
vfs_gpfs: Check group quota for directory when SGID is set

On directories with the "set group id" (SGID) bit is set, new files and
subfolders will be created with the group of the directory, and not with
the primary group of the user. Checking for free space in this case
should query the group quota for the gid of the directory.

This is the same change as the common smbd code, but since vfs_gpfs
still has its own check for available space and quotas, add it here as
well. A future goal would be to use the common free space check instead
of duplicating code in vfs_gpfs.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
bbb259e7 by Christof Schmitt at 2019-08-14T16:27:43+00:00
vfs_fake_dfq: Add option to fake stat information

Add an option to allow faking the gid and the SGID bit in the returned
stat buffer. That will be used to verify quota queries on folders with
SGID set.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
f77c6c8b by Christof Schmitt at 2019-08-14T16:27:43+00:00
selftest: Add test for quota query on directory with SGID

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
ec05edcc by Christof Schmitt at 2019-08-14T17:47:33+00:00
smbd: Make sys_disk_free static

The function is only called from the same file.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Wed Aug 14 17:47:33 UTC 2019 on sn-devel-184

- - - - -
442a7c9a by Ralph Boehme at 2019-08-15T23:48:41+00:00
vfs_default: use correct flag in vfswrap_fs_file_id

Luckily using the wrong flag ST_EX_IFLAG_CALCULATED_ITIME currently results in
the same semantics as using the correct ST_EX_IFLAG_CALCULATED_FILE_ID, as in
vfs_default the non-calculated file_id is based a non-calculated itime.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14089
RN: vfs_default: use correct flag in vfswrap_fs_file_id

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3ee78cc9 by Ralph Boehme at 2019-08-16T01:07:23+00:00
vfs_glusterfs: initialize st_ex_file_id, st_ex_itime and st_ex_iflags

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14090
RN: vfs_glusterfs: initialize st_ex_file_id, st_ex_itime and st_ex_iflags

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Aug 16 01:07:23 UTC 2019 on sn-devel-184

- - - - -
04f5dbb1 by Jeremy Allison at 2019-08-16T19:52:31+00:00
s3: smbd: Reformatting. Use helper variable for SMB_VFS_RENAME call.

Will make replacement with renameat() clearer later.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c9b38eb7 by Ralph Boehme at 2019-08-16T19:52:32+00:00
s3:smbd: modernize conn_new()

Split the monstrous if into individual allocations. I'm going to add more talloc
allocations in a subsequent commit, so it's time to split this up.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b535f788 by Ralph Boehme at 2019-08-16T19:52:32+00:00
vfs_full_audit: pass conn to smb_fname_str_do_log()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
75f98a19 by Ralph Boehme at 2019-08-16T19:52:32+00:00
s3: VFS: change connection_struct cwd_fname to cwd_fsp

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
606398a3 by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: Add SMB_VFS_RENAMEAT().

Currently identical to SMB_VFS_RENAME() - uses
AT_FDCWD for both src and dst directories.

Next, move add to all VFS modules that implement
rename and eventually remove rename.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
365b8123 by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_audit. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
9859102b by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_cap. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5528bcd4 by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_catia. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ab74d8d5 by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_ceph. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4a415f63 by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_ceph_snapshots. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c36ba3af by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_crossrename. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ca298af6 by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_extd_audit. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8d8faa53 by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_fruit. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4d74ed6f by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_full_audit. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
318461eb by Jeremy Allison at 2019-08-16T19:52:32+00:00
s3: VFS: vfs_glusterfs. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e61da498 by Jeremy Allison at 2019-08-16T19:52:33+00:00
s3: VFS: vfs_media_harmony. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
9193cd40 by Jeremy Allison at 2019-08-16T19:52:33+00:00
s3: VFS: vfs_netatalk. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a2d27f91 by Jeremy Allison at 2019-08-16T19:52:33+00:00
s3: VFS: vfs_shadow_copy2. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a85433f4 by Jeremy Allison at 2019-08-16T19:52:33+00:00
s3: VFS: vfs_snapper. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7ec34e6a by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: VFS: vfs_streams_depot. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
251bb56d by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: VFS: vfs_streams_xattr. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
588e64dd by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: VFS: vfs_syncops. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
16a455d3 by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: VFS: vfs_time_audit. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7978814d by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: VFS: vfs_unityed_media. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d2fc9b13 by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: VFS: vfs_virusfilter. Implement renameat().

Currently identical to rename().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
74ecfe28 by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: smbd: Change rename_internals_fsp() to call SMB_VFS_RENAMEAT().

Use conn->cwd_fsp as current src and dst fsp's.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
25c1b853 by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: torture: Change cmd_vfs to call SMB_VFS_RENAMEAT().

Use conn->cwd_fsp as current src and dst fsp's.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
20564183 by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: smbd: vfs_virusfilter: Use SMB_VFS_RENAMEAT() instead of SMB_VFS_RENAME.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d439c2ba by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: VFS: vfs_recycle. Use SMB_VFS_RENAMEAT() instead of SMB_VFS_RENAME().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ef0d50c2 by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: VFS: vfs_audit. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e591d92e by Jeremy Allison at 2019-08-16T19:52:34+00:00
s3: VFS: vfs_cap. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
9cedbbe8 by Jeremy Allison at 2019-08-16T19:52:35+00:00
s3: VFS: vfs_catia. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
086a7d78 by Jeremy Allison at 2019-08-16T19:52:35+00:00
s3: VFS: vfs_ceph. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
52960225 by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_ceph_snapshots. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ba25d8fb by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_crossrename. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
0464730e by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_extd_audit. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7486b3c9 by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_fruit. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8afb453e by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_glusterfs. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ca4e66cb by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_media_harmony. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
055fda08 by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_netatalk. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d0800852 by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_shadow_copy2. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8e6a283a by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_snapper. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
46d61e20 by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_streams_depot. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c661a5fb by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_streams_depot: Change to using SMB_VFS_RENAMEAT() instead of SMB_VFS_RENAME().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
110aff0c by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_streams_xattr. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
33a243b7 by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_syncops. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d45daf1c by Jeremy Allison at 2019-08-16T19:52:36+00:00
s3: VFS: vfs_unityed_media. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5db3edba by Jeremy Allison at 2019-08-16T19:52:37+00:00
s3: VFS: vfs_virusfilter. Remove rename_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7aadbe56 by Jeremy Allison at 2019-08-16T19:52:37+00:00
s3: VFS: vfs_full_audit. Remove rename_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the rename_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f0ac39d5 by Jeremy Allison at 2019-08-16T19:52:37+00:00
s3: VFS: vfs_time_audit. Remove rename_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the rename_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6acf4c35 by Jeremy Allison at 2019-08-16T19:52:37+00:00
s3: VFS: Complete the replacement of SMB_VFS_RENAME() -> SMB_VFS_RENAMEAT().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5cb539d8 by Jeremy Allison at 2019-08-16T21:10:14+00:00
s3: VFS: vfs_default. Convert underlying system call to renameat().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Aug 16 21:10:14 UTC 2019 on sn-devel-184

- - - - -
3acb8e9d by Martin Schwenke at 2019-08-16T21:30:35+00:00
ctdb-daemon: Add function ctdb_ip_to_node()

This is the core logic from ctdb_ip_to_pnn(), so re-implement that
that function using ctdb_ip_to_node().

Something similar (ctdb_ip_to_nodeid()) was recently removed in commit
010c1d77cd7e192b1fff39b7b91fccbdbbf4a786 because it wasn't required.
Now there is a use case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14084

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
c0662016 by Martin Schwenke at 2019-08-16T21:30:35+00:00
ctdb-tcp: Rename fd -> out_fd

in_fd is coming soon.

Fix coding style violations in the affected and adjacent lines.
Modernise some debug macros and make them more consistent (e.g. drop
logging of errno when strerror(errno) is already logged.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14084

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
c68b6f96 by Martin Schwenke at 2019-08-16T21:30:35+00:00
ctdb-tcp: Move incoming fd and queue into struct ctdb_tcp_node

This makes it easy to track both incoming and outgoing connectivity
states.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14084

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
d80d9edb by Martin Schwenke at 2019-08-16T21:30:35+00:00
ctdb-tcp: Use TALLOC_FREE()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14084

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
7f4854d9 by Martin Schwenke at 2019-08-16T21:30:35+00:00
ctdb-tcp: Create outbound queue when the connection becomes writable

Since commit ddd97553f0a8bfaada178ec4a7460d76fa21f079
ctdb_queue_send() doesn't queue a packet if the connection isn't yet
established (i.e. when fd == -1).  So, don't bother creating the
outbound queue during initialisation but create it when the connection
becomes writable.

Now the presence of the queue indicates that the outbound connection
is up.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14084

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
8c98c10f by Martin Schwenke at 2019-08-16T21:30:35+00:00
ctdb-tcp: Only mark a node connected if both directions are up

Nodes are currently marked as up if the outgoing connection is
established.  However, if the incoming connection is not yet
established then this node could send a request where the replying
node can not queue its reply.  Wait until both directions are up
before marking a node as connected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14084

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
73c850ed by Martin Schwenke at 2019-08-16T22:50:35+00:00
ctdb-tcp: Mark node as disconnected if incoming connection goes away

To make it easy to pass the node data to the upcall, the private data
for ctdb_tcp_read_cb() needs to be changed from tnode to node.

RN: Avoid marking a node as connected before it can receive packets
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14084

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Aug 16 22:50:35 UTC 2019 on sn-devel-184

- - - - -
4be5ffdc by David Mulder at 2019-08-17T03:50:39+00:00
Prevent samba-tool online backup crash

On some GPOs, getting a files ntacl throws an
NT_STATUS_ACCESS_DENIED. Catch and log the
failure when this happens.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14088

Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Tim Beale <timbeale at samba.org>

- - - - -
2b7224ab by Andrew Bartlett at 2019-08-17T03:50:40+00:00
third_party: Remove zlib from third_party

We require zlib 1.2.3.

We stopped requring a patched zlib with 5631a1b9bc03d6cf31af66b13872255f18979fe8

As discussed on samba-technical here:

https://lists.samba.org/archive/samba-technical/2019-May/133476.html

In short, zlib contains some (old, now broken) crypto code that while not compiled
in Samba is best left out of our tarball to ease crypto audits.  It is also very
very out of date and is a slightly modified copy of something otherwise very
likely available on our supported host OSs.  It would be strange to say that
GnuTLS and dependencies are an acceptable burden to install but say zlib is
a step to far.

So it is removed from Samba's third_party with this commit.

The diff between zlib in Samba and official zlib 1.2.3 is included
in third_party/zlib/last-samba-from-1.2.3.diff

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
7d96ed63 by Andrew Bartlett at 2019-08-17T05:10:48+00:00
third_party: Remove historical tombstone about zlib divergance

Now this has been recorded in the git history, we can remove it.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat Aug 17 05:10:48 UTC 2019 on sn-devel-184

- - - - -
58b5bfba by Volker Lendecke at 2019-08-19T23:14:38+00:00
lib: Micro-optimization for db_tdb_do_locked()

We don't need the tdb lock for the talloc_free(buf) anymore

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
a0b0ea8f by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Save two lines in find_share_mode_entry

Directly initialized variables give compilers less reason to complain

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
13fb42ac by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Avoid casts in share_conflict()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
d09bd5f8 by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Merge two DEBUGs into one

This looks easier to understand to me, less lines in logfiles

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
aeb4265e by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Remove a misleading comment

open_mode_check() is done before the oplock breaks.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
38463a91 by Volker Lendecke at 2019-08-19T23:14:38+00:00
lib: Remove a duplicate function prototype

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
9034cb39 by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Optimize delay_for_oplock()

get_lease_type() can involve a database access. Do that only if
necessary, and that is at most once in this loop.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
71c9fd73 by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Simplify is_same_lease()

It does not use "struct share_mode_data"

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
021e2d01 by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Move is_same_lease() up in the file

The next commit will need it there

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
28868d24 by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Simplify delay_for_oplock()

Use is_same_lease()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
6be80573 by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Align integer types

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
4d6f89c9 by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Simplify has_other_nonposix_opens()

We pick quite some information from "fsp" already, so from an API design
perspecitve it's only fair to only use its implicit server_id. This is
what all the callers did anyway.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
706f0af2 by Volker Lendecke at 2019-08-19T23:14:38+00:00
smbd: Optionally wait for a share mode record in setup_poll_open()

This will be used when waiting for a oplock break that has been
signalled via a kernel oplock break.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
002c6d0e by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: For kernel-oplocked files don't call delay_for_oplock()

The kernel has already sent the signal. We don't have to send another
message. Instead, just directly wait for the downgrade to happen via
the watch on the share mode lock assuming it's there. Also setup the
polling interval: I could imagine that in some race situation the file
has already been closed and re-opened by a nonsamba process while we
were waiting.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f8fe0116 by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Move resetting "oplock_request" to before delay_for_oplock()

It seems to make little sense to me to do the oplock break with one
setting and then later on grant_fsp_oplock_type with another
one. Survives tests, I can't think of any scenario where this (to me)
simplification would break anything

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3bd7b119 by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Remove a late ref to "file_existed" in open_file_ntcreate()

If you follow "existing_dos_attributes" through the routine, this can
only ever be !=0 if SMB_VFS_GET_DOS_ATTRIBUTES() was successful. This
can only have been successful if the file existed.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3ecfa36e by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Slightly simplify open_file_ntcreate()

There is no reference to "file_existed" after this point anymore

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5c6163d3 by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Move grant_fsp_oplock_type() close to delay_for_oplock()

Note that this is not a cut&paste: Instead of fsp->access_mask we use
the access_mask the client requested. At the new code location
fsp->access_mask (a.k.a. open_access_mask) might have FILE_WRITE_DATA
from O_TRUNC (a.k.a. FILE_OVERWRITE).

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d4e98b8a by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Move set_share_mode() out of grant_fsp_oplock_type()

This shows that "req", "share_access" and "access_mask" are not needed
for the core logic of grant_fsp_oplock_type() and it separates
concerns a bit: open_directory() also does the set_share_mode() in the
main open routine, not in a helper like grant_fsp_oplock_type()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
385a7fb1 by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Introduce handle_share_mode_lease()

This consolidates the core share_mode_lock access of open_file_ntcreate
into one routine.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d1cb71fa by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Slightly simplify delay_for_oplock()

This is never called for INTERNAL_OPENs anymore, see
handle_share_mode_lease()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
10679b67 by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Slightly simplify grant_fsp_oplock_type()

This is never called with INTERNAL_OPENs anymore

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a4192bc7 by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Make delay_for_oplock() return NTSTATUS

A further commit will merge grant_fsp_oplock_type (returning NTSTATUS)
into delay_for_oplock(). Make that commit smaller.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
7a6fa341 by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Move delay_for_oplock() down

We'll merge grant_fsp_oplock_type() into this function. This makes the next
commit smaller, and the newly extended delay_for_oplocks will for example
reference static file_has_brlocks() above. Make forward declarations
unnecessary.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9a11f361 by Volker Lendecke at 2019-08-19T23:14:39+00:00
smbd: Merge grant_fsp_oplock_type() into delay_for_oplock()

This is a preparation for the next commit: Only walk the share_modes[]
array once when handling oplocks and leases.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8a05d2b0 by Volker Lendecke at 2019-08-20T00:33:12+00:00
smbd: Move lease type detection in delay_for_oplock()

Walk the share_modes array only once.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 20 00:33:12 UTC 2019 on sn-devel-184

- - - - -
c4aebb15 by Aaron Haslett at 2019-08-20T03:40:28+00:00
downgradedatabase: comply with samba.tests.source

In next commit we'll install the script, samba.tests.source picked up the
lack of a copyright message and some whitespace errors, so this patch
fixes that stuff first.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
a8cdbe0b by Tim Beale at 2019-08-20T03:40:28+00:00
tests: Avoid hardcoding relative filepath

If we move the test file, the test will break.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
fdaaee8d by Tim Beale at 2019-08-20T03:40:28+00:00
downgradedatabase: rename to samba_downgrade_db

Just so that it's slightly less of a mouthful for users.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
c89df386 by Aaron Haslett at 2019-08-20T03:40:28+00:00
downgradedatabase: Add man-page documentation

A man-page is needed so that we can install this tool as part of the
Samba package.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
6dcf00ba by Aaron Haslett at 2019-08-20T03:40:28+00:00
downgradedatabase: installing script

Installing downgrade script so people don't need the source tree for it.

Exception added in usage test because running the script without arguments
is valid. (This avoids the need to knownfail it).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
a2b0fc7c by Tim Beale at 2019-08-20T03:40:28+00:00
ldb: Always log when the database pack format changes

LDB_DEBUG_WARNING gets logged by Samba as level 2, whereas the default
log level for Samba is 0. It's not really fair to the user to change the
format of their database on disk and potentially not tell them.

This patch adds a log with level zero (using a alias define, as this
technically isn't a fatal problem).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
d427bd6c by Tim Beale at 2019-08-20T03:40:28+00:00
ldb: Move where we update the pack format version

Store it on the repack context so that we can log a more informative
message "Repacking from format x to format y".

While this is not really a big deal currently, it could be worth
recording for potential future scenarios (i.e. supporting three or more
pack versions), where upgrades could potentially skip an intermediary
pack format version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
38e3e7cd by Tim Beale at 2019-08-20T03:40:29+00:00
ldb: Change pack format defines to enum

The main reason is so that any future pack formats will continue
incrementing this number in a sequential fashion.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
5fee9388 by Tim Beale at 2019-08-20T03:40:29+00:00
ldb: Log pack format in user-friendly way

The "format 0x26011968" log confused me (and I'm a developer).
We can subtract the base offset from the pack format to get a more
user-friendly number, e.g. v0 (not actually used), v1, v2, etc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
ee6537c2 by Tim Beale at 2019-08-20T03:40:29+00:00
ldb: Log the partition we're repacking

Firstly, with Samba AD this looks a little weird because we log the same
message 5 times (once for every partition). If we log that we're doing
this to records in different partitions, hopefully someone with a little
Samba knowledge can figure out what's going on.

Secondly, the info about what partitions are actually changing might be
useful. E.g. if we hit a fatal error repacking the 3rd partition, and
the transaction doesn't abort properly, then it would be useful to know
what partitions were repacked and which ones weren't.

There doesn't appear to be a useful name for the partition
(ldb_kv->kv_ops->name() doesn't seem any more intelligible to a user),
so just log the first record that we update. We can use that to infer
the partition database).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
b6516dbd by Tim Beale at 2019-08-20T04:57:10+00:00
ldb: Free memory when repacking database

The msg for each database record is allocated on the module context, but
never freed. The module seems like it could be a long-running context (as
the database would normally get repacked by the samba executable).

Even if it's not a proper leak, it shouldn't hurt to cleanup the memory.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Tue Aug 20 04:57:10 UTC 2019 on sn-devel-184

- - - - -
f8e79be2 by David Disseldorp at 2019-08-20T06:58:12+00:00
build: fix mandatory typo in zlib configure check

This ensures that waf correctly fails during configure if zlib is
missing.
msg can also be dropped as it matches the waf validate_cfg() default
(ignoring the quotes).

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Aug 20 06:58:12 UTC 2019 on sn-devel-184

- - - - -
a42bcaab by Martin Schwenke at 2019-08-20T07:15:41+00:00
ctdb-daemon: Factor out new function ctdb_node_become_inactive()

This is a superset of ctdb_local_node_got_banned() so will replace
that function, and will also be used in the NODE_STOP control.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14087

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
0f5f7b7c by Martin Schwenke at 2019-08-20T07:15:41+00:00
ctdb-daemon: Switch banning code to use ctdb_node_become_inactive()

There's no reason to avoid immediately setting recovery mode to active
and initiating freeze of databases.

This effectively reverts the following commits:

  d8f3b490bbb691c9916eed0df5b980c1aef23c85
  b4357a79d916b1f8ade8fa78563fbef0ce670aa9

The latter is now implemented using a control, resulting in looser
coupling.

See also the following commit:

  f8141e91a693912ea1107a49320e83702a80757a

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14087

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
91ac4c13 by Martin Schwenke at 2019-08-20T07:15:41+00:00
ctdb-daemon: Drop unused function ctdb_local_node_got_banned()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14087

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
e9f2e205 by Martin Schwenke at 2019-08-20T08:32:27+00:00
ctdb-daemon: Make node inactive in the NODE_STOP control

Currently some of this is supported by a periodic check in the
recovery daemon's main_loop(), which notices the flag change, sets
recovery mode active and freezes databases.  If STOP_NODE returns
immediately then the associated recovery can complete and the node can
be continued before databases are actually frozen.

Instead, immediately do all of the things that make a node inactive.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14087
RN: Stop "ctdb stop" from completing before freezing databases

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Aug 20 08:32:27 UTC 2019 on sn-devel-184

- - - - -
60cba7b3 by Stefan Metzmacher at 2019-08-20T14:45:41+00:00
tdb: Release tdb 1.4.2

* Build fixes
* Improve the performance by inlining the tdb_oob() checks

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Aug 20 14:45:41 UTC 2019 on sn-devel-184

- - - - -
098486da by Anoop C S at 2019-08-20T19:25:28+00:00
vfs_glusterfs: Enable profiling for file system operations

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14093

Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 20 19:25:28 UTC 2019 on sn-devel-184

- - - - -
6c3928e4 by Jeremy Allison at 2019-08-20T21:09:27+00:00
s3: VFS: Add SMB_VFS_LINKAT().

Currently identical to SMB_VFS_LINK().

Next, move add to all VFS modules that implement
link and eventually remove link.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
648e771a by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_cap. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
7d2ba253 by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_ceph. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
2f989023 by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_ceph_snapshots. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
8e563426 by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_full_audit. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
d7517745 by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_glusterfs. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
6e96b98f by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_media_harmony. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
c55b43ba by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_shadow_copy2. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
dad377db by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_snapper. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
571624b8 by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_syncops. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
a14d825a by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_time_audit. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
6b6298b0 by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: VFS: vfs_unityed_media. Implement linkat().

Currently identical to link().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
d4f3d6ce by Jeremy Allison at 2019-08-20T21:09:28+00:00
s3: torture: Change cmd_link to call SMB_VFS_LINKAT().

Use conn->cwd_fsp as current src and dst fsp's.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
ea637f00 by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: smbd: Make hardlink_internals() call SMB_VFS_LINKAT() instead of SMB_VFS_LINK()

Use conn->cwd_fsp as current src and dst fsp's.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
45851ead by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_cap. Remove link_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
22842381 by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_ceph. Remove link_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
f9c3b0b3 by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_ceph_snapshots. Remove link_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
751852ce by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_glusterfs. Remove link_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
38da9023 by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_media_harmony. Remove link_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
a5911429 by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_shadow_copy2. Remove link_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
3c3e62b7 by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_snapper. Remove link_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
295aa5bd by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_syncops. Remove link_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
d31d52f1 by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_unityed_media. Remove link_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
1b244010 by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_full_audit. Remove link_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the rename_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
fb75a3d5 by Jeremy Allison at 2019-08-20T21:09:29+00:00
s3: VFS: vfs_time_audit. Remove link_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the rename_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
f42642e5 by Jeremy Allison at 2019-08-20T22:26:17+00:00
s3: VFS: Complete the replacement of SMB_VFS_LINK() -> SMB_VFS_LINKAT().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 20 22:26:17 UTC 2019 on sn-devel-184

- - - - -
616646a0 by Swen Schillig at 2019-08-21T07:20:39+00:00
talloc: ASAN fix for test_realloc_on_destructor_parent

Direct leak of 96 byte(s) in 1 object(s) allocated from:
    #0 0x7fd52c00dc08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
    #1 0x7fd52befec45 in __talloc_with_prefix ../../talloc.c:782
    #2 0x7fd52befec45 in __talloc ../../talloc.c:824
    #3 0x7fd52befec45 in _talloc_named_const ../../talloc.c:981
    #4 0x7fd52befec45 in talloc_named_const ../../talloc.c:1748
    #5 0x4099bd in test_realloc_on_destructor_parent ../../testsuite.c:1000
    #6 0x4099bd in torture_local_talloc ../../testsuite.c:2129
    #7 0x402603 in main ../../testsuite_main.c:32
    #8 0x7fd52bcb8412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
878e804d by Swen Schillig at 2019-08-21T07:20:39+00:00
talloc: ASAN fix for test_talloc_free_in_destructor

Indirect leak of 104 byte(s) in 1 object(s) allocated from:
    #0 0x7f06393dfc08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
    #1 0x7f06392d0c45 in __talloc_with_prefix ../../talloc.c:782
    #2 0x7f06392d0c45 in __talloc ../../talloc.c:824
    #3 0x7f06392d0c45 in _talloc_named_const ../../talloc.c:981
    #4 0x7f06392d0c45 in talloc_named_const ../../talloc.c:1748
    #5 0x409edd in test_talloc_free_in_destructor ../../testsuite.c:1256
    #6 0x409edd in torture_local_talloc ../../testsuite.c:2138
    #7 0x402603 in main ../../testsuite_main.c:32
    #8 0x7f063908a412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
6c3e8a0a by Swen Schillig at 2019-08-21T07:20:39+00:00
talloc: ASAN fix for test_pool_nest

Direct leak of 96 byte(s) in 1 object(s) allocated from:
    #0 0x7f06393dfc08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
    #1 0x7f06392d0c45 in __talloc_with_prefix ../../talloc.c:782
    #2 0x7f06392d0c45 in __talloc ../../talloc.c:824
    #3 0x7f06392d0c45 in _talloc_named_const ../../talloc.c:981
    #4 0x7f06392d0c45 in talloc_named_const ../../talloc.c:1748
    #5 0x40901e in test_pool_nest ../../testsuite.c:1451
    #6 0x40901e in torture_local_talloc ../../testsuite.c:2096
    #7 0x402603 in main ../../testsuite_main.c:32
    #8 0x7f063908a412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
d0933ec6 by Swen Schillig at 2019-08-21T07:20:39+00:00
talloc: ASAN fix for test_rusty

Direct leak of 100 byte(s) in 1 object(s) allocated from:
     #0 0x7f06393dfc08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
     #1 0x7f06392d1af3 in __talloc_with_prefix ../../talloc.c:782
     #2 0x7f06392d1af3 in __talloc ../../talloc.c:824
     #3 0x7f06392d1af3 in __talloc_strlendup ../../talloc.c:2455
     #4 0x7f06392d1af3 in talloc_strdup ../../talloc.c:2471
     #5 0x40b4f0 in test_rusty ../../testsuite.c:1543
     #6 0x40b4f0 in torture_local_talloc ../../testsuite.c:2146
     #7 0x402603 in main ../../testsuite_main.c:32
     #8 0x7f063908a412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
fc4ad5b6 by Swen Schillig at 2019-08-21T07:20:39+00:00
talloc: ASAN fix for test_magic_protection

Direct leak of 1152 byte(s) in 1 object(s) allocated from:
     #0 0x7f06393dfc08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
     #1 0x7f06392cfd59 in __talloc_with_prefix ../../talloc.c:782
     #2 0x7f06392cfd59 in _talloc_pool ../../talloc.c:837
     #3 0x7f06392cfd59 in talloc_pool ../../talloc.c:859
     #4 0x40b83c in test_magic_protection ../../testsuite.c:1960
     #5 0x40b83c in torture_local_talloc ../../testsuite.c:2164
     #6 0x402603 in main ../../testsuite_main.c:32
     #7 0x7f063908a412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
1b599e5c by Marco Wang at 2019-08-21T08:39:43+00:00
s3: net: net_ads: fix a typo in comment

Signed-off-by: Marco Wang <m.aesophor at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Aug 21 08:39:43 UTC 2019 on sn-devel-184

- - - - -
feccdebe by Andreas Schneider at 2019-08-21T09:57:29+00:00
s4:samdb: Add test_gnutls_value_decryption()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
92b9cdf9 by Andrew Bartlett at 2019-08-21T09:57:29+00:00
encrypted_secrets: Add known and expected value test

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
7bf3c5d7 by Andreas Schneider at 2019-08-21T09:57:29+00:00
s4:samdb: Remove dual-stack mode from (test_)encrypted_secrets

Now we either build with GnuTLS or Samba crypto. If a modern GnuTLS
version is detected that will be used and Samba crypto wont be
available.

This removes the dual-stack mode that encrypted with one and decrypted
with the other in the testsuite.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Commit message clarified by Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
d46e538d by Andreas Schneider at 2019-08-21T09:57:29+00:00
s4:samdb: Only include necessary header files in encrypted_secrets

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
20a42459 by Andreas Schneider at 2019-08-21T09:57:29+00:00
waf: Check for GNUTLS AES CFB support

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
cd97c478 by Andreas Schneider at 2019-08-21T09:57:29+00:00
libcli:auth: Use netlogon_creds_aes_encrypt() in netlogon_creds_step_crypt()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
054efd11 by Andreas Schneider at 2019-08-21T09:57:29+00:00
libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_encrypt()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
ded5aad2 by Andreas Schneider at 2019-08-21T09:57:29+00:00
libcli:auth: Return NTSTATUS for netlogon_creds_aes_encrypt()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adapted by Andrew Bartlett to use gnutls_error_to_ntstatus()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a9672858 by Andreas Schneider at 2019-08-21T09:57:30+00:00
libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_decrypt()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
8ec796f1 by Andrew Bartlett at 2019-08-21T09:57:30+00:00
libcli:auth Return NTSTATUS from netlogon_creds_aes_decrypt()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
5ae119e7 by Andrew Bartlett at 2019-08-21T09:57:30+00:00
crypto: Update REQUIREMENTS file with new minimum version

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
d515b255 by Andrew Bartlett at 2019-08-21T09:57:30+00:00
libcli:auth Check NTSTATUS from netlogon_creds_aes_{en,de}crypt()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
2f827bec by Andrew Bartlett at 2019-08-21T09:57:30+00:00
s3-rpc_server: Check NTSTATUS return value from netlogon_creds_aes_decrypt()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1e427f55 by Andrew Bartlett at 2019-08-21T09:57:30+00:00
s4-rpc_server: Check NTSTATUS return value from netlogon_creds_aes_decrypt()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1aa249e7 by Andrew Bartlett at 2019-08-21T09:57:30+00:00
s3-librpc: Remove unused init_netr_CryptPassword()

Unused since 38d4dba37406515181e4d6f1a1faffc18e652e27 in 2013

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
fefd9509 by Andrew Bartlett at 2019-08-21T09:57:30+00:00
auth/credentials: Check NTSTATUS return from netlogon_creds_aes_encrypt()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
58c781dc by Andreas Schneider at 2019-08-21T09:57:30+00:00
auth:gensec: Use GnuTLS AES128 CFB8 in netsec_do_seq_num()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3b27fd8a by Andrew Bartlett at 2019-08-21T09:57:30+00:00
auth/gensec: Use gnutls_error_to_ntstatus() consistently in schannel

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
025f6a13 by Andreas Schneider at 2019-08-21T09:57:30+00:00
auth:gensec: Use GnuTLS AES CFB8 in netsec_do_seal()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fa8eddc3 by Andrew Bartlett at 2019-08-21T09:57:31+00:00
auth/gensec: Use gnutls_error_to_ntstatus() in netsec_do_seal()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1f6104f0 by Andreas Schneider at 2019-08-21T09:57:31+00:00
lib:crypto: Prepare not to build AES or AES-CMAC if we use GnuTLS support it

Samba will soon require GnuTLS >= 3.4.7.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adjusted by Andrew Bartlett from an earlier more comprehensive patch by Andreas

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
974cebdf by Andrew Bartlett at 2019-08-21T09:57:31+00:00
build: Set minimum GnuTLS version at 3.4.7

This will soon be required for encrypted_secrets in the AD DC, the BackupKey server
and SMB2 as we remove use of the internal AES code.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
52b91cb3 by Andrew Bartlett at 2019-08-21T09:57:31+00:00
s4-rpc_server: Remove Heimdal-based BackupKey server

We rely on a modern GnuTLS now.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
2d54559a by Andrew Bartlett at 2019-08-21T09:57:31+00:00
s4-rpc_server/backupkey: consistently check error codes from GnuTLS

This uses the new gnutls_error_to_werror()

This should resolve Coverity 1452111 as forwarded by Volker.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
e9859ad3 by Andrew Bartlett at 2019-08-21T09:57:31+00:00
lib/crypto: Remove unused RC4 code from Samba

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
85a1c497 by Andrew Bartlett at 2019-08-21T09:57:31+00:00
s4-samdb: Remove duplicate encrypted_secrets code using internal Samba AES

We now rely on GnuTLS 3.4.7 or later.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
068da56a by Andrew Bartlett at 2019-08-21T09:57:31+00:00
build: Remove explicit check for HAVE_GNUTLS_AEAD as we require GnuTLS 3.4.7

We strictly require it and if this were to fail we would want the compile to fail.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
43a941f5 by Andreas Schneider at 2019-08-21T09:57:31+00:00
libcli:smb: Define SMB2_AES_128_CCM_NONCE_SIZE

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
1b384f37 by Andreas Schneider at 2019-08-21T09:57:31+00:00
libcli:smb: Use GnuTLS for AES constants

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adapted to remove Samba AES support

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
37dc63e8 by Andreas Schneider at 2019-08-21T09:57:31+00:00
libcli:smb: Add gnutls_aead_cipher_hd_t to smb2_signing_key structure

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adapted to remove Samba AES support

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
48116a30 by Andreas Schneider at 2019-08-21T09:57:31+00:00
libcli:smb: Use a smb2_signing_key for storing the encryption key

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
87832f61 by Andreas Schneider at 2019-08-21T09:57:32+00:00
libcli:smb: Use a smb2_signing_key for storing the decryption key

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
95e1c85a by Andreas Schneider at 2019-08-21T09:57:32+00:00
s3:smbd: Use smb2_signing_key structure for the encryption key

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b51c4293 by Andreas Schneider at 2019-08-21T09:57:32+00:00
s3:smbd: Use smb2_signing_key structure for the decryption key

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
33bca1fb by Andreas Schneider at 2019-08-21T09:57:32+00:00
s3:smbd: Use GnuTLS for AES constants

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adapted to remove Samba AES

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
69be6b84 by Andreas Schneider at 2019-08-21T09:57:32+00:00
waf: Check for AES128 CMAC support in GnuTLS

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
ee11e3ff by Andreas Schneider at 2019-08-21T09:57:32+00:00
libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_sign_pdu()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adapted by Andrew Bartlett to followup from earlier patch to
allow compile without GnuTLS over the whole series.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
9d8ffc81 by Andrew Bartlett at 2019-08-21T09:57:32+00:00
libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_sign_pdu()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1490f926 by Andreas Schneider at 2019-08-21T09:57:32+00:00
libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_check_pdu()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
70ff03ec by Andrew Bartlett at 2019-08-21T09:57:32+00:00
libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_check_pdu()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
c3f96981 by Andreas Schneider at 2019-08-21T11:14:11+00:00
lib:crypto: Do not build AES-CMAC if we use GnuTLS that supports it

This requires GnuTLS >= 3.6.5.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Aug 21 11:14:11 UTC 2019 on sn-devel-184

- - - - -
52227d19 by Martin Schwenke at 2019-08-21T11:50:30+00:00
ctdb-tests: Reformat node_has_status()

Re-indent and drop non-POSIX left-parenthesis from case labels.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
9b09a873 by Martin Schwenke at 2019-08-21T11:50:30+00:00
ctdb-tests: Drop unused node statuses frozen/unfrozen

Silently drop unused local variable mpat.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
bb590735 by Martin Schwenke at 2019-08-21T11:50:30+00:00
ctdb-tests: Inline handling of recovered and notlmaster statuses

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
bff1a3a5 by Martin Schwenke at 2019-08-21T11:50:30+00:00
ctdb-tests: Handle special cases first and return

All the other cases involve matching bits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
53daeb2f by Martin Schwenke at 2019-08-21T11:50:30+00:00
ctdb-tests: Don't retrieve the VNN map from target node for notlmaster

Use the VNN map from the node running node_has_status().

This means that

  wait_until_node_has_status 1 notlmaster 10 0

will run "ctdb status" on node 0 and check (for up to 10 seconds) if
node 1 is in the VNN map.

If the LMASTER capability has been dropped on node 1 then the above
will wait for the VNN map to be updated on node 0.  This will happen
as part of the recovery that is triggered by the change of LMASTER
capability.  The next command will then only be able to attach to
$TESTDB after the recovery is complete thus guaranteeing a sane state
for the test to continue.

This stops simple/79_volatile_db_traverse.sh from going into recovery
during the traverse or at some other inconvenient time.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
5d655ac6 by Martin Schwenke at 2019-08-21T11:50:30+00:00
ctdb-recoverd: Only check for LMASTER nodes in the VNN map

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
ca4df060 by Martin Schwenke at 2019-08-21T11:50:30+00:00
ctdb-tests: Strengthen volatile DB traverse test

Check the record count more often, from multiple nodes.  Add a case
with multiple records.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
45b9e02f by Martin Schwenke at 2019-08-21T11:50:30+00:00
ctdb-tests: Wait for child process when killing cluster mutex helper

The following test sometimes fails:

==================================================
Running "cluster_mutex_test lock-unlock-lock-unlock ./tests/var/cluster_mutex.lockfile"
--------------------------------------------------
Output (Exit status: 134):
--------------------------------------------------
LOCK
UNLOCK
CONTENTION
NOLOCK
cluster_mutex_test: ../../tests/src/cluster_mutex_test.c:307: test_lock_unlock_lock_unlock: Assertion `dl2->mh != NULL' failed.
--------------------------------------------------
Required output (Exit status: 0):
--------------------------------------------------
LOCK
UNLOCK
LOCK
UNLOCK

FAILED
==========================================================================
TEST FAILED: tests/cunit/cluster_mutex_001.sh (status 1) (duration: 0s)
==========================================================================

This is due to a race in the test.  For the first UNLOCK a signal is
sent to the cluster mutex handler but the test tries to retake the
lock before that process is scheduled and the signal is processed.
Therefore, the fcntl() lock is still held and contention is seen.

After unlocking, tests need to wait until the child has gone, so build
this into ctdb_kill().  This is one of the only places where the PID
is accessible.

Outside of testing, on a real system, nothing will never try
to (re)take the lock so quickly.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
71ad473b by Martin Schwenke at 2019-08-21T13:06:57+00:00
ctdb-tests: Clear deleted record via recovery instead of vacuuming

This test has been flapping because sometimes the record is not
vacuumed within the expected time period, perhaps even because the
check for the record can interfere with vacuuming.  However, instead
of waiting for vacuuming the record can be cleared by doing a
recovery.  This should be much more reliable.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085
RN: Fix flapping CTDB tests

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Wed Aug 21 13:06:57 UTC 2019 on sn-devel-184

- - - - -
a7e7a62f by Swen Schillig at 2019-08-21T15:42:43+00:00
torture: fix mem leak found by ASAN (smb2_connect)

Direct leak of 96 byte(s) in 1 object(s) allocated from:
    #0 0x7f0b16624c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
    #1 0x7f0b15e4ba5c in __talloc_with_prefix ../../lib/talloc/talloc.c:782
    #2 0x7f0b15e4ba5c in __talloc ../../lib/talloc/talloc.c:824
    #3 0x7f0b15e4ba5c in _talloc_named_const ../../lib/talloc/talloc.c:981
    #4 0x7f0b15e4ba5c in talloc_named_const ../../lib/talloc/talloc.c:1748
    #5 0x55ffdd30d591 in torture_smb2_connect ../../source4/torture/smb2/connect.c:199
    #6 0x7f0b12723772 in wrap_simple_test ../../lib/torture/torture.c:633
    #7 0x7f0b1272775e in internal_torture_run_test ../../lib/torture/torture.c:442
    #8 0x7f0b12728543 in torture_run_tcase_restricted ../../lib/torture/torture.c:507
    #9 0x7f0b12728dd5 in torture_run_suite_restricted ../../lib/torture/torture.c:357
    #10 0x7f0b12729434 in torture_run_suite ../../lib/torture/torture.c:339
    #11 0x55ffdd10c54a in run_matching ../../source4/torture/smbtorture.c:93
    #12 0x55ffdd10df56 in torture_run_named_tests ../../source4/torture/smbtorture.c:143
    #13 0x55ffdd11199d in main ../../source4/torture/smbtorture.c:691
    #14 0x7f0b0aa45412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Aug 21 15:42:43 UTC 2019 on sn-devel-184

- - - - -
968f7204 by Swen Schillig at 2019-08-22T00:21:50+00:00
s3: free popt context in utils

If done with popt context it should be free'd.

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
355c9f5a by Swen Schillig at 2019-08-22T00:21:50+00:00
rpcclient: free popt context when done

If done with popt context it should be free'd.

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
42123c11 by Swen Schillig at 2019-08-22T00:21:50+00:00
s4: free popt context in torture

If done with popt context it should be free'd.

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
72d3604a by Swen Schillig at 2019-08-22T00:21:50+00:00
s4: free popt context in client

If done with popt context it should be free'd.

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
24aa5017 by Swen Schillig at 2019-08-22T00:21:50+00:00
s4: free popt context in utils

If done with popt context it should be free'd.

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
5e1c7c08 by Swen Schillig at 2019-08-22T00:21:51+00:00
s4: free popt context in dnsserver

If done with popt context it should be free'd.

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
a7383889 by Swen Schillig at 2019-08-22T01:41:37+00:00
lib: free popt context in texpect

If done with popt context it should be free'd.

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Aug 22 01:41:37 UTC 2019 on sn-devel-184

- - - - -
43642316 by Björn Jacke at 2019-08-22T12:28:30+00:00
python: use os.urandom, which is available in python by definition

os.urandom also uses CSPRNG methods like getrandom() when the underlying OS
provides those.

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
39e06c49 by Björn Jacke at 2019-08-22T13:46:13+00:00
docs-xml: fix problamatic quotes from panic action example

those quotes work for smbd but do not work for the samba binary. Without quotes
it works with both.

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Thu Aug 22 13:46:14 UTC 2019 on sn-devel-184

- - - - -
ad24b7cf by Ralph Wuerthner at 2019-08-22T17:41:20+00:00
s3:net: load registry shares too in 'net vfs stream2adouble'

Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: Ralph Böhme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Aug 22 17:41:20 UTC 2019 on sn-devel-184

- - - - -
c68671bb by Jeremy Allison at 2019-08-22T18:00:33+00:00
s3: VFS: Remove extraneous enum/struct values for removed SMB_VFS_OP_LINK..

Forgot this in removal of SMB_VFS_LINK() patch previously pushed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
e4c4af64 by Jeremy Allison at 2019-08-22T18:00:33+00:00
s3: smbd: Add sys_mknodat() wrapper call.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
e2246876 by Jeremy Allison at 2019-08-22T18:00:33+00:00
s3: VFS: Add SMB_VFS_MKNODAT().

Currently identical to SMB_VFS_MKNOD().

Next, add to all VFS modules that implement
mknod and eventually remove mknod.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
8b27087d by Jeremy Allison at 2019-08-22T18:00:33+00:00
s3: VFS: vfs_cap. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
2aaadbdd by Jeremy Allison at 2019-08-22T18:00:33+00:00
s3: VFS: vfs_ceph. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
a1c06667 by Jeremy Allison at 2019-08-22T18:00:33+00:00
3: VFS: vfs_ceph_snapshots. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
b32f345f by Jeremy Allison at 2019-08-22T18:00:33+00:00
s3: VFS: vfs_glusterfs. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
574d76c0 by Jeremy Allison at 2019-08-22T18:00:33+00:00
s3: VFS: vfs_media_harmony. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
1aead2fe by Jeremy Allison at 2019-08-22T18:00:33+00:00
s3: VFS: vfs_shadow_copy2. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
4ce3cd31 by Jeremy Allison at 2019-08-22T18:00:33+00:00
s3: VFS: vfs_snapper. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
a07ce6ea by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_syncops. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
5f115eca by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_unityed_media. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
6db33e35 by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_full_audit. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
a9099618 by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_time_audit. Implement mknodat().

Currently identical to mknod().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
74127f56 by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: torture: Change cmd_mknod to call SMB_VFS_MKNODAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
7237517c by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: smbd: Make smb_unix_mknod() call SMB_VFS_MKNODAT() instead of SMB_VFS_MKNOD()

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
0d606ef6 by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_cap. Remove mknod_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
0e701ce3 by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_ceph. Remove mknod_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
c15c9eb3 by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_ceph_snapshots. Remove mknod_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
50880f3d by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_glusterfs. Remove mknod_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
331cfa11 by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_media_harmony. Remove mknod_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
b3fa9ccf by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_shadow_copy2. Remove mknod_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
9ba187a5 by Jeremy Allison at 2019-08-22T18:00:34+00:00
s3: VFS: vfs_snapper. Remove mknod_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
5132e78c by Jeremy Allison at 2019-08-22T18:00:35+00:00
s3: VFS: vfs_syncops. Remove mknod_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
42d6d9cf by Jeremy Allison at 2019-08-22T18:00:35+00:00
s3: VFS: vfs_unityed_media. Remove mknod_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
569865d4 by Jeremy Allison at 2019-08-22T18:00:35+00:00
s3: VFS: vfs_full_audit. Remove mknod_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the mknod_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
e37580f4 by Jeremy Allison at 2019-08-22T18:00:35+00:00
s3: VFS: vfs_time_audit. Remove mknod_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the mknod_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
6a8bc6b5 by Jeremy Allison at 2019-08-22T19:17:07+00:00
s3: VFS: Complete the replacement of SMB_VFS_MKNOD() -> SMB_VFS_MKNODAT().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Aug 22 19:17:07 UTC 2019 on sn-devel-184

- - - - -
561e0986 by Andrew Bartlett at 2019-08-22T20:07:38+00:00
docs: Deprecate "rndc command" for Samba 4.11

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14092

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
b4816861 by Andrew Bartlett at 2019-08-22T21:24:00+00:00
s4-dns: Deprecate BIND9_FLATFILE and remove "rndc command"

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Aug 22 21:24:00 UTC 2019 on sn-devel-184

- - - - -
d8863dd8 by Poornima G at 2019-08-23T18:40:08+00:00
vfs_glusterfs: Use pthreadpool for scheduling aio operations

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14098

Signed-off-by: Poornima G <pgurusid at redhat.com>
Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Aug 23 18:40:08 UTC 2019 on sn-devel-184

- - - - -
515c062b by Jeremy Allison at 2019-08-23T18:49:35+00:00
s3: VFS: Add SMB_VFS_READLINKAT().

Currently identical to SMB_VFS_READLINK().

Next, add to all VFS modules that implement
readlink and eventually remove readlink.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
885d804c by Jeremy Allison at 2019-08-23T18:49:35+00:00
s3: VFS: vfs_cap. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
e386ddb6 by Jeremy Allison at 2019-08-23T18:49:35+00:00
s3: VFS: vfs_ceph. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
b692b291 by Jeremy Allison at 2019-08-23T18:49:35+00:00
s3: VFS: vfs_ceph_snapshots. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
de17e762 by Jeremy Allison at 2019-08-23T18:49:35+00:00
s3: VFS: vfs_expand_msdfs. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
3bdb77ad by Jeremy Allison at 2019-08-23T18:49:35+00:00
s3: VFS: vfs_full_audit. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
4874730c by Jeremy Allison at 2019-08-23T18:49:35+00:00
s3: VFS: vfs_glusterfs. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
44c955a8 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_media_harmony. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
06609f3a by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_shadow_copy2. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
eef38b05 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_snapper. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
854320cd by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_time_audit. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
6f1c0d43 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_unityed_media. Implement readlinkat().

Currently identical to readlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
4684e2c9 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: torture: Change cmd_readlink to call SMB_VFS_READLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
65446974 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: smbd: Change is_msdfs_link_internal() to call SMB_VFS_READLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
288fbe35 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: smbd: Change smbd_do_qfilepathinfo(): case SMB_QUERY_FILE_UNIX_LINK: to call SMB_VFS_READLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
406bde26 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: smbd: Change process_symlink_open() to call SMB_VFS_READLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
9ffa8c84 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_cap. Remove readlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
1d1cef73 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_ceph. Remove readlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
0f160428 by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_ceph_snapshots. Remove readlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
5fe9845b by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_expand_msdfs. Remove readlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
f7f2572a by Jeremy Allison at 2019-08-23T18:49:36+00:00
s3: VFS: vfs_glusterfs. Remove readlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
65deb57c by Jeremy Allison at 2019-08-23T18:49:37+00:00
s3: VFS: vfs_media_harmony. Remove readlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
bc55a552 by Jeremy Allison at 2019-08-23T18:49:37+00:00
s3: VFS: vfs_shadow_copy2. Remove readlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
79ac8e9e by Jeremy Allison at 2019-08-23T18:49:37+00:00
s3: VFS: vfs_snapper. Remove readlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
58bce531 by Jeremy Allison at 2019-08-23T18:49:37+00:00
s3: VFS: vfs_unityed_media. Remove readlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
021da2f1 by Jeremy Allison at 2019-08-23T18:49:37+00:00
s3: VFS: vfs_full_audit. Remove readlink_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the mknod_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
5333ac35 by Jeremy Allison at 2019-08-23T18:49:37+00:00
s3: VFS: vfs_time_audit. Remove readlink_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the mknod_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
9b468524 by Jeremy Allison at 2019-08-23T20:06:22+00:00
s3: VFS: Complete the replacement of SMB_VFS_READLINK() -> SMB_VFS_READLINKAT().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Aug 23 20:06:22 UTC 2019 on sn-devel-184

- - - - -
76709153 by Christof Schmitt at 2019-08-23T23:09:12+00:00
pthreadpool: Remove wrong comment.

Commit e45d33e9 removed the sync fallback path for the case that no
thread could be created. Remove the comment for that fallback as it does
not make sense anymore.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Fri Aug 23 23:09:12 UTC 2019 on sn-devel-184

- - - - -
085e179d by Swen Schillig at 2019-08-26T10:19:30+00:00
ctdb-tests: fix mem leak in ltdb_fetch

Direct leak of 256 byte(s) in 8 object(s) allocated from:
    #0 0x7f11b90d9c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
    #1 0x7f11b8f395df in tdb_alloc_read ../../../lib/tdb/common/io.c:696
    #2 0x7f11b8f290ee in _tdb_fetch ../../../lib/tdb/common/tdb.c:274
    #3 0x7f11b8f29379 in tdb_fetch ../../../lib/tdb/common/tdb.c:283
    #4 0x473ecc in ltdb_fetch ../../tests/src/fake_ctdbd.c:904
    #5 0x478b40 in ltdb_transaction_update ../../tests/src/fake_ctdbd.c:993
    #6 0x41fef2 in ctdb_rec_buffer_traverse ../../protocol/protocol_types.c:1656
    #7 0x48108b in ltdb_transaction ../../tests/src/fake_ctdbd.c:1026
    #8 0x48108b in control_trans3_commit ../../tests/src/fake_ctdbd.c:2878
    #9 0x48108b in client_process_control ../../tests/src/fake_ctdbd.c:4147
    #10 0x48108b in client_process_packet ../../tests/src/fake_ctdbd.c:3839
    #11 0x4847f5 in client_read_handler ../../tests/src/fake_ctdbd.c:3806
    #12 0x44f620 in comm_read_done ../../common/comm.c:208
    #13 0x7f11b8f94fe8 in _tevent_req_notify_callback ../../../lib/tevent/tevent_req.c:141
    #14 0x7f11b8f951fd in tevent_req_finish ../../../lib/tevent/tevent_req.c:193
    #15 0x7f11b8f95265 in _tevent_req_done ../../../lib/tevent/tevent_req.c:199
    #16 0x44e876 in pkt_read_handler ../../common/pkt_read.c:133
    #17 0x44f315 in comm_fd_handler ../../common/comm.c:412
    #18 0x7f11b8f92896 in tevent_common_invoke_fd_handler ../../../lib/tevent/tevent_fd.c:138
    #19 0x7f11b8fa6937 in epoll_event_loop ../../../lib/tevent/tevent_epoll.c:736
    #20 0x7f11b8fa6937 in epoll_event_loop_once ../../../lib/tevent/tevent_epoll.c:937
    #21 0x7f11b8f9f53e in std_event_loop_once ../../../lib/tevent/tevent_standard.c:110
    #22 0x7f11b8f90f34 in _tevent_loop_once ../../../lib/tevent/tevent.c:772
    #23 0x7f11b8f955f1 in tevent_req_poll ../../../lib/tevent/tevent_req.c:300
    #24 0x485a04 in start_server ../../tests/src/fake_ctdbd.c:4450
    #25 0x485a04 in main ../../tests/src/fake_ctdbd.c:4544
    #26 0x7f11b8c60412 in __libc_start_main (/lib64/libc.so.6+0x24412)

Signed-off-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Mon Aug 26 10:19:30 UTC 2019 on sn-devel-184

- - - - -
41aaeaf1 by Gary Lockyer at 2019-08-26T23:59:36+00:00
ldb tests: Fix ldb_lmdb_size_test

Fix the lmdb size test which ensures that databases > 4GiB can be
written by the lmdb backend.  This test is not run as part of the normal
CI run as it exhausts the available disk on the test runners.

It was broken by changes to LDB allowing the lmdb map size to be
specified, and requiring GUID indexing by default.

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b1eec5b1 by Andrew Bartlett at 2019-08-26T23:59:36+00:00
ldb: Correct Pigeonhole principle validation in ldb_filter_attrs()

Thankfully this only fails if the DB is corrupt and has a duplicate record.

The test was at the wrong end of the loop, and was for the
wrong boundary condition.  A write after the end of the array would
occour before the condition was hit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13695

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
2117789c by Andrew Bartlett at 2019-08-26T23:59:36+00:00
ldb: use TALLOC_FREE() over talloc_free() in ldb_filter_attrs()

This is a macro that sets the pointer to NULL after the talloc_free()
and is part of our standard coding practices.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
1521a22f by Andrew Bartlett at 2019-08-27T01:16:33+00:00
ldb: Call TALLOC_FREE(filtered_msg->elements) on ldb_filter_attrs() failure

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Aug 27 01:16:33 UTC 2019 on sn-devel-184

- - - - -
54f30f2f by Douglas Bagnall at 2019-08-27T04:44:40+00:00
ldb: don't try to save a value that isn't there

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14049

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a097ddf6 by Douglas Bagnall at 2019-08-27T04:44:40+00:00
ldb: add some dn explode tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14049

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
3f290e95 by Andrew Bartlett at 2019-08-27T04:44:41+00:00
ldb: Rework all pointer NULL tests to use Samba's normal style

Also avoid if () without braces

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14049

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
52bd2dde by Andrew Bartlett at 2019-08-27T04:44:41+00:00
ldb: Add test with == true or false to boolean if statements in ldb_dn_explode()

This is beyond the normal level of clarity we expect in Samba, and is of course
rudundent, but this is a complex routine that has confusing tests, some of
pointers and some of boolean state values.

This tries to make the code as clear as possible pending a more comprehensive
rewrite.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14049

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a8a3cef3 by Andrew Bartlett at 2019-08-27T04:44:41+00:00
ldb: Do not read beyond the end of the extended DN component when printing

The print functions used in Samba NULL terminate, but do not assume they will

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14049

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
10058bcf by Andrew Bartlett at 2019-08-27T04:44:41+00:00
ldb: Extend the ldb_dn_explode test matrix

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14049

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f43da2ad by Andreas Schneider at 2019-08-27T04:44:41+00:00
libcli:smb: Support GnuTLS AES CCM and GCM in smb2_signing_encrypt_pdu()

This requires GnuTLS >= 3.4.0.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adapted to remove Samba AES support

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3d2de36d by Andreas Schneider at 2019-08-27T04:44:41+00:00
libcli:smb: Support GnuTLS AES CCM and GCM in smb2_signing_decrypt_pdu()

This requires GnuTLS >= 3.4.0.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adapted to remove Samba AES support

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
7f56e91d by Andreas Schneider at 2019-08-27T04:44:41+00:00
libcli:smb: Use smb2_signing_key in smb2_signing_decrypt_pdu()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adaped to remove Samba AES support

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b9c4990f by Andreas Schneider at 2019-08-27T04:44:41+00:00
libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_decrypt_pdu()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
eb65fe55 by Andreas Schneider at 2019-08-27T04:44:41+00:00
libcli:smb: Use smb2_signing_key in smb2_signing_encrypt_pdu()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adaped to remove Samba AES support

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
f24f26aa by Andreas Schneider at 2019-08-27T04:44:41+00:00
libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_encrypt_pdu()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
454ed532 by Andreas Schneider at 2019-08-27T04:44:41+00:00
libcli:smb: Prefer AES-GCM over AES-CCM with GnuTLS

The AES-GCM implementation in GnuTLS is faster.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adapted to remove Samba AES support

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2ee1764c by Andreas Schneider at 2019-08-27T04:44:41+00:00
s3:smbd: Prefer AES-GCM over AES-CCM with GnuTLS

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Adapted to remove Samba AES support

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b406b928 by Andrew Bartlett at 2019-08-27T06:01:50+00:00
WHATSNEW: Document new GnuTLS 3.4.7 requirement

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Aug 27 06:01:50 UTC 2019 on sn-devel-184

- - - - -
8190993d by Martin Schwenke at 2019-08-27T15:29:11+00:00
ctdb-recoverd: Fix typo in previous fix

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14085

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Aug 27 15:29:11 UTC 2019 on sn-devel-184

- - - - -
e06d34e9 by Noel Power at 2019-08-27T23:04:37+00:00
s3/libsmb: clang: Fix 'The left operand of '!=' is a garbage value'

Fixes:

source3/libsmb/clifile.c:789:15: warning: The left operand of '!=' is a garbage value <--[clang]
        if (num_data != 100) {
            ~~~~~~~~ ^

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
4bb92554 by Noel Power at 2019-08-27T23:04:37+00:00
s3/libsmb: clang: Fix 'The left operand of '&' is a garbage value'

Fixes:

source3/libsmb/clifile.c:3108:26: warning: The left operand of '&' is a garbage value <--[clang]
            (cr.file_attributes & FILE_ATTRIBUTE_DIRECTORY))
             ~~~~~~~~~~~~~~~~~~ ^

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
ce9fef5f by Noel Power at 2019-08-27T23:04:37+00:00
s3/libsmb: clang: Fix 'Assigned value is garbage or undefined'

Fixes:

source3/libsmb/clifile.c:4898:10: warning: Assigned value is garbage or undefined <--[clang]
                *bsize = (uint64_t)old_bsize;
                       ^ ~~~~~~~~~~~~~~~~~~~
source3/libsmb/clifile.c:4901:10: warning: Assigned value is garbage or undefined <--[clang]
                *total = (uint64_t)old_total;
                       ^ ~~~~~~~~~~~~~~~~~~~
source3/libsmb/clifile.c:4904:10: warning: Assigned value is garbage or undefined <--[clang]
                *avail = (uint64_t)old_avail;

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
bf567380 by Noel Power at 2019-08-27T23:04:37+00:00
s3/libsmb: clang: Fix 'Value stored to 'ea_size' is never read'

Fixes:

source3/libsmb/clifile.c:5290:2: warning: Value stored to 'ea_size' is never read <--[clang]
        ea_size = (size_t)IVAL(rdata,0);
        ^         ~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e874cc90 by Noel Power at 2019-08-27T23:04:37+00:00
s3/libsmb: clang: Fix 'Value stored to 'p' is never read' warning

Fixes:

source3/libsmb/clirap2.c:1197:4: warning: Value stored to 'p' is never read <--[clang]
                        p += rap_getstringp(frame,
                        ^    ~~~~~~~~~~~~~~~~~~~~~
source3/libsmb/clirap2.c:1525:5: warning: Value stored to 'p' is never read <--[clang]
                                p += rap_getstring(frame,
                                ^    ~~~~~~~~~~~~~~~~~~~~
source3/libsmb/clirap2.c:2358:3: warning: Value stored to 'p' is never read <--[clang]
                p += WORDSIZE;            /* skip rsize */
                ^    ~~~~~~~~
source3/libsmb/clirap2.c:2380:3: warning: Value stored to 'p' is never read <--[clang]
                p += rap_getstringp(frame,
                ^    ~~~~~~~~~~~~~~~~~~~~~
4 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
78ca7092 by Noel Power at 2019-08-27T23:04:37+00:00
libcli/auth: clang: Fix 'Value stored to 'status' is never read'

Fixes:

libcli/auth/netlogon_creds_cli.c:2622:2: warning: Value stored to 'status' is never read <--[clang]
        status = netlogon_creds_decrypt_samlogon_validation(&state->tmp_creds,
        ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e1ef9922 by Noel Power at 2019-08-27T23:04:37+00:00
s3/libsmb: clang: Fix 'The left operand of '>' or '<' is a garbage value

Fixes:

source3/libsmb/clireadwrite.c:601:15: warning: The left operand of '>' is a garbage value <--[clang]
        if (received > expected) {

source3/libsmb/clireadwrite.c:799:16: warning: The left operand of '<' is a garbage value <--[clang]
        if ((received < 0) || (received > state->buflen)) {
             ~~~~~~~~ ^

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
fcb0355a by Noel Power at 2019-08-27T23:04:37+00:00
s3/libsmb: clang: Fix '2nd func call argument is uninitalized value'

Fixes:

source3/libsmb/clireadwrite.c:805:2: warning: 2nd function call argument is an uninitialized value <--[clang]
        memcpy(state->buf, buf, received);
        ^                  ~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
ad8fd314 by Noel Power at 2019-08-27T23:04:37+00:00
s3/libsmb: clang: Fix 'Assigned value is garbage or undefined'

Fixes:

source3/libsmb/clireadwrite.c:851:10: warning: Assigned value is garbage or undefined <--[clang]
                *nread = ret;
                       ^

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
2575e406 by Noel Power at 2019-08-28T00:22:49+00:00
s3/libsmb: clang: Fix 'warning: Assigned value is garbage or undefined '

Fixes:

source3/libsmb/clireadwrite.c:1259:17: warning: Assigned value is garbage or undefined <--[clang]
        state->written += written;
                       ^  ~~~~~~~

source3/libsmb/clireadwrite.c:1722:14: warning: The left operand of '>' is a garbage value <--[clang]
        if (written > expected) {
            ~~~~~~~ ^

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Wed Aug 28 00:22:49 UTC 2019 on sn-devel-184

- - - - -
61c5b891 by Noel Power at 2019-08-28T01:47:40+00:00
s3/libsmb: clang: Fix value stored to 'offset' is never read

Fixes:

source3/libsmb/nmblib.c:479:2: warning: Value stored to 'offset' is never read <--[clang]
        offset += 10+rec->rdlength;
        ^         ~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
52d20087 by Noel Power at 2019-08-28T01:47:40+00:00
s3/libads: clang: Fix Value stored to 'canon_princ' is never read

Fixes:

source3/libads/kerberos.c:192:2: warning: Value stored to 'canon_princ' is never read <--[clang]
        canon_princ = me;
        ^             ~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
2abe7852 by Noel Power at 2019-08-28T01:47:40+00:00
s3/libsmb: clang: Fix: The right operand of '<' is a garbage value

Fixes:

source3/libsmb/namequery.c:977:12: warning: The right operand of '<' is a garbage value <--[clang]
        for (i=0;i<count;i++) {
                  ^~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
6ef4736c by Noel Power at 2019-08-28T01:47:40+00:00
s3/libsmb: clang: Fix Value set during its initialization is never read

Fixes:
source3/libsmb/namequery.c:2584:11: warning: Value stored to 'status' during its initialization is never read  <--[clang]
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
32aa8f91 by Noel Power at 2019-08-28T01:47:40+00:00
s3/libsmb: clang: Fix 2nd function call argument is an uninitialized value

source3/libsmb/namequery.c:2719:11: warning: 2nd function call argument is an uninitialized value <--[clang]
                                        if (!convert_ss2service(return_iplist,
                                             ^
source3/libsmb/namequery.c:2733:10: warning: 2nd function call argument is an uninitialized value <--[clang]
                                if (!convert_ss2service(return_iplist,
                                     ^
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f8b5c47a by Noel Power at 2019-08-28T01:47:40+00:00
s3/libsmb: clang: Fix 'warning: Value stored to 'status' is never read'

Fixes:

source3/libsmb/namequery.c:2938:2: warning: Value stored to 'status' is never read <--[clang]
        status = NT_STATUS_OK;
        ^        ~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
0c91634e by Noel Power at 2019-08-28T01:47:40+00:00
s3/libsmb: clang: Fix 'Value stored to 'status' is never read'

Fixes:

source3/libsmb/cliquota.c:340:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
/home/samba/samba/source3/libsmb/cliquota.c:357:4: warning: Value stored to 'status' is never read <--[clang]
                        status = NT_STATUS_OK;
                        ^        ~~~~~~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
0be32039 by Noel Power at 2019-08-28T03:06:42+00:00
s3/libsmb: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/libsmb/cliquota.c:340:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
source3/libsmb/cliquota.c:357:4: warning: Value stored to 'status' is never read <--[clang]
                        status = NT_STATUS_OK;
                        ^        ~~~~~~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Wed Aug 28 03:06:42 UTC 2019 on sn-devel-184

- - - - -
b8f4be98 by Björn Jacke at 2019-08-29T15:53:30+00:00
replace/setxattr: set reasonable and unified errno value in case the EA value was too big

FreeBSD and AIX already set errno to ENAMETOOLONG, this is what we should map
other platforms also to to finally map to the correct NT error code also.

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
56e0ffa1 by Björn Jacke at 2019-08-29T15:53:30+00:00
xattr/setxattr: fix flag support on AIX

AIX requires the flags to be 0, we need to do those checks manually.

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3aea2c0f by Björn Jacke at 2019-08-29T17:10:32+00:00
replace/setxattr: correctly use our flags on Darwin

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Thu Aug 29 17:10:32 UTC 2019 on sn-devel-184

- - - - -
961f07fb by Aaron Haslett at 2019-08-30T07:08:36+00:00
rpc samr: EnumDomainUsers perf improvement

EnumDomainUsers currently takes too long, significantly slowing down
calls to winbind's getpwent which is a core unix API. The time is taken
up by a GUID lookup for every record in the cached result. The advantages
of this approach are:
1. It meets the specified requirement that if a record yet to be returned
	by a search in progress (with a resume handle) is deleted or
	modified, the future returned results correctly reflect the
	new changes.
2. Memory footprint for a search in progress is only 16 bytes per record.

But, those benefits are not worth the significant performance hit
of the lookups, so this patch changes the function to run the search
and cache the RIDs and names of all records matching the search when
the request is made. This makes the memory footprint around 200 bytes
per record or up to 2MB per concurrent search for a 100k user database.
The speedup achieved by this change is around 50%, and in tandem with
some winbindd improvements as part of the same task has achieved around
15x speedup for getpwent.

The lost specification compliance is unlikely to cause a problem for any
known usage of this RPC call.

Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b5b6b74b by Aaron Haslett at 2019-08-30T08:26:21+00:00
paged results: tests without server_sort ctrl

On windows, adding or modifying a record during a paged results search
behaves differently depending on whether or not you supply server_sort
control.  This patch adds tests and documentation.

Signed-off-by: Aaron Haslett <aaronhaslett at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Aug 30 08:26:21 UTC 2019 on sn-devel-184

- - - - -
5f70f972 by Andrew Bartlett at 2019-08-30T08:32:30+00:00
selftest: Remove obsolete LDAP backend hooks from selftest.pl et al

This removes some quite complex logic that has not been used since the LDAP
backend project was shelved prior to 2011.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova at symas.com>

- - - - -
4a2d3d8f by Andrew Bartlett at 2019-08-30T08:32:30+00:00
sefltest: Remove tests for obsolete OpenLDAP backend

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova at symas.com>

- - - - -
a4f0a651 by Andrew Bartlett at 2019-08-30T08:32:30+00:00
samba-tool domain provision: Remove experimental OpenLDAP support

This feature has long been obsolete, remaining only in the hope
that it might be revived in the future.

Specifically, in 2011 the S4 OpenLDAP backend HOWTO was removed:

 commit 1d46325af8541ea467c79cd86e65f93ce6a14ff4
 Author: Andrew Bartlett <abartlet at samba.org>
 Date:   Wed Apr 27 22:42:29 2011 +1000

     Remove outdated S4 OpenLDAP backend HOWTO.

There is a project to revive this, hosted here:

https://github.com/Symas/samba
and
https://github.com/Symas/samba_overlays

However discussions at SambaXP with Nadezhda Ivanova
indicate a new approach with slapd being started by Samba
and taught to read native Samba ldb files is more likely
in the short term.

This has the advantage that Samba's provision and offline
tooling would not need to change, with the solution looking
more like how BIND9_DLZ has access to the Samba DB.

If any of this is required then reverting these patches will be
the least of the difficulties in bringing this to production.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova at symas.com>

- - - - -
6d1fe284 by Andrew Bartlett at 2019-08-30T08:32:30+00:00
dsdb: Remove LDAP backend specific modules from extended_dn_out

This simplifies the code considerably.  A real attempt at an LDAP backend would need to implement this
module in a similar way to LDB.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova at symas.com>

- - - - -
3da41b51 by Andrew Bartlett at 2019-08-30T08:32:30+00:00
dsdb: Remove OpenLDAP backend complexity from partitions module

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova at symas.com>

- - - - -
2b0fc74a by Andrew Bartlett at 2019-08-30T09:50:25+00:00
dsdb: Remove OpenLDAP backend complexity from samba_dsdb module

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova at symas.com>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Aug 30 09:50:25 UTC 2019 on sn-devel-184

- - - - -
5fc2c7dd by Mathieu Parent at 2019-09-01T22:21:25+00:00
Spelling fixes s/containter/container/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a1d839f7 by Mathieu Parent at 2019-09-01T22:21:25+00:00
Spelling fixes s/depencies/dependencies/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
2bb4515a by Mathieu Parent at 2019-09-01T22:21:25+00:00
Spelling fixes s/tempates/templates/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
781eaea0 by Mathieu Parent at 2019-09-01T22:21:25+00:00
Spelling fixes s/advertisment/advertisement/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
fbecbe4d by Mathieu Parent at 2019-09-01T22:21:25+00:00
Spelling fixes s/negotatie/negotiate/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
7d1dc971 by Mathieu Parent at 2019-09-01T22:21:25+00:00
Spelling fixes s/sepcific/specific/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
46687a50 by Mathieu Parent at 2019-09-01T22:21:25+00:00
Spelling fixes s/Unsuported/Unsupported/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
8e727867 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/integrety/integrity/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
6b47c125 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/autentication/authentication/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
4449f5d1 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/convertion/conversion/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
eff55803 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/exising/existing/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e19c3e03 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/Mirgate/Migrate/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
b694268e by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/succedded/succeeded/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e8f8d2d2 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/encrpted/encrypted/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a12d843b by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/setted/set/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a59e0ec8 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/hierachy/hierarchy/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
8196b331 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/exisiting/existing/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f2b30a3f by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/Therefor /Therefore /

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
54b6fa86 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/emtpy/empty/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
fbf94dba by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/BUITIN/BUILTIN/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
cdc8c05b by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/serivce/service/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
de813400 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/DISLPAY/DISPLAY/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
dbd6bef2 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/avaiable/available/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
5d0c26fc by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/nonexistant/nonexistent/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
49a6e109 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/componet/component/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
06e0f893 by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/optinally/optionally/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a03bafbc by Mathieu Parent at 2019-09-01T22:21:26+00:00
Spelling fixes s/overriden/overridden/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
0459a6db by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/didnt'/didn't/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
c5e97f1a by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/wont /won't /

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e6654b5f by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/explicite /explicit /

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
d9b50ce7 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/recieved/received/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
271b04aa by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/noone/no one/

Skipping source4/torture/winbind/struct_based.c

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
736bb924 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/ ot / to /

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
619e8f46 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/ upto / up to /

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
7cb0ca41 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/ dont / don't /

Excluding examples/tridge/smb.conf

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
0b8f428b by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/directores/directories/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
80244392 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/filesytems/filesystems/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
4973eb37 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/explizitly/explicitly/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
244c05da by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/simliar/similar/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
875962ed by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/substitue/substitute/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
08cc61f9 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/accidentially/accidentally/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
995f0736 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/rebuilded/rebuilt/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e7407c02 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/concatonated/concatenated/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
eaa44d81 by Mathieu Parent at 2019-09-01T22:21:27+00:00
Spelling fixes s/retreiving/retrieving/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
5a400df0 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/priveliges/privileges/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
284eaa57 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/compatability/compatibility/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
7c2ee8fe by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/ingnored/ignored/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
1a750eb1 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/staticly/statically/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
d6525485 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/implentation/implementation/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
b688926c by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/touble/trouble/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
8b9319c4 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/whitch/which/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
4b207f83 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/suceeded/succeeded/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
105bb063 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/withing/within/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
d605860c by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/valuie/value/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
549a4a82 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/preceeding/preceding/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
2915188c by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/intergration/integration/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f8f4ed75 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/accomodations/accommodations/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a24de325 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/permited/permitted/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f61d72b3 by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/hightest/highest/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
4012811a by Mathieu Parent at 2019-09-01T22:21:28+00:00
Spelling fixes s/varaible/variable/

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f2e37b84 by Mathieu Parent at 2019-09-01T23:38:14+00:00
Spelling fixes s/ querys / queries /

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun Sep  1 23:38:14 UTC 2019 on sn-devel-184

- - - - -
cf397758 by Andrew Bartlett at 2019-09-01T23:55:38+00:00
dsdb: Remove unused entryuuid and nsuniqueid modules

These were for the now removed OpenLDAP backend.  Any future work in this area will
not involve this kind of translation, it will be done much more cleanly.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
af6799bf by Andrew Bartlett at 2019-09-01T23:55:38+00:00
util: Remove unused NS_GUID_string() and NS_GUID_from_string()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14063
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
72201055 by Andrew Bartlett at 2019-09-01T23:55:38+00:00
dsdb: Remove unused simple_dn module

This became unused with 2b0fc74a0916a6ab0d5ac007cc5e100d4682b2ea that
removed the last of the support for the LDAP Backend

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
29729818 by Andrew Bartlett at 2019-09-01T23:55:39+00:00
dsdb: Remove unused local_password module

This was an idea about how Samba might have worked if passwords were
not safe to be stored in a remote DB (get some kind of LDAP backend).

Nothing ever used this, but it was a nice idea.  But git master is not
the place to preserve history, even interesting ideas like splitting
passwords from the non-password data (possible because, in the same way
we are allowed to encrypt them, we do not allow a search on password
values).

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
b76bf7af by Andrew Bartlett at 2019-09-02T01:14:05+00:00
build: Raise minimum python version to 3.5.0 for Samba 4.12

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Sep  2 01:14:05 UTC 2019 on sn-devel-184

- - - - -
dfa4dcf3 by David Disseldorp at 2019-09-02T02:25:29+00:00
build: drop --with-libcephfs=<path> support

--with-libcephfs=<path> provides a mechanism for explicitly specifying
header and library paths for Ceph. This adds unnecessary complexity and
can be achieved using generic compiler environment variables (e.g.
GCC LIBRARY_PATH and C_INCLUDE_PATH), so drop --with-libcephfs support.

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
16c3a00d by Björn Baumbach at 2019-09-02T03:44:24+00:00
build: remove unneeded libceph-common dependency

librados and libcephfs are both dependent on ceph-common, but
ctdb_mutex_ceph_rados_helper and vfs_ceph needn't be explicitly linked
against it.

Signed-off-by: Björn Baumbach <bb at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Sep  2 03:44:24 UTC 2019 on sn-devel-184

- - - - -
e48c1189 by Jeremy Allison at 2019-09-03T08:07:37+00:00
CVE-2019-10197: smbd: separate out impersonation debug info into a new function.

Will be called on elsewhere on successful impersonation.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
6fae8131 by Stefan Metzmacher at 2019-09-03T08:07:37+00:00
CVE-2019-10197: smbd: make sure that change_to_user_internal() always resets current_user.done_chdir

We should not leave current_user.done_chdir as true if we didn't call
chdir_current_service() with success.

This caused problems in when calling vfs_ChDir() in pop_conn_ctx() when
chdir_current_service() worked once on one share but later failed on another
share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
509113fc by Stefan Metzmacher at 2019-09-03T08:07:38+00:00
CVE-2019-10197: smbd: make sure we reset current_user.{need,done}_chdir in become_root()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
d7ed819d by Stefan Metzmacher at 2019-09-03T08:07:38+00:00
CVE-2019-10197: selftest: make fsrvp_share its own independent subdirectory

The next patch will otherwise break the fsrvp related tests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9ab5a51a by Stefan Metzmacher at 2019-09-03T08:07:38+00:00
CVE-2019-10197: test_smbclient_s3.sh: add regression test for the no permission on share root problem

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
efd4832c by Stefan Metzmacher at 2019-09-03T09:27:21+00:00
CVE-2019-10197: smbd: split change_to_user_impersonate() out of change_to_user_internal()

This makes sure we always call chdir_current_service() even
when we still impersonated the user. Which is important
in order to run the SMB* request within the correct working directory
and only if the user has permissions to enter that directory.

It makes sure we always update conn->lastused_count
in chdir_current_service() for each request.

Note that vfs_ChDir() (called from chdir_current_service())
maintains its own cache and avoids calling SMB_VFS_CHDIR()
if possible.

It means we still avoid syscalls if we get a multiple requests
for the same session/tcon tuple.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Tue Sep  3 09:27:22 UTC 2019 on sn-devel-184

- - - - -
4bca8e09 by Jeremy Allison at 2019-09-03T16:15:36+00:00
s3: libsmbclient: Ensure SMBC_readdir_ctx() also updates the readdirplus pointers.

If we are returning file entries, we
have a duplicate list in dirplus.

Update dirplus_next also so readdir and
readdirplus are kept in sync.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14094

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
3d82b7d1 by Jeremy Allison at 2019-09-03T16:15:36+00:00
s3: libsmbclient: Ensure SMBC_readdirplus_ctx() also updates the readdir pointers.

If we are returning file entries, we
have a duplicate list in dir_list.

Update dir_next also so readdir and
readdirplus are kept in sync.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14094

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
754cec77 by Jeremy Allison at 2019-09-03T16:15:36+00:00
s3: libsmbclient: Ensure SMBC_getdents_ctx() also updates the readdirplus pointers.

If we are returning file entries, we
have a duplicate list in dirplus.

Update dirplus_next also so readdir and
readdirplus are kept in sync.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14094

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
0d9b1645 by Jeremy Allison at 2019-09-03T16:15:36+00:00
s3: libsmbclient: Fix smbc_lseekdir() to work with smbc_readdirplus().

If returning files the dir_list and the dirplus_list have exactly the same
entries, we just need to keep the next pointers in sync on seek.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14094

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
3355601f by Jeremy Allison at 2019-09-03T17:31:28+00:00
s3/4: libsmbclient test. Test using smbc_telldir/smbc_lseekdir with smbc_readdir/smbc_readdirplus/smbc_getdents.

Ensure that for file access you can mix any of these
three access methods for directory entries and the
returned names/structs stay in sync across telldir/seekdir
changes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14094

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Sep  3 17:31:29 UTC 2019 on sn-devel-184

- - - - -
42414b5b by Jeremy Allison at 2019-09-03T21:15:42+00:00
s3: VFS: Add SMB_VFS_SYMLINKAT().

Currently identical to SMB_VFS_SYMLINK().

Next, add to all VFS modules that implement
symlink and eventually remove symlink.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
f935989f by Jeremy Allison at 2019-09-03T21:15:42+00:00
s3: VFS: vfs_cap. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
4903c9fc by Jeremy Allison at 2019-09-03T21:15:42+00:00
s3: VFS: vfs_ceph. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
5665a384 by Jeremy Allison at 2019-09-03T21:15:42+00:00
s3: VFS: vfs_ceph_snapshots. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
29b69198 by Jeremy Allison at 2019-09-03T21:15:42+00:00
s3: VFS: vfs_full_audit. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
ff3af0fc by Jeremy Allison at 2019-09-03T21:15:42+00:00
s3: VFS: vfs_glusterfs. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
2d50dfa5 by Jeremy Allison at 2019-09-03T21:15:42+00:00
s3: VFS: vfs_media_harmony. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
e0330475 by Jeremy Allison at 2019-09-03T21:15:42+00:00
s3: VFS: vfs_shadow_copy2. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
787487ae by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: VFS: vfs_snapper. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
4f5de706 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: VFS: vfs_syncops. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
f6d63ff6 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: VFS: vfs_time_audit. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
8c851da4 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: VFS: vfs_unityed_media. Implement symlinkat().

Currently identical to symlink().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
1354f2f5 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: torture: Change cmd_symlink to call SMB_VFS_SYMLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
538f78f0 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: smbd: Change smb_set_file_unix_link() to call SMB_VFS_SYMLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
daf78b02 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: smbd: Change create_msdfs_link() to call SMB_VFS_SYMLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
d970556b by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: VFS: vfs_cap. Remove symlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
1ee61e21 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: VFS: vfs_ceph. Remove symlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
33c00a61 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: VFS: vfs_ceph_snapshots. Remove symlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
cb3b0ee8 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: VFS: vfs_glusterfs. Remove symlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
9b3d3904 by Jeremy Allison at 2019-09-03T21:15:43+00:00
s3: VFS: vfs_media_harmony. Remove symlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
a521377e by Jeremy Allison at 2019-09-03T21:15:44+00:00
s3: VFS: vfs_shadow_copy2. Remove symlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
d492f4d1 by Jeremy Allison at 2019-09-03T21:15:44+00:00
s3: VFS: vfs_snapper. Remove symlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
8ef64494 by Jeremy Allison at 2019-09-03T21:15:44+00:00
s3: VFS: vfs_syncops. Remove symlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
a676e494 by Jeremy Allison at 2019-09-03T21:15:44+00:00
s3: VFS: vfs_unityed_media. Remove symlink_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
2fa1cd37 by Jeremy Allison at 2019-09-03T21:15:44+00:00
s3: VFS: vfs_full_audit. Remove symlink_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the symlink_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
ea5a02e8 by Jeremy Allison at 2019-09-03T21:15:44+00:00
s3: VFS: vfs_time_audit. Remove symlink_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the symlink_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
c5ea3d04 by Jeremy Allison at 2019-09-03T22:32:30+00:00
s3: VFS: Complete the replacement of SMB_VFS_SYMLINK() -> SMB_VFS_SYMLINKAT().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Sep  3 22:32:30 UTC 2019 on sn-devel-184

- - - - -
12326713 by Stefan Metzmacher at 2019-09-04T11:47:04+00:00
tevent: Release tevent 0.10.1

* Update waf to version 2.0.17 in order to
  fix the build with python 3.8.
* Other minor build fixes.

Signed-off-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Sep  4 11:47:04 UTC 2019 on sn-devel-184

- - - - -
9173ae5f by David Disseldorp at 2019-09-04T14:20:16+00:00
s3/lib/ctdbd_conn: assert hdr following read/recv

ctdb_pkt_recv_recv() and ctdb_read_packet() give us a non-null hdr on
success, so drop the error path check in favour of an assert.

This fixes a regression in 3913b9a4088b83d6ed7f94d136a26ecfa7e16b35,
where tevent_req_error() may be skipped in the ctdbd_parse_done()
ctdb_pkt_recv_recv() error path.

Reported-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Noel Power <npower at samba.org>

Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Wed Sep  4 14:20:16 UTC 2019 on sn-devel-184

- - - - -
ad4ef165 by Evgeny Sinelnikov at 2019-09-04T17:02:37+00:00
s3:ldap: Fix join with don't exists machine account

Add check for requested replies of existing machine object during join
machine to domain. This solves regression fail during join with error:
"None of the information to be translated has been translated."

https://bugzilla.samba.org/show_bug.cgi?id=14007

Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Wed Sep  4 17:02:37 UTC 2019 on sn-devel-184

- - - - -
09946c55 by Volker Lendecke at 2019-09-04T17:03:33+00:00
dsdb: Fix CID 1453465: Null pointer dereferences (NULL_RETURNS)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3a0047ea by Volker Lendecke at 2019-09-04T17:03:33+00:00
dsdb: Fix CID 1453464: Error handling issues (CHECKED_RETURN)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e8ac8a35 by Volker Lendecke at 2019-09-04T17:03:34+00:00
samr: Fix CID 1453463: Null pointer dereferences (NULL_RETURNS)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1e2d2094 by Volker Lendecke at 2019-09-04T18:20:22+00:00
torture: Fix the FreeBSD clang build

clang complained that "full_filename==NULL" is always false, because
it's a normal stack variable.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep  4 18:20:22 UTC 2019 on sn-devel-184

- - - - -
8d0d99a4 by Andrew Bartlett at 2019-09-05T02:45:28+00:00
docs: Deprecate "encrypt passwords = no"

This feature is only available for SMB1 and we need to warn users that this
is going away soon, and allow the removal in a future release under our rules
for parameter deprecation.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

- - - - -
1006f7ab by Andrew Bartlett at 2019-09-05T04:04:17+00:00
docs: Deprecate "lanman auth = yes"

This feature is only available for SMB1 and we need to warn users that this
is going away soon, and allow the removal in a future release under our rules
for parameter deprecation.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Sep  5 04:04:18 UTC 2019 on sn-devel-184

- - - - -
4a7fc97d by Amitay Isaacs at 2019-09-06T09:52:48+00:00
ctdb-eventscripts: Fix the regression in 01.reclock.script

Commit ea7708d8c7fa674111ccea58b3cd0757765c702a simplified
01.reclock.script and removed include of functions file which is
required for setting CTDB_HELPER_BINDIR and for die() function.

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
3bd68261 by Amitay Isaacs at 2019-09-06T11:11:02+00:00
ctdb-eventscripts: Remove non-posix -v option to mkdir

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Sep  6 11:11:02 UTC 2019 on sn-devel-184

- - - - -
560c3abf by David Disseldorp at 2019-09-09T10:32:53+00:00
s3:smbcontrol: avoid printing NULL help strings

Some smbcontrol commands leave the .help pointer NULL, resulting in the
following usage text:
        disconnect-dc                 (null)
        notify-cleanup                (null)
	...
        msg-cleanup                   (null)

Improve this by printing an empty string instead.

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Mon Sep  9 10:32:53 UTC 2019 on sn-devel-184

- - - - -
bebee47e by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s4:torture: make rpc.handles.random-assoc test more robust

We've seen failures like this:

  RPC-HANDLE-RANDOM-ASSOC
  connect samr pipe1
  pipe1 uses assoc_group_id[0x00000001]
  connect samr pipe2 with assoc_group_id[0xFFFFFFFF]- should fail
  Failed to bind to uuid 12345778-1234-abcd-ef00-0123456789ac for
    ncacn_np:localdc[\pipe\samr,bigendian,assoc_group_id=0xffffffff,
    abstract_syntax=12345778-1234-abcd-ef00-0123456789ac/0x00000001] NT_STATUS_UNSUCCESSFUL
  connect samr pipe3 with assoc_group_id[0x00000000]- should fail
  UNEXPECTED(failure): samba4.rpc.handles on ncacn_np with bigendian.random-assoc(ad_dc_default)
  REASON: Exception: Exception: ../../source4/torture/rpc/handles.c:546:
    status was NT_STATUS_OK, expected NT_STATUS_UNSUCCESSFUL: opening samr pipe3

Prevent that it wraps to 0x00000000

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
28ac2cba by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:blocking: call change_to_user_by_fsp() when dbwrap_watched_watch* finishes

This is not strictly required as fd-based calls are used,
but it's more consistent to call SMB_VFS_BRL_LOCK_WINDOWS()
in the same environment on retry.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
8b565de1 by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:smb2_lock: call change_to_user_by_fsp() when dbwrap_watched_watch* finishes

This is not strictly required as fd-based calls are used,
but it's more consistent to call SMB_VFS_BRL_LOCK_WINDOWS()
in the same environment on retry.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
0e5613e3 by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:locking: add/split out byte_range_{valid,overlap}() helper functions

They implement the logic from [MS-FSA].

The following commits will use these functions in other locations.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
bd8884e5 by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:locking: add share_mode_wakeup_waiters() helper function

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
3b788d97 by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:blocking: remove unused timeval_brl_min()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
e18c8ced by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:torture: fix the timeout alarm handling on LOCK9

smbXcli_conn_disconnect(alarm_cli->conn, NT_STATUS_OK)
means existing requests are not finished with an error,
but instead just keep dangling arround.

Pass NT_STATUS_LOCAL_DISCONNECT in order to fail the
cli_lock32() call after getting SIGALARM.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
ac28eec3 by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:torture: convert LOCK9 into LOCK9A and LOCK9B

LOCK9A is the original test (with a timeout of -1)
and LOCK9B is the same but with timeout of 10 seconds.

LOCK9B is needed to demonstrate a server bug in the next
commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
2ec9e93a by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:blocking: demonstrate the posix lock retry fails

This is just a temporary commit that shows the bug and its
fix. It will be reverted once the problem is fixed.

The posix lock retry fails if the client specified timeout
is smaller than the hardcoded 1 second retry.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
e79fcfaa by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:blocking: split smbd_smb1_do_locks_retry() into _try() and _retry()

This will make it possible to have just one caller to
smbd_do_locks_try() later and use smbd_smb1_do_locks_try()
from within smbd_smb1_do_locks_send().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Reviewed-by: Volker Lendecke <vl at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
8fe708ac by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:blocking: move from 'timeout' to 'smbd_smb1_do_locks_state->timeout'

This will make it possible to just use smbd_smb1_do_locks_try()
in a later commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
e8d719d3 by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:blocking: fix posix lock retry

We should evaluate the timeout condition after the very last
retry and not before.

Otherwise we'd fail to retry when waiting for posix locks.
The problem happens if the client provided timeout is smaller
than the 1 sec (for testing temporary 15 secs) retry.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
62ec58b0 by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:blocking: Remove bug reproducer from a few commits ago

The problem is fixed, now we can revert the change that made it
easier to trigger.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
15765644 by Stefan Metzmacher at 2019-09-09T14:23:39+00:00
s3:blocking: use dynamic posix lock wait intervals

We want to start with a short timeout (200ms) and
slow down to larger timeouts up to 2s for the default
value of "lock spin time".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
2a77025a by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s4:torture/raw: assert to get LOCK_NOT_GRANTED in torture_samba3_posixtimedlock()

There should not be a different if the blocker is a posix process
instead of another smbd.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
aba0ee46 by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s3:blocking: maintain state->deny_status

For Windows locks we start with LOCK_NOT_GRANTED and use
FILE_LOCK_CONFLICT if we retried after a timeout.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
ad98eec6 by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s3:brlock: always return LOCK_NOT_GRANTED instead of FILE_LOCK_CONFLICT

Returning NT_STATUS_FILE_LOCK_CONFLICT is a SMB1 only detail
for delayed brlock requests, which is handled in
smbd_smb1_do_locks*().

The brlock layer should be consistent even for posix locks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Volker Lendecke <vl at samba.org>

- - - - -
f13d13ae by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s3:smb2_lock: move from 'blocking' to 'state->blocking'

This will simplify the next commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
d096742d by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s3:smb2_lock: split smbd_smb2_lock_retry() into _try() and _retry()

This makes it possible to reuse _try() in the _send() function in the
next commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
39d514cd by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s3:smb2_lock: error out early in smbd_smb2_lock_send()

We no longer expect NT_STATUS_FILE_LOCK_CONFLICT from
the VFS layer and assert that in a future version.

This makes it easier to port the same logic to smbd_smb2_lock_try().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
7f77e0b4 by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s3:smb2_lock: let smbd_smb2_lock_try() explicitly check for the retry condition

This makes it possible to reuse _try() in the _send() function in the
next commit.

We should not retry forever on a hard error.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
359e9992 by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s3:smb2_lock: make use of smbd_smb2_lock_try() in smbd_smb2_lock_send()

We only need the logic to call smbd_do_locks_try() and a possible
retry once in smbd_smb2_lock_try().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
7155d3a2 by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s4:torture/smb2: add smb2.samba3misc.localposixlock1

This demonstrates that the SMB2 code path doesn't do
any retry for local posix locks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
8decf41b by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s3:smb2_lock: add retry for POSIX locks

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
8a7039be by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s4:torture/raw: improvements for multilock2

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
297763c6 by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s4:torture/raw: add multilock3 test

This demonstrates that unrelated lock ranges
are not blocked by other blocked requests on the same
fsp.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
d3e65ceb by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s4:torture/raw: add multilock4 test

This is similar to multilock3, but uses read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the blocked
requests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
6d4296ac by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s4:torture/raw: add multilock5 test

This is similar to multilock3, but uses a read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the first lock
request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
d3bc0199 by Stefan Metzmacher at 2019-09-09T14:23:40+00:00
s4:torture/raw: add multilock6 test

This is similar to multilock3, but uses a read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the 2nd lock
request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
5a841a43 by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
s3:blocking: use timeval_expired(&state->endtime) to stop processing

This is less racy than timeval_elapsed() > 0
as the current time is already expired and timeout = 0
will always work correct.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
8da7c10a by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
s3:blocking: split out smbd_smb1_do_locks_setup_timeout()

This function can be called multiple times, but only
the first time will setup the endtime. And the
endtime is relative to the request time and not
the current time.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
997548a5 by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
s3:blocking: do the timeout calculation before calling dbwrap_watched_watch_send()

This makes the next commits easier to understand.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
31232710 by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
s3:blocking: fix the fsp->blocked_smb1_lock_reqs handling

A new request is first checks against all pending
requests before checking the already granted locks.

Before we retried the lock array of another request
(the first in the list), but then finished current request,
which is wrong.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
6e30a89b by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
s3:blocking: call smbd_smb1_do_locks_setup_timeout() also in smbd_smb1_do_locks_try()

This is a noop if smbd_smb1_do_locks_setup_timeout() was called before.

But it allows us to use smbd_smb1_do_locks_try() in
smbd_smb1_do_locks_send() in a following commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
8975673e by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
s3:blocking: make use of smbd_smb1_do_locks_try() in smbd_smb1_do_locks_send()

We only need the logic to call smbd_smb1_do_locks_check() and a possible
retry once in smbd_smb1_do_locks_try().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
7d1cd6f2 by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
s3:blocking: handle NT_STATUS_RETRY from the VFS backend

This allows the VFS backends to implement async byte
range locking.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
7471b0f6 by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
s3:smb2_lock: handle NT_STATUS_RETRY from the VFS backend

This allows the VFS backends to implement async byte
range locking.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
66d92f37 by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
s3:locking: add brl_req_guid() and brl_req_mem_ctx() helper functions

This allows the vfs backend to detect a retry and keep state between
the retries.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
c2503a5c by Stefan Metzmacher at 2019-09-09T14:23:41+00:00
vfs_delay_inject: add support for brl_[un]lock_windows()

This demonstrates the two ways to handle the retry:
- smb layer retry => plock->context.smblctx = UINT64_MAX
- vfs backend retry => plock->context.smblctx = 0

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
2b43ce67 by Stefan Metzmacher at 2019-09-09T15:42:45+00:00
s3:selftest: add delay_inject:brl_lock_windows testing

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Sep  9 15:42:45 UTC 2019 on sn-devel-184

- - - - -
f5a51061 by Andrew Bartlett at 2019-09-09T21:13:35+00:00
Create SECURITY.md

This file location is shown under "Security -> Policy" on GitHub
and helps ensure people with a need to report a security issue
find us the right way.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Sep  9 21:13:35 UTC 2019 on sn-devel-184

- - - - -
c6b48490 by Stefan Metzmacher at 2019-09-10T17:38:40+00:00
s4:torture: always add ';' after torture_assert()

The next commit will require this.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8270b8c0 by Stefan Metzmacher at 2019-09-10T17:38:40+00:00
lib/torture: protect torture_assert[_goto]() with a do { } while(0) block

This hopefully fixes a lot of coverity defects like:

Control flow issues  (DEADCODE)
Execution cannot reach this statement: ";".

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
849e3842 by Stefan Metzmacher at 2019-09-10T18:56:45+00:00
s4:torture/smb2: try to fix a RESOURCE_LEAK in smb2.samba3misc.localposixlock1

CID 1453656:    (RESOURCE_LEAK)
Handle variable "fd" going out of scope leaks the handle.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Sep 10 18:56:45 UTC 2019 on sn-devel-184

- - - - -
2ecab3c6 by Ralph Boehme at 2019-09-10T19:05:28+00:00
s4:torture: add a file-id related test

Note I'm using the share vfs_fruit_xattr because I need a share with both a
streams and a acl_* VFS object.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5403bb22 by Ralph Boehme at 2019-09-10T19:05:29+00:00
lib: add round_timespec_to_nttime()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
84abeaa6 by Ralph Boehme at 2019-09-10T19:05:29+00:00
s3:lib: round itime to NTTIME resolution in make_file_id_from_itime()

The rounding is needed because when a file is created via eg an SMB2 CREATE
request, we need to calculate the correct File-ID for the QFID Create-Context or
for a subsequent GETINFO SMB request on the same file-handle.

Any later metadata request that received the File-ID will do so by going through
dos_mode() -> ... -> parse_dos_attribute_blob(), where the File-ID will be
calculated from the on-disk itime which has NTTIME resolution.

As long as that is the only available itime backend, I'm rounding itime inside
make_file_id_from_itime(), not in the callers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
3483b75f by Ralph Boehme at 2019-09-10T19:05:29+00:00
s3:smbd: ensure to update the File-ID in struct smb_filename

Initialize the File-ID in fsp->fsp_name->st, any subsequent metadata fetch on
this file-handle needs this, eg QFID SMB2 Create-Context or GETINFO SMB
requests.

It would be nice if SMB_VFS_SET_DOS_ATTRIBUTE() would do this, unfortunately it
gets a const struct smb_filename.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
4e49999c by Ralph Boehme at 2019-09-10T19:05:29+00:00
vfs_catia: stat info may have been updated, make sure to return changes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ac18730f by Ralph Boehme at 2019-09-10T19:05:29+00:00
s3:lib: add update_stat_ex_from_saved_stat()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ab033949 by Ralph Boehme at 2019-09-10T19:05:29+00:00
s3: replace fsp_stat() with vfs_stat_fsp()

Both functions do the same, they differ just in the type of the returned result.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
e00e78cf by Ralph Boehme at 2019-09-10T19:05:30+00:00
s3:vfs: streamline vfs_stat_fsp()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
95655fe6 by Ralph Boehme at 2019-09-10T20:22:21+00:00
vfs: restore stat fields in vfs_stat_fsp()

This ensures we preserve btime, itime and File-ID.

As the Durable Handles code calls vfs_stat_fsp() in the DH disconnect function,
previously the btime was lost and NOT stored in the cookie. With this change the
cookie will store the correct btime (and iflags), which requires us to call
dos_mode() in the reconnect function to ensure we pass
vfs_default_durable_reconnect_check_stat().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Sep 10 20:22:21 UTC 2019 on sn-devel-184

- - - - -
ba72d823 by Volker Lendecke at 2019-09-10T23:14:30+00:00
lib: Properly #ifdef __LIB_FILE_ID_H__

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
049b8833 by Volker Lendecke at 2019-09-10T23:14:30+00:00
lib: Add file_id_str_buf()

file_id_string() without talloc

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b09c216f by Volker Lendecke at 2019-09-10T23:14:31+00:00
lib: Use file_id_str_buf() in file_id_string()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5ca021bd by Volker Lendecke at 2019-09-10T23:14:31+00:00
vfs: Use file_id_str_buf() in xattr_tdb_getattr()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
7e70701a by Volker Lendecke at 2019-09-10T23:14:31+00:00
vfs: Use file_id_str_buf() in xattr_tdb_setattr()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
49d18bbf by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbd: Use file_id_str_buf() in brl_get_locks()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
de8b93b4 by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbd: Use file_id_str_buf() in brl_cleanup_disconnected()

Also avoid some casts and use DBG_ instead of DEBUG()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d9263473 by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbd: Use file_id_str_buf() in share_mode_str()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
feccf9bb by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbd: Use file_id_str_buf() in set_sticky_write_time()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
bf2bf5b1 by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbstatus: Use file_id_str_buf() in print_brl()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fd691fbc by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbd: Use file_id_str_buf() in defer_open()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c88cb0a1 by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbd: Use file_id_str_buf() in setup_poll_open()

While there, remove a pointless empty line

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
24480600 by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbd: Use file_id_str_buf() in close_remove_share_mode()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a9d09d4b by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbd: Fix DBG typo in find_delete_on_close_token()

The routine isn't called find__delete_on_close_token. Also avoid
casts.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b86df6d0 by Volker Lendecke at 2019-09-10T23:14:31+00:00
lib: Remove an obsolete comment

At least as of 2ac9d0afa66 ctdb does not care about db prios anymore

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
92c2a723 by Volker Lendecke at 2019-09-10T23:14:31+00:00
dbwrap: Initialize state in dbwrap_delete()

Probably not required, but looks safer and gives static checkers less
reason to complain about potentially uninitialized variable reads

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4204ed2b by Volker Lendecke at 2019-09-10T23:14:31+00:00
smbd: Use dbwrap_do_locked() in add_fd_to_close_entry()

Less explicit talloc. Right now dbwrap_rbt behind the scenes does a
dbwrap_fetch_locked(), but that will eventually change.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5427f73a by Volker Lendecke at 2019-09-10T23:14:32+00:00
smbd: Use dbwrap_do_locked() in fd_close_posix()

We don't need to make a copy of the fd array

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
436be09c by Volker Lendecke at 2019-09-10T23:14:32+00:00
smbd: Do boolean short-circuiting

&= does bitwise AND, and does not do boolean short-circuiting if the
variable is already 0. As has_other_nonposix_opens() might have its
cost, this speeds up closing a handle.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
bdda1087 by Ralph Boehme at 2019-09-11T00:33:25+00:00
s3:smbd: skip write-time fetching for directories.

The whole logic only applies to files.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 11 00:33:26 UTC 2019 on sn-devel-184

- - - - -
0c0ca0db by Jeremy Allison at 2019-09-11T18:24:28+00:00
s3: smbd: profile: Remove syscall_symlink entry now syscall is no longer used.

Missed as part of the previous replacement of symlink -> symlinkat.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d9d704b0 by Jeremy Allison at 2019-09-11T18:24:28+00:00
s3: torture: vfstest: Change from create_conn_struct_tos() -> create_conn_struct_tos_cwd().

This does a vfs_ChDir() to the share root (not changing the
directory) which correctly sets up the conn->cwd_fsp member
so any XXXAT() calls correctly work inside vfstest.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5e7828fa by Jeremy Allison at 2019-09-11T18:24:28+00:00
s3: pysmbd: Ensure conn->cwd_fsp member of created connections is initialized.

This is needed to correctly call the XXXAT() vfs calls.

We should probably just use create_conn_struct_tos_cwd() here
and pass $cwd instead of using create_conn_struct_tos() and
passing "/" as the share root. We wouldn't change the current
working directory and the created share root would be set to $cwd
but I'm not sure what effects this may have on users of pysmbd
in case any of them pass paths above the $cwd to these functions.

Less changes to just call vfs_ChDir(conn, &cwd) which doesn't
change the current directory and leaves the share root as "/".

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ca3bc780 by Jeremy Allison at 2019-09-11T18:24:28+00:00
s3: VFS: Add SMB_VFS_MKDIRAT().

Currently identical to SMB_VFS_MKDIR().

Next, add to all VFS modules that implement
mkdir and eventually remove mkdir.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6a24668f by Jeremy Allison at 2019-09-11T18:24:28+00:00
s3: VFS: vfs_audit. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
84cb7db8 by Jeremy Allison at 2019-09-11T18:24:28+00:00
s3: VFS: vfs_cap. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
be61efc8 by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_catia. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
808bc397 by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_ceph. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
0c5825de by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_ceph_snapshots. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d5ac3023 by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_extd_audit. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d444cd4e by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_full_audit. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e55ee296 by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_glusterfs. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5dc885a7 by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_xfs_sgid. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
0999e686 by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_media_harmony. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1bcd7995 by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_shadow_copy2. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
41f9c49e by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_snapper. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ef5bb796 by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_syncops. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b691df9c by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_time_audit. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
63132f8b by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_unityed_media. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a799866f by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: VFS: vfs_xattr_tdb. Implement mkdirat().

Currently identical to mkdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
91e24b04 by Jeremy Allison at 2019-09-11T18:24:29+00:00
s3: torture: Change cmd_mkdir to call SMB_VFS_MKDIRAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
497c27a4 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_recycle: Change use of SMB_VFS_NEXT_MKDIR -> SMB_VFS_NEXT_MKDIRAT.

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ea93b756 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_streams_depot: Change use of SMB_VFS_NEXT_MKDIR -> SMB_VFS_NEXT_MKDIRAT.

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d2e62772 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_virusfilter: Change use of SMB_VFS_NEXT_MKDIR -> SMB_VFS_NEXT_MKDIRAT.

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e4e819c0 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: pysmbd: Change py_smbd_mkdir() to call SMB_VFS_MKDIRAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
99e04578 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: smbd: Change mkdir_internal() to call SMB_VFS_MKDIRAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
71833b22 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_audit. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
450d3925 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_cap. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
33221ac5 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_catia. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
abbd55ff by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_ceph. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
fa9f83d3 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_ceph_snapshots. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
79f4b133 by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_extd_audit. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6673d23b by Jeremy Allison at 2019-09-11T18:24:30+00:00
s3: VFS: vfs_glusterfs. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
88fa32fb by Jeremy Allison at 2019-09-11T18:24:31+00:00
s3: VFS: vfs_linux_xfs_sgid. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c33eee02 by Jeremy Allison at 2019-09-11T18:24:31+00:00
s3: VFS: vfs_media_harmony. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8470fe4a by Jeremy Allison at 2019-09-11T18:24:31+00:00
s3: VFS: vfs_shadow_copy2. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
12ab9553 by Jeremy Allison at 2019-09-11T18:24:31+00:00
s3: VFS: vfs_snapper. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
0a8bd881 by Jeremy Allison at 2019-09-11T18:24:31+00:00
s3: VFS: vfs_syncops. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
fcccf3ea by Jeremy Allison at 2019-09-11T18:24:31+00:00
s3: VFS: vfs_unityed_media. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a6f238f6 by Jeremy Allison at 2019-09-11T18:24:31+00:00
s3: VFS: vfs_xattr_tdb. Remove mkdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d992708d by Jeremy Allison at 2019-09-11T18:24:31+00:00
s3: VFS: vfs_full_audit. Remove mkdir_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the mkdir_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2cd27f47 by Jeremy Allison at 2019-09-11T18:24:31+00:00
s3: VFS: vfs_time_audit. Remove mkdir_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the mkdir_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c7167e7a by Jeremy Allison at 2019-09-11T19:44:44+00:00
s3: VFS: Complete the replacement of SMB_VFS_MKDIR() -> SMB_VFS_MKDIRAT().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Sep 11 19:44:44 UTC 2019 on sn-devel-184

- - - - -
219a189c by Volker Lendecke at 2019-09-11T19:59:34+00:00
lib: Add "utok_string"

A terse, one-line unix token representation for debugging purposes

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ae3cfa5d by Volker Lendecke at 2019-09-11T19:59:34+00:00
smbd: Enhance debugging if chdir fails

This helps admins to figure out which user has a problem

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Volker Lendecke <vl at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d836f4a7 by Ralph Boehme at 2019-09-11T19:59:34+00:00
smbd: rename change_to_user() to change_to_user_and_service()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1f4ec344 by Ralph Boehme at 2019-09-11T19:59:34+00:00
smbd: rename change_to_user_by_fsp() to change_to_user_and_service_by_fsp()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1d6fe10e by Ralph Boehme at 2019-09-11T19:59:34+00:00
smbd: README.Coding fixes

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5a736db0 by Ralph Boehme at 2019-09-11T19:59:34+00:00
smbd: inline change_to_user_by_session()

Prepares for removing changing cwd from become_user*() in a subsequent commit.

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b6cf3301 by Stefan Metzmacher at 2019-09-11T19:59:34+00:00
smbd: inline change_to_user_and_service() into become_user()

In the next commit we'll drop the _and_service() part.

Pair-Programmed-With: Ralph Boehme <slow at samba.org>

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
15699475 by Stefan Metzmacher at 2019-09-11T19:59:34+00:00
smbd: remove directory changing from become_user*()

This was the behavior in versions before 4.9 and
it is hopefully not required by current callers of
become_user*().

Pair-Programmed-With: Ralph Boehme <slow at samba.org>

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5da24aa1 by Stefan Metzmacher at 2019-09-11T19:59:34+00:00
smbd: rename [un]become_user*() to [un]become_user_without_service*()

We should make the behavior change (that gives up some protection)
more obvious, by changing the function names.

At least some OEMs have patches relying on the 4.9/4.10 behaviour
and we want them to detect that they have to do more work when they
need to change directories.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e9256b30 by Stefan Metzmacher at 2019-09-11T19:59:35+00:00
smbd: inline change_to_user_internal() into change_to_user_and_service()

There was only one caller left.

Pair-Programmed-With: Ralph Boehme <slow at samba.org>

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
35cd91ee by Stefan Metzmacher at 2019-09-11T21:16:57+00:00
smbd: remove unused current_user.{need,done}_chdir stacking

All become_*()/unbecome_*() functions don't alter the working
directory. Only change_to_user_and_service*() does.

Pair-Programmed-With: Ralph Boehme <slow at samba.org>

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 11 21:16:57 UTC 2019 on sn-devel-184

- - - - -
156eb912 by Ralph Wuerthner at 2019-09-12T16:16:28+00:00
s4:torture: correctly cast printf() argument

In most cases sattrib is passed as a long int literal. Avoid
compile errors by casting the value passed to printf().

Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
aa5b2333 by Ralph Wuerthner at 2019-09-12T16:16:28+00:00
s4:torture: fix closure of test directory handle

Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b730f350 by Ralph Wuerthner at 2019-09-12T17:36:50+00:00
s4:torture: fix file cleanup in smb2.create.delete

Cleanup of test files created by smb2.create.delete is broken because
READONLY is set on the test file. Clear READONLY first before doing
the cleanup.

Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Sep 12 17:36:50 UTC 2019 on sn-devel-184

- - - - -
a0fe965c by Garming Sam at 2019-09-13T11:15:31+00:00
param: Allow rpc server dynamic port range to roundtrip

Originally this parameter only set two other parameters, but never set
the original string. By setting the string as well, we can make it be
emitted by testparm -v correctly (instead of ''), and set it back as the
value for the parameter.

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>

- - - - -
d51bb313 by Garming Sam at 2019-09-13T12:33:32+00:00
whitespace: Conform to coding convention

Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>

Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Fri Sep 13 12:33:32 UTC 2019 on sn-devel-184

- - - - -
522a8480 by Martin Schwenke at 2019-09-17T04:35:25+00:00
ctdb-tests: Drop reference to unused ctdb_eventd test directory

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
68684377 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Use ctdb_get_all_pnns()

The nested, arbitrary use of onnode can cause messages from ssh on
stderr to appear in the node list:

  Getting list of nodes...
  Output of "onnode -pq all ctdb pnn | grep '^[0-9][0-9]*$'":
  Warning: Permanently added '10.0.0.72' (RSA) to the list of known hosts.^M
  Warning: Permanently added '10.0.0.75' (RSA) to the list of known hosts.^M
  Warning: Permanently added '10.0.0.73' (RSA) to the list of known hosts.^M
  Warning: Permanently added '10.0.0.74' (RSA) to the list of known hosts.^M
  1
  0
  3
  2
  Create/wipe test database rec_test.tdb
  Failed to execute "Permanently added '10.0.0.72' (RSA) to the list of known hosts.^M ctdb attach rec_test.tdb" on node(s) "Warning:"
  Invalid <nodespec>

Avoid that by using an existing function that does not nest ssh uses.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
8aed06ce by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Use db_ctdb_cattdb_count_records()

Avoid reinventing the wheel.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
2c6b098c by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Don't run setup_ctdb_base() for real cluster

This has not been needed for some time.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
284bbca7 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Move NFS test functions to complex local script

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
bb040f27 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Only set TEST_SUBDIR when needed

This is only needed for setup_ctdb_base() so only set it when calling
this function.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
42950218 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Drop unused code from onnode unit test ctdb stub

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
497ae563 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Fix zero event scripts test so it tests something

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
8038f4f6 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Avoid shellcheck warnings

SC2086 Double quote to prevent globbing and word splitting

This one doesn't need the double quotes if it is contained within the
preceding variable expansion.

SC2181 Check exit code directly with e.g. 'if mycmd;', not indirectly with $?
SC2004 $/${} is unnecessary on arithmetic variables

These are straightforward.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
84437988 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Invert some logic so it makes sense

The test should be outside the loop.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
2730e483 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Simplify setup_ctdb()

There is no point inventing a whole new set of options here.

Continue to locally implement the --no-event-scripts option.  This
must be first, though in practice only one option is ever passed to
setup_ctdb() from ctdb_test_init().

Simply pass all other options through to "local_daemons.sh setup".
This has the side effect of causing failure when an invalid option is
passed.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
7a5a4a44 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Drop run_tests -d option

The usage message says it is dodgy and some test suites may not
support it.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
2b37d99a by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tests: Put the summary file inside $TEST_VAR_DIR

This means less random files dropped in /tmp or similar.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
32b5ceb3 by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-tools: Stop deleted nodes from influencing ctdb nodestatus exit code

Deleted nodes should simply be ignored.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14129
RN: Stop deleted nodes from influencing ctdb nodestatus exit code

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
597039da by Martin Schwenke at 2019-09-17T04:35:26+00:00
ctdb-utils: CID 1273087 - Resource leak

Ensure that p is not leaked.

This is a test program and the program exits anyway.  No need to
backport.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
80cbebce by Martin Schwenke at 2019-09-17T04:35:27+00:00
ctdb-scripts: Silence shellcheck warning SC2166

This covers the following:

  SC2166: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined..
  SC2166: Prefer [ p ] || [ q ] as [ p -o q ] is not well defined.

POSIX agrees that -a and -o should not be used:

  https://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html

Fixing these doesn't cause much churn.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
fc7f3b99 by Martin Schwenke at 2019-09-17T04:35:27+00:00
ctdb-scripts: Drop bit-rotted shellcheck directive

The code has changed so this is no longer needed.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
84f544b5 by Martin Schwenke at 2019-09-17T05:52:15+00:00
ctdb-client: Fix some typos in debug messages

  tdb_sore -> tdb_store
  SCHDULE_FOR_DELETION -> SCHEDULE_FOR_DELETION

Switch to modern debug macros while touching the lines.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Sep 17 05:52:15 UTC 2019 on sn-devel-184

- - - - -
98fe813d by Khem Raj at 2019-09-17T12:31:40+00:00
lib/replace/wscript: Avoid generating nested main function

clang is not happy when it sees another main nested inside the main
function and fails the test for prctl syscall, therefore avoid adding
implicit main() here

Signed-off-by: Khem Raj <raj.khem at gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
5a80f399 by Khem Raj at 2019-09-17T12:31:40+00:00
util_sec.c: Move __thread variable to global scope

Make clang happy otherwise it complains about variable scope

fixes

source3/./lib/util_sec.c:470:4: error: '__thread' variables must have global storage
        } __thread cache;
          ^

Signed-off-by: Khem Raj <raj.khem at gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
16eb8005 by Andrew Bartlett at 2019-09-17T13:48:18+00:00
build: Remove tests for getdents() and getdirentries()

These date back to 3a9beef2b7b25427ee4611cfc375e05cc82a1150 in 2003 and
829e72fe9c97feaa3d45b768984a4c47b906a23a in 1998 and appear to be related
to smbwrapper.

More of these should be removed but the getdirents() test caused a timeout
on an ARM builder in Debian.  It might just be a fluke but the tests are
pointless regardless.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Sep 17 13:48:18 UTC 2019 on sn-devel-184

- - - - -
e0a3cc46 by Björn Baumbach at 2019-09-17T17:55:55+00:00
vfs/full_audit: always log full filenames

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13565

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Sep 17 17:55:55 UTC 2019 on sn-devel-184

- - - - -
78fce47f by Volker Lendecke at 2019-09-17T22:49:35+00:00
smbd: Use direct struct assignments in smbXsrv_*.c

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3d1da1ac by Volker Lendecke at 2019-09-17T22:49:35+00:00
idl: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4f8db9b3 by Volker Lendecke at 2019-09-17T22:49:35+00:00
vfs: Make "fd_handle->gen_id" 64-bit everywhere

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e00e5334 by Volker Lendecke at 2019-09-17T22:49:35+00:00
smbd: Make fsp->fh->gen_id unique per process

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
41393a64 by Volker Lendecke at 2019-09-17T22:49:35+00:00
smbd: Remove unused smbXsrv_open_hash()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
73543976 by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Make lease_type_is_exclusive() static

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8d63b622 by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Make "current_state" show up first in the blob

Believe it or not, but without this change "num_files" was first.
Thanks Metze for this (to me at least) really, really surprising
insight!

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
cc2e5b41 by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Add quick leases_db_get_current_state()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d12421ac by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Let fsp_lease_type() look at leases.tdb

The same lease can be used via different TCP connections (yes, we have
tests for this!). At the end of downgrade_lease() we update all fsp's
with fsps_lease_update() that link to the lease that just was
changed. However, this is only in the local process, this is not
cross-smbd. So other smbds using the same lease can use stale
information and for example get the mandatory locking wrong.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ba1234d8 by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Introduce helper variables in open_mode_check()

Less bytes .text, the compiler now does not have to expect other threads to
alter the pointers.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d9ce9c42 by Volker Lendecke at 2019-09-17T22:49:36+00:00
lib: Add server_id_cmp()

Will be used later for sorting the share mode array

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
27b63641 by Volker Lendecke at 2019-09-17T22:49:36+00:00
lib: Use server_id_cmp() in server_id_equal()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e0aa1e09 by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Fix a debug message hickup

Mind the missing space before "(e.g. another...". While there, avoid
casts.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e69c4fae by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Rewrite share_conflict()

It was hard for me to understand share_conflict(), so once I understood
it I thought this version would be easier to follow.  It violates
README.Coding (one argument per line), but grouping the parameters to
mask_conflict makes it clearer to me what belongs together.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
dc7dfb12 by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Avoid passing a share mode entry to share_conflict()

Make the real data dependencies clearer, we don't need a full
share_entry, only its access and sharemode masks

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
55e47ada by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Add share_entry_stale_pid()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
be799acb by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Use share_entry_stale_pid() in share_mode_stale_pid()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
eb99635d by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Add share_mode_forall_entries()

Abstract away the fact that we store the share modes as an array inside
"struct share_mode_data".

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5cbd3e46 by Volker Lendecke at 2019-09-17T22:49:36+00:00
smbd: Use share_mode_forall_entries() in contend_level2_oplocks_begin_default()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f5a6fa40 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() in set_delete_on_close_lck()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
14cc1694 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() in has_other_nonposix_opens_fn()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5b1fd018 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() in has_delete_on_close()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
cb4b20b7 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() for validate_my_share_entries()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fb0b107a by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() in open_mode_check()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
43402851 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() in rename_share_filename()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
18c8b46e by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() in file_has_open_streams()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
aa945899 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() in validate_oplock_types()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
30e62710 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Pass "struct file_id" to get_lease_type()

It does not have to depend on the whole struct share_mode_data.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2a784883 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() in delay_for_oplock()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f82aebe9 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Avoid "share_mode_lock" dependency in rename_lease_fn()

share_mode_forall_leases() will stop passing "lck" soon.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4955481a by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Avoid "share_mode_lock" dependency cleanup_disconnected_lease()

share_mode_forall_leases() will stop passing "lck" soon.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f6931067 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Stop passing "share_mode_lock" via share_mode_forall_leases()

Why? Next commit will make share_mode_forall_leases() use
share_mode_forall_entries(), and that does not necessarily have to
depend on "share_mode_lock". And as we can pass the required
information via "private_data", don't embed the "share_mode_lock"
reference into this lowlevel library routine.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ac119c41 by Volker Lendecke at 2019-09-17T22:49:37+00:00
smbd: Use share_mode_forall_entries() in share_mode_forall_leases()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2185db6c by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Pass pid/share_file_id to find_share_mode_entry()

Avoid the full fsp, this makes the indexing of the share mode array
clearer, and it makes the next commit easier

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b3473efa by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Add reset_share_mode_entry

Mostly for durable reconnect at this point

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2d9bb67d by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Use share_mode_forall_entries() in vfs_default_durable_reconnect()

The durable reconnect mainly has to check that there is one and only one
entry, and it has to reset it with the new values.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c7a9e0e4 by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Use share_mode_forall_leases() in delay_rename_for_lease_break()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8eda954d by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Use share_mode_forall_leases() in lease_match()

We have to break leases referenced from multiple share modes only
once.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6a58f29c by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Use share_mode_forall_leases() in share_mode_cleanup_disconnected()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e4a5a017 by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Use share_mode_forall_entries() in share_entry_forall()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
609143ad by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Remove unused share_mode_stale_pid()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
57098561 by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Avoid duplicate assignments

remove_share_mode_lease() already does this

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ad23d0f4 by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Pass share_mode_lock to remove_share_mode_lease()

Later we'll need "lck" further down

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4d512f40 by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Pass share_mode_lock to remove_lease_if_stale()

We'll want to use share_mode_forall_entries next

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
72a019d4 by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Use share_mode_forall_entries() in remove_lease_if_stale()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5151b6d5 by Volker Lendecke at 2019-09-17T22:49:38+00:00
smbd: Avoid calling remove_stale_share_mode_entries() in open.c

All places that matter explicitly check for staleness. This cleanup
action should only happen before writing the database

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f96aa706 by Volker Lendecke at 2019-09-17T22:49:39+00:00
smbd: Make remove_stale_share_mode_entries() static in share_mode_lock.c

... to the place where the record is stored in the database

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
87e42c73 by Volker Lendecke at 2019-09-17T22:49:39+00:00
smbd: Remove stale share mode entries while walking the array

Previously, we did this only when writing out the locking.tdb
record. That was because we had places where the index of a particular
share mode entry mattered while operating on the array. This is no
longer the case, so we can remove stale entries early.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d3b0ed13 by Volker Lendecke at 2019-09-17T22:49:39+00:00
torture3: Remove cleanup3

This goes directly into the database, for which the format changes

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ded3f91d by Volker Lendecke at 2019-09-17T22:49:39+00:00
lib: Allow a 4th lock order

We will have another tdb soon

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
72ac1764 by Volker Lendecke at 2019-09-17T22:49:39+00:00
smbd: Allow another database between brlock.tdb and leases.tdb

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
15a8af07 by Volker Lendecke at 2019-09-17T22:49:39+00:00
lib: Enable watching and storing dbwrap_watch records.

Samba so far on a dbwrap_watch record either watches or stores a
record, but never both from the same db_record instance acquired from
a dbwrap_fetch_locked(). In one of the next commits this will change,
we will watch a record and at the same time store data into it. This
patch enables a watch_send() followed by a storev() by properly
keeping the watchers around.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9c99675b by Volker Lendecke at 2019-09-17T22:49:39+00:00
smbd: Introduce share_entries.tdb - ADD COMMENT FIXME !!

This moves share_modes[] from "struct share_mode_data" into a separate
share_entries.tdb with a sorted array of fixed-length (132 byte)
"struct share_mode_entry" entries.

I know it's one huge commit, but I did not see a way to keep both data
structures and associated code working together without a lot of code
duplication after having centralized all the code accessing the
share_modes[] array into a few routines.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
86b49078 by Volker Lendecke at 2019-09-17T22:49:39+00:00
smbd: Make "share_mode_flags" 16-bit wide

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ac85ec5e by Volker Lendecke at 2019-09-17T22:49:39+00:00
smbd: Add share mode flags

This will contain a summary of the "most restrictive" share mode and
lease, i.e. intersection of all share_access entries and the union of
all access_mask and leases in the share mode array. This way
open_mode_check in the non-conflicting case will only have to look at
the summary and not walk the share mode array.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fd61e550 by Volker Lendecke at 2019-09-18T00:07:13+00:00
smbd: Don't always walk the share mode array in open_mode_check()

share_mode_data->flags contains the "most restrictive" share mode of
the whole array. This is maintained lazily: Whenever set_share_mode()
is called, d->flags is updated if the new share mode got more
restrictive. It is not updated when a file is closed, as this would
mean we would have to walk the whole array, making sure that the
closed handle was indeed the only most restrictive one. Instead, we
walk the share mode array only when a conflict happens: Then we need
to know "the truth" and recalculate it by walking the share mode
array.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 18 00:07:13 UTC 2019 on sn-devel-184

- - - - -
55b54e72 by Jeremy Allison at 2019-09-18T01:26:06+00:00
s3: VFS: Remove vfs_netatalk. Old, unused and unmaintained.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 18 01:26:06 UTC 2019 on sn-devel-184

- - - - -
d65b17c3 by Bryan Mason at 2019-09-18T12:31:10+00:00
s3:client:Use DEVICE_URI, instead of argv[0],for Device URI

CUPS sanitizes argv[0] by removing username/password, so use
DEVICE_URI environment variable first.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14128

Signed-off-by: Bryan Mason <bmason at redhat.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Sep 18 12:31:11 UTC 2019 on sn-devel-184

- - - - -
8df123e7 by Mathieu Parent at 2019-09-18T18:34:35+00:00
pod2man is no longer needed

Since e24e344d0da58013fd5fa404529fe1d25ef403bf.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14131

Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3263dd32 by Sam Zaydel at 2019-09-18T19:51:11+00:00
Argument to control number of operations -o no longer valid

(This patch, only removing manpage text, submitted by gitlab.com user
Sam Zaydel @szaydel in MR 243 but without a Signed-off-by, so I
(Andrew Bartlett) am adding mine to say I'm happy to say this is a
legitimate and deliberate contribtion.)

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Sep 18 19:51:11 UTC 2019 on sn-devel-184

- - - - -
30849283 by Volker Lendecke at 2019-09-18T20:10:24+00:00
messaging4: Pass fds to messaging handlers

Boiler-plate replacement moving the (num_fds!=0) check down

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
930ec152 by Volker Lendecke at 2019-09-18T20:10:24+00:00
lib: Align integer types

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
23bee5da by Volker Lendecke at 2019-09-18T20:10:24+00:00
lib: Add talloc_full_report_printf()

Print the talloc full report into a FILE*. talloc itself provides a
very similar function, talloc_report_full(). However, that has a
slightly different output, in particular it does not print the
contents of strings, which is very handy for debugging.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
bc4e8b1a by Volker Lendecke at 2019-09-18T21:27:30+00:00
messaging: Do POOL_USAGE via a socket

This makes debugging run-away processes much more efficient and even
possible at all: If the pool-usage output is more than 256MB, the
previous code could not realloc it and threw it away. Also, it is not
helpful for an already huge process to allocate even more.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 18 21:27:30 UTC 2019 on sn-devel-184

- - - - -
d566a4d3 by Andrew Bartlett at 2019-09-19T09:28:21+00:00
replace: Remove crypt() reimplementation

Use of Samba with plaintext authenticaiton is incredibly rare, even more
rare is plaintext authentication on systems without a crypt() call and
where DES based crypt() would be the right thing to do.

Remove this additional cryptographic code per our current efforts
to rely entirely on external libraries instead.

Similar to the arguments in this thread about zlib discussed on
samba-technical here:

https://lists.samba.org/archive/samba-technical/2019-May/133476.html

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Sep 19 09:28:21 UTC 2019 on sn-devel-184

- - - - -
7b6e56b0 by Karolin Seeger at 2019-09-19T12:52:34+00:00
docs: Fix typo in vfs_ceph_snapshots man page.

Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>

- - - - -
094862b8 by Karolin Seeger at 2019-09-19T14:09:44+00:00
s3/vfs_shadow_copy2.c: Fix typo in comment.

Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>

Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Thu Sep 19 14:09:44 UTC 2019 on sn-devel-184

- - - - -
82512034 by Günther Deschner at 2019-09-19T20:48:45+00:00
s3-libads: adapt to coding standards, no code changes

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Sep 19 20:48:45 UTC 2019 on sn-devel-184

- - - - -
d78c87e6 by Günther Deschner at 2019-09-20T01:14:42+00:00
s3-winbindd: fix forest trusts with additional trust attributes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14130

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
7ba90c17 by Günther Deschner at 2019-09-20T01:14:42+00:00
lsa: document new LSA trust attributes

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
a7e49897 by Günther Deschner at 2019-09-20T01:14:42+00:00
misc: fix AD trust attributes in adssearch

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
73b93e1a by Stefan Metzmacher at 2019-09-20T01:14:42+00:00
security.idl: add GUID_DRS_ALLOWED_TO_AUTHENTICATE

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
09de6f06 by Stefan Metzmacher at 2019-09-20T01:14:42+00:00
librpc/idl: change from samr_GroupAttrs in samr.idl to security_GroupAttrs in security.idl

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
c87cf546 by Stefan Metzmacher at 2019-09-20T01:14:42+00:00
security.idl: add SE_GROUP_INTEGRITY[_ENABLED] to security_GroupAttrs

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
0fea2707 by Stefan Metzmacher at 2019-09-20T01:14:43+00:00
netlogon.idl: fix the marshalling of netr_OsVersion for NDR64

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
8f0751b8 by Stefan Metzmacher at 2019-09-20T01:14:43+00:00
netlogon.idl: fix the marshalling of netr_trust_extension_container for NDR64

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
6e47f9ab by Stefan Metzmacher at 2019-09-20T01:14:43+00:00
libcli/auth: add netlogon_creds_cli_LogonGetDomainInfo()

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
742d8ba9 by Günther Deschner at 2019-09-20T01:14:43+00:00
s3-rpcclient: add logongetdomaininfo command

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
fda5b839 by Günther Deschner at 2019-09-20T01:14:43+00:00
torture: add torture_suite_add_ndr_pull_io_test_flags()

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
634ab14f by Günther Deschner at 2019-09-20T01:14:43+00:00
s4-torture: reformat test table in ndr test

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
2d5facc9 by Günther Deschner at 2019-09-20T02:32:44+00:00
s4-torture: add netr_LogonGetDomainInfo NDR(64) tests

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Fri Sep 20 02:32:44 UTC 2019 on sn-devel-184

- - - - -
01b0e5aa by Günther Deschner at 2019-09-20T12:58:49+00:00
spoolss: Add PRINTER_DRIVER_CATEGORY_3D driver define

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Sep 20 12:58:49 UTC 2019 on sn-devel-184

- - - - -
dd0837c9 by Björn Jacke at 2019-09-21T19:33:25+00:00
user.py: import tempfile module only where needed

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2291679e by Björn Jacke at 2019-09-21T19:33:25+00:00
samba_abi.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0141c82e by Björn Jacke at 2019-09-21T19:33:25+00:00
samba_autoconf.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
8b43aabe by Björn Jacke at 2019-09-21T19:33:25+00:00
samba_bundled.py avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
432d9fd2 by Björn Jacke at 2019-09-21T19:33:25+00:00
samba_deps.py avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
89288c7e by Björn Jacke at 2019-09-21T20:50:17+00:00
samba_version.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sat Sep 21 20:50:17 UTC 2019 on sn-devel-184

- - - - -
ec4c5975 by Björn Jacke at 2019-09-23T11:40:36+00:00
fault.c: improve fault_report message text pointing to our wiki

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14139

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
465e518d by Björn Jacke at 2019-09-23T12:58:20+00:00
classicupgrade: fix a a bytes-like object is required, not 'str' error

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14136

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Björn Baumbach <bb at samba.org>

Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Mon Sep 23 12:58:20 UTC 2019 on sn-devel-184

- - - - -
c7e6db97 by Volker Lendecke at 2019-09-23T17:06:24+00:00
smbd: Add an error return END_PROFILE call

All other return; statements in reply_tcon_and_X have this

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Sep 23 17:06:25 UTC 2019 on sn-devel-184

- - - - -
08fea1ce by Martin Schwenke at 2019-09-24T02:27:29+00:00
ctdb-tests: Generalise pattern for matching valgrind memcheck executable

On my laptop this is "memcheck-amd64-linux instead of just "memcheck".

Alternatively, this part of the test could simply be skipped if
$VALGRIND is set.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
ae1e8002 by Martin Schwenke at 2019-09-24T02:27:29+00:00
ctdb-tests: Use local $ctdb_base instead of $CTDB_BASE

The latter might not be defined in a test.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
f331f3f7 by Martin Schwenke at 2019-09-24T02:27:29+00:00
ctdb-tests: Use local_daemons.sh onnode for local daemons tests

With some upcoming changes, the setting of CTDB_BASE becomes
problematic because it will be included unconditionally whereas it is
currently being conveniently and almost accidentally not include in
some contexts.

So, instead of trying to coerce onnode into behaving as desired, have
the local daemons tests use local_daemons.sh onnode directly.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
02edfb0f by Martin Schwenke at 2019-09-24T02:27:29+00:00
ctdb-tests: Rename variable TEST_SUBDIR -> CTDB_TEST_SUITE_DIR

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
e9ce035c by Martin Schwenke at 2019-09-24T02:27:29+00:00
ctdb-tests: Move setting of CTDB_TEST_SUITE_DIR to run_tests.sh

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
cec8f390 by Martin Schwenke at 2019-09-24T02:27:29+00:00
ctdb-tests: Add new variable CTDB_TEST_TMP_DIR

This is a subdirectory of TEST_VAR_DIR that is unique to the current
test suite.  It is recreated for each individual test.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
cbd27c0a by Martin Schwenke at 2019-09-24T02:27:29+00:00
ctdb-tests: Switch cunit unit tests to use CTDB_TEST_TMP_DIR

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
96aa807f by Martin Schwenke at 2019-09-24T02:27:29+00:00
ctdb-tests: Switch eventd unit tests to use CTDB_TEST_TMP_DIR

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
3b16aa20 by Martin Schwenke at 2019-09-24T02:27:30+00:00
ctdb-tests: Switch eventscript unit tests to use CTDB_TEST_TMP_DIR

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
18ecdbfb by Martin Schwenke at 2019-09-24T02:27:30+00:00
ctdb-tests: Switch onnode unit tests to use CTDB_TEST_TMP_DIR

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
1934f673 by Martin Schwenke at 2019-09-24T02:27:30+00:00
ctdb-tests: Switch tool unit tests to use CTDB_TEST_TMP_DIR

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
def92995 by Martin Schwenke at 2019-09-24T02:27:30+00:00
ctdb-tests: Switch takeover helper unit tests to use CTDB_TEST_TMP_DIR

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
263890b3 by Martin Schwenke at 2019-09-24T02:27:30+00:00
ctdb-tests: Switch simple tests to use CTDB_TEST_TMP_DIR

CTDB_TEST_TMP_DIR repaces SIMPLE_TESTS_VAR_DIR.  local.bash no longer
needs to ensure that TEST_VAR_DIR is set, since it longer uses this
variable.  Drop the comment because state has not been maintained
between tests for some time.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
e78c1a0c by Martin Schwenke at 2019-09-24T02:27:30+00:00
ctdb-tests: Use CTDB_TEST_TMP_DIR in integration.bash

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
b8f4f141 by Martin Schwenke at 2019-09-24T03:46:59+00:00
ctdb-tests: Switch TEST_VAR_DIR to a local script variable

This is now local to run_tests.sh.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Sep 24 03:46:59 UTC 2019 on sn-devel-184

- - - - -
4c34a2d7 by Björn Jacke at 2019-09-24T12:22:44+00:00
traffic.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
1825a7f4 by Björn Jacke at 2019-09-24T12:22:44+00:00
kcc_utils.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
ce56d336 by Björn Jacke at 2019-09-24T12:22:44+00:00
gpo.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
d2d8ebcc by Björn Jacke at 2019-09-24T12:22:44+00:00
user.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
cf51f73e by Björn Jacke at 2019-09-24T12:22:44+00:00
schema.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
dd9e0f0a by Björn Jacke at 2019-09-24T12:22:44+00:00
auth_log_winbind.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
32d1c3f8 by Björn Jacke at 2019-09-24T12:22:44+00:00
posixacl.py: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
b3b6b700 by Björn Jacke at 2019-09-24T12:22:44+00:00
s3/wscript: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
5ad629dc by Björn Jacke at 2019-09-24T12:22:45+00:00
wscript: avoid inefficient string concatenations

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
c7fa030a by Björn Jacke at 2019-09-24T12:22:45+00:00
scripting: avoid inefficient string redefinition

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
c9088c6a by Björn Jacke at 2019-09-24T12:22:45+00:00
pfm_verif: string concatenation efficiency cleanup

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

- - - - -
4f5c4df3 by Björn Jacke at 2019-09-24T13:40:21+00:00
wscript_build: string concatenation efficiency cleanup

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>

Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Tue Sep 24 13:40:21 UTC 2019 on sn-devel-184

- - - - -
acbf922f by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
nsswitch: add logging to wbc_auth_error_to_pam_error() for non auth errors

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
db8fd3d6 by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
s4:auth: use the correct client realm in gensec_gssapi_update_internal()

The function gensec_gssapi_client_creds() may call kinit and gets
a TGT for the user. The principal provided by the user may not
be canonicalized. The user may use 'given.last at example.com'
but that may be mapped to glast at AD.EXAMPLE.PRIVATE in the background.

It means we should use client_realm = AD.EXAMPLE.PRIVATE
instead of client_realm = EXAMPLE.COM

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
bc473e5c by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
s3:libads: let kerberos_kinit_password_ext() return the canonicalized principal/realm

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
361fb0ef by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
s3:libsmb: avoid wrong debug message in cli_session_creds_prepare_krb5()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
6ed18c12 by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
s3:libsmb: let cli_session_creds_prepare_krb5() update the canonicalized principal to cli_credentials

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
0bced73b by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
s3:libads/kerberos: always use the canonicalized principal after kinit

We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.

There's no reason to have a different logic between MIT and Heimdal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
5d0bf32e by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
krb5_wrap: smb_krb5_kinit_password_ccache() should always use the canonicalized principal

We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.

There's no reason to have a different logic between MIT and Heimdal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
162b4199 by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
s4:auth: kinit_to_ccache() should always use the canonicalized principal

We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.

There's no reason to have a different logic between MIT and Heimdal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
303b7e59 by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
s3:libads: ads_krb5_chg_password() should always use the canonicalized principal

We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.

There's no reason to have a different logic between MIT and Heimdal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
3bdf0239 by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
krb5_wrap: let smb_krb5_parse_name() accept enterprise principals

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
95206523 by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
docs-xml: add "winbind use krb5 enterprise principals" option

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
a77be15d by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
s3:winbindd: implement the "winbind use krb5 enterprise principals" logic

We can use enterprise principals (e.g. upnfromB at B.EXAMPLE.COM@PRIMARY.A.EXAMPLE.COM)
and delegate the routing decisions to the KDCs.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
cd3ffaab by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
tests/pam_winbind.py: turn pypamtest.PamTestError into a failure

A failure generated by the AssertionError() checks can be added
to selftest/knownfail.d/*.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
653e9048 by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
tests/pam_winbind.py: allow upn names to be used in USERNAME with an empty DOMAIN value

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
3d38a8e9 by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
test_pam_winbind.sh: allow different pam_winbindd config options to be specified

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
72daf99f by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
selftest/tests.py: prepare looping over pam_winbindd tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
36e95e42 by Stefan Metzmacher at 2019-09-24T18:30:37+00:00
selftest/tests.py: test pam_winbind with krb5_auth

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
f07b542c by Stefan Metzmacher at 2019-09-24T18:30:38+00:00
selftest/tests.py: test pam_winbind with a lot of username variations

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
13e3811c by Andreas Schneider at 2019-09-24T18:30:38+00:00
selftest: Export TRUST information in the ad_member target environment

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
ad6f0e05 by Stefan Metzmacher at 2019-09-24T18:30:38+00:00
selftest/tests.py: test pam_winbind for trusts domains

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
e2737a74 by Stefan Metzmacher at 2019-09-24T18:30:38+00:00
selftest/Samba3.pm: use "winbind scan trusted domains = no" for ad_member

This demonstrates that we rely on knowning about trusted domains before
we can do krb5_auth in winbindd.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
0ee085b5 by Stefan Metzmacher at 2019-09-24T19:51:29+00:00
selftest/Samba3.pm: use "winbind use krb5 enterprise principals = yes" for ad_member

This demonstrates that can do krb5_auth in winbindd without knowning about trusted domains.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Tue Sep 24 19:51:29 UTC 2019 on sn-devel-184

- - - - -
929555b7 by Ralph Boehme at 2019-09-24T23:32:31+00:00
vfs_fileid: add extid mapping hooks

For this always ends up calling fileid_extid_mapping_zero(), so no change in
behaviour. This will change in a subsequent commit.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
517ec630 by Ralph Boehme at 2019-09-25T00:48:45+00:00
vfs_fileid: add "fsname_norootdir_ext" option

This can be used to deliberately break lock coherency between all smbd processes
in the whole cluster for the root directory of a share.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Sep 25 00:48:45 UTC 2019 on sn-devel-184

- - - - -
55c6e4bc by Noel Power at 2019-09-25T09:47:31+00:00
s4/libcli/raw: clang: Fix 'Access to field results in a deref of a null ptr

Fixes:

source4/libcli/raw/rawfileinfo.c:301:56: warning: Access to field 'transport' results in a dereference of a null pointer (loaded from variable 'session') <--[clang]
    parms->standard.out.create_time = raw_pull_dos_date2(session->transport,
                                                                         ^
source4/libcli/raw/rawfileinfo.c:314:55: warning: Access to field 'transport' results in a dereference of a null pointer (loaded from variable 'session') <--[clang]
    parms->ea_size.out.create_time = raw_pull_dos_date2(session->transport,

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
a1a448b1 by Noel Power at 2019-09-25T09:47:31+00:00
s4/libcli/raw: clang: Fix 'Dereference of null pointer'

Fixes:

source4/libcli/raw/rawfileinfo.c:597:2: warning: Dereference of null pointer <--[clang]
        SMBCLI_CHECK_WCT(req, 10);
        ^
source4/libcli/raw/rawfileinfo.c:639:2: warning: Dereference of null pointer <--[clang]
        SMBCLI_CHECK_WCT(req, 11);
        ^

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
088a345f by Noel Power at 2019-09-25T09:47:31+00:00
s4/libcli/raw: clang: Fix 'Value stored to 'p' is never read'

Fixes:

source4/libcli/raw/clisession.c:198:4: warning: Value stored to 'p' is never read <--[clang]
                        p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->old.out.domain, p, -1, STR_TERMINATE);
                        ^    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/raw/clisession.c:212:5: warning: Value stored to 'p' is never read <--[clang]
                                p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->nt1.out.domain, p, -1, STR_TERMINATE);
                                ^    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/raw/clisession.c:232:3: warning: Value stored to 'p' is never read <--[clang]
                p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->spnego.out.workgroup, p, -1, STR_TERMINATE);
                ^    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
076216da by Noel Power at 2019-09-25T09:47:31+00:00
s4/libcli/smb2: clang: Fix Passed-by-value arg contains uninitialized data

Fixes:

source4/libcli/smb2/getinfo.c:222:11: warning: Passed-by-value struct argument contains uninitialized data (e.g., field: 'data') <--[clang]
        status = smb_raw_fsinfo_passthru_parse(b.out.blob, mem_ctx, io->generic.level, io);
                 ^
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
ba55c022 by Noel Power at 2019-09-25T09:47:31+00:00
s4/libcli/smb2: clang: Fix 'value stored to 'status' is never read'

Fixes:

source4/libcli/smb2/util.c:134:3: warning: Value stored to 'status' is never read <--[clang]
                status = smb2_util_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL);
                ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/smb2/util.c:187:5: warning: Value stored to 'status' is never read <--[clang]
                                status = smb2_util_setatr(tree, name, FILE_ATTRIBUTE_NORMAL);
                                ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/smb2/util.c:209:3: warning: Value stored to 'status' is never read <--[clang]
                status = smb2_util_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL);
                ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
f755de54 by Noel Power at 2019-09-25T09:47:31+00:00
s4/libcli/clideltree.c: clang: Value stored to 'status' is never read

Fixes:

source4/libcli/clideltree.c:113:3: warning: Value stored to 'status' is never read <--[clang]

status = smbcli_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL, 0);
                ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/clideltree.c:131:3: warning: Value stored to 'status' is never read <--[clang]
                status = smbcli_setatr(dstate.tree, dname, FILE_ATTRIBUTE_NORMAL, 0);
                ^        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
d3371d85 by Noel Power at 2019-09-25T09:47:31+00:00
s3/librpc/crypto: clang: warning: Value stored to 'gss_maj' is never read

Fixes: Value stored to 'gss_maj' is never read

source3/librpc/crypto/gse.c:562:3: warning: Value stored to 'gss_maj' is never read <--[clang]
                gss_maj = gss_release_buffer(&gss_min, &out_data);
                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source3/librpc/crypto/gse.c:687:3: warning: Value stored to 'gss_maj' is never read <--[clang]
                gss_maj = gss_release_buffer(&gss_min, &out_data);
                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source3/librpc/crypto/gse.c:739:3: warning: Value stored to 'gss_maj' is never read <--[clang]
                gss_maj = gss_release_buffer(&gss_min, &msg_min);
                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source3/librpc/crypto/gse.c:742:3: warning: Value stored to 'gss_maj' is never read <--[clang]
                gss_maj = gss_release_buffer(&gss_min, &msg_maj);
                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
40ddcf7b by Noel Power at 2019-09-25T09:47:32+00:00
s3/libads: clang: Fix Array access results in a null pointer dereference

Fixes:

source3/libads/cldap.c:400:6: warning: Array access (from variable 'responses') results in a null pointer dereference <--[clang]
        if (responses[0] == NULL) {
            ^
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
018c93f3 by Noel Power at 2019-09-25T09:47:32+00:00
s3/librpc/crypto: clang: Fixes Value stored to 'ret' is never read

Fixes:

source3/librpc/crypto/gse_krb5.c:63:3: warning: Value stored to 'ret' is never read <--[clang]
                ret = smb_krb5_kt_free_entry(krbctx, &kt_entry);
                ^     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
3bb7ccb4 by Philipp Gesang at 2019-09-25T11:06:04+00:00
s4:scripting: make samba-gpupdate heed --disable-python

Signed-off-by: Philipp Gesang <philipp.gesang at intra2net.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Noel Power<npower at samba.org>

Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Wed Sep 25 11:06:04 UTC 2019 on sn-devel-184

- - - - -
952e1812 by Andreas Schneider at 2019-09-25T15:39:40+00:00
s3:waf: Do not check for nanosleep() as we don't use it anywhere

We use usleep() in the meantime.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
480152dd by Andreas Schneider at 2019-09-25T15:39:40+00:00
replace: Only link against librt if really needed

fdatasync() and clock_gettime() are provided by glibc on Linux, so there
is no need to link against librt. Checks have been added so if there are
platforms which require it are still functional.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
4b28239d by Andreas Schneider at 2019-09-25T15:39:40+00:00
pthreadpool: Only link pthreadpool against librt if we have to

This calls clock_gettime() which is available in glibc on Linux. If the
wscript in libreplace detected that librt is needed for clock_gettime()
we have to link against it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
36e8d715 by Andreas Schneider at 2019-09-25T15:39:40+00:00
third_party: Only link cmocka against librt if really needed

cmocka also uses clock_gettime().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
68d8a02e by Andreas Schneider at 2019-09-25T15:39:40+00:00
third_party: Link nss_wrapper against pthread

nss_wrapper uses pthread_atfork() which is only provided by libpthread.
So we need an explicit dependency.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
bd0cd8e1 by Andreas Schneider at 2019-09-25T15:39:40+00:00
third_party: Link uid_wrapper against pthread

uid_wrapper uses pthread_atfork() which is only provided by libpthread.                                                                                   │····················
So we need an explicit dependency.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
9499db07 by Andreas Schneider at 2019-09-25T15:39:40+00:00
waf:replace: Do not link against libpthread if not necessary

On Linux we should avoid linking everything against libpthread. Symbols
used my most application are provided by glibc and code which deals with
threads has to explicitly link against libpthread.  This avoids setting
LDFLAGS=-pthread globally.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
ab232ca7 by Andreas Schneider at 2019-09-25T16:56:39+00:00
waf: Use waf function to add for -Wl,--as-needed

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Sep 25 16:56:40 UTC 2019 on sn-devel-184

- - - - -
43ed3a6e by Martin Schwenke at 2019-09-26T04:45:36+00:00
ctdb-tests: Move cunit tests to UNIT/ subdirectory

The UNIT subdirectory directory will contain all unit tests.  Use an
uppercase name to avoid conflicts with source code subdirectories.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
330a106a by Martin Schwenke at 2019-09-26T04:45:36+00:00
ctdb-tests: Move eventd tests to UNIT/ subdirectory

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
8ed075d3 by Martin Schwenke at 2019-09-26T04:45:36+00:00
ctdb-tests: Move eventscript tests to UNIT/ subdirectory

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
a3cbb7eb by Martin Schwenke at 2019-09-26T04:45:36+00:00
ctdb-tests: Move onnode tests to UNIT/ subdirectory

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
010c1a85 by Martin Schwenke at 2019-09-26T04:45:36+00:00
ctdb-tests: Move shellcheck tests to UNIT/ subdirectory

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
cf0b87f9 by Martin Schwenke at 2019-09-26T04:45:36+00:00
ctdb-tests: Move takeover tests to UNIT/ subdirectory

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
9585ece0 by Martin Schwenke at 2019-09-26T04:45:36+00:00
ctdb-tests: Move takeover_helper tests to UNIT/ subdirectory

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
1061bdf2 by Martin Schwenke at 2019-09-26T04:45:37+00:00
ctdb-tests: Move tool tests to UNIT/ subdirectory

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
4947fa5f by Martin Schwenke at 2019-09-26T04:45:37+00:00
ctdb-tests: Fold find_and_run_one_test() in to run_tests()

The additional function makes the logic harder to understand.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
75393cab by Martin Schwenke at 2019-09-26T04:45:37+00:00
ctdb-tests: Recurse into directories instead of explicitly looping

run_tests() already has a loop, so use it.

This means collections of test suites can be handled - but explicitly
check valid collection names to avoid running junk.

Add special cases for simple and complex.  These will be removed when
those test suites are moved to collections.  This seems to be the
smallest amount of churn to support bisection.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
4046baad by Martin Schwenke at 2019-09-26T04:45:37+00:00
ctdb-tests: Skip README files in test directories/collections

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
c438e0db by Martin Schwenke at 2019-09-26T04:45:37+00:00
ctdb-tests: Drop custom handling for unit tests

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
384381fb by Martin Schwenke at 2019-09-26T04:45:37+00:00
ctdb-tests: Drop use of array in run_tests()

This doesn't accomplish anything.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
df6800e3 by Martin Schwenke at 2019-09-26T04:45:37+00:00
ctdb-tests: Convert local daemons include file into top-level include

Do the same with the alternative code for real clusters.

Both of these can now be used by other test suites.

Fix some basic shellcheck warnings (e.g. avoid word-splitting by
quoting) while moving code and add the new files to the shellcheck
test.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
65806818 by Martin Schwenke at 2019-09-26T04:45:37+00:00
ctdb-tests: Move complex tests to CLUSTER/ subdirectory

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
8a5c4a60 by Martin Schwenke at 2019-09-26T04:45:37+00:00
ctdb-tests: Move simple tests to INTEGRATION/ subdirectory

Split some tests out into database/ and failover/ subdirectories.
Rename the remaining tests in simple/.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
24f04c1c by Martin Schwenke at 2019-09-26T06:01:33+00:00
ctdb-tests: Update README

Bring this up to date.  Drop descriptions of command-line options
because these tend to bit-rot - refer to "run_tests.sh -h" instead.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Thu Sep 26 06:01:33 UTC 2019 on sn-devel-184

- - - - -
c58692ce by Jeremy Allison at 2019-09-26T17:20:44+00:00
s3: VFS: Add SMB_VFS_UNLINKAT().

Currently identical to SMB_VFS_UNLINK().

Next, add to all VFS modules that implement
unlink and eventually remove unlink.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2c90d2b4 by Jeremy Allison at 2019-09-26T17:20:44+00:00
s3: VFS: vfs_acl_tdb. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2a7e472e by Jeremy Allison at 2019-09-26T17:20:44+00:00
s3: VFS: vfs_acl_xattr. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
19c8cfa2 by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_posix_eadb. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
95197108 by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_xattr_tdb. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4794e8db by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_cap. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f372f2f5 by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_catia. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
797f24fd by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_ceph. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
34d7b18c by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_ceph_snapshots. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
0c16e77a by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_extd_audit. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2a4eb078 by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_fruit. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6c28a774 by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_full_audit. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1ee6c9d8 by Jeremy Allison at 2019-09-26T17:20:45+00:00
s3: VFS: vfs_glusterfs. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8c43f617 by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_media_harmony. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8d9ff50f by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_recycle. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1f8bdb39 by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_recycle: Wrap recycle_unlink() into a call to recycle_unlink_internal().

Allows UNLINKAT parameters to be passed.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6f0cc51b by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_recycle: Change recycle_unlink_internal() to call UNLINKAT()..

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
43b9d9ad by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_shadow_copy2. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
62f92f8b by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_snapper. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c81932fd by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_streams_depot. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7b2fda05 by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_streams_depot. Wrap Convert streams_depot_unlink() -> streams_depot_unlink_internal() so we can add parameters.

Make streams_depot_unlink() a wrapper calling the internal version.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e73caaed by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_streams_depot: Change streams_depot_unlink_internal() to call UNLINKAT().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d7e763ef by Jeremy Allison at 2019-09-26T17:20:46+00:00
s3: VFS: vfs_streams_xattr. Implement unlinkat().

Note this isn't identical to unlink() as
this must cope with (flags & AT_REMOVEDIR),
which is identical to rmdir(). It calls
either unlink or rmdir depending on the
flags parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
0b3b83c1 by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_streams_xattr. Wrap Convert streams_xattr_unlink() -> streams_xattr_unlink_internal() so we can add parameters.

Make streams_xattr_unlink() a wrapper calling the internal version.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d69a9ba7 by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_streams_xattr: Convert streams_xattr_unlink_internal() to use UNLINKAT.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
83e0cf6d by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_syncops. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b355a956 by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_time_audit. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
70f5cbc5 by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_unityed_media. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1023ec61 by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_virusfilter. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
488c6567 by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_audit. Implement unlinkat().

This is identical to unlink(), as there
are no special cases needed for rmdir().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
88249762 by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_posix_eadb: Wrap posix_eadb_unlink() into a call to posix_eadb_unlink_internal().

Allows UNLINKAT parameters to be passed. Change posix_eadb_unlink_internal()
to call UNLINKAT instead of UNLINK.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
96aeaed8 by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_virusfilter: Change UNLINK -> UNLINKAT in infected_file_action_delete()

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6ef40bdb by Jeremy Allison at 2019-09-26T17:20:47+00:00
s3: VFS: vfs_acl_xattr: Don't call unlink_acl_common() directly.

Use a wrapper function so we can change the parameters.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
63d81404 by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: VFS: vfs_acl_common: Add dirfsp, flags parameters to unlink_acl_common().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f8bdf5db by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: VFS: vfs_acl_common: Convert unlink_acl_common(), acl_common_remove_object() to UNLINKAT.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
244c3820 by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: cmd_vfs: Change cmd_pathfunc() to call SMB_VFS_UNLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
66d86efb by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: smbd: Change create_msdfs_link() to call SMB_VFS_UNLINKAT().

Use conn->cwd_fsp as current fsp. Rework to modern standards.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3d6a8d9a by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: smbd: Change remove_msdfs_link() to call SMB_VFS_UNLINKAT().

Use conn->cwd_fsp as current fsp. Rework to modern standards.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
56b355d0 by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: pysmbd: Change py_smbd_unlink() to call SMB_VFS_UNLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
24516e78 by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: smbd: Change smb_set_file_unix_basic() to call SMB_VFS_UNLINKAT() in 3 places.

Use conn->cwd_fsp as current fsp. This is horrible code and must
be removed.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7f7ad9bb by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: smbd: Change delete_all_streams() to call SMB_VFS_UNLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f8cff71e by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: smbd: Change close_remove_share_mode() to call SMB_VFS_UNLINKAT().

Use conn->cwd_fsp as current fsp. Rework to modern standards.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2adc0e0f by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: smbd: Change recursive_rmdir() to call SMB_VFS_UNLINKAT().

Use conn->cwd_fsp as current fsp. Rework to modern standards.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3bf8181f by Jeremy Allison at 2019-09-26T17:20:48+00:00
s3: smbd: Change rmdir_internals() to call SMB_VFS_UNLINKAT() in 2 places..

Use conn->cwd_fsp as current fsp. Rework to modern standards.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1e6a8a30 by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit. Wrap Convert fruit_unlink() -> fruit_unlink_internal() so we can add parameters.

Make fruit_unlink() a wrapper calling the internal version.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
762b9574 by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit. Add files_struct *dirfsp to fruit_unlink_internal() so we can call UNLINKAT.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
41a740f2 by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit. Change fruit_unlink_internal() to call UNLNKAT.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
96842316 by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit: Wrap fruit_rmdir() so we can add parameters.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
92d8b3b8 by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit: Add dirfsp files_struct pointer parameter to fruit_rmdir_internal().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
cb5e5237 by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit: Convert fruit_rmdir_internal() to UNLINKAT().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7f49bb9f by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit. Add files_struct *dirfsp parameter to fruit_unlink_meta().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
04ea1232 by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit. Add struct files_struct *dirfsp parameter to fruit_unlink_meta_stream() and convert to UNLINKAT.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e79ff5dc by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit. Add files_struct *dirfsp parameter to fruit_unlink_rsrc().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3b1d9755 by Jeremy Allison at 2019-09-26T17:20:49+00:00
s3: VFS: vfs_fruit. Add struct files_struct *dirfsp parameter to fruit_unlink_rsrc_stream() and convert to UNLINKAT.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
be586203 by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: VFS: vfs_fruit. Add struct files_struct *dirfsp parameter to fruit_unlink_rsrc_adouble() and convert to UNLINKAT.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a3bd4521 by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: VFS: vfs_fruit. Change fruit_pread_meta_stream() to use UNLINKAT().

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6a55e676 by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: VFS: vfs_fruit. Change delete_invalid_meta_stream() to use UNLINKAT()..

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7691ce3a by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: lib: adouble: Add struct files_struct *dirfsp parameter to ad_convert().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
05356562 by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: lib: adouble: Add dirfsp to ad_convert_delete_adfile(). Use UNLINKAT instead of UNLINK.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1e511284 by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: VFS: vfs_audit: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d4c4c688 by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: VFS: vfs_cap: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
257137ee by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: VFS: vfs_catia: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
84255a99 by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: VFS: vfs_ceph_snapshots: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6f9ede8a by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: VFS: vfs_extd_audit: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
64854db8 by Jeremy Allison at 2019-09-26T17:20:50+00:00
s3: VFS: vfs_media_harmony: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
74ec7c80 by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_shadow_copy2: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
eacfeac6 by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_snapper: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
fc29eb2b by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_streams_xattr: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b2f1b3d9 by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_time_audit: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
36f4d0f7 by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_virusfilter: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3bc8527c by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_xattr_tdb: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7c814ef4 by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_unityed_media: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
55df30d5 by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_recycle: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4dc8c378 by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_fruit: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6f68049f by Jeremy Allison at 2019-09-26T17:20:51+00:00
s3: VFS: vfs_syncops: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
314358b2 by Jeremy Allison at 2019-09-26T17:20:52+00:00
s3: VFS: vfs_streams_depot: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f856d6f4 by Jeremy Allison at 2019-09-26T17:20:52+00:00
s3: VFS: vfs_glusterfs: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
467251cc by Jeremy Allison at 2019-09-26T17:20:52+00:00
s3: VFS: vfs_ceph: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6f9b6a78 by Jeremy Allison at 2019-09-26T17:20:52+00:00
s3: VFS: vfs_posix_eadb: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7222d63d by Jeremy Allison at 2019-09-26T17:20:52+00:00
s3: VFS: vfs_acl_xattr: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
eeec2b80 by Jeremy Allison at 2019-09-26T17:20:52+00:00
s3: VFS: vfs_acl_tdb: Remove unlink_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f7f09377 by Jeremy Allison at 2019-09-26T17:20:52+00:00
s3: VFS: vfs_full_audit: Remove unlink_fn. No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the unlink_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1ec03039 by Jeremy Allison at 2019-09-26T18:40:53+00:00
s3: VFS: Complete the replacement of SMB_VFS_UNLINK() -> SMB_VFS_UNLINKAT().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Sep 26 18:40:53 UTC 2019 on sn-devel-184

- - - - -
86a0e485 by Günther Deschner at 2019-09-26T18:41:26+00:00
librpc/ndr: add ndr_print_netlogon_samlogon_response()

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fd20153e by Günther Deschner at 2019-09-26T18:41:26+00:00
s4-torture: dump ndr packet in ndr tests with high log level

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5550367e by Günther Deschner at 2019-09-26T18:41:26+00:00
s4-torture: remove duplicate NDR_PRINT

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
60551343 by Noel Power at 2019-09-26T18:41:26+00:00
s3/groupdb: clang: Fix 'Value stored during its initialization is never read'

Fixes:

ource3/groupdb/mapping.c:648:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
368d0cec by Noel Power at 2019-09-26T18:41:26+00:00
s3/groupdb: clang: 'Value stored during its initialization is never read'

Fixes:

source3/groupdb/mapping_tdb.c:460:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6831b6ba by Noel Power at 2019-09-26T18:41:26+00:00
s3/rpc_client: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/rpc_client/cli_pipe.c:397:11: warning: Value stored to 'ret' during its initialization is never read <--[clang]
        NTSTATUS ret = NT_STATUS_OK;
                 ^~~   ~~~~~~~~~~~~

source3/rpc_client/cli_pipe.c:1234:11: warning: Value stored to 'ret' during its initialization is never read <--[clang]
        NTSTATUS ret = NT_STATUS_OK;
                 ^~~   ~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c534b05c by Noel Power at 2019-09-26T18:41:26+00:00
s4/winbind: clang: Fixes 'Value stored during its initialization is never read'

Fixes:

source4/winbind/idmap.c:214:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_NONE_MAPPED;

source4/winbind/idmap.c:397:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_NONE_MAPPED;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
752f5b63 by Noel Power at 2019-09-26T18:41:26+00:00
s3/passdb: clang: Fix 'Value stored during its initialization is never read'

Fixes:

source3/passdb/pdb_util.c:41:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2d47067c by Noel Power at 2019-09-26T18:41:26+00:00
s3/passdb: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/passdb/pdb_tdb.c:718:18: warning: Value stored to 'nt_status' during its initialization is never read <--[clang]
        NTSTATUS        nt_status = NT_STATUS_UNSUCCESSFUL;
                        ^~~~~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
299eff4a by Noel Power at 2019-09-26T18:41:26+00:00
s3/passdb: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/passdb/pdb_interface.c:65:34: warning: Value stored to 'entry' during its initialization is never read <--[clang]
        struct pdb_init_function_entry *entry = backends;
                                        ^~~~~   ~~~~~~~~

/source3/passdb/pdb_interface.c:140:11: warning: Value stored to 'nt_status' during its initialization is never read <--[clang]
        NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
38aafe0d by Noel Power at 2019-09-26T18:41:27+00:00
s3/passdb: clang: Fix 'Value stored during its initialization is never read'

Fixes:

source3/passdb/lookup_sid.c:836:11: warning: Value stored to 'result' during its initialization is never read <--[clang]
        NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ae2e9ce5 by Noel Power at 2019-09-26T18:41:27+00:00
s3/rpc_client: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/rpc_client/cli_lsarpc.c:182:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b08ec190 by Noel Power at 2019-09-26T18:41:27+00:00
s3/rpc_client: clang: 'Value stored during its initialization is never read'

Fixes:

source3/rpc_client/util_netlogon.c:71:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~

source3/rpc_client/util_netlogon.c:199:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fba666cf by Noel Power at 2019-09-26T18:41:27+00:00
s3/passed: clang: Fix 'Value stored during its initialization is never read'

Fixes:

source3/passdb/passdb.c:2502:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_INTERNAL_ERROR;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
35e0122e by Noel Power at 2019-09-26T18:41:27+00:00
s3/libads: clang: Fix 'Value stored to 'nt_status' is never read'

Fixes:

source3/libads/sasl.c:219:2: warning: Value stored to 'nt_status' is never read <--[clang]
        nt_status = NT_STATUS_MORE_PROCESSING_REQUIRED;
        ^           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
eb3ba3ee by Noel Power at 2019-09-26T18:41:27+00:00
s3/libads: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/libads/ldap_utils.c:52:13: warning: Value stored to 'status' during its initialization is never read <--[clang]
        ADS_STATUS status = ADS_SUCCESS;
                   ^~~~~~   ~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
50ff6c96 by Noel Power at 2019-09-26T18:41:27+00:00
s3/libsmb: clang: Fix 'Value stored during its initialization is never read'

Fixes:

source3/libsmb/dsgetdcname.c:1012:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

source3/libsmb/dsgetdcname.c:1099:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9759e96f by Noel Power at 2019-09-26T18:41:27+00:00
s3/auth: clang: Fix 'Value stored during its initialization is never read'

Fixes:

source3/auth/auth_util.c:283:11: warning: Value stored to 'ret' during its initialization is never read <--[clang]
        NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
                 ^~~   ~~~~~~~~~~~~~~~~~~~~~~
source3/auth/auth_util.c:2005:11: warning: Value stored to 'nt_status' during its initialization is never read <--[clang]
        NTSTATUS nt_status = NT_STATUS_OK;
                 ^~~~~~~~~   ~~~~~~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8ea0835a by Noel Power at 2019-09-26T18:41:27+00:00
s3/auth: clang: Fix 'Value stored during its initialization is never read'

Fixes:

source3/auth/auth.c:38:35: warning: Value stored to 'entry' during its initialization is never read <--[clang]
        struct auth_init_function_entry *entry = auth_backends;
                                         ^~~~~   ~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
25c92111 by Noel Power at 2019-09-26T18:41:27+00:00
s3/lib/netapi: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/lib/netapi/group.c:1383:11: warning: Value stored to '
status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
samba/source3/lib/netapi/group.c:1521:11: warning: Value stored to '
status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
samba/source3/lib/netapi/group.c:1718:11: warning: Value stored to '
status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
3 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a3b9986f by Noel Power at 2019-09-26T18:41:27+00:00
s3/lib/netapi: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/lib/netapi/getdc.c:173:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
32d487d0 by Noel Power at 2019-09-26T18:41:27+00:00
s3/libads: clang: Fix 'Value stored during its initialization is never read'

Fixes:

source3/libads/ldap.c:370:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
source3/libads/ldap.c:417:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
source3/libads/ldap.c:1783:13: warning: Value stored to 'ret' during its initialization is never read <--[clang]
        ADS_STATUS ret = ADS_ERROR(LDAP_SUCCESS);
                   ^~~   ~~~~~~~~~~~~~~~~~~~~~~~
source3/libads/ldap.c:1862:13: warning: Value stored to 'ret' during its initialization is never read <--[clang]
        ADS_STATUS ret = ADS_ERROR(LDAP_SUCCESS);
                   ^~~   ~~~~~~~~~~~~~~~~~~~~~~~
4 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
58400d6e by Noel Power at 2019-09-26T18:41:27+00:00
lib/talloc: clang: Fix 'Value stored during its initialization is never read'

Fixes:

ib/talloc/pytalloc_util.c:245:8: warning: Value stored to 'type_obj' during its initialization is never read <--[clang]
        void *type_obj = talloc_check_name(ptr, type_name);
              ^~~~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9c16d8fb by Noel Power at 2019-09-26T18:41:27+00:00
s3/rpc_client: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/rpc_client/cli_winreg.c:728:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
/source3/rpc_client/cli_winreg.c:897:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6ae0fd5a by Noel Power at 2019-09-26T18:41:28+00:00
s3/lib/netapi: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/lib/netapi/user.c:1290:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
source3/lib/netapi/user.c:1610:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~

source3/lib/netapi/user.c:2990:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
source3/lib/netapi/user.c:3184:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~
source3/lib/netapi/user.c:3522:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_OK;
                 ^~~~~~   ~~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
388f2804 by Noel Power at 2019-09-26T18:41:28+00:00
s3/passdb: clang: Fix warning: Value stored to 'acct_ctrl' is never read

Fixes:

source3/passdb/pdb_ldap.c:922:3: warning: Value stored to 'acct_ctrl' is never read <--[clang]
                acct_ctrl |= ACB_NORMAL;
                ^            ~~~~~~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2138bd93 by Noel Power at 2019-09-26T18:41:28+00:00
s3/libsmb: clang: value stored to 'idx_current' is never read

Fixes:

source3/libsmb/trusts_util.c:602:2: warning: Value stored to 'idx_current' is never read <--[clang]
        idx_current = idx;
        ^             ~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1ca110b5 by Noel Power at 2019-09-26T18:41:28+00:00
s3/passdb: clang: Value stored to 'c' is never read

source3/passdb/pdb_smbpasswd.c:405:4: warning: Value stored to 'c' is never read <--[clang]
                        c = '\0';
                        ^   ~~~~
/home/samba/samba/source3/passdb/pdb_smbpasswd.c:809:4: warning: Value stored to 'c' is never read <--[clang]
                        c = '\0';
                        ^   ~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
18e2d6b0 by Noel Power at 2019-09-26T19:59:24+00:00
s3/libsmb: clang: Fix 'warning: Value stored to 'p' is never read'

Fixes:

source3/libsmb/cliconnect.c:649:2: warning: Value stored to 'p' is never read <--[clang]
        p += ret;
        ^    ~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Sep 26 19:59:24 UTC 2019 on sn-devel-184

- - - - -
485874d6 by Christof Schmitt at 2019-09-27T16:07:40+00:00
selftest: Test ID_TYPE_BOTH with idmap_rid module

ID_TYPE_BOTH means that each user and group has two mappings, a uid and
gid. In addition the calls to getpwent, getpwuid, getgrent and getgrgid
always return some information, so that uid and gid can be mapped to a
name. Establish a test to verify that the expected information is
returned.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14141

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
63c9147f by Michael Adam at 2019-09-27T17:25:29+00:00
winbind: provide passwd struct for group sid with ID_TYPE_BOTH mapping (again)

https://git.samba.org/?p=samba.git;a=commitdiff;h=394622ef8c916cf361f8596dba4664dc8d6bfc9e
originally introduced the above feature.

This functionality was undone as part of "winbind: Restructure get_pwsid"
https://git.samba.org/?p=samba.git;a=commitdiff;h=bce19a6efe11980933531f0349c8f5212419366a
I think that this semantic change was accidential.

This patch undoes the semantic change and re-establishes the
functionality.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14141

Signed-off-by: Michael Adam <obnox at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Fri Sep 27 17:25:29 UTC 2019 on sn-devel-184

- - - - -
ee630047 by Noel Power at 2019-09-30T23:12:41+00:00
s3/libsmb: clang: Fix 'Value stored during its initialization is never read'

Fixes:

source3/libsmb/cliconnect.c:1877:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
        NTSTATUS status = NT_STATUS_NO_MEMORY;

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
84fae0ed by Noel Power at 2019-10-01T00:28:44+00:00
s3: passdb: ret doesn't seem to be needed at all

I was looking at the wrong hunk when examining this, ret seems redundant
and the existing status can cover things

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Oct  1 00:28:44 UTC 2019 on sn-devel-184

- - - - -
43220241 by Ralph Boehme at 2019-10-02T08:01:39+00:00
torture:smb2: extend test for File-IDs

This now hopefully covers most possible combinations of creating and opening
files plus, checking the file's File-ID after every operation.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
300b4744 by Ralph Boehme at 2019-10-02T08:01:39+00:00
torture:smb2: add a File-ID test on directories

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e1dfaa2b by Ralph Boehme at 2019-10-02T08:01:39+00:00
s3:smbd: change the place where we call dos_mode() when processing SMB2_CREATE

This is needed for ordinary file or directory opens so the QFID create context
response gets the correct File-ID value via dos_mode() from the DOS attributes
xattr.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
49a754b8 by Ralph Boehme at 2019-10-02T08:01:39+00:00
s3:smbd: when storing DOS attribute call dos_mode() beforehand

This is required to ensure File-ID info is populated with the correct on-disk
value, before calling file_set_dosmode() which will update the on-disk value.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d7dc8599 by Ralph Boehme at 2019-10-02T08:01:39+00:00
s3:lib: rework a return expression into an if block

Needed to add additional stuff after the if block in the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6c1647ca by Ralph Boehme at 2019-10-02T08:01:39+00:00
s3:lib: assert stream_name is NULL for POSIX paths

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f9fdb8a2 by Ralph Boehme at 2019-10-02T08:01:39+00:00
s3:lib: factor out stream name asserts to helper function

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2584b4cd by Ralph Boehme at 2019-10-02T08:01:39+00:00
s3:lib: expand a comment with the function doc for is_ntfs_stream_smb_fname

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3f8bc1ce by Ralph Boehme at 2019-10-02T08:01:39+00:00
s3:lib: implement logic directly in is_ntfs_default_stream_smb_fname()

This allows changing the semantics of is_ntfs_stream_smb_fname() in the next
commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
780a8dcb by Ralph Boehme at 2019-10-02T08:01:39+00:00
s3:lib: use strequal_m() in is_ntfs_default_stream_smb_fname()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
091e3fda by Ralph Boehme at 2019-10-02T08:01:40+00:00
s3:lib: add is_named_stream()

Add a new utility functions that checks whether a struct smb_filename points to
a real named stream, excluding the default stream "::$DATA".

  foo           -> false
  foo::$DATA    -> false
  foo:bar       -> true
  foo:bar:$DATA -> true

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
90a14c90 by Ralph Boehme at 2019-10-02T08:01:40+00:00
s3:smbd: ensure a created stream picks up the File-ID from the basefile

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c190f3ef by Ralph Boehme at 2019-10-02T08:01:40+00:00
s3:smbd: add a comment explaining the File-ID semantics when a file is created

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4b2e44a6 by Ralph Boehme at 2019-10-02T08:01:40+00:00
vfs_default: use is_named_stream() for stream check

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
993d327f by Ralph Boehme at 2019-10-02T08:01:40+00:00
s3:smbd: use is_named_stream() in a a few places

This simplifies (and corrects) things in the VFS as there the caller is only
interested in whether a name is pointing to a real named stream most of the times.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f21af2ac by Volker Lendecke at 2019-10-02T08:01:40+00:00
lib: Remove some unneeded #includes from tftw.c

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b66b8a74 by Volker Lendecke at 2019-10-02T08:01:40+00:00
lib: Fix CID 1453985: Null pointer dereferences (FORWARD_NULL)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
34a35ac1 by Volker Lendecke at 2019-10-02T08:01:40+00:00
smbd: Fix CID 1453984: Null pointer dereferences (REVERSE_INULL)

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5d8493f5 by Volker Lendecke at 2019-10-02T08:01:40+00:00
rpc_client: Don't pass a NULL string to talloc_asprintf

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
9dc2cd86 by Volker Lendecke at 2019-10-02T08:01:40+00:00
lib: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e3e5894b by Volker Lendecke at 2019-10-02T08:01:40+00:00
torture: Fix a comment

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
86672659 by Volker Lendecke at 2019-10-02T08:01:40+00:00
epmapper: Fix printf specifiers

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
88f8edf6 by Volker Lendecke at 2019-10-02T08:01:41+00:00
dbwrap_watch: Slightly simplify dbwrap_watched_fetch_locked()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
491b71f2 by Volker Lendecke at 2019-10-02T08:01:41+00:00
dbwrap_watch: Move reallocating watchers to dbwrap_watched_watch_send()

Before 15a8af075a2 we did not have a separately allocated watchers
array and dbwrap_watched_save() could play (too) smart tricks with
dbwrap_record_storev(). Now that we always have watchers talloc'ed, we
can remove those smart tricks from dbwrap_watched_save() in the next
commit.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
64da66a7 by Volker Lendecke at 2019-10-02T08:01:41+00:00
dbwrap_watch: Remove "addwatch" handling from dbwrap_watched_save()

This has been moved to dbwrap_watched_watch_send()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
32d6cc84 by Volker Lendecke at 2019-10-02T08:01:41+00:00
dbwrap_watch: Don't alert ourselves, fix raw.oplock.batch26 race

This fixes the following flaky test:

UNEXPECTED(failure): samba3.raw.oplock.batch26(nt4_dc)
REASON: Exception: Exception: (../../source4/torture/raw/oplock.c:3718): wrong value for break_info.count got 0x2 - should be 0x1

You can reproduce it with two small msleeps, which means it's a race
condition:

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 20b5a3e294c..126c7fc021d 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -1917,6 +1917,14 @@ NTSTATUS send_break_message(struct messaging_context *msg_ctx,
 	DATA_BLOB blob;
 	NTSTATUS status;

+	{
+		static bool sent = false;
+		if (sent) {
+			smb_msleep(500);
+		}
+		sent = true;
+	}
+
 	if (DEBUGLVL(10)) {
 		struct server_id_buf buf;
 		DBG_DEBUG("Sending break message to %s\n",
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index b3da84b1269..d9c4dbb9487 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -858,6 +858,8 @@ static void process_oplock_break_message(struct messaging_context *msg_ctx,
 	uint16_t break_to;
 	bool break_needed = true;

+	smb_msleep(100);
+
 	msg = talloc(talloc_tos(), struct oplock_break_message);
 	if (msg == NULL) {
 		DBG_WARNING("talloc failed\n");

15a8af075a2 introduced a bug where we immediately wake up ourselves
after doing a watch_send, leading to two inter-smbd oplock break
messages for this case. In theory, this should not matter, as in the
oplock break handler in the destination smbd we check

(fsp->sent_oplock_break != NO_BREAK_SENT)

so that the break does not get sent twice. However, with the above two
sleeps the oplock holding client could send out its oplock downgrade
while the second inter-smbd break messages was on its way.

The real fix would be to note in the share mode array that the
inter-smbd message has already been sent, but as other users of
dbwrap_watched_watch_send might also be affected by this bug, this fix
should be sufficient to get rid of this flaky test.

Unfortunately, dbwrap_watch.c is now pretty complex and needs some
serious refactoring to become understandable again. But that's
something for another day, sorry.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5642f288 by Jeremy Allison at 2019-10-02T08:01:41+00:00
s3: torture: Add MS-FSA style terminating '/' and '\\' test - SMB2-PATH-SLASH.

[MS-FSA] 2.1.5.1 Server Requests an Open of a File.

Checks how to behave on both files and directories.

Tested against Windows 10 server - passes. Currently smbd fails this.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
398cb8a5 by Jeremy Allison at 2019-10-02T09:31:40+00:00
s3: smbd: Fix the SMB2 server to pass SMB2-PATH-SLASH.

[MS-FSA] 2.1.5.1 Server Requests an Open of a File

Windows pathname specific processing.

Always disallow trailing /, and also \\ on FILE_NON_DIRECTORY_FILE.

We need to check this before the generic pathname parser
as the generic pathname parser removes any trailing '/' and '\\'.

Currently this is SMB2 only, but we could also add this
check to the SMB1 NTCreateX calls if ultimately neded.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Oct  2 09:31:40 UTC 2019 on sn-devel-184

- - - - -
8ca4fe65 by Volker Lendecke at 2019-10-03T16:39:31+00:00
rpclient: Remove cmd_test

I can't even properly find why this went in. It's the only user of the
global rpcclient_cli_state, which can go if we remove this.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f74442b4 by Volker Lendecke at 2019-10-03T16:39:31+00:00
rpcclient: Remove rpcclient_cli_state

An unneeded global

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3cac5c1b by Volker Lendecke at 2019-10-03T16:39:31+00:00
rpcclient: Move rpccli_try_samr_connects() to cmd_samr.c

That's the only user, make it static to cmd_samr.c

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
dd108a17 by Volker Lendecke at 2019-10-03T16:39:31+00:00
rpcclient: Fix a comment

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
cb0b54d9 by Volker Lendecke at 2019-10-03T16:39:31+00:00
rpcclient: Make cmd_samr.c independent of global domain_sid

Pure SAMR allows us to figure out the domain sid, we don't need LSA
for this.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8a094672 by Volker Lendecke at 2019-10-03T16:39:31+00:00
rpcclient: Remove domain sid check

The samr calls can take care of this on their own

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fe412380 by Volker Lendecke at 2019-10-03T17:59:13+00:00
rpcclient: Remove unused global domain sid

For the auth_log tests using rpcclient this means one message less

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct  3 17:59:13 UTC 2019 on sn-devel-184

- - - - -
33f1c9d9 by Amitay Isaacs at 2019-10-04T05:47:34+00:00
ctdb-vacuum: Process all records not deleted on a remote node

This currently skips the last record.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14147
RN: Avoid potential data loss during recovery after vacuuming error

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
a8c4e7d1 by Martin Schwenke at 2019-10-04T05:47:35+00:00
ctdb-protocol: Initialise request->rdata.opcode where missing

Otherwise it is uninitialised, so...

==22889== Conditional jump or move depends on uninitialised value(s)
==22889==    at 0x12257B: ctdb_req_control_data_len (protocol_control.c:39)
==22889==    by 0x1228E9: ctdb_req_control_len (protocol_control.c:1786)
==22889==    by 0x12A51C: ctdb_client_control_send (client_control.c:101)
==22889==    by 0x138BE1: ctdb_tunnel_setup_send (client_tunnel.c:100)
==22889==    by 0x10EE4F: tunnel_test_send (tunnel_test.c:135)
==22889==    by 0x10EE4F: main (tunnel_test.c:463)

and similar.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
815ae644 by Martin Schwenke at 2019-10-04T05:47:35+00:00
ctdb-vacuum: Drop debug level of repacking message to NOTICE

This occurs rarely but can adversely impact performance, so it is
worth logging it more frequently.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
2c54f6df by Martin Schwenke at 2019-10-04T07:07:21+00:00
ctdb-common: Mark VacuumLimit tunable as obsolete

Use of this tunable was dropped over 5 years ago in commit
16837bc309aa9a86fc21d7f59a8fce0b947428a3.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Oct  4 07:07:21 UTC 2019 on sn-devel-184

- - - - -
65ca431c by Martin Schwenke at 2019-10-04T09:41:27+00:00
ctdb-tests: Add functions for terminating tests on failure, skip, error

This allows standard exit codes for failed and skipped tests, and test
errors.

Skipped tests currently just succeed and a test error is the same as a
failure.  These can be easily changed later when run_tests.sh is ready
to handle them.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
59055f4d by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Add function ctdb_test_on_cluster()

This centralises this logic.  Use it in a subset of tests - there are
other cases but these will be cleaned up soon.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
5ad356c2 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Add function ctdb_test_skip_on_cluster()

Use it in relevant tests.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
653b3576 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Add cluster.bash include file

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
38138b42 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Update preamble for CLUSTER tests

The main change is to source cluster.bash instead of integration.bash.

While touching the preamble, the following additional changes are also
made:

* Drop test_info() definition and replace it with a comment

  The use of test_info() is pointless.

* Drop call to ctdb_test_check_real_cluster()

  cluster.bash now does this.

* Drop call to cluster_is_healthy()

  This is a holdover from when the previous test would restart daemons
  to get things ready for a test.  There was also a bug where going
  into recovery during the restart would sometimes cause the cluster
  to become unhealthy.  If we really need something like this then we
  can add it to ctdb_test_init().

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
e494eb3e by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Drop unused function ctdb_test_check_real_cluster()

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
38b838b5 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: try_command_on_node() should return status of command

There is no point folding this down to 1.  Tests should be able to see
the original value, if required.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
0ec83f32 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Add new test functions for running commands on nodes

* ctdb_onnode()
* testprog_onnode()
* function_onnode()

These encapsulate familiar patterns found when running
try_command_on_node().  The new function names are more concise and
encourage more readable tests.  Test writers can do less thinking
about the subtleties of running different types of commands on nodes.
For example, these functions ensure that $CTDB and $VALGRIND are used
in the correct contexts.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
dc8ddbb0 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Switch TEST_CLEANUP and TEST_TIMEOUT to script variables

These are not used outside this script so they do not need to be
environment variables.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
e7e6f406 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Simplify ctdb_test_run()

Only the test file name is ever passed.

Reindent while touching many existing lines.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
47c9b792 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Move use of show_progress() into ctdb_test_run()

This allows more variables to be set in this function because they are
no longer in a sub-shell.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
55dd0f04 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Move test status interpretation to ctdb_test_run()

It makes sense to do this in one place in case other headers/footers
are added.

Simplify ctdb_test_end() accordingly, reindenting because nearly all
lines are modified.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
473a6fed by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Add a special failure code when a test error occurs

Use it when a test is not executable.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
23982477 by Martin Schwenke at 2019-10-04T09:41:28+00:00
ctdb-tests: Add handling for skipped tests

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
435d903a by Martin Schwenke at 2019-10-04T09:41:29+00:00
ctdb-tests: Move test duration calculation to ctdb_test_run()

It makes sense to do this in one place in case other headers/footers
are added.

Reindent ctdb_test_begin() while touching this function.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
0bddee8d by Martin Schwenke at 2019-10-04T10:58:10+00:00
ctdb-tests: Rename functions to test_header() and test_footer()

That's all they do now.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Oct  4 10:58:10 UTC 2019 on sn-devel-184

- - - - -
bcbadeb8 by Volker Lendecke at 2019-10-04T17:01:39+00:00
ntvfs: Remove pvfs_aio.c

This uses the Linux libaio that does not meet Samba's needs. If
someone wanted to add async I/O to ntvfs, the io_uring API is the way
to go. Second option would be to use a pthreads-based API.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4b62c4f7 by Volker Lendecke at 2019-10-04T18:18:40+00:00
lib/replace: Remove libaio support

io_uring is the way to go these days, libaio was never really useful
for Samba

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Oct  4 18:18:41 UTC 2019 on sn-devel-184

- - - - -
ea82bca8 by Jeremy Allison at 2019-10-07T08:13:44+00:00
s3: smbclient: Stop an SMB2-connection from blundering into SMB1-specific calls.

Fix in the same way this was done in SMBC_opendir_ctx() for libsmbclient.
This fix means the admin no longer has to remember to set 'min client protocol ='
when connecting to an SMB2-only server (MacOSX for example) and trying to
list shares.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14152

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
7eae4280 by Günther Deschner at 2019-10-07T08:13:44+00:00
libcli/auth: add test for gensec_schannel code

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
709d54d6 by Günther Deschner at 2019-10-07T08:13:44+00:00
auth/gensec: fix non-AES schannel seal

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14134

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
f9887565 by Günther Deschner at 2019-10-07T08:13:44+00:00
auth/gensec: fix AES schannel seal and unseal

Workaround bug present in gnutls 3.6.8:

gnutls_cipher_decrypt() uses an optimization
internally that breaks decryption when processing
buffers with their length not being a multiple
of the blocksize.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
7c2745d4 by Günther Deschner at 2019-10-07T09:31:35+00:00
libcli/auth: add gnutls test for aes-128-cfb8 cipher bug

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Oct  7 09:31:35 UTC 2019 on sn-devel-184

- - - - -
222f2538 by Andreas Schneider at 2019-10-07T11:48:24+00:00
replace: Improve sys/sysctl.h check to catch warning on glibc >= 2.30

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Oct  7 11:48:24 UTC 2019 on sn-devel-184

- - - - -
78161550 by Gordon Ross at 2019-10-07T22:05:59+00:00
torture: Allow running on FS that does not support EAs

Signed-off-by: Gordon Ross <gordon.w.ross at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Oct  7 22:05:59 UTC 2019 on sn-devel-184

- - - - -
7bceafe8 by Noel Power at 2019-10-08T02:40:24+00:00
s3/passdb: clang: Fix 'Value stored during initialization is never read'

Fixes:

source3/passdb/pdb_ldap.c:1933:11: warning: Value stored to 'ret' during its initialization is never read <--[clang]
        NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
                 ^~~   ~~~~~~~~~~~~~~~~~~~~~~
source3/passdb/pdb_ldap.c:4094:11: warning: Value stored to 'ntstatus' during its initialization is never read <--[clang]
        NTSTATUS ntstatus = NT_STATUS_UNSUCCESSFUL;
                 ^~~~~~~~   ~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Oct  8 02:40:24 UTC 2019 on sn-devel-184

- - - - -
42edab7b by Andreas Schneider at 2019-10-08T07:10:41+00:00
bootstrap: Remove pyhton2 packages

We dropped support for python2 in Samba already.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
9cd0d153 by Andreas Schneider at 2019-10-08T07:10:41+00:00
bootstrap: We can only build docker images on gitlab shared runners

Our rackspace runners don't provide a running docker.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
c9d302f2 by Andreas Schneider at 2019-10-08T08:27:50+00:00
gitlab-ci: Add CentOS 8 to CI

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Oct  8 08:27:50 UTC 2019 on sn-devel-184

- - - - -
5084a69d by Anoop C S at 2019-10-08T08:38:32+00:00
s3: VFS: Add SMB_VFS_FCNTL

Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0abd1189 by Anoop C S at 2019-10-08T09:57:19+00:00
s3: VFS: Use SMB_VFS_FCNTL to set fd flags in open_file()

Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Oct  8 09:57:19 UTC 2019 on sn-devel-184

- - - - -
5a084994 by Alexander Bokovoy at 2019-10-08T12:50:38+00:00
samba-tool: create working private krb5.conf

DNS update tool uses private krb5.conf which should have enough details
to authenticate with GSS-TSIG when running nsupdate.

Unfortunately, the configuration we provide is not enough. We set
defaults to not lookup REALM via DNS but at the same time we don't
provide any realm definition. As result, MIT Kerberos cannot actually
find a working realm for Samba AD deployment because it cannot query DNS
for a realm discovery or pick it up from the configuration.

Extend private krb5.conf with a realm definition that will allow MIT
Kerberos to look up KDC over DNS.

Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
fa255a36 by Andreas Schneider at 2019-10-08T12:50:38+00:00
waf: Check for gnutls_aead_cipher_encryptv2()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Simo Sorce <idra at samba.org>

- - - - -
70fdd482 by Andreas Schneider at 2019-10-08T12:50:38+00:00
libcli:smb: Use gnutls_aead_cipher_encryptv2() for AES GCM or CCM

This is a new call which has been added with GnuTLS 3.6.10 and will
recuduce memory allocations and copying of data.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Simo Sorce <idra at samba.org>

- - - - -
4a24d949 by Andreas Schneider at 2019-10-08T14:12:44+00:00
libcli:smb: Use gnutls_aead_cipher_decryptv2() for AES GCM or CCM

This is a new call which has been added with GnuTLS 3.6.10 and will
recuduce memory allocations and copying of data.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Simo Sorce <idra at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Oct  8 14:12:44 UTC 2019 on sn-devel-184

- - - - -
320b5be4 by Andreas Schneider at 2019-10-09T07:06:35+00:00
testprogs: Fix failure count in test_net_ads.sh

There are missing ` at the end of the line.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13884

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
456322a6 by Andreas Schneider at 2019-10-09T07:06:35+00:00
s3:libads: Use ldap_add_ext_s() in ads_gen_add()

ldap_add_s() is marked as deprecated.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
b84abb3a by Andreas Schneider at 2019-10-09T07:06:35+00:00
s3:libnet: Require sealed LDAP SASL connections for joining

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
8ed99378 by Andreas Schneider at 2019-10-09T07:06:35+00:00
s3:libads: Cleanup error code paths in ads_create_machine_acct()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
35f3e4ae by Andreas Schneider at 2019-10-09T07:06:35+00:00
s3:libads: Use a talloc_asprintf in ads_find_machine_acct()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
4f389c1f by Andreas Schneider at 2019-10-09T07:06:35+00:00
s3:libads: Fix detection if acount already exists in ads_find_machine_count()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
b755a643 by Andreas Schneider at 2019-10-09T07:06:35+00:00
s3:libads: Don't set supported encryption types during account creation

This is already handled by libnet_join_post_processing_ads_modify()
which calls libnet_join_set_etypes() if encrytion types should be set.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
ce776293 by Andreas Schneider at 2019-10-09T07:06:35+00:00
s3:libads: Fix creating machine account using LDAP

This implements the same behaviour as Windows.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13884

Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
39b8c8b3 by Andreas Schneider at 2019-10-09T07:06:35+00:00
s3:libnet: Improve debug messages

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
14f320fa by Andreas Schneider at 2019-10-09T07:06:35+00:00
s3:libads: Just change the machine password if account already exists

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13884

Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
459b43e5 by Andreas Schneider at 2019-10-09T08:26:17+00:00
testprogs: Add test for 'net ads join createcomputer='

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Oct  9 08:26:17 UTC 2019 on sn-devel-184

- - - - -
873aa1e6 by Ralph Boehme at 2019-10-09T14:35:28+00:00
librpc: add Python mdssvc bindings

Not used for now, but soon.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
b27d9afa by Ralph Boehme at 2019-10-09T14:35:28+00:00
s3:rpc_client: add a mdssvc client library

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
213ca6e4 by Ralph Boehme at 2019-10-09T14:35:28+00:00
s3: add mdscli Python bindings

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
afc90321 by Ralph Boehme at 2019-10-09T14:35:28+00:00
build: add SAMBA_DATADIR as "samba" subdirectory of DATADIR

DATADIR should have been set to this path from the beginning, too late to change
that now as ut's used as parent for two other directory varialbles: SETUPDIR and
CODEPAGEDIR.

>From <https://www.gnu.org/prep/standards/html_node/Directory-Variables.html>:

  datadir

    The directory for installing idiosyncratic read-only
    architecture-independent data files for this program. This is usually the
    same place as ‘datarootdir’, but we use the two separate variables so that
    you can move these program-specific files without altering the location for
    Info files, man pages, etc.

    This should normally be /usr/local/share, but write it as
    $(datarootdir). (If you are using Autoconf, write it as ‘@datadir@’.)

    The definition of ‘datadir’ is the same for all packages, so you should
    install your data in a subdirectory thereof. Most packages install their
    data under $(datadir)/package-name/.

Currently Samba doesn't install any application specific data files, but I'm
going to do just that in a subsequent commit.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
08cb82d2 by Ralph Boehme at 2019-10-09T14:35:28+00:00
s3:mdssvc: remove unused snum from struct sl_query

Looks like this was never used, it's also available via mds_ctx->snum.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
ba899694 by Ralph Boehme at 2019-10-09T14:35:29+00:00
s3:mdssvc: modernize a few DEBUG macros

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
eb740b57 by Ralph Boehme at 2019-10-09T14:35:29+00:00
s3:mdssvc: fix a long line

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
c338bdf5 by Ralph Boehme at 2019-10-09T14:35:29+00:00
s3:mdssvc: add missing mds_ctx deallocation

The mds_ctx object was created in _mdssvc_open() as a talloc child of the pipe
which means as long as the pipe is connected it's not freed.

To ensure we do proper rundown of all resources including backend connections
and pending queries, we must free the mds_ctx object.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
f5510d7d by Ralph Boehme at 2019-10-09T14:35:29+00:00
s3:mdssvc: add Elasticsearch backend

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
f479e010 by Ralph Boehme at 2019-10-09T14:35:29+00:00
s3:mdssvc: add unit tests for the Spotlight to Elasticsearch parser

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
f0e8dd1a by Ralph Boehme at 2019-10-09T14:35:29+00:00
selftest: split fileserver testenv into simpleserver and fileserver

The simpleserver testenv continues to be built with minimal
dependencies. fileserver otoh will be built with bells and whistles including
JSON which I need for using the env as target for Spotlight tests.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
da7dec0a by Ralph Boehme at 2019-10-09T14:35:29+00:00
selftest: add end-to-end tests for mdssvc with a fake HTTP server

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
c85cd5c4 by Ralph Boehme at 2019-10-09T14:35:29+00:00
s3:utils: add mdfind

A small command line tool to run macOS Spotlight searches against an SMB server
that runs the Spotlight mdssvc RPC service, including macOS and Samba.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
fa4c3fd9 by Ralph Boehme at 2019-10-09T14:35:29+00:00
selftest: add mdfind blackbox test

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
bf02a935 by Ralph Boehme at 2019-10-09T14:35:29+00:00
s3: rpc_server: enable mdssvc by default

Now that mdssvc is built by default and also tested in CI, enable it by default,
running as embedded service.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
91f397be by Ralph Boehme at 2019-10-09T14:35:29+00:00
mdssd: fix a debug message

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
78a2d955 by Ralph Boehme at 2019-10-09T14:35:29+00:00
s3:mdssvc: use a helper variable for the service type

No change in behaviour. Simplifies a subsequent logical change.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
63cbeaf0 by Ralph Boehme at 2019-10-09T14:35:29+00:00
s3:mdssvc: fix service startup in deamon mode

Changes:

* Don't initialize the RPC service by calling setup_rpc_module() in the parent
  mdssd. This is not needed in the parent, only in the worker childs.

* In the worker childs call setup_rpc_module() instead of init_rpc_module()
  which ensures rpc_mdssvc_init() is called with the mdssvc callback which is
  needed to initialize mdssvc via mdssvc_init_cb() -> init_service_mdssvc()

* Finally rpc_setup_mdssvc() is adjusted to be a noop if mdssvc is configured to
  as external and when called by the main parent smbd via dcesrv_ep_setup() ->
  setup_rpc_modules()

I've manually tested all 4 combinations of external=yes|no X module=yes|no with
the new mdfind command.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
c9b62982 by Ralph Boehme at 2019-10-09T15:52:55+00:00
mdssvc.idl: pass policy_handle as pointer

No change in behaviour, this just changes all functions to take the
policy_handle argument as pointer instead of passing it by value.
This is how all other IDLs pass it.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Oct  9 15:52:55 UTC 2019 on sn-devel-184

- - - - -
b4cbdddf by Volker Lendecke at 2019-10-10T01:04:33+00:00
smbd: Fix an uninitalized variable

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct 10 01:04:33 UTC 2019 on sn-devel-184

- - - - -
9290510f by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_acl_xattr. Wrap rmdir_acl_common() by acl_xattr_rmdir() so we don't call it directly.

This will allow adding the extra dirfsp parameter to
rmdir_acl_common().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1c0c3b61 by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_acl_common: Change acl_common_remove_object() to use UNLINKAT instead of RMDIR.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7f54bc87 by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: Change rmdir_acl_common() to take a files_struct *dirfsp pointer..

Pass in the passed dirfsp if available, else handle->conn->cwd_fsp.

No logic changes.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
0df3371e by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_acl_common: Convert rmdir_acl_common() to use UNLINKAT instead of RMDIR.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4e028aea by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_posix_eadb: Rename posix_eadb_rmdir() to posix_eadb_rmdir_internal().

Make rmdir_fn() a wrapper function. This will
allow us to add the dirfsp parameter.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3221bab8 by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_posix_eadb: Add a dirfsp parameter to posix_eadb_rmdir_internal().

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a8507856 by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_posix_eadb: Convert posix_eadb_rmdir_internal() to call UNLINKAT() instead of RMDIR().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
881ee37c by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_posix_eadb: Convert streams_depot_rmdir_internal() to call UNLINKAT() instead of RMDIR().

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
48ad93ae by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_streams_depot: Rename streams_depot_rmdir() to streams_depot_rmdir_internal().

Make rmdir_fn() a wrapper function. This will
allow us to add the dirfsp parameter.

Fix DEBUG statement so it doesn't print the wrong function name.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d9091d8f by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_streams_depot: Add a dirfsp parameter to streams_depot_rmdir_internal().

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
9c5dc89c by Jeremy Allison at 2019-10-10T06:09:39+00:00
s3: VFS: vfs_streams_depot: Change RMDIR -> UNLINKAT inside stream_dir().

No logic change.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c6235f29 by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_streams_depot: Change RMDIR -> UNLINKAT inside streams_depot_unlink_internal().

No logic change.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
576a143d by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_fruit: Change fruit_rmdir_internal() to call UNLINKAT instead of RMDIR.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7991a12e by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: cmd_vfs: Change cmd_pathfunc() to call SMB_VFS_UNLINKAT() in rmdir case.

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ca5e8938 by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: smbd: Change recursive_rmdir() to call SMB_VFS_UNLINKAT() in rmdir case.

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4ce152f1 by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: smbd: Change rmdir_internals() to call SMB_VFS_UNLINKAT() in rmdir cases.

Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
305f2b8d by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_xattr_tdb: Remove rmdir_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
44f9adc1 by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_unityed_media: Remove rmdir_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
060eb647 by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_fruit: Remove rmdir_fn. No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
19a4c5a9 by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_acl_tdb: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
26eb0e70 by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_acl_xattr: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8a18518e by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_audit: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b222c486 by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_cap: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b79c7d28 by Jeremy Allison at 2019-10-10T06:09:40+00:00
s3: VFS: vfs_catia: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
882babe6 by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_ceph: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
09d33f5b by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_ceph_snapshots: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ea386e13 by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_extd_audit: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5e1e58a1 by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_glusterfs: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ae28488f by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_media_harmony: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8e65a8c2 by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_posix_eadb: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8bb2c7b8 by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_shadow_copy2: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a940c4c5 by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_snapper: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ffa09e09 by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_streams_depot: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
14e24881 by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_syncops: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4fcd20cd by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_time_audit: Remove rmdir_fn(). No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5bf96b1f by Jeremy Allison at 2019-10-10T06:09:41+00:00
s3: VFS: vfs_time_audit: Remove rmdir_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the rmdir_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
81fbba8f by Jeremy Allison at 2019-10-10T07:26:43+00:00
s3: VFS: Complete the removal of SMB_VFS_RMDIR()

All users now use SMB_VFS_UNLINKAT(..., AT_REMOVEDIR).

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Oct 10 07:26:43 UTC 2019 on sn-devel-184

- - - - -
f45ceb0d by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Remove unused build of atsvc server

This avoids building server-side code we do not use and so makes the build
smaller and code auditing easier.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8216c218 by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Remove s4 server build of initshutdown

We do not have a source4 varient of the initshutdown server, so do not generate
the code for it.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6250fe29 by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Remove s4 server build of ntsvcs

We do not have a source4 varient of the ntsvcs server, so do not generate
the code for it.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
759660b1 by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Remove server build of remact.idl

We do not have a server for the DCOM Remote activation service, so do not generate
the code for it.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
83fae584 by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Add commnets on the split out of IDL files

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
718f9da0 by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Remove s3 server build of unixinfo

We do not have a source3 varient of the unixinfo server, so do not generate
the code for it.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
091e8fe1 by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Remove s4 server build of dfs

We do not have a source4 varient of the dfs server, so do not generate
the code for it.

DFS is very closely tied to SMB so we use the DFS server in
smbd.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c46191b8 by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Remove client and server build of rot.idl

We do not have a client or server for this DCOM component so do not generate
the code for it.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b273924b by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Remove client and server build of w32time.idl

We do not have a server for the Win32 Time Server so do not generate
the code for it.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d7bb9f54 by Andrew Bartlett at 2019-10-10T08:08:45+00:00
librpc: Remove server build of oxidresolver.idl

We do not have a server for this DCOM component so do not generate
the code for it.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
04b93696 by Andreas Schneider at 2019-10-10T09:41:26+00:00
WHATSNEW: Mention performance improvements for SMB3 encryption

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Oct 10 09:41:26 UTC 2019 on sn-devel-184

- - - - -
834d5282 by Ralph Boehme at 2019-10-10T18:56:33+00:00
wscript: remove all checks for _FUNC and __FUNC

Those where historic artifacts not needed anymore.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
efb43ecb by Ralph Boehme at 2019-10-10T20:13:25+00:00
wscript: split function check to one per line and sort alphabetically

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Oct 10 20:13:25 UTC 2019 on sn-devel-184

- - - - -
37daeb22 by Isaac Boukris at 2019-10-12T14:33:32+00:00
spnego: ignore server mech_types list

We should not use the mech list sent by the server in the last
'negotiate' packet in CIFS protocol, as it is not protected and
may be subject to downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
7e36de99 by Andreas Schneider at 2019-10-12T14:33:32+00:00
s3:libsmb: Do not check the SPNEGO neg token for KRB5

The list is not protected and this could be a downgrade attack.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Pair-Programmed-With: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
90f557f3 by Isaac Boukris at 2019-10-12T14:33:32+00:00
selftest: s3: add a test for spnego downgrade from krb5 to ntlm

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
d7e57ef7 by Isaac Boukris at 2019-10-12T14:33:33+00:00
spnego: add client option to omit sending an optimistic token

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
02f53881 by Isaac Boukris at 2019-10-12T14:33:33+00:00
selftest: add tests for no optimistic spnego exchange

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
eee1e8b6 by Stefan Metzmacher at 2019-10-12T14:33:33+00:00
python/tests/gensec: make it possible to add knownfail tests for gensec.update()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
8a963599 by Isaac Boukris at 2019-10-12T14:33:33+00:00
python/tests/gensec: add spnego downgrade python tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Pair-Programmed-With: Andreas Schneider <asn at samba.org>

Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
23ea12e9 by Isaac Boukris at 2019-10-12T15:51:42+00:00
spnego: fix server handling of no optimistic exchange

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Sat Oct 12 15:51:42 UTC 2019 on sn-devel-184

- - - - -
d8886552 by Andreas Schneider at 2019-10-12T16:18:39+00:00
lib:krb5_wrap: Do not create a temporary file for MEMORY keytabs

The autobuild cleanup script fails with:

The tree has 3 new uncommitted files!!!
git clean -n
Would remove MEMORY:tmp_smb_creds_SK98Lv
Would remove MEMORY:tmp_smb_creds_kornU6
Would remove MEMORY:tmp_smb_creds_ljR828

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
a06889f6 by Andreas Schneider at 2019-10-12T16:18:39+00:00
s4:selftest: Do not print the target env twice

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
46068d5f by Andreas Schneider at 2019-10-12T16:18:39+00:00
gitlab-ci: Run several AD tests with MIT KDC

This will avoid introducing regressions in either client or server code.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
0cad8823 by Andreas Schneider at 2019-10-12T16:18:39+00:00
s4:selftest: Do not print the target env twice

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
93c2b446 by Andreas Schneider at 2019-10-12T16:18:39+00:00
testprogs: Add test for kinit with canonicalization

Pair-Programmed-With: Isaac Boukris <iboukris at redhat.com>

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
12358429 by Andreas Schneider at 2019-10-12T17:39:13+00:00
s3:libads: Do not turn on canonicalization flag for MIT Kerberos

This partially reverts 303b7e59a286896888ee2473995fc50bb2b5ce5e.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14155

Pair-Programmed-With: Isaac Boukris <iboukris at redhat.com>

Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Sat Oct 12 17:39:13 UTC 2019 on sn-devel-184

- - - - -
c16cc9a7 by Andreas Schneider at 2019-10-14T07:41:51+00:00
audit_logging: Don't spam the logs if dsdb_event is not found

This gets only registered by our tests.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Oct 14 07:41:52 UTC 2019 on sn-devel-184

- - - - -
2dbc68e2 by Jeremy Allison at 2019-10-15T18:46:36+00:00
s3: smbd: set_nt_acl(). Now we know we always have a valid file handle, always use VFS_FCHOWN.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
99bfdb6e by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: smbd: Remove vfs_chown_fsp().

No longer used. This gets rid of another case
where we were playing directory changing games
that are eliminated by just using a file handle.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
634a4d13 by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: pysmbd: Change py_smbd_chown() to use SMB_VFS_FCHOWN() internally.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
177f15eb by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: torture: Remove cmd_chown() - can be replicated by cmd_open()->cmd_fchown().

Last user of SMB_VFS_CHOWN() in the codebase.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
2eca6d5b by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_cap: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
48335c1f by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_catia: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
95a6505e by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_ceph: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
3f8f7979 by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_ceph_snapshots: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
774b8f9f by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_fake_acls: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
3a853a1d by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_fruit: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
3e8f3196 by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_glusterfs: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
3e2c2fdf by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_media_harmony: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
1516e9e2 by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_shadow_copy2: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
04e70da3 by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_snapper: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
ce63e83a by Jeremy Allison at 2019-10-15T18:46:37+00:00
s3: VFS: vfs_cap: Remove chown_fn().

No longer used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
bd807d46 by Jeremy Allison at 2019-10-15T18:46:38+00:00
s3: VFS: vfs_time_audit: Remove chown_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the chown_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
e2863a7e by Jeremy Allison at 2019-10-15T18:46:38+00:00
s3: VFS: vfs_full_audit: Remove chown_fn(). No longer used.

NB, this will now fail smb_vfs_assert_all_fns()
until we remove the chown_fn() from the VFS definitions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

- - - - -
b01169ff by Jeremy Allison at 2019-10-15T20:07:51+00:00
s3: VFS: Complete the removal of SMB_VFS_CHOWN()

No longer used anywhere.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Oct 15 20:07:51 UTC 2019 on sn-devel-184

- - - - -
d473f1e3 by Isaac Boukris at 2019-10-16T09:33:32+00:00
nsswitch: Link stress-nss-libwbclient against pthread

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
7259197b by Isaac Boukris at 2019-10-16T09:33:32+00:00
s3:libsmb: Link libsmb against pthread

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140

Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
f0abf62a by Bryan Mason at 2019-10-16T10:55:04+00:00
s3:tests: Add smbspool test for CUPS-like "sanitized" Device URI in argv[0]

Before calling a backend like smbspool, CUPS will set argv[0] to the
"sanitized" Device URI (the Device URI with username/password
information removed).  These changes are intended to catch problems
with smbspool that may be created by this behavior (like
https://bugzilla.samba.org/show_bug.cgi?id=14128).

source3/script/tests/smbspool_argv_wrapper.c: added to emulate
CUPS-like behavior by setting argv[0] to the device URI before
exec()ing smbspool.

source3/script/tests/test_smbspool.sh: updated to use
smbspool_argv_wrapper to test the CUPS-like behavior described above.

Signed-off-by: Bryan Mason <bmason at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Oct 16 10:55:04 UTC 2019 on sn-devel-184

- - - - -
d023b298 by Gary Lockyer at 2019-10-16T15:41:41+00:00
selftest: Disable RTLD_DEEPBIND if running with ASAN

Disable the RTLD_DEEPBIND option for dlopen in LDB and Socket Wrapper when
running with  AddressSanitizer. The RTLD_DEEPBIND option is not compatible
with Address Sanitizer see
https://github.com/google/sanitizers/issues/611

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Oct 16 15:41:41 UTC 2019 on sn-devel-184

- - - - -
eb093c5d by Amit Kumar at 2019-10-16T16:39:42+00:00
s3:winbind: Don't abort when receiving a NULL SID

Source code in winbind_rpc.c states that if the trusted domain
has no SID, winbindd just aborts the session. This happens with
MIT Kerberos realm added as trust to AD and winbindd just returns
without processing further as there is no SID returned for the
Linux system having kerberos support.

This fix makes winbindd to skip the domain having NULL SID instead
of aborting the request completely.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13913

Signed-off-by: Amit Kumar <amitkuma at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
50cce842 by Amit Kumar at 2019-10-16T16:39:42+00:00
docs: Add 'net gpo command' text in man net

This change adds contents to man net for 'net ads gpo' command
set based on results got after executing:
'# net ads gpo help' and subcommands

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13986

Signed-off-by: Amit Kumar <amitkuma at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
aed4d063 by Gary Lockyer at 2019-10-16T18:00:31+00:00
libcli smb smb1cli_trans: fix ubsan warning

Fix ubsan warning null pointer passed as argument 2 when the source
pointer is NULL.  The calls to memcpy are now guarded by an
if (len > 0)

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Oct 16 18:00:31 UTC 2019 on sn-devel-184

- - - - -
dd43bb96 by Amit Kumar at 2019-10-17T07:58:39+00:00
docs: Add 'ads dns command' text in man net

This change adds contents to man net for 'ads dns' command set.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14009

Signed-off-by: Amit Kumar <amitkuma at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
6bd2f0e9 by Amit Kumar at 2019-10-17T07:58:39+00:00
docs: modifies 'net ads dns gethostbyname -h' Changes server to nameserver and name to hostname.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14009

Signed-off-by: Amit Kumar amitkuma at redhat.com
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
aacbd383 by Amit Kumar at 2019-10-17T09:21:20+00:00
samba-tool: Update 'samba-tool gpo list <>' description

We have a command to get gpo listing from Active Directory.
samba-tool gpo list <username>

This command can list GPOs for both username and machinename,
But command help only shows 'username'.

This PR
- Updates the option presented in help.
- Updates name of variable used to retrieve GPO so that it's
 not misleading if someone reads code later on

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14016

Signed-off-by: Amit Kumar <amitkuma at redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Oct 17 09:21:20 UTC 2019 on sn-devel-184

- - - - -
68155811 by Rowland Penny at 2019-10-17T12:21:55+00:00
samba-tool: Add facility to add rfc2307 attributes to an already created user or group

Signed-off-by: Rowland Penny <rpenny at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlet <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Oct 17 12:21:55 UTC 2019 on sn-devel-184

- - - - -
799a1f65 by Michael Hanselmann at 2019-10-18T07:31:45+00:00
Build registry parsing code into subsystem

Fuzzing code will make use of the "reg_parse_fd" function. By building
it into the "SMBREGISTRY" subsystem it can just be linked and
"reg_parse.c" doesn't need to be explicitly included.

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
e477a94f by Michael Hanselmann at 2019-10-18T07:31:45+00:00
Add fuzzing binary for reg_parse

A temporary file is used to store the fuzzing input.

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
6b6df73b by Michael Hanselmann at 2019-10-18T07:31:45+00:00
regfio: Allow ignoring of checksum

In order to get good coverage fuzzing code has to either calculate
checksums correctly or to disable their verification. This change
implements the latter for the "REGF_FILE" structure used by the
"regfio_*" family of functions.

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
a42a5a42 by Michael Hanselmann at 2019-10-18T07:31:45+00:00
Add fuzzing binary for regfio

Checksums are better ignored during fuzzing, hence a flag is added to
the regfio parser to disable checksums.

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
f9c39237 by Michael Hanselmann at 2019-10-18T07:31:45+00:00
Add fuzzing binary for lzxpress

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
de7c7833 by Michael Hanselmann at 2019-10-18T07:31:45+00:00
Add fuzzing binary for ldap_decode

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
c4e902be by Michael Hanselmann at 2019-10-18T07:31:45+00:00
Add fuzzing binary for ldb_parse_tree

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
25b1e478 by Anoop C S at 2019-10-18T08:54:04+00:00
s3/dump_core: Have a newline towards the end of log message

Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

Autobuild-User(master): Uri Simchoni <uri at samba.org>
Autobuild-Date(master): Fri Oct 18 08:54:04 UTC 2019 on sn-devel-184

- - - - -
51734239 by Andrew Bartlett at 2019-10-18T09:26:41+00:00
dsdb: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in repl_meta_data module

This call does not use the context argument so no additional parameter is needed.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
5bc35614 by Andrew Bartlett at 2019-10-18T09:26:41+00:00
s4-rpc_server: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in getncchanges

This call does not use the context argument so no additional parameter is needed.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
7c83b1ad by Andrew Bartlett at 2019-10-18T10:58:44+00:00
dsdb: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in operational module

This call does not use the context argument so no additional parameter is needed.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Oct 18 10:58:45 UTC 2019 on sn-devel-184

- - - - -
d495074e by Jeremy Allison at 2019-10-18T16:07:35+00:00
s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number.

The info level it uses doesn't return that, previously we
were using the field that is returned as the EA size as
the inode number (which is usually zero, so the code in
libsmbclient would then synthesize an inode number from
a hash of the pathname, which is all it can do for SMB1).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14161

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
8e55a856 by Jeremy Allison at 2019-10-18T16:07:35+00:00
s3: torture: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number.

Piggyback on existing tests, ensure we don't regress on:

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14161

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
9a02c31d by Andrew Bartlett at 2019-10-18T16:07:35+00:00
lib: Explicitly refuse to truncate unix domain socket paths

This avoids creating a socket like:

.../winbindd_privileged/p

instead of

.../winbindd_privileged/pipe

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
8bc22890 by Samuel Cabrero at 2019-10-18T16:07:35+00:00
s3:smbd: Add header inclusion guards in globals.h

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
8b761b12 by Samuel Cabrero at 2019-10-18T16:07:35+00:00
s3:printing: Add header inclusion guards in queue_process.h

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
e70dbe7d by Samuel Cabrero at 2019-10-18T16:07:35+00:00
s3:printing: Add spoolssd header file

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
27b01d0a by Samuel Cabrero at 2019-10-18T16:07:35+00:00
tstream_npa: Set local server name in auth requests

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
f43e0825 by Samuel Cabrero at 2019-10-18T16:07:35+00:00
s4:torture: Add braces

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
e4b13540 by Samuel Cabrero at 2019-10-18T16:07:35+00:00
s4:torture: Fix torture comment

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
61aaebaa by Samuel Cabrero at 2019-10-18T16:07:35+00:00
s4:torture: Assert connection

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
d572219e by Samuel Cabrero at 2019-10-18T16:07:35+00:00
s4:rpc_server: Fix debug string printing duplicated function name

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
4d7a9161 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
s4:rpc_server: Cleanup includes

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
3d529762 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
s4:rpc_server: Rename common/reply.c to dcesrv_reply.c

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
3d7167f4 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
s4:rpc_server: Remove imessaging_context from dcerpc core structs

Add a helper function to retrieve the imessaging_context from the
stream connection.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
f402b937 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
s4:rpc_server: Remove server_id from dcerpc core structs

Add a helper function to retrieve it from the stream connection.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
83def9a9 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
s4:rpc_server: Split dcerpc_generic_session_key for server and client

Split the common bits of dcerpc_generic_session_key to librpc and rename
client the specific part to dcecli_generic_session_key.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
b6c8afa9 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
s4:librpc: Rename ncacn_push_auth to dcerpc_ncacn_push_auth

Next commit will move this function to common librpc

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
ae9956a6 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
librpc: Move dcerpc_ncacn_push_auth from s4 librpc to common librpc

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
63b78894 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
librpc: Move dcerpc_log_packet from s4 librpc to common librpc

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
6fcf8038 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
s4:rpc_server: Do not include s4 librpc headers in dcerpc core

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
bf097719 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
s4:rpc_server: Add dcesrv_context_callbacks to dcesrv_context

Add a new struct dcesrv_context_callbacks in dcesrv_context to hold pointers
to functions whose implementation will differ between S3 and S4.

The log_successful_dcesrv_authz_event implementation will differ as it
requires an imessaging_context.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
6fe23fa0 by Samuel Cabrero at 2019-10-18T16:07:36+00:00
s4:rpc_server: Hide gensec prepare behind function pointer

This function will be different for s3 and s4

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
b0ecc8ef by Samuel Cabrero at 2019-10-18T16:07:37+00:00
s4:rpc_server: inline the dcesrv_assoc_group_find function

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
55ad4ae7 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
s4:rpc_server: Find association groups through context callbacks

Split the association group management from the server code, the s3 and
s4 implementation will handle differently.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
85de7335 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
s4:rpc_server: Add transport termination function pointer

As the dcesrv_terminate_connection function will be moved to the shared
rpc server core library, hide the stream_terminate_connection call behind
a function pointer.

The s3 implementation will define its own termination function.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
0523f0b4 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
s4:rpc_server: Add public function dcesrv_connection_loop_start

This function starts the server loop and will be called from s3 and s4
implementations.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
480dd616 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
s4:rpc_server: Make functions public

These functions will be moved to core dcerpc library and called from
s4 and s3 implementations.

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
3f33fdf2 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
librpc: Add new dcerpc server core library

Next commits will move the core of s4 rpc server to this library.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
076ec917 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
s4:rpc_server: Move core structures and prototypes to core library

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
491102b5 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
s4:rpc_server: Move core functions to core library

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
52727543 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
librpc:core: Set debug class

Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
6a6546b5 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
librpc:core: Allocate struct dcesrv_interface with talloc

The S3 implementation needs to reinit the dcesrv_context and free the
endpoints list with their registered interfaces.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
73948df2 by Samuel Cabrero at 2019-10-18T16:07:37+00:00
librpc:core: Initialize static variable

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
08c66382 by Samuel Cabrero at 2019-10-18T16:07:38+00:00
librpc:core: Rename find_endpoint to dcesrv_find_endpoint

This function will be public and available for s3 and s4 implementations.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
e10028a0 by Samuel Cabrero at 2019-10-18T16:07:38+00:00
librpc:core: Return NTSTATUS for dcesrv_find_endpoint

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
50f69b60 by Samuel Cabrero at 2019-10-18T17:30:39+00:00
librpc:core: Make dcesrv_find_endpoint public

Will be used from s3 implementation when a connection is passed to other
process where a particular association group was created.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Oct 18 17:30:39 UTC 2019 on sn-devel-184

- - - - -
75433f60 by Volker Lendecke at 2019-10-18T21:06:33+00:00
dbwrap_watch: Test cleanup of dead watchers

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0afd655e by Volker Lendecke at 2019-10-18T22:28:07+00:00
dbwrap_watch: Fix cleaning up dead watchers

"wrec->num_watchers" changes in dbwrap_watch_rec_del_watcher(). In
32d6cc84c I forgot to update the copy of that variable.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Oct 18 22:28:07 UTC 2019 on sn-devel-184

- - - - -
09e282ec by Uri Simchoni at 2019-10-20T12:06:30+00:00
waf: upgrade to 2.0.18

This is required to get the new test_args parameter to conf.check, which
facilitates passing arguments to configuration test programs.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13846

Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e00e9335 by Uri Simchoni at 2019-10-20T12:06:30+00:00
wafsamba: use test_args instead of exec_args to support cross-compilation

exec_args seems to have been a custom addition to Samba's copy of waf..
Upstream Waf has an identically-purposed parameter called test_args.

This parameter is being used for addiing runtime args to test programs that
are being run during configuration phases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13846

Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5a4ade95 by Uri Simchoni at 2019-10-20T12:06:30+00:00
wafsamba: avoid pre-forking if cross-compilation is enabled

Waf supports pre-forking to run configuration tests, but this
doesn't play well with Samba's cross-compilation support, because
Samba monkey-patches the actual fork+exec, which doesn't happen
in a pre-forked process pool.

This patch emulates the impact of WAF_NO_PREFORK env var when
cross-compilation is enabled.

The blueprint for the solution has been suggested by Thomas Nagy
in https://bugzilla.samba.org/show_bug.cgi?id=13846#c7 (item #2)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13846

Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fdfd6984 by Uri Simchoni at 2019-10-20T12:06:30+00:00
wafsamba: pass environment to cross-execute tests

This can come in handy for cross-execute scripts in general, and
is particularly required by the samba-xc test for cross-answers /
cross-execute, because Samba sets LD_LIBRARY_PATH during rpath
checks, and the test program needs that in order to successfully
run.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13846

Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
649d15bb by Uri Simchoni at 2019-10-20T13:29:58+00:00
autobuild: harden samba-xc test suite

Add more checks which directly test the behavior of
--cross-answers and --cross-execute.

Previous test tested things in a round-about way, checking
that running in all three modes (native, cross-execute,
cross-answers) yields the same result. It was vulnerable
to a degradation in which cross-compilation modes didn't
work at all and were running native tests, which is
what happened with the upgrade of waf.

The added tests check the following:
- That cross-excute with cross-answers sets the cross-answers file
- That the content of cross-answers file actually affects the build
  configuration
- That a missing line in cross-answers fails the build

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13846

Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Uri Simchoni <uri at samba.org>
Autobuild-Date(master): Sun Oct 20 13:29:58 UTC 2019 on sn-devel-184

- - - - -
c1349c44 by Andreas Schneider at 2019-10-20T14:52:40+00:00
s3:waf: Remove check for fdatasync

This is already checked by libreplace as replace also provides it.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Sun Oct 20 14:52:40 UTC 2019 on sn-devel-184

- - - - -
7b1466cc by Christian Schulz at 2019-10-21T00:04:32+00:00
smbstatus: use display print function

Signed-off-by: Christian Schulz <chris at schocktools.de>
Reviewed-by: Ralph Böhme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5216fd22 by Christian Schulz at 2019-10-21T01:26:28+00:00
smbstatus: fix column length for DenyMode

Signed-off-by: Christian Schulz <chris at schocktools.de>
Reviewed-by: Ralph Böhme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Oct 21 01:26:29 UTC 2019 on sn-devel-184

- - - - -
d6a4eea5 by Isaac Boukris at 2019-10-21T14:40:38+00:00
selftest/remote_pac: split test_PACVerify() in two

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133

Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
90bdaaf0 by Isaac Boukris at 2019-10-21T14:40:38+00:00
selftest: add a test for PAC delegation-info blob in S4U2Proxy

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133

Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
fd5cf415 by Stefan Metzmacher at 2019-10-21T14:40:38+00:00
s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blob

We need the target service without realm, but the proxy services with realm.

I have a domain with an w2008r2 server and a samba and now both generate
the same S4U_DELEGATION_INFO.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
073dc735 by Marco Wang at 2019-10-21T14:40:38+00:00
s3: include: printing: move copyright notice to beginning

Signed-off-by: Marco Wang <m.aesophor at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
31563f57 by Marco Wang at 2019-10-21T14:40:38+00:00
s3: include: printing: fix indentation of struct printif

Signed-off-by: Marco Wang <m.aesophor at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
1722e5fb by Marco Wang at 2019-10-21T16:01:56+00:00
s3: include: printing: align function parameters

Signed-off-by: Marco Wang <m.aesophor at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Oct 21 16:01:56 UTC 2019 on sn-devel-184

- - - - -
6a9041ba by Ralph Boehme at 2019-10-22T14:53:17+00:00
autobuild: rename samba-ad-member-* to samba-admem-*

Needed to come around MAX pathlen limit for UNIX domain socket triggered by
the new samba-ad-member-mitkrb5 target added in samba-ad-member-mitkrb5.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Oct 22 14:53:17 UTC 2019 on sn-devel-184

- - - - -
e9dd8821 by Noel Power at 2019-10-22T17:28:27+00:00
s3/libsmb: clang: Fix 'Value stored to 'p' is never read'

Fixes:

source3/libsmb/climessage.c:73:2: warning: Value stored to 'p' is never read <--[clang]
        p += hlen;
        ^    ~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7a4da41c by Noel Power at 2019-10-22T17:28:27+00:00
s3/libsmd: clang: Fix some uninitialized value errors

Fixes:

source3/libsmb/clilist.c:534:14: warning: 1st function call argument is an uninitialized value <--[clang]
        num_finfo = talloc_array_length(finfo);
                    ^
source3/libsmb/clilist.c:1007:13: warning: The right operand of '<' is a garbage value <--[clang]
        for (i=0; i<num_finfo; i++) {
                   ^~~~~~~~~~
2 warnings generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
25a256be by Noel Power at 2019-10-22T17:28:27+00:00
s3/libsmb: clang: Fix 'Dereference of undefined pointer value'

Fixes:

source3/libsmb/clidfs.c:350:3: warning: Dereference of undefined pointer value <--[clang]
                DLIST_ADD_END(referring_cli, cli);
                ^
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4995a0e7 by Noel Power at 2019-10-22T17:28:27+00:00
s3/libsmb: clang: Fix 'Value stored to 'create_options' is never read'

It looks like the create_options are accumulated as the depending on the
failure reasons returned for cli_smb2_create_fnum (except for when a
directory is encountered) this looks like a mistake
Fixes:

source3/libsmb/cli_smb2_fnum.c:1870:3: warning: Value stored to 'create_options' is never read <--[clang]
                create_options |= FILE_DIRECTORY_FILE;
                ^
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
764bb47a by Noel Power at 2019-10-22T17:28:27+00:00
s3/libsmb: clang: Fix 'Assigned value is garbage or undefined'

Fixes:

source3/libsmb/smbsock_connect.c:786:13: warning: Assigned value is garbage or undefined <--[clang]
                state->fd = fd;
                          ^ ~~
1 warning generated.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
61621009 by Noel Power at 2019-10-22T17:28:27+00:00
s3/libsmb: clang: Fix 'Value stored to 'p' is never read'

Fixes:

source3/libsmb/clirap.c:145:3: warning: Value stored to 'p' is never read <--[clang]
                p = rdata;
                ^   ~~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
4ef40d41 by Noel Power at 2019-10-22T17:28:27+00:00
s3/libsmb: clang: Fix 'Assigned value is garbage or undefined'

Fixes:

source3/libsmb/clirap.c:1490:9: warning: Assigned value is garbage or undefined <--[clang]
                *mode = attr;
                      ^ ~~~~

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
6ebd0ba7 by Noel Power at 2019-10-22T18:48:43+00:00
s3/libsmb: clang: Fix 'the left operand of '-' is a garbage value'

Fixes:

source3/libsmb/clifile.c:360:19: warning: The left operand of '-' is a garbage value <--[clang]
        if (data[num_data-1] != '\0') {
                 ~~~~~~~~^
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Oct 22 18:48:43 UTC 2019 on sn-devel-184

- - - - -
799b05cf by Amit Kumar at 2019-10-22T19:39:40+00:00
net: 'net ads gpo getgpo' command not dumping gpo

We have passed dump_gpo(debuglevel=1), hence gpo is not
dumped at debuglevel=0. But end user will expect gpo
to be dumped without setting debug flag.

Signed-off-by: Amit Kumar <amitkuma at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>

- - - - -
ce3fdc4d by Amit Kumar at 2019-10-22T19:39:40+00:00
samba-tool domain: fix an unhandled exception

Uncaught exception on running 'samba-tool domain schemaupgrade'

ERROR(<class 'ModuleNotFoundError'>): uncaught exception - No module named
'markdown' File "/usr/lib64/python3.7/site-packages/samba/netcmd/__init__.py",
line 185, in _run return self.run(*args, **kwargs) File
"/usr/lib64/python3.7/site-packages/samba/netcmd/domain.py", line 4157, in run
from samba.ms_schema_markdown import read_ms_markdown File
"/usr/lib64/python3.7/site-packages/samba/ms_schema_markdown.py", line 26, in
<module> import markdown

Signed-off-by: Amit Kumar amitkuma at redhat.com
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b8461b42 by Martin Schwenke at 2019-10-22T19:39:40+00:00
ctdb-tests: Simplify tool unit test runner

There is no good reason why the code needs to be this way.  The
intervening code was removed years ago leaving a more complex version
of something very simple.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
5ae330e5 by Martin Schwenke at 2019-10-22T19:39:40+00:00
ctdb-tests: Avoid running valgrind under valgrind

When run from integration tests $CTDB already includes $VALGRIND, if
set.  So only add $VALGRIND if $CTDB is not set.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
78766260 by Martin Schwenke at 2019-10-22T19:39:40+00:00
ctdb-tests: Add run_tests.sh option to print logs on test failure

Implement this for local daemons integration tests, dumping last 100
lines of logs.  This makes it possible to debug some failures in
automated tests where the logs are unavailable for analysis.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
fc16b8db by Martin Schwenke at 2019-10-22T19:39:41+00:00
ctdb-tests: Enable printing of logs on failure in autobuild

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
e8dc125e by Martin Schwenke at 2019-10-22T19:39:41+00:00
ctdb-tests: Drop setting of test state directory for testonly target

This is the default and deciding this should be left to run_tests.sh.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
fe80038d by Martin Schwenke at 2019-10-22T19:39:41+00:00
ctdb-tests: Prefix remaining environment variables with CTDB_

Now they are clearly all part of CTDB.

TEST_SOCKET_WRAPPER_SO_PATH gets too long in
integration_local_daemons.bash, so change it to
CTDB_TEST_SWRAP_SO_PATH instead of just prefixing.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
aa376682 by Martin Schwenke at 2019-10-22T21:02:11+00:00
ctdb-tests: Add -l option to set number of local daemons

This is the only place where setting an environment variable by hand
is recommended, so remove the anomaly.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Oct 22 21:02:11 UTC 2019 on sn-devel-184

- - - - -
ccc486ca by Volker Lendecke at 2019-10-23T01:11:30+00:00
smbd: Mark #else/#endif with the if-#define

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
05597014 by Volker Lendecke at 2019-10-23T01:11:30+00:00
smbd: Remove an unused #define from mangle_hash2.c

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
f37b9133 by Volker Lendecke at 2019-10-23T02:37:12+00:00
smbd: Save 520 bytes of writable memory from every smbd

Move what can be const from the "data" to the "text" segment

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Wed Oct 23 02:37:12 UTC 2019 on sn-devel-184

- - - - -
1b69795c by Christian Ambach at 2019-10-23T04:57:08+00:00
s3:lib:wins fix a compile warning on Ubuntu 18.04

gcc version 7.4.0 (Ubuntu 7.4.0-1ubuntu1~18.04.1) with -O2 puts up a warning here:
../../source3/lib/wins_srv.c: In function ‘wins_srv_tags’:
../../source3/lib/wins_srv.c:235:3: error: assuming signed overflow does not
occur when simplifying conditional to constant [-Werror=strict-overflow]
   for (j=0;j<count;j++) {
   ^~~
cc1: all warnings being treated as errors

Signed-off-by: Christian Ambach <ambi at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>

Autobuild-User(master): Uri Simchoni <uri at samba.org>
Autobuild-Date(master): Wed Oct 23 04:57:09 UTC 2019 on sn-devel-184

- - - - -
263bec1b by Andreas Schneider at 2019-10-23T08:23:12+00:00
replace: Only link libnsl and libsocket if requrired

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14168

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Oct 23 08:23:13 UTC 2019 on sn-devel-184

- - - - -
6e8c3ae6 by Heinz Hoelzl at 2019-10-23T15:54:43+00:00
samba-tool: py3 compatiblity in 'user syncpasswords --daemon'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14154

Signed-off-by: Heinz Hölzl <heinz.hoelzl at gvcc.net>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Björn Baumbach <bb at sernet.de>

Autobuild-User(master): Björn Baumbach <bb at sernet.de>
Autobuild-Date(master): Wed Oct 23 15:54:43 UTC 2019 on sn-devel-184

- - - - -
9f41a9fc by Volker Lendecke at 2019-10-24T04:06:42+00:00
ctdb: Avoid malloc/memcpy/free in ctdb_ltdb_fetch()

Make use of tdb_parse_record()

Signed-off-by: Volker Lendecke <vl at samba.org>
Signed-off-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
688567f0 by Amitay Isaacs at 2019-10-24T04:06:42+00:00
ctdb-protocol: Drop code related to obsolete controls

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
913bd331 by Amitay Isaacs at 2019-10-24T04:06:42+00:00
ctdb-tests: Drop code releated to obsolete controls

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
0872c52e by Amitay Isaacs at 2019-10-24T04:06:42+00:00
ctdb-protocol: Add new control VACUUM_FETCH

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
b71d8cd8 by Amitay Isaacs at 2019-10-24T04:06:42+00:00
ctdb-protocol: Add marshalling for new control VACUUM_FETCH

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
36f9b495 by Amitay Isaacs at 2019-10-24T04:06:42+00:00
ctdb-tests: Add marshalling tests for new control

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
da617f90 by Amitay Isaacs at 2019-10-24T04:06:42+00:00
ctdb-daemon: Add implementation of VACUUM_FETCH control

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
86521837 by Amitay Isaacs at 2019-10-24T04:06:42+00:00
ctdb-vacuum: Add processing of fetch queue

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
498932c0 by Amitay Isaacs at 2019-10-24T04:06:42+00:00
ctdb-vacuum: Replace VACUUM_FETCH message with control

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
fc81729d by Amitay Isaacs at 2019-10-24T04:06:43+00:00
ctdb-recoverd: Drop VACUUM_FETCH message handling

This is now implemented in the ctdb daemon using VACUMM_FETCH control.

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
c6427ddd by Amitay Isaacs at 2019-10-24T04:06:43+00:00
ctdb-recoverd: No need for database detach handler

The only reason for recoverd attaching to databases was to migrate
records to the local node as part of vacuuming.  Recovery daemon does
not take part in database vacuuming any more.

The actual database recovery is handled via the recovery_helper and
recovery daemon should not need to attach to the databases any more.

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
680df076 by Amitay Isaacs at 2019-10-24T04:06:43+00:00
ctdb-daemon: Avoid memory leak when packet is deferred

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
d0cc9edc by Amitay Isaacs at 2019-10-24T04:06:43+00:00
ctdb-vacuum: Avoid processing any more packets

All the vacuum operations if required have an event loop to ensure
completion of pending operations.  Once all the steps are complete,
there is no reason to process any more packets.

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
b3148353 by Martin Schwenke at 2019-10-24T04:06:43+00:00
ctdb-protocol: Add new control CTDB_CONTROL_DB_VACUUM

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
a896486b by Martin Schwenke at 2019-10-24T04:06:43+00:00
ctdb-protocol: Add marshalling for struct ctdb_db_vacuum

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
496204fe by Martin Schwenke at 2019-10-24T04:06:43+00:00
ctdb-protocol: Add marshalling for control DB_VACUUM

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
5539edfd by Martin Schwenke at 2019-10-24T04:06:43+00:00
ctdb-vacuum: Simplify recording of in-progress vacuuming child

There can only be one, so simplify the logic.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
13cedaf0 by Martin Schwenke at 2019-10-24T04:06:43+00:00
ctdb-daemon: Factor out code to create vacuuming child

This changes the behaviour for some failures from exiting to simply
attempting to schedule the next run.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
d462d64c by Martin Schwenke at 2019-10-24T04:06:43+00:00
ctdb-vacuum: Only schedule next vacuum event if vacuuuming is scheduled

At the moment vacuuming is always scheduled.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
41a41d5f by Martin Schwenke at 2019-10-24T04:06:43+00:00
ctdb-daemon: Implement DB_VACUUM control

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
439ef65d by Martin Schwenke at 2019-10-24T04:06:44+00:00
ctdb-client: Factor out function client_db_tdb()

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
5a6d319e by Martin Schwenke at 2019-10-24T04:06:44+00:00
ctdb-tests: Add ctdb-db-test tool

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
b9654085 by Martin Schwenke at 2019-10-24T04:06:44+00:00
ctdb-tests: Factor out function check_cattdb_num_records()

This can be use in multiple vacuuming tests.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
49262a6b by Martin Schwenke at 2019-10-24T04:06:44+00:00
ctdb-tests: Add handling of process clean-up on a cluster node

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
6de5706b by Martin Schwenke at 2019-10-24T05:28:21+00:00
ctdb-tests: Add vacuuming tests

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Thu Oct 24 05:28:21 UTC 2019 on sn-devel-184

- - - - -
b28d06be by Andreas Schneider at 2019-10-24T06:48:08+00:00
waf: Create clang compilation database

http://clang.llvm.org/docs/JSONCompilationDatabase.html

This can be used by ymcd or clangd.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ab71d721 by Andreas Schneider at 2019-10-24T08:11:19+00:00
waf: Symlink the compile database to the source dir for clangd

https://github.com/ycm-core/YouCompleteMe
https://github.com/abingham/emacs-ycmd

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Oct 24 08:11:19 UTC 2019 on sn-devel-184

- - - - -
ca95d7f4 by Ralph Boehme at 2019-10-24T08:12:27+00:00
s3:dbwrap: initialize messaging before getting the ctdb connection

This is a better fix for bug #13465.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13925

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
94715083 by Ralph Boehme at 2019-10-24T09:33:47+00:00
s3: remove now unneeded call to cmdline_messaging_context()

This was only needed as dbwrap_open() had a bug where it asked for the ctdb
connection before initializing messaging. The previous commit fixed that so we
can now safely remove the calls to cmdline_messaging_context() from all tools
that don't use messaging.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13925

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct 24 09:33:47 UTC 2019 on sn-devel-184

- - - - -
6d43d82b by Stefan Metzmacher at 2019-10-24T09:46:28+00:00
s4:tests/dirsync: add tests for dirsync with extended_dn

This demonstrates a problems that the extended_dn returned
by the dirsync module always uses the SDDL format for GUID/SID
components.

Azure AD connect reports discovery errors:
  reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
d0f566c4 by Stefan Metzmacher at 2019-10-24T11:06:58+00:00
s4:dirsync: fix interaction of dirsync and extended_dn controls

Azure AD connect reports discovery errors:
  reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
RN: Prevent azure ad connect from reporting discovery errors:
reference-value-not-ldap-conformant

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Oct 24 11:06:58 UTC 2019 on sn-devel-184

- - - - -
05f7e9a7 by Isaac Boukris at 2019-10-25T09:21:44+00:00
libnet_join: build dnsHostName from netbios name and lp_dnsdomain()

This make the join process much more reliable, and avoids "Constraint
violation" error when the fqdn returned from getaddrinfo has already
got assigned an SPN.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
4cbad1eb by Isaac Boukris at 2019-10-25T09:21:44+00:00
libnet_join_set_machine_spn: improve style and make a bit room for indentation

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
b8e1264e by Isaac Boukris at 2019-10-25T09:21:44+00:00
libnet_join_set_machine_spn: simplify memory handling

and avoid a possible memory leak when passing null to
add_string_to_array() as mem_ctx.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
3e65f72b by Isaac Boukris at 2019-10-25T09:21:44+00:00
libnet_join_set_machine_spn: simplify adding uniq spn to array

and do not skip adding a fully qualified spn to netbios-aliases
in case a short spn already existed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
db7560ff by Isaac Boukris at 2019-10-25T09:21:44+00:00
docs-xml: add "additional dns hostnames" smb.conf option

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
2669cecc by Isaac Boukris at 2019-10-25T10:43:08+00:00
libnet_join: add SPNs for additional-dns-hostnames entries

and set msDS-AdditionalDnsHostName to the specified list.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116

Signed-off-by: Isaac Boukris <iboukris at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Oct 25 10:43:08 UTC 2019 on sn-devel-184

- - - - -
9f7a622b by Jeremy Allison at 2019-10-29T10:04:44+00:00
CVE-2019-10218 - s3: libsmb: Protect SMB1 client code from evil server returned names.

Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071

Signed-off-by: Jeremy Allison <jra at samba.org>

- - - - -
7ccc302b by Jeremy Allison at 2019-10-29T10:04:45+00:00
CVE-2019-10218 - s3: libsmb: Protect SMB2 client code from evil server returned names.

Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071

Signed-off-by: Jeremy Allison <jra at samba.org>

- - - - -
d524c7dd by Andrew Bartlett at 2019-10-29T10:04:45+00:00
CVE-2019-14833: Use utf8 characters in the unacceptable password

This shows that the "check password script" handling has a bug.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
ef582226 by Björn Baumbach at 2019-10-29T11:58:45+00:00
CVE-2019-14833 dsdb: send full password to check password script

utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.

Therefore we rename utf8_len to be clear what it does and does
not represent.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438

Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Tue Oct 29 11:58:45 UTC 2019 on sn-devel-184

- - - - -
b63069db by Ralph Boehme at 2019-10-30T13:23:42+00:00
torture: expand test "vfs.fruit.resource fork IO" to check size

Reveals a bug where the resource fork size is capped at 65454 bytes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f0c8ac47 by Ralph Boehme at 2019-10-30T13:23:42+00:00
lib/adouble: fix a long line

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
baaaf59e by Ralph Boehme at 2019-10-30T13:23:42+00:00
lib/adouble: README.Coding fix: multi-line if expression

Also remove a TAB.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9a3da6be by Ralph Boehme at 2019-10-30T13:23:42+00:00
lib/adouble: drop ad_data reallocate logic

Simply set the buffer size to AD_XATTR_MAX_HDR_SIZE. When reading the
AppleDouble file, read up to AD_XATTR_MAX_HDR_SIZE from the file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f3df83a2 by Ralph Boehme at 2019-10-30T14:52:33+00:00
lib/adouble: pass filesize to ad_unpack()

ad_unpack() needs the filesize, not the capped IO size we're using in the caller
to read up to "size" bystem from the ._ AppleDouble file.

This fixes a regression introduced by bdc257a1cbac7e8c73a084b618ba642476807483
for bug 13968.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
RN: vfs_fruit returns capped resource fork length

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Oct 30 14:52:34 UTC 2019 on sn-devel-184

- - - - -
dcf51b5a by Ralph Boehme at 2019-10-30T17:20:30+00:00
s3:smb2_server: modernize a debug statement

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
41edeff4 by Ralph Boehme at 2019-10-30T18:42:35+00:00
s3:smb2_server: add message mid to SMB2 request done log message

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Oct 30 18:42:35 UTC 2019 on sn-devel-184

- - - - -
1cfcad62 by Jeremy Allison at 2019-10-30T20:44:31+00:00
s3: libsmb: Ensure we don't call cli_RNetShareEnum() on an SMB1 connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14174

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f30b8b3a by Jeremy Allison at 2019-10-30T20:44:31+00:00
s3: utils: smbtree. Ensure we don't call cli_RNetShareEnum() on an SMB1 connection.

Last unprotected call of cli_RNetShareEnum(). Not a libsmbclient
bug here but might as well fix the last caller as part of the
fix for the bug.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14174

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d44a8429 by Jeremy Allison at 2019-10-30T20:44:31+00:00
s3: libsmb: Change generate_inode()/setup_stat() to modern coding standards.

Change setup_stat() to be void. It doesn't return anything. Export
so it can be used by upcoming smbc_readdirplus2() call.

Remove unused SMBCCTX *context parameters.
Remove unused talloc_stackframe().

Signed-off-by: Puran Chand <pchand at vmware.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
7d3b4f47 by Jeremy Allison at 2019-10-30T20:44:31+00:00
s3: libsmb: Move setting st->st_ino into setup_stat.

Signed-off-by: Puran Chand <pchand at vmware.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1f0715c0 by Jeremy Allison at 2019-10-30T20:44:31+00:00
s3: libsmb: Move setting all struct stat fields into setup_stat().

That way we only have one place where a struct stat is synthesised
for libsmbclient callers.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
e26487aa by Jeremy Allison at 2019-10-30T20:44:31+00:00
s3: libsmb: Add missing ino field to internal struct smbc_dirplus_list.

This should have been added to struct libsmb_file_info, but
this is user-visible so I don't want to change this now. Adding
it to the containing struct allows us to synthesise a struct stat
to return from smbc_readdirplus2() to return all the info from
the server to callers.

Signed-off-by: Puran Chand <pchand at vmware.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
abbbbbff by Jeremy Allison at 2019-10-30T20:44:31+00:00
s3: libsmb: Added new API smbc_readdirplus2()

Returns the same as smbc_readdirplus() but also
can return a struct stat if passed in by the caller.

struct stat is synthesized from the data
returned by the SMB server.

Signed-off-by: Puran Chand <pchand at vmware.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
a5f850a9 by Jeremy Allison at 2019-10-30T20:44:31+00:00
s4: torture Add a test for smbc_readdirplus2()

Signed-off-by: Puran Chand <pchand at vmware.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
fe773713 by Jeremy Allison at 2019-10-30T20:44:31+00:00
s4: torture: Add additional smbc_readdirplus2() tests into readdirplus_seek().

Make sure we haven't broken anything :-).

Signed-off-by: Puran Chand <pchand at vmware.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
2b060f93 by Puran Chand at 2019-10-30T22:18:15+00:00
s3:smbclient added ABI signature file

Signed-off-by: Puran Chand <pchand at vmware.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Oct 30 22:18:15 UTC 2019 on sn-devel-184

- - - - -
c2794780 by Björn Jacke at 2019-10-31T00:43:36+00:00
dynconfig/wscript: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
c93f06b1 by Björn Jacke at 2019-10-31T00:43:36+00:00
examples/VFS/skel_transparent.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
ba1887d3 by Björn Jacke at 2019-10-31T00:43:36+00:00
lib/replace/xattr.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
96c7653e by Björn Jacke at 2019-10-31T00:43:36+00:00
lib/tdb/docs/tracing.txt: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
b0deb679 by Björn Jacke at 2019-10-31T00:43:36+00:00
libgpo/gpo_filesync.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
5915a40b by Björn Jacke at 2019-10-31T00:43:36+00:00
librpc/ndr/ndr_compression.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
6e91c52b by Björn Jacke at 2019-10-31T00:43:36+00:00
python/samba/dbchecker.py: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
c259190d by Björn Jacke at 2019-10-31T00:43:37+00:00
python/samba/netcmd/gpo.py: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
08ffb938 by Björn Jacke at 2019-10-31T00:43:37+00:00
python/samba/upgradehelpers.py: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
12e71a74 by Björn Jacke at 2019-10-31T00:43:37+00:00
source3/modules/vfs_recycle.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
07b506c2 by Björn Jacke at 2019-10-31T00:43:37+00:00
source3/modules/vfs_virusfilter.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
c7ceca84 by Björn Jacke at 2019-10-31T00:43:37+00:00
source3/registry/reg_format.h: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
9f4e97a4 by Björn Jacke at 2019-10-31T00:43:37+00:00
source3/registry/reg_import.h: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
b61e3233 by Björn Jacke at 2019-10-31T00:43:37+00:00
source3/registry/reg_parse.h: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
65d0ea76 by Björn Jacke at 2019-10-31T00:43:37+00:00
source3/smbd/reply.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
616f9d04 by Björn Jacke at 2019-10-31T00:43:37+00:00
source3/utils/net_rpc.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
1ca79e64 by Björn Jacke at 2019-10-31T00:43:37+00:00
source3/winbindd/winbindd_util.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
60fcfa50 by Björn Jacke at 2019-10-31T00:43:37+00:00
source4/dsdb/schema/schema_description.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
7f41f137 by Björn Jacke at 2019-10-31T00:43:37+00:00
source4/libcli/clireadwrite.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
b4e0c0d3 by Björn Jacke at 2019-10-31T00:43:37+00:00
source4/libcli/libcli.h: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
9092120b by Björn Jacke at 2019-10-31T00:43:37+00:00
source4/rpc_server/lsa/lsa_lookup.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
e781db80 by Björn Jacke at 2019-10-31T00:43:38+00:00
source4/scripting/bin/samba_upgradeprovision: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
e6cd8884 by Björn Jacke at 2019-10-31T00:43:38+00:00
buildtools/wafsamba/samba_install.py: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
52269733 by Björn Jacke at 2019-10-31T00:43:38+00:00
buildtools/wafsamba/wscript: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
c71a1df1 by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/client/client.h: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
1b51b444 by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/common/srvid.h: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
37398acc by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/doc/ctdb-statistics.7.xml: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
93859b33 by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/doc/ctdb-tunables.7.xml: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
cb867b29 by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/doc/ctdb.1.xml: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
b9d7b85a by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/doc/readonlyrecords.txt: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
540325d3 by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/ib/ibw_ctdb.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
493705dc by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/ib/ibwrapper_test.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
9fa37484 by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/include/ctdb_private.h: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
7722bd80 by Björn Jacke at 2019-10-31T00:43:38+00:00
ctdb/server/ctdb_call.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
5d2a257c by Björn Jacke at 2019-10-31T00:43:39+00:00
ctdb/server/ctdb_client.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
f3754b64 by Björn Jacke at 2019-10-31T00:43:39+00:00
ctdb/server/ctdb_daemon.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
1e73161b by Björn Jacke at 2019-10-31T00:43:39+00:00
ctdb/utils/scsi_io/scsi_io.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
a456c2bb by Björn Jacke at 2019-10-31T00:43:39+00:00
ctdb/utils/smnotify/smnotify.c: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
81df8aa7 by Björn Jacke at 2019-10-31T00:43:39+00:00
docs-xml/Samba-Developers-Guide/unix-smb.xml: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
4b198163 by Björn Jacke at 2019-10-31T00:43:39+00:00
docs-xml/manpages/pam_winbind.8.xml: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
c714c996 by Björn Jacke at 2019-10-31T02:18:11+00:00
docs-xml/manpages/pam_winbind.conf.5.xml: typo fixes

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Thu Oct 31 02:18:12 UTC 2019 on sn-devel-184

- - - - -
0de9dad9 by Andreas Schneider at 2019-10-31T18:08:29+00:00
docs-xml: Improve krb5_ccache_type documentation

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
fe60eef9 by Andreas Schneider at 2019-10-31T19:32:55+00:00
docs-xml: Update krb5_ccache_type in pam_winbind.8

This is a copy from pam_winbind.conf.5

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14173

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Oct 31 19:32:55 UTC 2019 on sn-devel-184

- - - - -
4ae0f9ce by Andrew Bartlett at 2019-10-31T22:07:40+00:00
s4-torture: Reduce flapping in SambaToolDrsTests.test_samba_tool_replicate_local

This test often flaps in Samba 4.9 (where more tests and DCs run in the environment)
with obj_1 being 3.  This is quite OK, we just need to see some changes get
replicated, not 0 changes.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
e62c535d by Andrew Bartlett at 2019-10-31T22:07:40+00:00
CVE-2019-14847 dsdb: Demonstrate the correct interaction of ranged_results style attributes and dirsync

Incremental results are provided by a flag on the dirsync control, not
by changing the attribute name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
03205663 by Andrew Bartlett at 2019-10-31T23:29:14+00:00
CVE-2019-14847 dsdb: Correct behaviour of ranged_results when combined with dirsync

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Oct 31 23:29:15 UTC 2019 on sn-devel-184

- - - - -
176d0f03 by Andreas Schneider at 2019-11-04T12:47:30+00:00
libcli:smb: Do not use gnutls_aead_cipher_encryptv2() with GnuTLS 3.6.10

The gnutls_aead_cipher_encryptv2() implementation was released with a
bug. This wont be fixed before 3.6.11.

See https://gitlab.com/gnutls/gnutls/merge_requests/1085

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
831796b2 by Andreas Schneider at 2019-11-04T14:19:17+00:00
gitlab-ci: Run 'samba' tests also with MIT Kerberos

This runs the tests of the ktest environment.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Nov  4 14:19:17 UTC 2019 on sn-devel-184

- - - - -
a58c9331 by Jones Syue at 2019-11-04T22:48:50+00:00
s3:libads: Fix mem leak in ads_create_machine_acct

Use 'goto done' instead of 'return' to fix machine_escaped leak.

Signed-off-by: Jones Syue <jonessyue at qnap.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Nov  4 22:48:50 UTC 2019 on sn-devel-184

- - - - -
ff47cc66 by Jeremy Allison at 2019-11-05T12:36:48+00:00
s3: libsmb: Ensure return from net_share_enum_rpc() sets cli->raw_status on error.

Convert net_share_enum_rpc() to return an NTSTATUS and ensure the
status is set correctly on error so SMBC_errno() can return it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14176

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Nov  5 12:36:48 UTC 2019 on sn-devel-184

- - - - -
e62b3a05 by Martin Schwenke at 2019-11-06T01:22:30+00:00
ctdb-tcp: Check incoming queue to see if incoming connection is up

This makes it consistent with the reverse case.  Also, in_fd will soon
be removed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14175

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
d0baad25 by Martin Schwenke at 2019-11-06T01:22:30+00:00
ctdb-tcp: Avoid orphaning the TCP incoming queue

CTDB's incoming queue handling does not check whether an existing
queue exists, so can overwrite the pointer to the queue.  This used to
be harmless until commit c68b6f96f26664459187ab2fbd56767fb31767e0
changed the read callback to use a parent structure as the callback
data.  Instead of cleaning up an orphaned queue on disconnect, as
before, this will now free the new queue.

At first glance it doesn't seem possible that 2 incoming connections
from the same node could be processed before the intervening
disconnect.  However, the incoming connections and disconnect occur on
different file descriptors.  The queue can become orphaned on node A
when the following sequence occurs:

1. Node A comes up
2. Node A accepts an incoming connection from node B
3. Node B processes a timeout before noticing that outgoing the queue is writable
4. Node B tears down the outgoing connection to node A
5. Node B initiates a new connection to node A
6. Node A accepts an incoming connection from node B

Node A processes then the disconnect of the old incoming connection
from (2) but tears down the new incoming connection from (6).  This
then occurs until the originally affected node is restarted.

However, due to the number of outgoing connection attempts and
associated teardowns, this induces the same behaviour on the
corresponding incoming queue on all nodes that node A attempts to
connect to.  Therefore, other nodes become affected and need to be
restarted too.

As a result, the whole cluster probably needs to be restarted to
recover from this situation.

The problem can occur any time CTDB is started on a node.

The fix is to avoid accepting new incoming connections when a queue
for incoming connections is already present.  The connecting node will
simply retry establishing its outgoing connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14175

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
bf47bc18 by Martin Schwenke at 2019-11-06T01:22:30+00:00
ctdb-tcp: Drop tracking of file descriptor for incoming connections

This file descriptor is owned by the incoming queue.  It will be
closed when the queue is torn down.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14175
RN: Avoid communication breakdown on node reconnect

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
3b5ed000 by Martin Schwenke at 2019-11-06T01:22:30+00:00
ctdb-tests: No longer retry starting the cluster

Retrying like this hides bugs.  The cluster should come up first time,
every time.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
dd9d5ec5 by Martin Schwenke at 2019-11-06T01:22:30+00:00
ctdb-tests: Improve code quality in ctdb_init()

Improve quoting and indentation.  Print a clear error if the cluster
goes back into recovery and doesn't come back out.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
bf99f820 by Martin Schwenke at 2019-11-06T02:46:24+00:00
ctdb-tests: Make process exists test more resilient

This can fail as follows:

--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--
Running test ./tests/UNIT/tool/ctdb.process-exists.003.sh (02:26:30)
--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--
ctdb.process-exists.003      - ctdbd process with multiple connections on node 0
Setting up fake ctdbd
<10||0|
OK
<10|PID 26107 exists
|0|
OK
==================================================
Running "ctdb -d NOTICE process-exists 26107 0x1234567812345678"
PASSED
==================================================
Running "ctdb -d NOTICE process-exists 26107 0xaebbccdd12345678"
Registered SRVID 0xaebbccdd12345678
--------------------------------------------------
Output (Exit status: 1):
--------------------------------------------------
PID 26107 with SRVID 0xaebbccdd12345678 does not exist
--------------------------------------------------
Required output (Exit status: 0):
--------------------------------------------------
PID 26107 with SRVID 0xaebbccdd12345678 exists

FAILED
connection to daemon closed, exiting
==========================================================================
TEST FAILED: ./tests/UNIT/tool/ctdb.process-exists.003.sh (status 1) (duration: 0s)
==========================================================================

This happens when dummy_client has not registered the SRVID (for its
10th connection) before the 2nd simple_test.

Change the initial wait to ensure that the SRVID is registered.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Wed Nov  6 02:46:24 UTC 2019 on sn-devel-184

- - - - -
1ba0a32e by Andreas Schneider at 2019-11-06T12:12:34+00:00
bootstrap: Remove Fedora 28 which is already EOL

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
6a3b19fb by Andreas Schneider at 2019-11-06T12:12:34+00:00
bootstrap: Add Fedora 31

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

- - - - -
35bb734d by Andreas Schneider at 2019-11-06T13:35:17+00:00
bootstrap: Fix centos7 image creation

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Nov  6 13:35:17 UTC 2019 on sn-devel-184

- - - - -
4ca0fcb2 by Jeremy Allison at 2019-11-06T18:08:40+00:00
s3: smbd: SMB1 UNIX extensions - Ensure POSIX mknod is root-only.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
4b25299c by Jeremy Allison at 2019-11-06T18:08:40+00:00
3: smbd: SMB1 UNIX extensions - For POSIX mknod we can only create blk/chr/fifo/sock objects.

Fail requests to create other object types.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
d8567d46 by Jeremy Allison at 2019-11-06T18:08:40+00:00
s3: smbd: SMB1 UNIX extensions - only allow size change on regular file.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
b784aee4 by Jeremy Allison at 2019-11-06T18:08:40+00:00
s3: smbd: SMB1 UNIX extensions - POSIX mknod should just create the object, not change attributes after.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
b749c923 by Jeremy Allison at 2019-11-06T19:31:00+00:00
s3: smbd: SMB1 UNIX extensions - remove dead code.

We no longer set delete_on_fail on return from mknod.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Nov  6 19:31:00 UTC 2019 on sn-devel-184

- - - - -
54d67374 by Volker Lendecke at 2019-11-06T20:36:34+00:00
lib: Remove #define serverid_equal server_id_equal

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d6223677 by Volker Lendecke at 2019-11-06T20:36:34+00:00
dbwrap_tdb: Avoid a use of talloc_stackframe()

For really large keys (that probably don't exist), use dump_data()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
aaad4d01 by Volker Lendecke at 2019-11-06T20:36:34+00:00
g_lock: Avoid sys_random(), use generate_random()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d9bd074c by Volker Lendecke at 2019-11-06T20:36:34+00:00
net: Avoid the use of g_lock_do()

g_lock_do() does too much in g_lock.c, and it's rarely used.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9dd65d1f by Volker Lendecke at 2019-11-06T20:36:34+00:00
net: Avoid the use of g_lock_do()

g_lock_do() does too much in g_lock.c, and it's rarely used.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8febbc2b by Volker Lendecke at 2019-11-06T20:36:34+00:00
lib: Remove g_lock_do()

This puts too much logic into this lowlevel infrastructure module,
given the two minor external users.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
dd8aba30 by Volker Lendecke at 2019-11-06T20:36:34+00:00
lib: Avoid includes.h in g_lock.c

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8ec9e976 by Volker Lendecke at 2019-11-06T20:36:34+00:00
auth: Simplify session generation

We don't need to parse a text sid, we have those as binary available

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
995de9c2 by Volker Lendecke at 2019-11-06T20:36:34+00:00
ntlm_auth: Simplify session generation

We don't need to parse a text sid, we have those as binary available

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2651463e by Volker Lendecke at 2019-11-06T20:36:35+00:00
ntlm_auth: Fix nonempty line endings

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d6f952f4 by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in set_file_oplock()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c7731649 by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in set_file_oplock()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8dd7b129 by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in downgrade_oplock()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6e521461 by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in downgrade_lease()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
75962aca by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in initial_break_processing()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6018cc5a by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in process_oplock_break_message()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
56f93f21 by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in process_kernel_oplock_break()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1bbdae22 by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in contend_level2_oplocks_begin_default()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d04581bf by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in rename_open_files()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3f80b8ab by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use file_id_str_buf() in set_write_time()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
001371f4 by Volker Lendecke at 2019-11-06T20:36:35+00:00
vfs: Use file_id_str_buf() in smb_full_audit_file_id_create()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2d5aba4d by Volker Lendecke at 2019-11-06T20:36:35+00:00
smbd: Use struct initialization instead of ZERO_STRUCT()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
18cc62b9 by Volker Lendecke at 2019-11-06T21:58:52+00:00
vfs: Use file_id_str_buf() in vfs_delay_inject_brl_lock_timer()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Nov  6 21:58:52 UTC 2019 on sn-devel-184

- - - - -
dcb555c0 by Ralph Boehme at 2019-11-07T14:16:41+00:00
s3:printing: fix a long line

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13745

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
81ae199b by Ralph Boehme at 2019-11-07T14:16:41+00:00
s3: replace standard_sub_advanced with talloc_sub_advanced in one place

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13745

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
a591de28 by Ralph Boehme at 2019-11-07T14:16:41+00:00
s3: remove unused function standard_sub_advanced()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13745

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
4736623c by Ralph Boehme at 2019-11-07T14:16:41+00:00
s3: rename talloc_sub_advanced() to talloc_sub_full()

We currently have the following substitution functions:

  talloc_sub_basic()
  talloc_sub_advanced()

talloc_sub_basic() currently substitutes a subset of talloc_sub_advanced().

We'll need a function X that only substitutes what talloc_sub_advanced()
substitutes *without* what talloc_sub_basic() does.

To get there rename talloc_sub_advanced() to talloc_sub_full(). A subsequent
commit will then bring back talloc_sub_advanced() as described above.

Examples with fictional replacement letters A and B. Currently:

  talloc_sub_basic:    A
  talloc_sub_advanced: AB

New:

  talloc_sub_basic:    A
  talloc_sub_advanced:  B
  talloc_sub_full:     AB

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13745

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
41ab92b6 by Ralph Boehme at 2019-11-07T14:16:42+00:00
s3:lib: factor out talloc_sub_advanced() from talloc_sub_full()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13745

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
ede00779 by Ralph Boehme at 2019-11-07T14:16:42+00:00
s3:printing: add a DEBUG statement

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13745

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
8846887a by Ralph Boehme at 2019-11-07T16:01:21+00:00
s3:printing: Fix %J substition

print_run_command() uses lp_print_command() which internally performs basic
substition by calling talloc_sub_basic(). As a result. any of the variables in
the "basic set", including "%J" are already substituted.

To prevent the unwanted subtitution, we declare all affected configuration
options as const, which disabled the basic substition.

As a result print_run_command() can run manual substitution on all characters,
including %J, in the variadic argument list *before* calling lp_string() to run
basic substition which we had disabled before with the const.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13745

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Nov  7 16:01:21 UTC 2019 on sn-devel-184

- - - - -
f5f89b1b by Volker Lendecke at 2019-11-08T01:35:11+00:00
ctdb: Use TALLOC_FREE() in a few places

We have a macro for NULLing out the pointer

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Nov  8 01:35:11 UTC 2019 on sn-devel-184

- - - - -
8dbb8643 by Samuel Cabrero at 2019-11-08T11:01:29+00:00
dns: Extend DNS tests to check the SOA record is always returned

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
f9eaf4dc by Samuel Cabrero at 2019-11-08T12:31:29+00:00
dns: Always return SOA record for records we should know

Regression introduced by commit 4b54e14b7cf456e327b176b365e8471e0899210b,
where the number of returned records is not set by talloc_array_length
when the record is not found.

Found by DELL EMC at SDC SMB3 plugfest trying to perform a secure DNS
update.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Samuel Cabrero <scabrero at samba.org>
Autobuild-Date(master): Fri Nov  8 12:31:30 UTC 2019 on sn-devel-184

- - - - -
74533b15 by Heiko Baumann at 2019-11-10T21:03:32+00:00
Make sure backup temp directory gets deleted on exception

This fix ensures that the samba-tool backup temp directory is removed
if an exception occurs (e.g. LDAP_INVALID_CREDENTIALS).

Signed-off-by: Heiko Baumann <heibau at gmail.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
6cf443ab by Andrew Bartlett at 2019-11-10T22:27:47+00:00
s4-libcli: Remove unused header from composite/composite.c

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14170

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun Nov 10 22:27:47 UTC 2019 on sn-devel-184

- - - - -
30e8f513 by David Mulder at 2019-11-12T17:52:28+00:00
Detect when command line max protocol < min protocol

Due to the increased default minimum protocol
level to SMB2, some users notice that
specifying smbclient -m NT1 fails with
NT_STATUS_CONNECTION_DISCONNECTED, with no SMB
traffic on the wire. Report when the max protocol
is set less than the min protocol.

Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Noel Power <npower at samba.org>

Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Nov 12 17:52:28 UTC 2019 on sn-devel-184

- - - - -
eae1a45d by Jeremy Allison at 2019-11-12T20:56:34+00:00
s3: smbd: SMB2 - Ensure we use the correct session_id if encrypting an interim response.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14189

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
c133a1fd by Jeremy Allison at 2019-11-12T20:56:34+00:00
s3: smbd: smb2 cleanup - remove variable tf_len - this is a constant SMB2_TF_HDR_SIZE.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
1f5ea9d1 by Jeremy Allison at 2019-11-12T20:56:34+00:00
s3: smbd: smb2 cleanup - restructure smbd_smb2_request_pending_timer() encrypt code to look the same as smbd_smb2_request_reply().

This makes code changes in both (if needed) much easier
to spot.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
215e7f1f by Volker Lendecke at 2019-11-12T20:56:34+00:00
smbd: Use file_id_str_buf() in scavenger_schedule_disconnected()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
420cb177 by Volker Lendecke at 2019-11-12T20:56:34+00:00
smbd: Use file_id_str_buf() in scavenger_timer()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0dd11a83 by Volker Lendecke at 2019-11-12T20:56:34+00:00
smbd: Use file_id_str_buf() in file_find_dif()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b0a486fa by Volker Lendecke at 2019-11-12T20:56:34+00:00
smbd: Use file_id_str_buf() in scavenger_add_timer()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f7dc0334 by Volker Lendecke at 2019-11-12T20:56:34+00:00
smbd: Use file_id_str_buf() in linux_oplock_signal_handler()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
79291056 by Volker Lendecke at 2019-11-12T20:56:34+00:00
smbd: Use file_id_str_buf() in linux_release_kernel_oplock()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
64349ce7 by Volker Lendecke at 2019-11-12T20:56:34+00:00
torture3: Use file_id_str_buf() in print_brl()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c229c050 by Volker Lendecke at 2019-11-12T20:56:35+00:00
lib: Remove unused file_id_string_tos()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0d246a15 by Volker Lendecke at 2019-11-12T20:56:35+00:00
smbd: Use file_id_str_buf() in share_mode_memcache_store()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6fe211c8 by Volker Lendecke at 2019-11-12T20:56:35+00:00
smbd: Use file_id_str_buf() in share_mode_memcache_fetch()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fea35840 by Volker Lendecke at 2019-11-12T20:56:35+00:00
smbd: Use file_id_str_buf() in share_mode_cleanup_disconnected()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a0aaf5c3 by Volker Lendecke at 2019-11-12T22:18:39+00:00
lib: Remove unused file_id_string()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Nov 12 22:18:40 UTC 2019 on sn-devel-184

- - - - -
3fea05e0 by Volker Lendecke at 2019-11-13T00:20:55+00:00
smbd: Remove write cache

Since this was written, our write path has changed significantly. In
particular we have gained very flexible support for async I/O, with the
linux io_uring in the pipeline. Caching stuff in main memory and then
doing a blocking pwrite nowadays does not belong into the core smbd
code. If someone wants it back, it should be doable in a VFS module.

Removes: "write cache size" parameter.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Nov 13 00:20:55 UTC 2019 on sn-devel-184

- - - - -
8a627b5d by Douglas Bagnall at 2019-11-13T00:32:36+00:00
librpc: Fix typo in "quota" name in IDL

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
666dbc61 by Andrew Bartlett at 2019-11-13T00:32:36+00:00
librpc: Match interface name and file name for winsrepl.idl

This helps generate fuzzers for this IDL.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
a106ceb7 by Andrew Bartlett at 2019-11-13T00:32:36+00:00
librpc: Match interface name and file name for bkupblobs.idl

This helps generate fuzzers for this IDL.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
dfbb3049 by Douglas Bagnall at 2019-11-13T00:32:36+00:00
ndrdump: add --stop-on-parse-failure

If a data stream fails to parse as an NDR object, the default ndrdump
action is to try to print those structures anyway, resulting perhaps in
a NULL dereference. Sometimes you don't want to see that because it isn't
very interesting and makes it harder to distinguish a crash in the parse
routines. So --stop-on-parse-failure will skip the print and validate
stages altogether if the parse failed.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet at samba.org>

- - - - -
88373c47 by Andrew Bartlett at 2019-11-13T00:32:36+00:00
selftest: Add expected-output tests for the ndrdump struct mode

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
88c8cd7a by Andrew Bartlett at 2019-11-13T00:32:36+00:00
librpc: Do not place the ndr_table for windows_event_ids.idl in the global list

This is just a list of event IDs, there are no structures to parse.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
e45e3426 by Andrew Bartlett at 2019-11-13T00:32:36+00:00
librpc: Do not include the ndr_table for libnet_join.idl and libnetapi.idl in the global list

These are not wire protocols, there are no structures to parse.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
5e0442ef by Andrew Bartlett at 2019-11-13T00:32:36+00:00
build: Allow warning on compile of libnetapi PIDL

This not-protocol only uses the print functions, but this means some other functions
are now unused, and as this is a special case it is better to just allow warnings
here.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
dddef1b8 by Andrew Bartlett at 2019-11-13T00:32:36+00:00
pidl: Allow the compilation of the ndr_table to be skiped

libnetapi.idl defines a large number of functions a nopull,nopush and
no replacement is provided.

This will allow the ndr_table to be generated for all other IDL files
that may have public structures that could usefully be dumped by
ndrdump.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
dd8dfa16 by Andrew Bartlett at 2019-11-13T00:32:37+00:00
s3-build: Skip building the ndr_table at the tail of ndr_libnetapi.c

This is not a real protocol and all the functions are set to nopull,nopush
but do not supply replacement functions.

This is the best was I could find to skip compiling the table as otherwise
it would point to undefined functions.

This does not happen until we generate the ndr_table for idl files without
a UUID, but we will shortly do that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
1b6ae21f by Andrew Bartlett at 2019-11-13T00:32:37+00:00
build: Prepare for pidl to generate ndr_table entries for more IDL

These IDL files will soon create ndr_table entries so need to be
linked into the ndr-table subsystem.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
7299b9ba by Andrew Bartlett at 2019-11-13T00:32:37+00:00
librpc: Allow registration of ndr tables with a zero UUID

This helps ndrdump find public structures to dump

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
1bd1ae05 by Andrew Bartlett at 2019-11-13T00:32:37+00:00
pidl: Generate the trailing ndr_table even if the UUID is not set

This allows ndrdump to dump many more public structures because most
of these are not in files with a UUID as they are not RPC protocols.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
78521577 by Andrew Bartlett at 2019-11-13T00:32:37+00:00
pidl: Generate compatability wrappers for ndr_print functions

This creates wrappers that are compatible with the functions called by
ndrdump which have an extra "int flags" parameter for NDR_IN and
NDR_OUT.  This will make ndrdump of public structures work again.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
3b9e983b by Andrew Bartlett at 2019-11-13T00:32:37+00:00
ndrdump: Fix new "struct" feature

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
01bb7cff by Andrew Bartlett at 2019-11-13T01:55:33+00:00
ndrdump: check bounds when passed functions/structs by integer

The function or struct number should be >= 0 ans the underlying
number it is compared to is uint32_t.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Wed Nov 13 01:55:33 UTC 2019 on sn-devel-184

- - - - -
dc578805 by Andrew Bartlett at 2019-11-13T08:42:30+00:00
build: Only link against libcrypt where needed

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
92ce387e by Andrew Bartlett at 2019-11-13T08:42:30+00:00
build: Remove workaround for missing os.path.relpath in Python < 2.6

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
dc5db1e8 by Andrew Bartlett at 2019-11-13T08:42:30+00:00
heimdal_build: Recurse to bld.SAMBA_BINARY()

This reduces a little of the duplication added when it was thought
that having a distinct waf wrapper on heimdal might allow this to be
ported upstream.

It will also streamline building a dedicated fuzzing mode in Samba.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
86e418f9 by Andrew Bartlett at 2019-11-13T10:29:00+00:00
build: Refuse to build if ADDITIONAL_LDFLAGS or ADDITIONAL_CFLAGS do not work

This avoids these being silently ignored.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Nov 13 10:29:00 UTC 2019 on sn-devel-184

- - - - -
81620502 by Amitay Isaacs at 2019-11-13T13:31:10+00:00
ctdb-ib: Fix build errors for infiniband transport

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Wed Nov 13 13:31:10 UTC 2019 on sn-devel-184

- - - - -
63f8d773 by Christof Schmitt at 2019-11-13T17:49:38+00:00
bootstrap: Remove nettle-devel from package list

nettle is required as dependency for newer gnutls libraries. The gnutls
development package already depends on the nettle development package,
no need to explicitly list it.

Signed-off-by: Christof Schmit <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
be2d90b6 by Christof Schmitt at 2019-11-13T17:49:38+00:00
wscript: Fix build with system heimdal

Ubuntu has heimdal include files in /usr/include/heimdal. As the
kerberos include files are pulled into many files through indirect
includes, add the discovered include paths to EXTRA_INCLUDES to
always have them available.

Also set USING_SYSTEM_KRB5 when enabling the system heimdal build,
to correctly handle the inclusion of the krb5-types.h file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
15ddd95d by Isaac Boukris at 2019-11-13T17:49:38+00:00
selftest: system-heimdal: workaround upstream "host" canon bug

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
1aef796e by Christof Schmitt at 2019-11-13T17:49:38+00:00
krb5_plugin: Use C99 initializer

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
85d23236 by Christof Schmitt at 2019-11-13T17:49:38+00:00
krb5_plugin: Fix developer build with newer heimdal system library

Newer heimdal versions provide a different locator plugin interface. The
function pointer for the old method has been renamed. Use an ifdef to
initialize the correct pointer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
7965a204 by Christof Schmitt at 2019-11-13T17:49:38+00:00
autobuild: Add test for build with system heimdal library

The configure option --with-system-heimdalkrb5 requires --without-ad-dc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2efc243f by Christof Schmitt at 2019-11-13T17:49:38+00:00
bootstrap: Add heimdal-multidev for Debian and Ubuntu

This is required for testing the build with the
configure option --with-system-heimdalkrb5.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5343cec5 by Christof Schmitt at 2019-11-13T19:14:25+00:00
gitlab-ci: Run samba-fileserver-heimdalkrb5

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Wed Nov 13 19:14:25 UTC 2019 on sn-devel-184

- - - - -
231397f4 by Volker Lendecke at 2019-11-13T21:41:09+00:00
smbd: Make share_mode_do_locked() pass TDB_DATA instead of a record

No callback used (and should not use) the record directly, this is all
handled within share_mode_lock.c

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Nov 13 21:41:09 UTC 2019 on sn-devel-184

- - - - -
a6d99d9e by Volker Lendecke at 2019-11-14T02:20:46+00:00
ctdb-tcp: Close inflight connecting TCP sockets after fork

Commit c68b6f96f26 changed the talloc hierarchy such that outgoing TCP sockets
while sitting in the async connect() syscall are not freed via
ctdb_tcp_shutdown() anymore, they are hanging off a longer-running structure.
Free this structure as well.

If an outgoing TCP socket leaks into a long-running child process (possibly the
recovery daemon), this connection will never be closed as seen by the
destination node. Because with recent changes incoming connections will not be
accepted as long as any incoming connection is alive, with that socket leak
into the recovery daemon we will never again be able to successfully connect to
the node that is affected by this leak. Further attempts to connect will be
discarded by the destination as long as the recovery daemon keeps this socket
alive.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14175
RN: Avoid communication breakdown on node reconnect

Signed-off-by: Martin Schwenke <martin at meltin.net>
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
53f8492c by Martin Schwenke at 2019-11-14T02:20:46+00:00
ctdb-daemon: Rename ctdb_node private_data to transport_data

This gives a casual reader a useful clue.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
750f3938 by Martin Schwenke at 2019-11-14T02:20:46+00:00
ctdb-daemon: Rename ctdb_context private_data to transport_data

This gives a casual reader a useful clue.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
e45feaf2 by Martin Schwenke at 2019-11-14T03:45:44+00:00
ctdb-tcp: Simplify freeing of transport data on shutdown

The type-checking is superfluous and gets in the way of readability.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Thu Nov 14 03:45:44 UTC 2019 on sn-devel-184

- - - - -
83b1c21d by Andrew Bartlett at 2019-11-14T08:01:43+00:00
librpc: Do not return an NDR table for a zero GUID

The source3 RPC server will do a lookup by GUID and should
not be returned a table for a zero GUID.

Thankfully such a pipe would also need to have been registered
but regardless this is not a determinsitic result so should
be avoided.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
045b9eb3 by Andreas Schneider at 2019-11-14T08:01:43+00:00
libcli:auth: Return NTSTATUS for SMBOWFencrypt_ntv2()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
09148246 by Andreas Schneider at 2019-11-14T08:01:43+00:00
libcli:auth: Check return codes of SMBsesskeygen_ntv2()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
dc75a5f2 by Andreas Schneider at 2019-11-14T08:01:43+00:00
libcli:auth: Return NTSTATUS for SMBOWFencrypt_ntv2()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3db2ca2d by Andreas Schneider at 2019-11-14T08:01:43+00:00
libcli:auth: Check return code of SMBOWFencrypt_ntv2()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
afb5cb66 by Andreas Schneider at 2019-11-14T08:01:44+00:00
s4:rpc_server: Remove gnutls_global_(de)init()

This is done by the gnutls library constructor/destructor.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0e159b72 by Andreas Schneider at 2019-11-14T08:01:44+00:00
s4:lib: Remove gnutls_global_(de)init() from libtls

This is handled by the gnutls library constructor/destructor.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fbfb11b0 by Andreas Schneider at 2019-11-14T08:01:44+00:00
s4:torture: Remove calls to gnutls_global_(de)init() in backupkey test

This is handled by the gnutls library constructor/destructor.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2c21cd6d by Andreas Schneider at 2019-11-14T08:01:44+00:00
libcli:auth: Check return value of netlogon_creds_init_128bit()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e4ae1ba4 by Andreas Schneider at 2019-11-14T08:01:44+00:00
libcli:auth: Check return status of netlogon_creds_init_64bit()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0ed92e3e by Andreas Schneider at 2019-11-14T08:01:44+00:00
libcli:auth: Check return status of netlogon_creds_first_step()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
7c7dc855 by Andreas Schneider at 2019-11-14T08:01:44+00:00
libcli:auth: Return NTSTATUS for netlogon_creds_client_authenticator()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
d3fffca5 by Andreas Schneider at 2019-11-14T08:01:44+00:00
auth:pycreds: Check return code of netlogon_creds_client_authenticator()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
09068489 by Andreas Schneider at 2019-11-14T08:01:44+00:00
libcli:auth: Check return code of netlogon_creds_client_authenticator()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a64a5b7e by Andreas Schneider at 2019-11-14T08:01:44+00:00
s4:librpc: Check return code of netlogon_creds_client_authenticator()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
05f59cbc by Andreas Schneider at 2019-11-14T08:01:44+00:00
libcli:auth: Check return code of netlogon_creds_step()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
32e75bb4 by Andreas Schneider at 2019-11-14T08:01:44+00:00
libcli:auth: Check return code of netlogon_creds_step_crypt()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0361a26e by Andrew Bartlett at 2019-11-14T09:25:36+00:00
libcli:auth Check return code of netlogon_creds_aes_encrypt()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Nov 14 09:25:36 UTC 2019 on sn-devel-184

- - - - -
29948d7b by Amitay Isaacs at 2019-11-14T10:38:34+00:00
ctdb-common: Generate usage message from cmdline_parse()

If any of the option parsing or command parsing fails, generate usage
message.

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
b2b24c91 by Amitay Isaacs at 2019-11-14T10:38:34+00:00
ctdb-common: Add section to group commands in cmdline

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
7a008c6b by Amitay Isaacs at 2019-11-14T10:38:34+00:00
ctdb-tests: Update cmdline tests for section name

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
977a6f7f by Amitay Isaacs at 2019-11-14T10:38:34+00:00
ctdb-common: Change cmdline implementation to support multiple sections

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
e469d6c1 by Amitay Isaacs at 2019-11-14T10:38:34+00:00
ctdb-common: Add api to add new section/commands to cmdline

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

- - - - -
963a6391 by Amitay Isaacs at 2019-11-14T12:03:46+00:00
ctdb-tests: Add tests for cmdline_add() api

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Thu Nov 14 12:03:46 UTC 2019 on sn-devel-184

- - - - -
220cf677 by Douglas Bagnall at 2019-11-14T16:12:40+00:00
s4/rpc/dcerpc_connect: no crash on NULL dest_host

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>

- - - - -
4dd725b1 by Douglas Bagnall at 2019-11-14T16:12:40+00:00
pytests: rpc echo should not segfault

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>

- - - - -
272e20ad by Douglas Bagnall at 2019-11-14T16:12:40+00:00
pytests/segfaults: dcerpc ref elements segfault

These are just a couple of examples.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>

- - - - -
7e19779b by Douglas Bagnall at 2019-11-14T16:12:40+00:00
pytests/segfault: pidl inline arrays

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>

- - - - -
1261894e by Douglas Bagnall at 2019-11-14T16:12:40+00:00
pidl/python: allocate objects with ref pointers

Struct members that are marked as ref pointers need to have an object
allocated for them.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Noel Power <npower at samba.org>

- - - - -
f38077ea by Andrew Bartlett at 2019-11-14T17:36:49+00:00
pidl: Handle obtaining objects from a fixed-size array

Previously we would assume the array head was the talloc context
however this is not the case if the array is a fixed size inline array
within the parent struct.

In that case the overall object's talloc context is the correct
context to reference.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Noel Power <npower at samba.org>

Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Thu Nov 14 17:36:49 UTC 2019 on sn-devel-184

- - - - -
5852bb96 by Volker Lendecke at 2019-11-14T22:26:30+00:00
vfs: Use direct struct assignment in store_acl_blob_fsp()

2 lines less code

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0c2a706a by Volker Lendecke at 2019-11-14T22:26:30+00:00
vfs: Use dbwrap_store() in store_acl_blob_fsp()

Use the wrapper function that's already available for exactly this
purpose.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b1143a0c by Volker Lendecke at 2019-11-14T22:26:30+00:00
vfs: Use dbwrap_delete() in acl_tdb_delete()

Use the wrapper function that's already available for exactly this
purpose.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
43201969 by Volker Lendecke at 2019-11-14T22:26:30+00:00
lib: Fix an error path memleak in schannel_get_creds_state()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8e8313b2 by Andreas Schneider at 2019-11-14T23:50:06+00:00
third_party: Update nss_wrapper to version 1.1.7

This adds missing support for Address Sanitzer.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Nov 14 23:50:06 UTC 2019 on sn-devel-184

- - - - -
55b2cb47 by Björn Baumbach at 2019-11-15T17:21:32+00:00
s3-build: add missing gnutls dependency

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
5e63e54f by Andrew Bartlett at 2019-11-15T17:21:32+00:00
lib/util: change file_save_mode() to use O_EXCL

Almost all the callers are debug tools or developer debugging aids
and these callers clearly expect to create a new file.

Unchanged in behaviour is:
 - TLS certificate creation.  This already confirms the files do no exist
   prior to generation.

These will now no longer overwrite the given filename
 - net ads pac save
 - net eventlog export

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
f1fa0d3b by Andrew Bartlett at 2019-11-15T18:48:27+00:00
librpc: Use the fact that file_save() now uses O_EXCL in dcerpc_log_packet()

This avoids a race with file_exist() and demostrates a better
way to use this function.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Nov 15 18:48:27 UTC 2019 on sn-devel-184

- - - - -
2bb642d9 by Douglas Bagnall at 2019-11-17T22:28:41+00:00
ndrdump: correctly find the public strict by number

We were finding a function that happened to have the same ordinal
number.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b3bdb17a by Andrew Bartlett at 2019-11-17T22:28:41+00:00
selftest: Test fix for ndrdump of structures by number

This requires that misc.GUID not move in the IDL, so a comment is added.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
816869ec by Andrew Bartlett at 2019-11-17T22:28:41+00:00
ndrdump: Use human-readable strings for NDR decode errors

These make much more sense than the NTSTATUS values they can be forced
to map to.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
e856877e by Douglas Bagnall at 2019-11-17T23:54:11+00:00
ndrdump: avoid use after free

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Sun Nov 17 23:54:11 UTC 2019 on sn-devel-184

- - - - -
3e2eafeb by Uri Simchoni at 2019-11-18T10:11:41+00:00
talloc: Release talloc 2.3.1

* Upgrade waf to 2.0.18 to fix a cross-compilation issue

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13846

Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
28e4ac0e by Uri Simchoni at 2019-11-18T10:11:41+00:00
tdb: Release tdb 1.4.3

* Upgrade waf to version 2.0.18 to fix a cross-compilation issue.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13846

Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4aea5c09 by Uri Simchoni at 2019-11-18T11:44:08+00:00
tevent: Release tevent 0.10.2

* Upgrade waf to version 2.0.18 to fix a cross-compilation issue

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13846

Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Uri Simchoni <uri at samba.org>
Autobuild-Date(master): Mon Nov 18 11:44:08 UTC 2019 on sn-devel-184

- - - - -
43bc0b2c by Andrew Bartlett at 2019-11-18T19:39:30+00:00
lib/fuzzing: Avoid NULL pointer de-ref from 0-length input

fmemopen() does not like 0-length input.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d6fbfb27 by Andrew Bartlett at 2019-11-18T21:02:52+00:00
lib/fuzzing: Free memory after successful load in fuzz_tiniparser

Otherwise we have a memory leak and so fail the Google oss-fuzz check_build test.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Nov 18 21:02:52 UTC 2019 on sn-devel-184

- - - - -
93b9fc3d by Amitay Isaacs at 2019-11-19T04:47:47+00:00
build: add missing crypt dependency for auth4_unix

Commit dc5788056bc removed crypt library from replace.  This breaks the
build on fedora 30 ppc64.

  [2439/3956] Linking bin/default/source4/auth/ntlm/libauth4-samba4.so
  /usr/bin/ld: source4/auth/ntlm/auth_unix.c.5.o: in function `password_check':
  auth_unix.c:(.text+0x7e0): undefined reference to `crypt'

crypt library is required to build ntlm auth_unix.c.

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Nov 19 04:47:47 UTC 2019 on sn-devel-184

- - - - -
a377214d by Andreas Schneider at 2019-11-19T04:48:29+00:00
s3:rpc_server: Replace E_md5hash() with GnuTLS calls

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
10499507 by Andreas Schneider at 2019-11-19T04:48:29+00:00
s3:winbindd: Replace E_md5hash() with GnuTLS calls

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4199d104 by Andreas Schneider at 2019-11-19T04:48:29+00:00
s3:winbind: Replace E_md5hash() with GnuTLS calls

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e19b115d by Andreas Schneider at 2019-11-19T04:48:29+00:00
libcli:auth: Remove unused E_md5hash()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
71816984 by Andreas Schneider at 2019-11-19T04:48:29+00:00
s4:lib:tls: Fix cert and privkey types

../../source4/lib/tls/tlscert.c:42:2: warning: ‘gnutls_x509_crt’ is
    deprecated [-Wdeprecated-declarations]
   42 |  gnutls_x509_crt cacrt, crt;
      |  ^~~~~~~~~~~~~~~
../../source4/lib/tls/tlscert.c:43:2: warning: ‘gnutls_x509_privkey’ is
    deprecated [-Wdeprecated-declarations]
   43 |  gnutls_x509_privkey key, cakey;
      |  ^~~~~~~~~~~~~~~~~~~

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
c34ec003 by Robert Scott at 2019-11-19T06:12:29+00:00
utils: only compile test_oLschema2ldif if fmemopen exists

in the vein of da87fa998ab71328f30bcdf5b41aee8675aee48a

Signed-off-by: Robert Scott <code at humanleg.org.uk>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Nov 19 06:12:29 UTC 2019 on sn-devel-184

- - - - -
183da1f9 by Andrew Bartlett at 2019-11-19T13:21:29+00:00
witness.idl: Change array type in IDL for the print function

It is important that the generated print function checks r->messages
before de-referencing r->messages[num] as r->num can be non-zero
while r->messages is NULL.

There is not witness server in Samba and print functions are only
used during debugging and ndrdump in any case.

The change in the IDL does not change the header and the IDL
function is already nopull,nopush so only the print function changes.

Found by Douglas Bagnall using Honggfuzz and a new fuzzer for
Samba's NDR layer.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
42ac80fb by Andrew Bartlett at 2019-11-19T14:47:46+00:00
ndr: Include the caller location in ndr_{pull,push}_error() messages

This should aid in debugging NDR parse failures.

Use the ABI bump to again exclude ndr_table_misc incorrectly
added in ABI 0.2.1.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Nov 19 14:47:46 UTC 2019 on sn-devel-184

- - - - -
41b40f0e by Isaac Boukris at 2019-11-19T14:48:41+00:00
selftest/remote_pac: remove test_PACVerify_workstation_des

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
13655e59 by Isaac Boukris at 2019-11-19T14:48:41+00:00
selftest: exclude msDS-SupportedEncryptionType in ldapcmp

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Pair-Programmed-With: Alexander Bokovoy <ab at samba.org>

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
ad9016d5 by Isaac Boukris at 2019-11-19T14:48:41+00:00
kerberos: remove single DES enctypes from ENC_ALL_TYPES

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e8015d8a by Isaac Boukris at 2019-11-19T14:48:41+00:00
kdc/db-glue: do not fetch single DES keys from db

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
982aa328 by Isaac Boukris at 2019-11-19T14:48:41+00:00
password_hash: do not generate single DES keys

Per RFC-6649 single DES enctypes should not be used.

MIT has retired single DES encryption types, see:
https://web.mit.edu/kerberos/krb5-1.12/doc/admin/advanced/retiring-des.html

As a workaround, store random keys instead, making the usage of signle DES
encryption types virtually impossible.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
80f1901d by Isaac Boukris at 2019-11-19T14:48:41+00:00
kerberos_keytab: do not add single DES keys to keytab

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
88bf0c57 by Isaac Boukris at 2019-11-19T14:48:41+00:00
machine_account_secrets: do not generate single DES keys

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
151f8c0f by Isaac Boukris at 2019-11-19T14:48:41+00:00
selftest: mitm-s4u2self: use zlib for CRC32_checksum calc

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a53fa8ff by Isaac Boukris at 2019-11-19T14:48:41+00:00
selftest: allow any kdc error in mitm-s4u2self test

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
389d1b97 by Isaac Boukris at 2019-11-19T14:48:41+00:00
heimdal: do not compile weak crypto

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
d2b5aa16 by Isaac Boukris at 2019-11-19T16:12:39+00:00
whatsnew: announce removal of DES encryption type in Kerberos

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Tue Nov 19 16:12:39 UTC 2019 on sn-devel-184

- - - - -
51f16ec5 by Volker Lendecke at 2019-11-19T16:13:36+00:00
librpc: Fix CID 1455913 Use after free

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
b9e74928 by Volker Lendecke at 2019-11-19T16:13:36+00:00
winbind: Fix CID 1455915 Resource leak

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
55b0011a by Volker Lendecke at 2019-11-19T16:13:36+00:00
smbd: Fix CID 1455912 Logically dead code

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
b68b7d51 by Volker Lendecke at 2019-11-19T17:37:42+00:00
vfs: Fix CID 1455914 Unused value

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Nov 19 17:37:42 UTC 2019 on sn-devel-184

- - - - -
586ffd5b by Christof Schmitt at 2019-11-19T21:19:36+00:00
gpfswrap: Add wrappers for gpfs_fstat_x and gpfs_stat_x

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
2c3436f0 by Christof Schmitt at 2019-11-19T21:19:36+00:00
vfs_gpfs: Use gpfs_stat_x in vfs_gpfs_get_dos_attributes

This is no functional change, but allows to use additional metadata
later on.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
ba5d4803 by Christof Schmitt at 2019-11-19T21:19:36+00:00
vfs_gpfs: Use gpfs_fstat_x in vfs_gpfs_fget_dos_attributes

This is no functional change, but allows to use additional metadata
later on.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
f2339fe0 by Christof Schmitt at 2019-11-19T21:19:36+00:00
vfs_gpfs: Create fileid from filesystem metadata

MacOS SMB clients require that file ids are not quickly reused when
files are deleted and new files are created with the same name. Inode
numbers do not satisfy that requirement, as they will be quickly reused.

To address this problem, create a unique id from the available file
system specific metadata. As that id is larger than the available 64bit,
use a hash to generate a 64bit id for usage as fileid.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
7ae46019 by Christof Schmitt at 2019-11-19T22:44:53+00:00
vfs_gpfs: Use update_stat_ex_create_time

Make the code a bit easier to read by avoiding direct access to the
statex struct.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Tue Nov 19 22:44:53 UTC 2019 on sn-devel-184

- - - - -
1af1ebe5 by Andrew Bartlett at 2019-11-20T02:14:56+00:00
librpc: Unify packet dumping on ndr_pull() failure

There were two duplicate implementations of packet dumping just for the s4 RPC server!

This unifies them and makes them easier to find because they are not triggered
from the generated server stub any more.

The behaviour have unified on setting "dcesrv:stubs directory" and
being compiled with --enable-developer.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Nov 20 02:14:56 UTC 2019 on sn-devel-184

- - - - -
db6c12f1 by Andrew Bartlett at 2019-11-20T04:41:27+00:00
ndrdump: Fix one more NTSTATUS rather than friendly ndr message

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
8a6f1de6 by Andrew Bartlett at 2019-11-20T04:41:27+00:00
ndrdump: print structure name when failing to setup

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
c90bc75d by Andrew Bartlett at 2019-11-20T04:41:27+00:00
ndrdump: TALLOC_FREE() on each exit path to allow running with leak detection

This allows us to learn if there are other memory leaks not on the mem_ctx
during the processing of the packet.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
3194baaf by Andrew Bartlett at 2019-11-20T04:41:27+00:00
ndrdump: Add const

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
d4eabfb7 by Andrew Bartlett at 2019-11-20T04:41:28+00:00
ndrdump: Check for input decode failures

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
6f0d30fd by Andrew Bartlett at 2019-11-20T04:41:28+00:00
ndrdump: Allow for base64-encoded input in a file and on the command line

It has become customary to provide reproduction steps for fuzzing failures
in terms of an ndrdump command line.  This allows the input to be provided
as a argument or in a file rather than via base64 -d.  This makes reproducing
the issue easier as everything can be put in a plaintext bug report.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
c83ad13e by Andrew Bartlett at 2019-11-20T04:41:28+00:00
ndrdump: Return a different error code for ndr_pull() failures

This may assist in distinguishing between "runner" and "pull" failures.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
0491f172 by Andrew Bartlett at 2019-11-20T04:41:28+00:00
ndrdump: Invert sense of --stop-on-parse-failure into --print-after-parse-failure

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
2da54d11 by Andrew Bartlett at 2019-11-20T04:41:28+00:00
ndrdump: Still print --dump bytes after parse failure

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
24fa3374 by Andrew Bartlett at 2019-11-20T04:41:28+00:00
python: Return the stdout when also checking error codes

This will aid in checking that ndrdump behaves as expected when
failing to parse

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
b1eda993 by Andrew Bartlett at 2019-11-20T04:41:28+00:00
selftest: Confirm that --base64-input and --input work and a PIDL bug is fixed.

The PIDL bug is in the handling of arrays of arrays.

Test input provided by Michael Hanselmann and found using Hongfuzz.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13875

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
536a8493 by Douglas Bagnall at 2019-11-20T04:41:28+00:00
ndr_orpc: properly allocate empty DUALSTRINGARRAY

When there is no data we still need to allocate for the terminating NULL.

Found by Michael Hanselmann using Honggfuzz and an fuzzer for Samba's
NDR layer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13875

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
1aec7425 by Douglas Bagnall at 2019-11-20T04:41:28+00:00
pidl: check the size of pulled arrays of arrays

We were accidentally checking the memory just past the array instead of
checking each member.

This could have led to the size of some arrays not being checked.

Found by Michael Hanselmann using Honggfuzz and an fuzzer for Samba's
NDR layer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13877

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
ac1be895 by Andrew Bartlett at 2019-11-20T04:41:28+00:00
selftest: Confirm that NDR bugs are fixed in DCOM code

Test input provided by Michael Hanselmann and found using Hongfuzz.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13875
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
33e9021c by Andrew Bartlett at 2019-11-20T04:41:28+00:00
selftest: Test repushing an ntlmssp AUTHENTICATE_MESSAGE

This demonstrates a bug found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer where the value() evaluatuion could segfault if it was made to follow a NULL
pointer.

This also demonstrates that the --base64 mode works on file inputs.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
f7f92803 by Andrew Bartlett at 2019-11-20T06:06:29+00:00
librpc: Check for NULL pointer in value() in ntlmssp_AUTHENTICATE

This allows ndrdump --validate to avoid following a NULL pointer when re-pushing
a valid but unusual input.

It also avoids an issue if the Samba server code were to provide a response
without an EncryptedRandomSessionKey.

At this stage ntlmssp.idl is not used for this, instead the packets are
generated with msrpc_gen().

Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Nov 20 06:06:29 UTC 2019 on sn-devel-184

- - - - -
e7cab18c by Volker Lendecke at 2019-11-20T15:23:10+00:00
vfs: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Nov 20 15:23:10 UTC 2019 on sn-devel-184

- - - - -
9e51bb77 by Andreas Schneider at 2019-11-20T22:29:35+00:00
s4:rpc_server: Return the status code from dcesrv_transport_session_key()

Normally this returns the right status code, which normally is:

   NT_STATUS_NO_USER_SESSION_KEY

This is consitent with the source3 samr server implmentation.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>

Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Wed Nov 20 22:29:35 UTC 2019 on sn-devel-184

- - - - -
cb240510 by Douglas Bagnall at 2019-11-20T23:19:35+00:00
build: Set fuzzer=True on fuzzer binaries

This ensures that the binaries are the only binaries built
when configured for fuzzing.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
92ee6478 by Andrew Bartlett at 2019-11-20T23:19:35+00:00
lib/fuzzing: Use --fuzz-target-ldflags if specified

This makes integration with oss-fuzz possible.  Only the fuzzer binaries should be
linked with libFuzzer, not things like asn1_compile, so this can not be done via
the global ADDITIONAL_LDFLAGS.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
f57c0238 by Andrew Bartlett at 2019-11-20T23:19:35+00:00
lib/fuzzing/oss-fuzz: Add build_samba.sh for oss-fuzz

We work hard to put the primary logic for oss-fuzz here, and
where possible into waf, so that only a tiny stub needs to
be maintained in the Google oss-fuzz repo.

This will be called by build.sh (not copied directly because
it is too easy to forget to copy in an updated version when
doing development in the docker image).

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
ec4f6f8f by Andrew Bartlett at 2019-11-20T23:19:35+00:00
lib/fuzzing/oss-fuzz: add stub build.sh that will not change often

This makes local development of build_samba.sh easier as it will remain in the source tree.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
fbb2377d by Douglas Bagnall at 2019-11-20T23:19:35+00:00
lib/fuzzing/oss-fuzz: Add build_image.sh using Samba's bootstrap tools

Google's oss-fuzz environment is Ubuntu 16.04 based so we can
just use the maintained bootstrap system rather than a manual
package list here that will get out of date.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Uri Simchoni <uri at samba.org>
Pair-programmed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4946811e by Andrew Bartlett at 2019-11-20T23:19:35+00:00
lib/fuzzing/oss-fuzz: Install chrpath as we use it in the build.sh script to set -rpath

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
cc128c78 by Andrew Bartlett at 2019-11-20T23:19:36+00:00
lib/fuzzing/oss-fuzz: copy required libraries to the build target

This is an alternative to static linking as we do not have static source
libraries for all the things we depend on.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Uri Simchoni <uri at samba.org>

- - - - -
f8947538 by Andrew Bartlett at 2019-11-21T00:45:33+00:00
lib/fuzzing: Add oss-fuzz info to README.md

Note that Samba has not been accepted yet, but will be soon once some requirements
are addressed per:

https://github.com/google/oss-fuzz/pull/2993

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Uri Simchoni <uri at samba.org>

Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Nov 21 00:45:33 UTC 2019 on sn-devel-184

- - - - -
6107c79c by Andrew Bartlett at 2019-11-22T11:48:59+00:00
build: Do not build selftest binaries for builds without --enable-selftest

Add new for_selftest option to SAMBA_BINARY() and SAMBA3_BINARY()

This allows us to be much more consistent (at least in the core Samba)
and documents clearly why the binary should not be installed.

Not modified are
 - test_lp_load
 - notifyd-tests
 - gendrandperf
 - test* from examples/libsmbclient
 - dbwrap_torture
 - split_tokens
 - locktest2
 - msgtest
 - msg_sink
 - msg_source
 - versiontest
 - rpc_open_tcp
 - test_headers

As these are not tested in selftest so any change would also be
untested.  Of course they probably should be added in a different
MR.

Also not modified (because they are not tests, nor part of the
build system) are:
 - smb2mount
 - notifydd
 - log2pacp
 - debug2html
 - smbfilter
 - destroy_netlogon_creds_cli
 - spotlight2*
 - tevent_glib_tracker

These do however appear to be untested.

For now, the source4 forked client tools are left unchanged:
 - smbclient4
 - nmblookup4

Finally, the heimdal binaries are left as install=False as
they are either part of the build system or end-user tools
that we just don't want to install.  These are however tested.

The motivation is commit like c34ec003b7d45aa4196ff93a0ac29694b25e5309
and da87fa998ab71328f30bcdf5b41aee8675aee48a, which are both totally
correct but are not needed if the selftest is not run on MacOS.

There are likely other platforms or build environments where building
our test binaries is more pain than valuable, see for example also
https://lists.samba.org/archive/samba/2019-November/227137.html

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>

Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Fri Nov 22 11:48:59 UTC 2019 on sn-devel-184

- - - - -
e7f0e858 by Andreas Schneider at 2019-11-22T19:54:55+00:00
s3:printing: Use httpConnect2 from CUPS

This fixes deprecation warnings.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Nov 22 19:54:55 UTC 2019 on sn-devel-184

- - - - -
bc2fc51a by Volker Lendecke at 2019-11-22T23:57:46+00:00
dbwrap_tdb: Avoid includes.h

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a58633f6 by Volker Lendecke at 2019-11-22T23:57:46+00:00
dbwrap_tdb: Return correct error from db_tdb_storev()

Don't lose information to NT_STATUS_UNSUCCESSFUL

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
caef82b1 by Volker Lendecke at 2019-11-22T23:57:46+00:00
dbwrap: Pass "value" to dbwrap_do_locked() callback

I want to reduce dbwrap_record_get_value(). It makes the caller believe it can
make a copy of the TDB_DATA returned and that the value remains constant. It's
not, as you can always do a dbwrap_record_store().

This patch removes one requirement for getting the value out of a
db_record via dbwrap_record_get_value(). You can still make a copy, but from an
API perspective to me it's more obvious that "value" as a parameter to the
callback has a limited lifetime.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
78c96f69 by Volker Lendecke at 2019-11-22T23:57:46+00:00
g_lock: Pass "data" down to g_lock_trylock()

Avoid a call to dbwrap_record_get_value(), dbwrap_do_locked() already
gave us the value.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
dbf24bcb by Volker Lendecke at 2019-11-22T23:57:46+00:00
vfs: Use dbwrap_parse_record() in vfs_offload_token_db_fetch_fsp()

Less malloc

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
52912088 by Volker Lendecke at 2019-11-22T23:57:46+00:00
vfs: Use dbwrap_do_locked() in vfs_offload_token_db_store_fsp()

Less malloc

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1dc3c168 by Volker Lendecke at 2019-11-22T23:57:46+00:00
dbwrap: Protect against invalid db_record->value

After dbwrap_record_storev()/delete(), dbwrap_record_get_value()
information is stale. Assert on the attempt to re-fetch data after it
became stale. This can't protect against someone copying the result
from dbwrap_record_get_value() somewhere else, but it's better than
nothing.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ffe4933c by Volker Lendecke at 2019-11-22T23:57:46+00:00
locking: Remove a call to dbwrap_record_get_value()

This makes a copy of the record values TDB_DATA.

In this case, it is okay: We only do a dbwrap_record_storev modifying
the value that we retrieved from the share_mode_lock destructor.

This patch is necessary because the next commit will make the "value"
argument to the dbwrap_do_locked() callback the only source of the
record value. Thus for a nested share_mode_do_locked() call we have to
maintain the record value explicitly.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ca8c23bb by Volker Lendecke at 2019-11-22T23:57:46+00:00
dbwrap: Don't set rec->value in dbwrap_do_locked()

We pass that via the callback now

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e341911d by Volker Lendecke at 2019-11-22T23:57:47+00:00
torture3: Consolidate dbwrap_watch test initialization

More lines, but less error-prone copy&paste

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
79dcabfb by Volker Lendecke at 2019-11-22T23:57:47+00:00
torture3: Test the next patch: No two waiters in one do_locked()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
7cea5fec by Volker Lendecke at 2019-11-22T23:57:47+00:00
dbwrap_watch: Prevent two watchers per fetch_locked sequence

This can lead to very confusing bugs, and the code right now does not
deal with it well.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
05340571 by Volker Lendecke at 2019-11-22T23:57:47+00:00
dbwrap_watch: Encapsulate watchers in "struct dbwrap_watcher"

Next patch will extend this structure

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
7349612c by Volker Lendecke at 2019-11-22T23:57:47+00:00
dbwrap_watch: Add a uin64_t instance to watchers

Initially used for debugging purposes only

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a793cc22 by Volker Lendecke at 2019-11-22T23:57:47+00:00
dbwrap_watch: Simplify the wakeup messages

The instance ID per process globally identifies a watch instance
across databases. It's not necessary to send the database ID and the
watched key across, the uin64_t instance ID is sufficient.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e5c28fec by Volker Lendecke at 2019-11-22T23:57:47+00:00
dbwrap_watch: Simplify struct dbwrap_watched_watch_state

With the wakeup messages changed, we don't need to store what used to
be the old message in the struct dbwrap_watched_watch_state
anymore. We still need to store the key that is watched for removal of
our watch entry in the request destructor

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
341223a0 by Volker Lendecke at 2019-11-22T23:57:47+00:00
dbwrap_watch: Don't store in-RAM caches

The history of this file is a mess with lots of bugs. Most of the bugs
I believe are based on the cache of database contents we maintain in
struct dbwrap_watch_rec. This patch removes that cache and does all
modifications directly in the backend database.

This means we have to mess with the database format in a few more
places, but I think the format is simple enough that this does not
really hurt.

I tried for a few days to split this up into small pieces that are
easier to understand, but every time I separated out individual chunks
I found difficult to track down bugs that are all resolved in the
final code presented here. It's more lines of code, but I hope it's more
robust.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2379dc29 by Volker Lendecke at 2019-11-22T23:57:47+00:00
smbd: Add share_mode_watch_send/recv

For now this is a simple wrapper around dbwrap_watched_watch_send()
that will make the direct db_record reference in struct
share_mode_data unnecessary.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
24f56aef by Volker Lendecke at 2019-11-22T23:57:47+00:00
smbd: Use share_mode_watch_send()

This removes some dependencies on share_mode_data->record

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0a66c973 by Volker Lendecke at 2019-11-22T23:57:47+00:00
smbd: Pass the db_record down to share_mode_data_store()

Remove a dependency on share_mode_data->record

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
06b0bcdf by Volker Lendecke at 2019-11-22T23:57:47+00:00
smbd: Remove share_mode_data->record

In the future, there won't be a record anymore

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c9b34cd2 by Volker Lendecke at 2019-11-22T23:57:47+00:00
g_lock: Change prototype of g_lock_dump

Soon the g_lock database format will change. There will be one
exclusive entry and an array of shared entries. In that format,
there's no need to attach a lock_type to each entry in the g_lock
database. Reflect this change in the g_lock_dump API

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
97ba1ee2 by Volker Lendecke at 2019-11-22T23:57:48+00:00
lib: Make struct g_lock_rec private to g_lock.c

This is no longer exposed in the API

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
85914847 by Volker Lendecke at 2019-11-22T23:57:48+00:00
torture: g_lock will allow duplicate READ locks soon

In the future, g_lock will not check for duplicate READ locks anymore,
as there might be many of them and the check might be expensive

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
effad89f by Volker Lendecke at 2019-11-22T23:57:48+00:00
lib: Add g_lock_ctx_init_backend()

This will allow using the g_lock.c logic on other databases as well

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d7345474 by Volker Lendecke at 2019-11-22T23:57:48+00:00
lib: Change the g_lock data model

Now we have one fixed field for the exclusive lock holder and an array
of shared locks. This way we now prioritize writers over readers: If a
pending write comes in while readers are active, it will put itself
into the exclusive slot. Then it waits for the readers to vanish. Only
when all readers are gone the exclusive lock request is granted. New
readers will just look at the exclusive slot and see it's taken. They
will then line up as watchers, retrying whenever things change.

This also means that it will be cheaper to support many shared locks:
Granting a shared lock just means to extend the array. We don't have
to walk the array for possible conflicts.

This also adds explicit UPGRADE and DOWNGRADE operations for better
error checking.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9aa03be9 by Volker Lendecke at 2019-11-23T01:25:12+00:00
torture: Test g_lock deadlock detection

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Nov 23 01:25:12 UTC 2019 on sn-devel-184

- - - - -
7eb171f6 by Andreas Schneider at 2019-11-26T12:49:41+00:00
gitignore: Add .build.log

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
97d43cf6 by Andreas Schneider at 2019-11-26T12:49:41+00:00
s3:winbind: Print priv pipe location

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
03854960 by Guenther Deschner at 2019-11-26T14:14:51+00:00
s3:winbind: Also set the cmd name for bool dispatch table

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Nov 26 14:14:51 UTC 2019 on sn-devel-184

- - - - -
f849d8c0 by Volker Lendecke at 2019-11-26T21:28:30+00:00
g_lock: Factor out g_lock_cleanup_shared()

This function will find a second user soon

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ba852a3d by Volker Lendecke at 2019-11-26T21:28:30+00:00
g_lock: Move a variable inside the block were it's used

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
39f21a58 by Volker Lendecke at 2019-11-26T21:28:30+00:00
g_lock: Speed up sync g_lock_lock()

The comment "this is used in very hot code paths" is not true right now, but
will get true soon....

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6dfa5bb6 by Christof Schmitt at 2019-11-26T21:28:31+00:00
sharesec: Return NTSTATUS from share_info_db_init

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1f304fc1 by Christof Schmitt at 2019-11-26T21:28:31+00:00
sharesec: Return NTSTATUS from set_share_security

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6bf6e536 by Christof Schmitt at 2019-11-26T21:28:31+00:00
sharesec: Return NTSTATUS from delete_share_security

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
cb907fbe by Christof Schmitt at 2019-11-26T21:28:31+00:00
selftest: Make net command available in sharesec test

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9dddb28a by Christof Schmitt at 2019-11-26T21:28:31+00:00
selftest: Add test for 'net conf delshare' also removing share ACL

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ff35160d by Christof Schmitt at 2019-11-26T22:55:38+00:00
net: Delete share ACL from 'net conf delshare'

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Nov 26 22:55:38 UTC 2019 on sn-devel-184

- - - - -
848cd4c4 by Stefan Metzmacher at 2019-11-27T10:25:31+00:00
s3:lib: remove unused str_list_sub_basic()

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
57fa96b4 by Stefan Metzmacher at 2019-11-27T10:25:31+00:00
s3:lib: remove unused str_list_substitute()

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c36dd593 by Ralph Boehme at 2019-11-27T10:25:31+00:00
s3:param: rename lp_string() argument ctx to mem_ctx

Minimizes diff of subsequent patch.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
741bbfd2 by Ralph Boehme at 2019-11-27T10:25:31+00:00
lib/param: introduce loadparm_substitution infrastructure

Pair-Programmed-With: Ralph Boehme <slow at samba.org>

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>

- - - - -
063c4b25 by Stefan Metzmacher at 2019-11-27T10:25:31+00:00
s3:param: split out loadparm_s3_global_substitution from lp_string()

The idea is to get rid of the global state that's
currently used for the substitution in lp_string().

In the end all callers need to pass an explicit
const struct loadparm_substitution *sub_ctx,
which contains all relevant information
for the substitution. At that point lp_string() can be removed.

For now we provide loadparm_s3_global_substitution()
for callers to keep the current bahavior unchanged.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
236857b4 by Stefan Metzmacher at 2019-11-27T10:25:31+00:00
s3:param: split out lp_parm_substituted_string()

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
564049fb by Stefan Metzmacher at 2019-11-27T10:25:31+00:00
s3:mdssvc: make use of lp_parm_const_string()

We don't need any substitution for elasticsearch options.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5170fc24 by Stefan Metzmacher at 2019-11-27T10:25:31+00:00
s3:vfs_tsmsm: make use of lp_parm_substituted_string()

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
48c7d777 by Stefan Metzmacher at 2019-11-27T10:25:31+00:00
s3:vfs_streams_depot: make use of lp_parm_substituted_string()

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f6747ccc by Stefan Metzmacher at 2019-11-27T10:25:32+00:00
s3:vfs_nfs4acl_xattr: make use of lp_parm_substituted_string()

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
cea386de by Stefan Metzmacher at 2019-11-27T10:25:32+00:00
s3:vfs_glusterfs: make use of lp_parm_substituted_string()

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
3215d357 by Stefan Metzmacher at 2019-11-27T10:25:32+00:00
s3:parm: remove unused lp_parm_talloc_string()

Callers should use lp_parm_substituted_string()
directly or just use lp_parm_const_string().

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
ef1f0e9f by Stefan Metzmacher at 2019-11-27T10:25:32+00:00
param: add FN_{GLOBAL,LOCAL}_SUBSTITUTED_STRING support

Pair-Programmed-With: Ralph Boehme <slow at samba.org>

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>

- - - - -
c23e3564 by Stefan Metzmacher at 2019-11-27T10:25:32+00:00
smbdotconf: mark "aio write behind" with substitution="1"

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8e86ac18 by Stefan Metzmacher at 2019-11-27T10:25:32+00:00
smbdotconf: mark "comment" with substitution="1"

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7973c873 by Stefan Metzmacher at 2019-11-27T10:25:32+00:00
smbdotconf: mark "dfree command" with substitution="1"

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7e918fad by Stefan Metzmacher at 2019-11-27T10:25:32+00:00
smbdotconf: mark "cups options" with substitution="1"

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
79cff629 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "dont descend" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
2cf62e85 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "force group" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
78593e2f by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "force user" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
86843529 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "hide files" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
595685c1 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "magic output" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
223c1f72 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "magic script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
95f0f22c by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "msdfs proxy" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f7619ac2 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "path" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
4f2ee224 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "postexec" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
e95e1c2d by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "preexec" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b98e1ad7 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "printername" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b9203807 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "root postexec" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
17726dab by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "root preexec" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
73082f93 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "veto files" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
18bd0c38 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "veto oplock files" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
8834eafc by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "volume" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
db75b5d6 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "abort shutdown script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9e350157 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "add group script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b0198b18 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "add machine script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
a5db3443 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "addport command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
39f80142 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "addprinter command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
390f53cb by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "add share command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
4c345289 by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "add user script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
00c4d9ec by Ralph Boehme at 2019-11-27T10:25:33+00:00
smbdotconf: mark "add user to group script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
84454540 by Ralph Boehme at 2019-11-27T10:25:33+00:00
s3:param: let lp_add_auto_services() take a const char *

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5e8d600b by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "auto services" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
bf9c63a2 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "change share command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
12e97ee3 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "check password script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
fb434275 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "next configfile" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
4b1de86d by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "cups server" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
736cb9d8 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "defaultservice" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b1c27e72 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "delete group script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
d035f850 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "deleteprinter command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
28391f0b by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "delete share command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
7547d837 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "delete user from group script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
1377e66e by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "delete user script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
6e678cba by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "enumports command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
25039641 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "get quota command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
330f4ac1 by Ralph Boehme at 2019-11-27T10:25:34+00:00
s3:lib: add missing TALLOC_CTX parameter in call to lp_homedir_map()

This seems to be dead (at least dying) code,
is WITH_NISPLUS_HOME ever defined?

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9f3c05d0 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "homedir map" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f2a1f0c7 by Ralph Boehme at 2019-11-27T10:25:34+00:00
smbdotconf: mark "iprint server" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
fa5033cf by Ralph Boehme at 2019-11-27T10:25:35+00:00
smbdotconf: mark "logfile" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9910b5e1 by Ralph Boehme at 2019-11-27T10:25:35+00:00
smbdotconf: mark "logging" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
4d7eaed5 by Ralph Boehme at 2019-11-27T10:25:35+00:00
smbdotconf: mark "log level" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
e46ea029 by Ralph Boehme at 2019-11-27T10:25:35+00:00
smbdotconf: mark "log nt token command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f47b710b by Ralph Boehme at 2019-11-27T10:25:35+00:00
smbdotconf: mark "message command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f3cfef87 by Ralph Boehme at 2019-11-27T10:25:35+00:00
smbdotconf: mark "os2 driver map" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ea61dd91 by Ralph Boehme at 2019-11-27T10:25:35+00:00
smbdotconf: mark "panic action" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
4551dd27 by Ralph Boehme at 2019-11-27T10:25:35+00:00
smbdotconf: mark "passwd chat" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
1743ff48 by Ralph Boehme at 2019-11-27T10:25:35+00:00
smbdotconf: mark "passwd program" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
299718cc by Ralph Boehme at 2019-11-27T10:25:35+00:00
s3: remove a prototype that is generated by loadparm

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5c5dbcc3 by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "perfcount module" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
dbc82a9f by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "remote announce" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
6d0db70e by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "remote browse sync" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
1439c19c by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "rename user script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
8077804c by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "root directory" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
7dc7b9e5 by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "server string" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
434d2632 by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "set primary group script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
fd72181f by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "set quota command" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
a0185c7e by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "shutdown script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
3c68114e by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "username map" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b635c445 by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "username map script" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
2dae6473 by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "usershare path" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
4d2a3c8a by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "wins hook" with substitution="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
050c2836 by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "ldap admin dn" with constant="1"

All the other LDAP related options like "ldap user suffix" don't support
variable substitution, so I guess it's safe to remove support for it from this
one as well.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ca2e49fe by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "ldap suffix" with constant="1"

Due to the use of append_ldap_suffix() where Globals.ldap_suffix was used
directly in the dependent options like "ldap group suffix", we can just mark
this option as const thereby removing substitution from "ldap suffix".

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
71e9c6e4 by Ralph Boehme at 2019-11-27T10:25:36+00:00
smbdotconf: mark "ldap group suffix" with constant="1"

Due to the use of append_ldap_suffix() where Globals.ldap_suffix is returned
directly, variable substitution isn't supported anyway, so we can just mark this
const.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b48d30e0 by Ralph Boehme at 2019-11-27T10:25:37+00:00
smbdotconf: mark "ldap idmap suffix" with constant="1"

Due to the use of append_ldap_suffix() where Globals.ldap_suffix is returned
directly, variable substitution isn't supported anyway, so we can just mark this
const.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9ed8292a by Ralph Boehme at 2019-11-27T10:25:37+00:00
smbdotconf: mark "ldap machine suffix" with constant="1"

Due to the use of append_ldap_suffix() where Globals.ldap_suffix is returned
directly, variable substitution isn't supported anyway, so we can just mark this
const.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
6f618b7c by Ralph Boehme at 2019-11-27T10:25:37+00:00
smbdotconf: mark "ldap user suffix" with constant="1"

Due to the use of append_ldap_suffix() where Globals.ldap_suffix is returned
directly, variable substitution isn't supported anyway, so we can just mark this
const.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
564b0b5b by Ralph Boehme at 2019-11-27T10:25:37+00:00
smbdotconf: mark "mangling method" with constant="1"

>From the manpage:

  ... controls the algorithm used for the generating
  the mangled names. Can take two different values, "hash" and
  "hash2". ...

No need for variable substitution support in this option, declare it const.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9aca11ae by Ralph Boehme at 2019-11-27T10:25:37+00:00
smbdotconf: mark "rpc server dynamic port range" with constant="1"

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ca72c4b3 by Ralph Boehme at 2019-11-27T10:25:37+00:00
smbdotconf: mark "usershare template share" with constant="1"

The code uses Globals.usershare_template_share directly anyway.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ad2c824b by Ralph Boehme at 2019-11-27T10:25:37+00:00
docs-xml: remove SWAT specific flags

Most of the SWAT stuff was removed in 4a6a010e78721624813a84bfefa7a1b80eaf0abb,
somehow these two crept back in afterwards.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
3e81d946 by Ralph Boehme at 2019-11-27T10:25:37+00:00
param: remove now unused FN_GLOBAL_STRING macro

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
24905ba8 by Ralph Boehme at 2019-11-27T10:25:37+00:00
docs-xml: remove explicit "constant"

The constant mark applied to types "string" and "ustring". The previous patches
in this patchset already markes all string options as either constant or
substituted, but it's still possible to add options or change existing ones to
be neither constant nor substituted.

In order to enforce strings to be either constant or substitued, remove the
explicit constant marker. Instead, any option that is not marked as substituted
is implicitly made constant.

This patch doesn't change behaviour and all generated files are the same before
and after this change.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
eddc63be by Ralph Boehme at 2019-11-27T10:25:37+00:00
printing: use lpcfg_substituted_string() in print_run_command()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b5c6964a by Ralph Boehme at 2019-11-27T10:25:37+00:00
s3:param: make "servicename" a substituted option

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
31b06f41 by Ralph Boehme at 2019-11-27T10:25:37+00:00
param: remove FN_LOCAL_STRING

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5114f73e by Ralph Boehme at 2019-11-27T10:25:38+00:00
param: remove now unused lp_string()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ef1c852f by Isaac Boukris at 2019-11-27T10:25:38+00:00
heimdal: invoke gsskrb5_set_dns_canonicalize(false) in gse_context_init()

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
609a1d1d by Isaac Boukris at 2019-11-27T10:25:38+00:00
Revert "selftest: system-heimdal: workaround upstream "host" canon bug"

This reverts commit 15ddd95d94688ed742a2965c4b269d7c84e2d858.

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
d9d6ce6e by Isaac Boukris at 2019-11-27T10:25:38+00:00
krb5: remove "set_dns_canonicalize" conf option

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
2b88890a by Isaac Boukris at 2019-11-27T12:24:16+00:00
krb5: move disabling dns-canon to lower level init calls

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Nov 27 12:24:16 UTC 2019 on sn-devel-184

- - - - -
9983caaa by Björn Baumbach at 2019-11-29T00:44:40+00:00
samba-tool group show: fix a copy-paste mistake

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
c35b3ef2 by Björn Baumbach at 2019-11-29T00:44:40+00:00
samba-tool tests: remove duplicate definitions of test functions

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0b04d9f2 by Björn Baumbach at 2019-11-29T00:44:40+00:00
samba-tool tests: prepare tests for new samba-tool functionality

Use ldbsearch instead of "samba-tool user show" to get base64 encoded
attribute. Used to verify that the attribute value has been changed
successfully.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
6d1a0eb8 by Björn Baumbach at 2019-11-29T00:44:40+00:00
samba-tool {user,group,computer,contact} show: avoid base64 encoded strings if possible

Be more user friendly and use clear text argument strings if possible.

Signed-off-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
12b3f26e by Björn Baumbach at 2019-11-29T00:44:40+00:00
samba-tool tests: re-add tests for attribute value verification using samba-tool

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
bd81733b by Andrew Bartlett at 2019-11-29T00:44:40+00:00
librpc: Make CFDATA private to cab.idl and remove pull and push functions

We can do this because ndr_{pull,push}_CFDATA is unused.

The earlier commit 466d5e814727046dd630d5503b43874ec46a365e removed
the link between "uint16 cbData" and the size of "DATA_BLOB ab" so
when the new ndr_fuzz_X fusser pushed a new structure this allowed
a read beyond the end of allocated memory.

The ndr_push_cab_file() function is also manually written and
does not rely on the value of cbData to calculate the checksum.

Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer, which like ndrdump's struct mode uses the public structure
tables.  (This is how it found the unused functions to test).

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
674d2cfd by Andrew Bartlett at 2019-11-29T00:44:40+00:00
librpc/ndr: Remove unused ndr_cab_generate_checksum()

This function is not just unused, it is a problem because there is no
enforced connection between r->ab.length and r->cbData.

The last caller was removed in the previous commit.

Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
bbae5641 by Andrew Bartlett at 2019-11-29T00:44:40+00:00
ndrdump: Show the actual struct/function name in the print, not just what it was called

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
ef0257b1 by Andrew Bartlett at 2019-11-29T00:44:40+00:00
ndrdump: Improve error message when the pipes fail to dump

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
b866018c by Andrew Bartlett at 2019-11-29T00:44:41+00:00
ndrdump: Do not run the validate step after a failure

This avoids ending a failed parse with 'dump OK'

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
cddc229a by Andrew Bartlett at 2019-11-29T02:09:11+00:00
selftest: Test partial parse behaviour in ndrdump

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Nov 29 02:09:11 UTC 2019 on sn-devel-184

- - - - -
7c4341c7 by Michael Hanselmann at 2019-12-01T08:55:39+00:00
Split winbindd into library and binary

The winbindd program was built in a single target with many source file,
making reuse of parts elsewhere impossible. With this change the
majority of the code is built as a subsystem and included in the binary
as a dependency.

Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
27fc062d by Uri Simchoni at 2019-12-01T10:22:00+00:00
heimdal-build: avoid hard-coded /usr/include/heimdal in asn1_compile-generated code.

This fixes a cross-compilation issue, as cross-compilers (rightly)
complain if host include directories are in the include path.

The fix is taken from buildroot (https://github.com/buildroot/buildroot/blob/8b11b96f41a6ffa76556c9bf03a863955871ee57/package/samba4/0006-heimdal_build-wscript_build-do-not-add-host-include-.patch) where it was applied by Bernd Kuhls <bernd.kuhls at t-online.de>.

This reverts some of 3fe2bfddda6149f6bf7402720226e9285f479fef, but
building Samba's bundled Heimdal with a system roken is not supported
anyway.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13856

Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun Dec  1 10:22:01 UTC 2019 on sn-devel-184

- - - - -
70933564 by Volker Lendecke at 2019-12-02T21:23:34+00:00
lib: Make stdin_new_passwd() static

It's only used in one place

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martins at samba.org>

- - - - -
6ab4b87a by Volker Lendecke at 2019-12-02T21:23:34+00:00
lib: Remove duplicate get_pass() prototypes

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martins at samba.org>

- - - - -
34c269ad by Volker Lendecke at 2019-12-02T21:23:35+00:00
lib: Remove a duplicate fdprintf() prototype

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martins at samba.org>

- - - - -
6d1ce7dc by Volker Lendecke at 2019-12-02T21:23:35+00:00
winbind: Use vasprintf() in winbindd_cache

Don't need to panic, we can do explicit checks in these few callers

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martins at samba.org>

- - - - -
39f96183 by Volker Lendecke at 2019-12-02T21:23:35+00:00
lib: Remove unused smb_xvasprintf()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martins at samba.org>

- - - - -
18d7bb06 by Volker Lendecke at 2019-12-02T21:23:35+00:00
smbd: Use share_mode_do_locked() in smbd_do_unlocking()

We don't really need the share mode data here

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8d8d2bdf by Volker Lendecke at 2019-12-02T21:23:35+00:00
smbd: Avoid leaking share_entries.tdb records

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4cd6c87a by Volker Lendecke at 2019-12-02T21:23:35+00:00
libndr: Fix a talloc context leak

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
77d3a98a by Volker Lendecke at 2019-12-02T21:23:35+00:00
smbd: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a82ab4a7 by Puran Chand at 2019-12-02T21:23:35+00:00
s3: smbclient doc fix

Signed-off-by: Puran Chand <pchand at vmware.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1b583bff by Volker Lendecke at 2019-12-02T22:47:24+00:00
auth3: Remove auth_script

Did this ever really work?

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Dec  2 22:47:24 UTC 2019 on sn-devel-184

- - - - -
787adfbc by Stefan Metzmacher at 2019-12-03T23:36:17+00:00
s4:heimdal_build: move krb5-types.h into include/krb5-types.h

source4/heimdal_build/include/ contains public headers,
which are needed by callers.

source4/heimdal_build/*.h should only be used for building the
in tree heimdal itself.

Without this an '#include "replace.h"' can catch 'config.h' from
source4/heimal_build/config.h before bin/default/include/config.h.
This #defines HAVE_CLOSEFROM unconditionally before replace.h can define
the replacement for rep_closefrom() on systems without libbsd.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Dec  3 23:36:17 UTC 2019 on sn-devel-184

- - - - -
7127a615 by Gary Lockyer at 2019-12-04T05:10:30+00:00
librpc ndr: Infinite loop parsing Suplemental creds

Fuzzing by Michael Hanselmann found an infinite loop parsing a malformed
supplemental credentials structure.  There are no server-side
network-accessible calls using this code.

This patch adds an ndrdump blackbox test to replicate the issue.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13874

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
bf8063e3 by Gary Lockyer at 2019-12-04T05:10:31+00:00
librpc ndr: Tests for ndr_pull_string

Tests to ensure that ndr_pull_string handles zero and one byte length
data correctly for both character strings and UTF-16 strings.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13874

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
d15a3797 by Andrew Bartlett at 2019-12-04T05:10:31+00:00
librpc: Avoid spinning on string_array elements with a short input

Without this protection we will spin during decode of a string_array or nstring_array
that is terminated by only a single NUL byte, not two as required by UTF-16.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13874

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
12cccf34 by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pygpo: use correct method flags

The METH_KEYWORDS argument must always be combined with METH_VARARGS.

In Python up to 3.7 this was checked at runtime, and as we had no callers to
get_unix_path() in Python we never noticed. In Python 3.8 it is checked at
import time, and everyone notices even if they aren't directly using GPOs.

Found and reported by Val Kulkov.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14209
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0cb2e6ac by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pidl: add a base class for PIDL parsers

There are about 5 object-oriented parsers, all with their own
effectively identical but differently spelt versions of pidl(),
pidl_hdr(), indent(), and deindent(). With this commit we add a base
class that they can all use.

The ultimate aim is to be able to add some debugging instrumentation
that benefits all[1] the parsers.

[1] The parsers (e.g. Samba::ServerNDR) which use global scope rather
than objects will not be affected.

The versions of the functions in this file follow the most
sophisticated versions of the soon-to-be subclasses. For example, the
pidl() function avoids spurious whitespace and puts #define at column
0, following the Python parser.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a78f69cb by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pidl: optionally annotate output for debug purposes

It can sometimes be hard to tell which bit of pidl generated which bit
of C. This commit wants to help.

If the PIDL_DEVELOPER environment variable is set (via waf
--pidl-developer or some other means), pidl will annotate *most* C
indicating which lines were generated by which bits of pidl. It looks
something like this:

_PUBLIC_ enum ndr_err_code ndr_push_auth_session_info(struct ndr_push *ndr, int ndr_flags, const struct auth_session_info *r)
{  //:PIDL: Parse::Pidl::Samba4::NDR::Parser::ParseTypePushFunction  lib/Parse/Pidl/Samba4/NDR/Parser.pm:3079
	NDR_PUSH_CHECK_FLAGS(ndr, ndr_flags);  //:PIDL: Parse::Pidl::Samba4::NDR::Parser::ParseStructPush  lib/Parse/Pidl/Samba4/NDR/Parser.pm:604
	if (ndr_flags & NDR_SCALARS) {
		NDR_CHECK(ndr_push_align(ndr, 5));  //:PIDL: Parse::Pidl::Samba4::NDR::Parser::ParseStructPushPrimitives  lib/Parse/Pidl/Samba4/NDR/Parser.pm:1448
		NDR_CHECK(ndr_push_unique_ptr(ndr, r->security_token));  //:PIDL: Parse::Pidl::Samba4::NDR::Parser::ParsePtrPush  lib/Parse/Pidl/Samba4/NDR/Parser.pm:604
		NDR_CHECK(ndr_push_unique_ptr(ndr, r->unix_token));
		NDR_CHECK(ndr_push_unique_ptr(ndr, r->info));
		NDR_CHECK(ndr_push_unique_ptr(ndr, r->unix_info));
		NDR_CHECK(ndr_push_uint3264(ndr, NDR_SCALARS, 0));
		/* [ignore] 'torture' */  //:PIDL: Parse::Pidl::Samba4::NDR::Parser::ParseElementPushLevel  lib/Parse/Pidl/Samba4/NDR/Parser.pm:729
		NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->session_key));  //:PIDL: Parse::Pidl::Samba4::NDR::Parser::ParseDataPush  lib/Parse/Pidl/Samba4/NDR/Parser.pm:604
		NDR_CHECK(ndr_push_uint3264(ndr, NDR_SCALARS, 0));  //:PIDL: Parse::Pidl::Samba4::NDR::Parser::ParsePtrPush  lib/Parse/Pidl/Samba4/NDR/Parser.pm:604
		/* [ignore] 'credentials' */  //:PIDL: Parse::Pidl::Samba4::NDR::Parser::ParseElementPushLevel  lib/Parse/Pidl/Samba4/NDR/Parser.pm:729

The comments starting with '//:PIDL:' have the function name, the filename,
and line number. The comment follows the ordinary output, and uses the '//'
style so as not to interfere with multiline /* */ comments if they happen
to exist.

A '//:PIDL:' comment is added whenever the pidl function or indentation
level changes, and very occasionally at other places if pidl runs for a
while without either of these things happening.

This does not affect pidl parsers that do not inherit from Parse::Pidl::Base,
and is careful to have no performance impact on non-debug generation.

This may help with semi-automated flow analysis.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4f0fba18 by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pidl Samba3::ClientNDR uses Pidl::Base

We need to modify the '@ISA = ' line, because it overwrites
the inheritance from Pidl::Base.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5513558b by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pidl:: adjust s4::Python pidl_hdr() to be the same as others

The common case is for pidl_hdr() to add a "\n", which we can
easily do here, allowing this to be merged into the Pidl::Base borg.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
803d9cf8 by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pidl s4::Python uses Pidl::Base

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3fc222a1 by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pidl s4/NDR/Client: fix pidl_both()

This function was clearly meant to be adding output to both the .c and
.h files, but was only adding it to the .h due to a typo.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
574c8db5 by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pidl s4/NDR/Client: use Pidl::Base

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fd68ba8a by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pidl: s4/NDR/Parser uses Pidl::Base

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
12f6698f by Douglas Bagnall at 2019-12-04T05:10:31+00:00
pidl s4/TDR: use conventional ->{res} name

rather than ->{ret}, meaning this class can be moved to a Pidl::Base subclass

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
8429418a by Douglas Bagnall at 2019-12-04T05:10:32+00:00
pidl s4/TDR: use Parse::Pidl::Base

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
eddd6c52 by Douglas Bagnall at 2019-12-04T06:35:05+00:00
pidl: don't export parser class methods

These methods are not used or usable as exported functions. The
correct (and actual) usage is along these lines;

    require Parse::Pidl::Samba3::ClientNDR;
    my $generator = new Parse::Pidl::Samba3::ClientNDR();
    my ($c_code,$h_code) = $generator->Parse($ndr, $header, $c_header);

where the methods are either explicitly referenced (new A::B::C),
or are called from the blessed object, neither of which need
exporting.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Dec  4 06:35:06 UTC 2019 on sn-devel-184

- - - - -
868bc05c by Jeremy Allison at 2019-12-04T20:02:40+00:00
s3: smbd: Allow smbd_smb2_process_negprot() to return NTSTATUS as it can fail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14205

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
a2d81d77 by Jeremy Allison at 2019-12-04T20:02:40+00:00
s3: smbd: Ensure we exit on smbd_smb2_process_negprot() fail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14205

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
836219c4 by Jeremy Allison at 2019-12-04T20:02:40+00:00
s3: smbd: Change reply_smb20xx() to return NTSTATUS.

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14205

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
f4caa415 by Jeremy Allison at 2019-12-04T20:02:40+00:00
s3: smbd: Change (*proto_reply_fn()) to return an NTSTATUS.

That way the caller can know if the negprot really
succeeded or not.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14205

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
e84910d9 by Jeremy Allison at 2019-12-04T20:02:40+00:00
s3: smbd: Ensure we exit if supported_protocols[protocol].proto_reply_fn() fails.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14205

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
46899ecf by Jeremy Allison at 2019-12-04T20:02:40+00:00
python: tests. Add test for fuzzing smbd crash bug.

Mark knownfail for now.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14205

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
8db0c1bf by Jeremy Allison at 2019-12-04T21:27:24+00:00
s3: smbd: Only set xconn->smb1.negprot.done = true after supported_protocols[protocol].proto_reply_fn() succeeds.

Otherwise we can end up with negprot.done set, but
without smbXsrv_connection_init_tables() being called.

This can cause a client self-crash.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14205

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Dec  4 21:27:24 UTC 2019 on sn-devel-184

- - - - -
520bb70d by Andreas Schneider at 2019-12-05T15:35:37+00:00
ldb:tests: Avoid that the debug function overwrites memory

We are setting ldb_debug_string() as the ldb debug function. The context
we give it is only valid as long as we're in that function.

On failure, we jump to the teardown function. The pointer for
debug_string isn't valid anymore, but the ldb debug system still points
to that address, and when we store the location of the allocated string,
we overwrite memory, in that case something from talloc and a
talloc_free() then jumps into the nirvana.

Thanks to Florian Weimer who helped debugging this.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>

- - - - -
ea1c62f3 by Andreas Schneider at 2019-12-05T17:13:36+00:00
ldb:tests: Allow test filtering in ldb_mod_op_test

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Dec  5 17:13:36 UTC 2019 on sn-devel-184

- - - - -
2ffccf9c by Ralph Boehme at 2019-12-05T17:14:46+00:00
selftest: fix a flapping test

The previous approach of using ls | grep $NAME for testing whether the previous
directory removal succeeded will fail in case $NAME is a substring of any
directory entrie's name.

Eg

  NAME=tmp.123

and the directory contains an unrelated entry

  tmp.123456

Using allinfo instead should fix this.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
b4b25128 by Noel Power at 2019-12-05T17:14:46+00:00
s3/selftest: allow samba3.blackbox.dfree_command run NT1 & SMB3 tests

samba3.blackbox.dfree_command was a single test that run both NT1 &
SMB3 tests together. This allow the protocol to be passed into the test
script so the test can be divided into SMB1 & >=SM2 tests.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
7c0ccbe1 by Noel Power at 2019-12-05T17:14:46+00:00
s3/script/tests: Prepare to split samba3.blackbox.net.misc for SMB1/SMB2

modify test_net_misc.sh to accept optional protocol, no protocol
specified and it behaves more or less as before (expect this time the
client max protocol is explicitly speficied)

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d4d2e017 by Noel Power at 2019-12-05T17:14:46+00:00
s3/selftest: split SMB1 & SMB2 parts of samba3.blackbox.dfree_quota

samba3.blackbox.dfree_quota was almost exclusively a SMB3 test, only
one part was testing legacy SMB1 behaviour, this change splits this
out so the SMB1 part can be run independantly.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f56314a9 by Ralph Boehme at 2019-12-05T17:14:46+00:00
s3/selftest: Run samba3.blackbox.net.misc with smb1/smb2

samba3.blackbox.net.misc now can run with >=SMB2 or SMB1 protocols,
adjust previous test definition and add new one

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f26c678a by Noel Power at 2019-12-05T17:14:46+00:00
s3/script/tests: Allow test script to accept option protocol list

test_preserve_case.sh tests a range of protocols, this however
fails when running against the normal test env (which have min
protocol of SMB2) because one of the protocols is NT1. This change
allows tests to pass the protocol (or list of protocols) so that
tests can be split.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
980f7736 by Noel Power at 2019-12-05T17:14:46+00:00
s3/selftest: run samba3.blackbox.preserve_case with SMB1 & >=SMB2

adjust test generators to run SMB1 & >=SMB2 versions of
samba3.blackbox.preserve_case test.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a6451609 by Noel Power at 2019-12-05T17:14:46+00:00
s3/selftest: allow samba3.blackbox.smbclient_ntlm.plain run SMB1 & SMB3

samba3.blackbox.smbclient_ntlm.plain used test SMB3 & NT1 protocols
in one test. These changes:
  *  modify the test driver script test_smbclient_ntlm.sh to take a
     protocol as param
  *  modify the test description generators to pass NT1 & SMB3

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
921f9f79 by Noel Power at 2019-12-05T17:14:46+00:00
s3/script/tests: Use protocol param passed to selectively run tests

samba3.blackbox.smbclient_s3 passes NT1 or SMB3 to run tests however
the PROTOCOL param is not used consistently within the script which
results in NT1 and SMB3 traffic being produced during testing. This
obviously causes issues when running the tests in an test environment
where SMB1 cannot be negiotiated. These changes fix this

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
aca1c949 by Noel Power at 2019-12-05T17:14:46+00:00
s3/utils: net time always hardcoded to use SMB1

net time ... cmd ignores any configuration to do with min/max protocols
and connects allways with smb1

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
66443fe9 by Noel Power at 2019-12-05T17:14:47+00:00
s3/script/tests: Add simple test for net share list

Adding a test for the net share list command. Currently this
command will fail because of a bug in the net command when it tries
to see if rpc is supported. This change adds a known fail to swallow
this error. A future commit will fix the net command and remove the
known fail

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5010535e by Noel Power at 2019-12-05T17:14:47+00:00
s3/utils: Make sure we can negotiate protocol based on smb.conf settings

net_rpc_check was hardcoded to check for rpc using SMB1 only. We
should negotiate protocols based on the client max|min protocol settings

this commit also removes the entry for
   samba3.blackbox.net.misc.lookup share list

from knownfails as this test should now pass following this change.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e30607af by Noel Power at 2019-12-05T18:44:40+00:00
s4/smb_server: Fix handling of SMB2 messages after Netbios session setup

On receiving a special NBT packet (e.g. session setup) the samba daemon
effectively sets up SMB1 as the negotiated protocol (in terms of
software handling of the messages) even though no SMB protocol
has yet been negotiated. If the next message after the nbt session setup
is a SMB2 message it will be handled by the SMB1 callbacks and will be
rejected. This is evident when using smbclient (with -p 139) option
in an env where SMB1 cannot be negotiated [*]

This change doesn't set up the SMB1 callbacks on receipt of NBT special
messages but lets the generic callback in place. Once either SMB1 (or)
SMB2 is established (by receipt of a 'real' SMB or >=SMB2 message) then
the proper callbacks will be set as normal.

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Dec  5 18:44:40 UTC 2019 on sn-devel-184

- - - - -
80924797 by Ralph Boehme at 2019-12-05T20:12:23+00:00
s3:locking: simplify code in get_share_mode_lock()

The call to get_static_share_mode_data() is identical in the if/else branches,
so move it behind them.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Dec  5 20:12:23 UTC 2019 on sn-devel-184

- - - - -
41f6248e by Stefan Metzmacher at 2019-12-05T22:51:46+00:00
bootstrap: use runners with 'docker' and 'gce' tags for the image creation

As we currently have the 'shared' tag on our private runners, they
maybe selected for image creation, but it fails there.

A lot of shared runners provide 'docker' and 'gce' and they are able to
generate the images.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
eefc8ee8 by Stefan Metzmacher at 2019-12-06T00:16:45+00:00
bootstrap: add debian10 support

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Dec  6 00:16:45 UTC 2019 on sn-devel-184

- - - - -
397ecd1f by Ralph Boehme at 2019-12-06T00:17:35+00:00
s3:lib: remove unused uint64s_nt_time_to_unix_abs()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d95be913 by Ralph Boehme at 2019-12-06T00:17:35+00:00
s3:tests: add a blackbox test that confirms broken timestamp behaviour

This blackbox test confirms that Samba returns NTTIME=0 when a filesystem object
has a UNIX timestamp value of 0, ie UNIX epoch start 1.1.1970.

Here's an example output from running smbstatus allinfo on such a file:

  $ bin/smbclient -U slow%x //localhost/test -c "allinfo time_0_1970"
  altname: T11662~T
  create_time:    NTTIME(0)
  access_time:    NTTIME(0)
  write_time:     NTTIME(0)
  change_time:    NTTIME(0)
  attributes:  (80)
  stream: [::$DATA], 0 bytes

If you look at it with smbclient ls command, it munges the output to be 1970 so
you don't notice the problem:

  $ bin/smbclient -U slow%x //localhost/test -c "ls time_0_1970"
    time_0_1970                         N        0  Thu Jan  1 01:00:00 1970

The test also test other time_t values -1 and 4294967295 that are used as
sentinel values in Samba code and shows that handling these values is equally
broken.

Same for time_t values < -1.

Note that I'm adding a blackbox test *and* a torture test, as with this blackbox
test I can directly control the server side, but with smbtorture I have to go
through the SMB stack to create the files which doesn't work currently.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5fe42bdc by Ralph Boehme at 2019-12-06T00:17:35+00:00
replace: ensure UTIME_NOW and UTIME_OMIT are always available

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
96418cb1 by Ralph Boehme at 2019-12-06T00:17:35+00:00
lib: provide UTIME_NOW|OMIT defines under our own namespace

We may want to add additional defines in the future in order to deal with
NTTIME(-1) and NTTIME(-2) coming in over the wire. They have special semantics
attached to them, -1 requests "no automatic write time updates" on a filehandle
and -2 reenables them.

We could use something like

  #define SAMBA_UTIME_FREEZE (SAMBA_UTIME_OMIT - 1)
  #define SAMBA_UTIME_THAW (SAMBA_UTIME_FREEZE - 1)

in the future.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
eb42beeb by Ralph Boehme at 2019-12-06T00:17:35+00:00
lib: add functions dealing with struct timespec UTIME_OMIT

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b5dc6aa7 by Ralph Boehme at 2019-12-06T00:17:35+00:00
lib: add full_timespec_to_nt_time()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
7c1d8957 by Ralph Boehme at 2019-12-06T00:17:35+00:00
torture: add a timestamps torture testsuite

Add a test that shows that setting timestamps to the special
values (time_t) 4294967295, 0, -1 and anything below is broken.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
af142df4 by Ralph Boehme at 2019-12-06T00:17:35+00:00
lib: add nt_time_to_full_timespec()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6f9a824f by Ralph Boehme at 2019-12-06T00:17:35+00:00
lib: add full_timespec_to_time_t()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2e687d0e by Ralph Boehme at 2019-12-06T00:17:35+00:00
lib: add nt_time_to_full_time_t()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2b938b4d by Ralph Boehme at 2019-12-06T00:17:35+00:00
lib: use nt_time_to_unix_full() in nt_time_string()

This enables printing time values before the UNIX epoch coming in over the wire
in smbclient allinfo command.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
928694af by Ralph Boehme at 2019-12-06T00:17:36+00:00
lib: add timespec_string_buf()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
7a69f642 by Ralph Boehme at 2019-12-06T00:17:36+00:00
lib: add time_t_to_full_timespec()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f2af647e by Ralph Boehme at 2019-12-06T00:17:36+00:00
lib: canonicalize pull_dos_date3()

Returns 0xFFFFFFFF as (time_t)-1. This avoids misenterpreting 0xFFFFFFFF as a
valid time_t value (0xFFFFFFFF = Sun 07 Feb 2106 06:28:15 AM GMT) on 64-bit
platforms where time_t is 64-bit.

Currently direct and indirect callers of pull_dos_date3() rely on the fact that
the resulting time_t is checked with null_time() which also checks for
0xFFFFFFFF as sentinel value amongst 0 and -1:

        return t == 0 ||
                t == (time_t)0xFFFFFFFF ||
                t == (time_t)-1;

By returning -1 instead of 0xFFFFFFFF, callers can safely pass the result to
unix_to_nt_time() which *doesn't* check for 0xFFFFFFFF, only -1.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e3ad7e36 by Ralph Boehme at 2019-12-06T00:17:36+00:00
s3:lib: let round_timespec() handle SAMBA_UTIME_OMIT

This ensures callers are not required to do the check themselves and we don't
clobber omit-timespecs in this function.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b1a3445e by Ralph Boehme at 2019-12-06T00:17:36+00:00
s3:lib: add put_long_date_full_timespec()

put_long_date_full_timespec() will be used in the fileserver to marshall struct
timespec timestamps that are sent to the client. By using
full_timespec_to_nt_time() which supports tv_sec=0 and negative values, we can
return timestamps to clients with a date before the UNIX epoch.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
572d4e3a by Ralph Boehme at 2019-12-06T00:17:36+00:00
smbd: use put_long_date_full_timespec()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e8c95598 by Ralph Boehme at 2019-12-06T00:17:36+00:00
s3:lib: add pull_long_date_full_timespec()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
7d4be660 by Ralph Boehme at 2019-12-06T00:17:36+00:00
smbd: use pull_long_date_full_timespec()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
02f18a39 by Ralph Boehme at 2019-12-06T00:17:36+00:00
s3:lib: use nt_time_to_full_timespec() in interpret_long_date()

interpret_long_date() is now only used in the client. To enable correct
processing of dates before the UNIX epoch, call nt_time_to_full_timespec().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2a82caf5 by Ralph Boehme at 2019-12-06T00:17:36+00:00
smbclient: use full_timespec_to_nt_time()

Needed to support dates corresponding to (time_t)0 and (time_t)-1.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1b9c31ef by Ralph Boehme at 2019-12-06T00:17:36+00:00
libsmb: add cli_setpathinfo_ext()

This takes a struct timespec instead of just time_t as cli_setpathinfo_basic()
does. This is needed to pass sentinel values -1 in the smbclient utime command.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c6beb718 by Ralph Boehme at 2019-12-06T00:17:36+00:00
smbclient: use cli_setpathinfo_ext() in utimes command

This allows correct processing of sentinel date values.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6e58cfab by Ralph Boehme at 2019-12-06T00:17:36+00:00
s3: add init_smb_file_time()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
69691dd0 by Ralph Boehme at 2019-12-06T00:17:36+00:00
smbd: fix handling of sentinel timestamp values

This implements two core changes:

* use NTTIME instead of struct timespec at the database layer

* use struct timespec { .tv_nsec = SAMBA_UTIME_OMIT } as special sentinel
  value in smbd when processing timestamps

Using NTTIME at the database layer is only done to avoid storing the special
struct timespec sentinel values on disk. Instead, with NTTIME the sentinel value
for an "unset" timestamp is just 0 on-disk.

The NTTIME value of 0 gets translated by nt_time_to_full_timespec() to the
struct timespec sentinel value { .tv_nsec = SAMBA_UTIME_OMIT }.

The function is_omit_timespec() can be used to check this.

Beside nt_time_to_full_timespec(), there are various other new time conversion
functions with *full* in their name that can be used to safely convert between
different types with the changed sentinel value.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fe2901e1 by Ralph Boehme at 2019-12-06T01:45:21+00:00
WHATSNEW: document SMB_VFS_NTIMES() interface change

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Dec  6 01:45:21 UTC 2019 on sn-devel-184

- - - - -
9a1072dd by Andreas Schneider at 2019-12-06T09:12:26+00:00
ldb: Avoid a possible NULL pointer dereference

Found by cppcheck.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
e464e40c by Andreas Schneider at 2019-12-06T09:12:26+00:00
ldb:tests: Use assert_in_range() in test_get_size()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
9323b5c5 by Andreas Schneider at 2019-12-06T09:12:26+00:00
ldb:tests: Add missing size check for tdb

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
e79e9438 by Andreas Schneider at 2019-12-06T11:13:24+00:00
ldb:tests: Add missing null check for ldb_kv_private

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Dec  6 11:13:24 UTC 2019 on sn-devel-184

- - - - -
63600b4f by Volker Lendecke at 2019-12-08T20:24:31+00:00
build: Multi-line a long list of deps

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
42035d11 by Volker Lendecke at 2019-12-08T20:24:31+00:00
build: messaging.c uses talloc_report_printf()

This used to be talloc_report_str()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2f2961a1 by Volker Lendecke at 2019-12-08T20:24:31+00:00
build: libcli/http does not need samba3core, only gensec

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
cec30b2e by Volker Lendecke at 2019-12-08T20:24:31+00:00
build: gencache.c in 'samba3core' needs crc32()

This comes from zlib, make the dependency explicit

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9e640226 by Volker Lendecke at 2019-12-08T20:24:31+00:00
build: Explicitly depend on samba-modules where needed

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
61b86d30 by Volker Lendecke at 2019-12-08T20:24:31+00:00
smbd: Make lp_use_sendfile() static to reply.c

This is the only place where it's used. Also, via
smb_signing_is_active it pulls in the dependency on
'cli_smb_common' (which pulls in all of gensec) into the 'smbconf'
library. Without this, 'smbconf' is happy with just 'samba-hostconfig'
instead of 'cli_smb_common'

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
cf9a0297 by Volker Lendecke at 2019-12-08T20:24:31+00:00
build: secrets3 need E_md4hash and kerberos functions

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4ff3e8ee by Volker Lendecke at 2019-12-08T20:24:31+00:00
build: util_cmdline depends on cli_credentials

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
415fb7d2 by Volker Lendecke at 2019-12-08T20:24:31+00:00
build: Trim the deps of 'smbconf'

This does not pull in gensec anymore

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0bc3e749 by Volker Lendecke at 2019-12-08T20:24:31+00:00
smbd: Panic if there's a leak in share_entries.tdb

Hopefully dbwrap_tdb's dbwrap_exists is cheap enough for this to not
impact performance too much. I could not measure any difference in an
open/close benchmark, but at some point things might pile up and we
might have to make this a #ifdef DEVELOPER

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f3802023 by Volker Lendecke at 2019-12-08T20:24:31+00:00
selftest: Make durable_v2_delay more specific

It will grow another subtest soon

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
84351285 by Volker Lendecke at 2019-12-08T20:24:32+00:00
smbd: Test cleanup of disconnected durable handle records

Right now this panics the scavenger daemon, preventing it from doing
its work. The reopen we expect to fail with
NT_STATUS_OBJECT_NAME_NOT_FOUND thus succeeds. I know that we should
more precisely detect the scavenger crash and with Jeremy's pattern in
46899ecf836 this would be possible. However, this is C code right now,
and scanning the logfile for the panic is more I have time for right
now. The test successfully indicates failure, as the next commit will
show.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9c81aa9d by Volker Lendecke at 2019-12-08T20:24:32+00:00
smbd: Fix a share_entries.tdb record leak

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5b8b9cd1 by Ralph Boehme at 2019-12-08T20:24:32+00:00
s4:smbtorture: also test for date >> UINT32_MAX in timestamps test

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
241f3709 by Richard Sharpe at 2019-12-08T21:50:52+00:00
docs-xml/Samba-Developers-Guide/vfs.xml: Fix incorrect VFS func names.

Use SMB_VFS_P{READ,WRITE} since the others have been retired.

Also, fix up the definitions.

Signed-off-by: Richard Sharpe <realrichardsharpe at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sun Dec  8 21:50:52 UTC 2019 on sn-devel-184

- - - - -
b05be655 by Andreas Schneider at 2019-12-09T10:11:31+00:00
s3:tests: Remove the -I SERVER_IP so that Kerberos auth works

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
8987d7ee by Andreas Schneider at 2019-12-09T11:57:52+00:00
s3:selfest: Do not print the env twice

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Dec  9 11:57:52 UTC 2019 on sn-devel-184

- - - - -
1b42ccfc by Andreas Schneider at 2019-12-09T12:48:45+00:00
s3:smbspool: Map AUTH_INFO_REQUIRED=none to anonymous connection

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
6201b304 by Andreas Schneider at 2019-12-09T12:48:45+00:00
s3:smbspool_krb5_wrapper: Map AUTH_INFO_REQUIRED=none to anonymous

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
58a90358 by Mikhail Novosyolov at 2019-12-09T12:48:45+00:00
s3:smbspool_krb5_wrapper: ignore unknown values of AUTH_INFO_REQUIRED

To make smbspool_krb5_wrapper usable as a default destination for symlink
/usr/lib/cups/backend/smb in Linux ditros, it has to be well-prepared
for any possible values of AUTH_INFO_REQUIRED set by cupsd and correctly
pass printing tasks to smbspool if it sees that Kerberos authentication
is not needed.

Discussed here: https://lists.samba.org/archive/samba-technical/2019-October/134470.html

Signed-off-by: Mikhail Novosyolov <m.novosyolov at rosalinux.ru>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
c95d32f6 by Mikhail Novosyolov at 2019-12-09T12:48:45+00:00
s3:smbspool: print a hint about smbspool_krb5_wrapper

When I first met with the situation that Kerberos kredentials cache of root
user was looked for instead of the one of the printing task creator,
it took a lot of time to understand that smbspool_krb5_wrapper will resolve this.

Signed-off-by: Mikhail Novosyolov <m.novosyolov at rosalinux.ru>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
67f455c3 by Andreas Schneider at 2019-12-09T14:18:11+00:00
s3:smbspool: Leave early if we print as root

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Mon Dec  9 14:18:11 UTC 2019 on sn-devel-184

- - - - -
99d153fa by Ralph Boehme at 2019-12-09T16:10:38+00:00
lib: add NTTIME_MAX, NTTIME_MIN, NTTIME_OMIT and NTTIME_FREEZE definitions

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f0813cbf by Ralph Boehme at 2019-12-09T16:10:38+00:00
lib: harden full_timespec_to_nt_time()

This protects against overflows when tv_sec is less then
TIME_FIXUP_CONSTANT_INT.

It also correctly limits the range of returned values to be
[NTTIME_MIN, NTTIME_MAX].

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
e1230f6e by Ralph Boehme at 2019-12-09T16:10:38+00:00
lib: add a comment to nt_time_to_full_timespec()

Add a hint explaining why and how -1 should be treated differently in the
future. Also make use of the helper function make_omit_timespec().

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
f576c02b by Volker Lendecke at 2019-12-09T16:10:38+00:00
smbd: Use NULL instead of 0 for a pointer type

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a34d75f6 by Volker Lendecke at 2019-12-09T16:10:38+00:00
torture: Use sizeof() where appropriate

One magic number less that needs to be verified manually

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
27c69b58 by Volker Lendecke at 2019-12-09T16:10:38+00:00
smbd: Call reopen_logs() in the smbd scavenger

If you have per-process logfiles with %d, the scavenger will get its
own logfile

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
37fa97b2 by Volker Lendecke at 2019-12-09T16:10:38+00:00
smbd: Call reopen_logs() in the notifyd

If you have per-process logfiles with %d, the notifyd will get its
own logfile

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b6ffbc7d by Volker Lendecke at 2019-12-09T16:10:38+00:00
net: Extend some debug information

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f2a91426 by Volker Lendecke at 2019-12-09T17:33:42+00:00
smbd: Give a better error message for non-existing share modes

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Mon Dec  9 17:33:42 UTC 2019 on sn-devel-184

- - - - -
a5e3db5b by Ralph Boehme at 2019-12-09T19:23:10+00:00
lib: spelling fix

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe at gmail.com>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Mon Dec  9 19:23:10 UTC 2019 on sn-devel-184

- - - - -
bb2296f6 by Volker Lendecke at 2019-12-10T00:29:54+00:00
build: Fix the build without system gssapi headers

source4/heimdal/lib/gssapi/gssapi/gssapi_krb5.h and gssapi_spnego.h
have an #include <gssapi.h> which they need to find via the -I paths

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Tue Dec 10 00:29:55 UTC 2019 on sn-devel-184

- - - - -
c2e55821 by Andreas Schneider at 2019-12-10T00:30:29+00:00
s4:lib: Make sure we close fd's in error path

Found by covscan.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
94c3c12d by Andreas Schneider at 2019-12-10T00:30:29+00:00
s3:rpc_server: Fix string compare for utmp entries

The members of struct utmp are marked as nonstring. This means they
might not be nil-terminated.

Found by covscan.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
cfa05261 by Andreas Schneider at 2019-12-10T00:30:29+00:00
s3:torture: Do not segfault if cli is NULL

This can happen if we fail early and cli hasn't been initialized yet.

Found by covscan.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
8753d5f4 by Andreas Schneider at 2019-12-10T00:30:29+00:00
s3:smbd: Fix possible NULL deref in smbd_do_qfilepathinfo()

Found by covscan.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
adfdcc47 by Andreas Schneider at 2019-12-10T00:30:29+00:00
s3:lib: Move NULL check before messaging_dgm_out_rearm_idle_timer()

We dereference out in messaging_dgm_out_rearm_idle_timer().

Found by covscan.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
1c65f1fd by Andreas Schneider at 2019-12-10T00:30:29+00:00
auth:tests: Improve debug output of test_gnutls

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
01f531ba by Andreas Schneider at 2019-12-10T00:30:29+00:00
auth:tests: Only enable torture_gnutls_aes_128_cfb() on GnuTLS >= 3.6.11

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
07b4606f by Isaac Boukris at 2019-12-10T00:30:29+00:00
libcli/auth: test des_crypt56() and add test_gnutls to selftest

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
7044a41a by Isaac Boukris at 2019-12-10T00:30:29+00:00
selftest: test E_P16

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0923f94b by Isaac Boukris at 2019-12-10T00:30:29+00:00
selftest: test sam_rid_crypt

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
dfad0825 by Isaac Boukris at 2019-12-10T00:30:29+00:00
selftest: test E_P24 and SMBOWFencrypt

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
8f042ba5 by Isaac Boukris at 2019-12-10T00:30:29+00:00
selftest: test E_old_pw_hash

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e2f8f686 by Isaac Boukris at 2019-12-10T00:30:30+00:00
selftest: test des_crypt128

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
394debac by Isaac Boukris at 2019-12-10T00:30:30+00:00
selftest: test des_crypt112 and fix (unused) decryption

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a4ec427e by Isaac Boukris at 2019-12-10T00:30:30+00:00
selftest: test des_crypt112_16

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
6c5f153e by Isaac Boukris at 2019-12-10T00:30:30+00:00
selftest: test SMBsesskeygen_lm_sess_key

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2c470c80 by Isaac Boukris at 2019-12-10T00:30:30+00:00
selftest: test sess_crypt_blob

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0f855f1a by Isaac Boukris at 2019-12-10T00:30:30+00:00
smbdes: add des_crypt56_gnutls() using DES-CBC with zeroed IV

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
38189f76 by Isaac Boukris at 2019-12-10T00:30:30+00:00
netlogon_creds_des_encrypt/decrypt_LMKey: use gnutls and return NTSTATUS

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
bbcf568f by Isaac Boukris at 2019-12-10T00:30:30+00:00
SMBsesskeygen_lm_sess_key: use gnutls and return NTSTATUS

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
ecee1998 by Isaac Boukris at 2019-12-10T00:30:30+00:00
smbdes: convert sam_rid_crypt() to use gnutls

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
9fb6361a by Isaac Boukris at 2019-12-10T00:30:30+00:00
smbdes: convert E_P16() to use gnutls

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2eef1290 by Isaac Boukris at 2019-12-10T00:30:30+00:00
smbdes: remove D_P16() (not used)

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a5548af0 by Isaac Boukris at 2019-12-10T00:30:30+00:00
smbdes: convert E_P24() and SMBOWFencrypt to use gnutls

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
c57f4295 by Isaac Boukris at 2019-12-10T00:30:30+00:00
smbdes: convert des_crypt128() to use gnutls

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
dce944e8 by Isaac Boukris at 2019-12-10T00:30:31+00:00
smbdes: convert E_old_pw_hash to use gnutls

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
25473913 by Isaac Boukris at 2019-12-10T00:30:31+00:00
smbdes: convert des_crypt112 to use gnutls

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
dcc33103 by Isaac Boukris at 2019-12-10T00:30:31+00:00
smbdes: convert des_crypt112_16 to use gnutls

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
a75ca8d5 by Isaac Boukris at 2019-12-10T00:30:31+00:00
session: convert sess_crypt_blob to use gnutls

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b5d8f1f7 by Isaac Boukris at 2019-12-10T00:30:31+00:00
sess_crypt_blob can only crypt blobs whose size divides by 8

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fe2577a4 by Isaac Boukris at 2019-12-10T00:30:31+00:00
smbdes: remove old unused DES builtin-crypto

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
83ffe675 by Andreas Schneider at 2019-12-10T01:54:02+00:00
pidl: Remove Parse/Yapp/Driver.pm

This file is provided by Parse::Yapp and on install we overwrite the
orignal file.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Dec 10 01:54:02 UTC 2019 on sn-devel-184

- - - - -
f786cdf5 by Andrew Bartlett at 2019-12-10T02:53:34+00:00
selftest: Add ndrdump tests for malformed drsuapi traffic

Thanks to Douglas Bagnall for the samples, produced from seeds
generated by Samba's make test traffic, fuzzed by ndr_fuzz_X
and Hongfuzz.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
b6913830 by Andrew Bartlett at 2019-12-10T02:53:34+00:00
librpc/ndr: Do not follow a client-supplied NULL pointer in _print_drsuapi_DsAttributeValue_attid()

This is not a security issue as it only happens when printing the structure
during debugging, not normal production.

Found by Michael Hanselmann using an NDR fuzzer and Hongfuzz.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
efef4366 by Douglas Bagnall at 2019-12-10T02:53:34+00:00
pidl: use perl warnings

Warnings are good. If we turn on warnings with 'use warnings', we will
see bugs that have lain latent for years.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2765b5c1 by Douglas Bagnall at 2019-12-10T02:53:35+00:00
pidl s4::NDR::Parser: read hex numbers as numbers for ranges

Hex numbers in IDL are not parsed as numbers, resulting in warnings
like

Argument 0x2000 isn't numeric in numeric lt (<) at /home/douglas/src/samba/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm line 981

not to mention problematic code. We add a utility function to convert
these numbers to numbers.

A typical difference this makes is:

 --- old/default/librpc/gen_ndr/ndr_dcerpc.c     2019-11-30 23:40:32.915816967 +1300
 +++ new/default/librpc/gen_ndr/ndr_dcerpc.c     2019-11-30 17:00:09.055733660 +1300
 @@ -1893,7 +1893,7 @@
         if (ndr_flags & NDR_SCALARS) {
                 NDR_CHECK(ndr_pull_align(ndr, 4));
                 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->ReceiveWindowSize));
 -               if (r->ReceiveWindowSize > 0x40000) {
 +               if (r->ReceiveWindowSize < 8192 || r->ReceiveWindowSize > 262144) {
                         return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
                 }
                 NDR_CHECK(ndr_pull_trailer_align(ndr, 4));

Where the minimum ("0x2000" == 8192) was read as a string, thus
treated as zero.

The treatment as zero was introduced in 142b2a61f8a77b3065ce4c78b459ab714d6d190a
accidentially, which shows why warnings are important.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
aefce8e7 by Douglas Bagnall at 2019-12-10T02:53:35+00:00
pidl s4::NDR::Parser: correct has_fast_array logic

Here we fix two bugs that cancelled each other out completely, so this
patch leaves us with exactly the same functionally as before.

Bug 1: In perl, return is *syntactically* a function.

That means 'return X or Y' is read as 'return(X) or Y', as in the
'open(X) or die "..."' construct -- Y is only evaluated if return
returns false. But return never returns, so Y is dead code. If in
doubt, try these:

perl -e "sub x {return 0 or die;} x"
perl -e "sub x {return (0 or die);} x"

What we *meant* here is 'return (X or Y)', BUT it turns out we were
confused -- the Y case was bogus.

Bug 2: string arrays never had "fast array logic" in the first place.

The fast array logic is for arrays of bytes, and can be fast (i.e.
memcpy) because there is no endianness to worry about. A string array
is an array of pointers not bytes.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4de002a0 by Douglas Bagnall at 2019-12-10T02:53:35+00:00
pidl s4::NDR::Parser: silence a warning

At level 0 there is no previous level so $pl is undefined thus so is ->{TYPE}

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
33255102 by Douglas Bagnall at 2019-12-10T02:53:35+00:00
pidl Parse::Pidl::NDR: warn of unknown scalar alignments

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3c90c9de by Douglas Bagnall at 2019-12-10T02:53:35+00:00
pidl Parse::Pidl::NDR: add HRESULT alignment

this is a guess

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
51a11afe by Douglas Bagnall at 2019-12-10T02:53:35+00:00
pidl Parse::Pidl::NDR: silence two warnings about undefined strings

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fbe402ed by Douglas Bagnall at 2019-12-10T02:53:35+00:00
pidl s4::Python: silence warnings

- do not redeclare variables in the same scope.
- use $1 instead of \1, which perl just prefers.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
ef5d79e2 by Douglas Bagnall at 2019-12-10T04:16:31+00:00
pidl/tests/samba-ndr.pl: remove duplicate import

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Dec 10 04:16:31 UTC 2019 on sn-devel-184

- - - - -
7b265830 by Douglas Bagnall at 2019-12-10T07:50:28+00:00
lib/fuzzing: add fuzz_ndr_X

This NDR fuzzer links with each "interface" in the IDL files to
create avsingle binary.  This tries to matches what the fuzzing
engines desire.

It started as a copy of ndrdump but very little of that remains
in place.

The fancy build rules try to avoid needing a lof of boilerplate
in the wscript_build files and ensure new fuzzers are generated
and run when new IDL is added automatically.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Pair-programmed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e7379886 by Douglas Bagnall at 2019-12-10T07:50:28+00:00
dcerpc: developer option to save ndr_fuzz_X seeds

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Pair-programmed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
c0043e23 by Douglas Bagnall at 2019-12-10T07:50:28+00:00
fuzzing: Add script decode_ndr_X_crash to decode crash results

This interprets a file that crashes an fuzz_ndr_X binary

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
afe86608 by Douglas Bagnall at 2019-12-10T07:50:28+00:00
lib/fuzzing/decode_ndr_X: print less by default, avoid pipe

ndrdump can now take base64 input directly.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
c35fe03a by Douglas Bagnall at 2019-12-10T07:50:28+00:00
fuzzing/decode_ndr_X: read crashes from a HONGGFUZZ report

In theory, you should be able to run honggfuzz and go

$ lib/fuzzing/decode_ndr_X_crash -H HONGGFUZZ-REPORT.txt > crash-crash-crash.sh

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3ca76f59 by Andrew Bartlett at 2019-12-10T07:50:28+00:00
librpc: Fill in full deps for NDR_* subsystems

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
6f7a9e87 by Andrew Bartlett at 2019-12-10T07:50:28+00:00
lib/fuzzing: Link only the required NDR_ subsystems into ndr_fuzz_X binaries

This reduces the binary size and shows that we are linked against the correct
ndr_table_ global variable.  This might help the fuzzing engine know there
is not much more of the binary to find if unreachable code is not included.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
c16e4dca by Andrew Bartlett at 2019-12-10T07:50:28+00:00
lib/fuzzer: Remove rudundent install=False flag from fuzz_ndr_X build rule

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
a9a8bcf7 by Andrew Bartlett at 2019-12-10T07:50:28+00:00
lib/fuzzer: Allow building a fuzz binary for just one interface

This helps direct the fuzzer at a particular function that we are concerned about.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
000d86f5 by Andrew Bartlett at 2019-12-10T07:50:28+00:00
lib/fuzzing: Tell the compiler we know we are ignoring errors in fuzz_reg_parse

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
f4ff9a07 by Andrew Bartlett at 2019-12-10T07:50:28+00:00
lib/fuzzing: Also confirm we can make a string filter from the parsed tree in fuzz_ldb_parse_tree

This also avoids tree being an unused variable.

This is similar to doing an ndr_push() in ndr_fuzz_X, it
catches some of the cases where the parse is successful but
the application code could misinterpret the structure.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
1d98ced8 by Andrew Bartlett at 2019-12-10T07:50:29+00:00
lib/fuzzing: Add mode for the AFL fuzzer

This is helpful for ensuring the fuzzers still compile in autobuild as no
library support is required.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
47c7f549 by Douglas Bagnall at 2019-12-10T07:50:29+00:00
fuzz/decode_ndr_X_crash: -f to filter crashes by regex

If you go:

$ ./lib/fuzzing/decode_ndr_X_crash -H HONGGFUZZ_REPORT.txt -f 'SIG[^V]' > ./crash.sh

you will get all the crashes and not the timeouts (which have SIGVTALARM)..

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
8382fa64 by Andrew Bartlett at 2019-12-10T07:50:29+00:00
oss-fuzz: Align build.sh sh parameters with pattern from the oss-fuzz project

We should run build_samba.sh with -eux to ensure we exit on failure,
refuse to use an unset varible and print the commands we are running.

(The suggested build.sh on the oss-fuzz side uses -eu).

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
f79caf3b by Andrew Bartlett at 2019-12-10T07:50:29+00:00
lib/fuzzing: Remove oss-fuzz build.sh stub from the Samba repo

We need to ship the stub build.sh in the oss-fuzz repo, not ours.
This is because otherwise the travis CI checks skip the build
(it thinks we are not set up yet, or have been disabled).

See https://github.com/google/oss-fuzz/pull/3094 for the PR
creating a similar file there.  This is very similar to how
janus-gateway operates, so this is an accepted pattern.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
5bb9ecdf by Andrew Bartlett at 2019-12-10T07:50:29+00:00
lib/fuzzing: Support an oss-fuzz build with either address or undefined behaviour sanitizers

Add handler for $SANITIZER in build.sh

This allows a build with the undefined behaviour sanitizer.

Otherwise we fail the oss-fuzz CI because the UBSan build links with ASan..

Once this in in then https://github.com/google/oss-fuzz/pull/3094
can be merged to oss-fuzz.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
5e5d18c5 by Andrew Bartlett at 2019-12-10T07:50:29+00:00
lib/fuzzing Add comments to explain RUNPATH manipulation in build.sh

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
4c8388fb by Andrew Bartlett at 2019-12-10T07:50:29+00:00
lib/fuzzing Truncate the original files after RUNPATH manipulation in build.sh

This saves space on the rackspace runners in particular.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
96184c10 by Andrew Bartlett at 2019-12-10T07:50:29+00:00
build: Skip build of python bindings when in fuzzing mode

This will just save a bit of time and space.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

- - - - -
8b06cabc by Andrew Bartlett at 2019-12-10T09:15:43+00:00
bootstrap: Add chrpath as a required package

This is used to test build.sh, part of the oss-fuzz integration, and so also that we
correctly build our fuzzers.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Dec 10 09:15:43 UTC 2019 on sn-devel-184

- - - - -
a25a2e45 by Andrew Bartlett at 2019-12-10T09:18:46+00:00
CVE-2019-14861: s4-rpc/dnsserver: Confirm sort behaviour in dcesrv_DnssrvEnumRecords

The sort behaviour for child records is not correct in Samba so
we add a flapping entry.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4333e41c by Andrew Bartlett at 2019-12-10T09:18:46+00:00
CVE-2019-14861: s4-rpc_server: Remove special case for @ in dns_build_tree()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
defb2373 by Andrew Bartlett at 2019-12-10T09:18:46+00:00
CVE-2019-14861: s4-rpc/dnsserver: Avoid crash in ldb_qsort() via dcesrv_DnssrvEnumRecords)

dns_name_compare() had logic to put @ and the top record in the tree being
enumerated first, but if a domain had both then this would break the
older qsort() implementation in ldb_qsort() and cause a read of memory
before the base pointer.

By removing this special case (not required as the base pointer
is already seperatly located, no matter were it is in the
returned records) the crash is avoided.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
aaf037df by Andrew Bartlett at 2019-12-10T09:18:46+00:00
CVE-2019-14861: Test to demonstrate the bug

This test does not fail every time, but when it does it casues a segfault which
takes out the rpc_server master process, as this hosts the dnsserver pipe..

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
aa17d5fc by Isaac Boukris at 2019-12-10T09:18:46+00:00
samba-tool: add user-sensitive command to set not-delegated flag

Signed-off-by: Isaac Boukris <iboukris at gmail.com>

- - - - -
df72956a by Isaac Boukris at 2019-12-10T09:18:46+00:00
CVE-2019-14870: heimdal: add S4U test for delegation_not_allowed

Signed-off-by: Isaac Boukris <iboukris at gmail.com>

- - - - -
84de46f5 by Isaac Boukris at 2019-12-10T09:18:46+00:00
CVE-2019-14870: heimdal: enforce delegation_not_allowed in S4U2Self

Signed-off-by: Isaac Boukris <iboukris at gmail.com>

- - - - -
73f43626 by Isaac Boukris at 2019-12-10T10:44:01+00:00
CVE-2019-14870: mit-kdc: enforce delegation_not_allowed flag

Signed-off-by: Isaac Boukris <iboukris at samba.org>

Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Tue Dec 10 10:44:01 UTC 2019 on sn-devel-184

- - - - -
238d08b0 by Andrew Bartlett at 2019-12-10T16:22:37+00:00
selftest: Confirm that ndrdump struct mode is not available for enums

These are not passed by pointer so the structure dump system does not work
for these.  It is best to dump the containing structure instead.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
bc0c876a by Andrew Bartlett at 2019-12-10T17:45:46+00:00
pidl:NDR/Parser: only include structs in ndr_interface_public_struct

We only have ndrdump and the fuzzers set up for structures, not BITMAPS,
ENUMS etc.

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Dec 10 17:45:46 UTC 2019 on sn-devel-184

- - - - -
c3250ff7 by Andreas Schneider at 2019-12-10T19:06:27+00:00
lib:crypto: Remove our implementation of AES CCM

We require GnuTLS >= 3.4.7 which provides AES CCM.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
337c51c9 by Andreas Schneider at 2019-12-10T19:06:27+00:00
lib:crypto: Remove our implementation of AES GCM

We require GnuTLS >= 3.4.7 which provides AES GCM.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
67136177 by Andreas Schneider at 2019-12-10T19:06:28+00:00
lib:crypto: Only build AES code if we need AES CMAC

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
20b9cae6 by Andreas Schneider at 2019-12-10T20:30:57+00:00
lib:crypto: Build intel aes-ni only if GnuTLS doesn't provide AES CMAC

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Dec 10 20:30:57 UTC 2019 on sn-devel-184

- - - - -
79b2ee8d by Volker Lendecke at 2019-12-10T20:31:40+00:00
torture4: Use generate_random_u64() instead of random()

random() returns an int, which is not necessarily a uint64

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
75353596 by Volker Lendecke at 2019-12-10T20:31:40+00:00
torture: Run durable_v2_reconnect_delay_msec with leases

This will show a leases.tdb record leak. If you SIGSTOP the smbtorture
process while it's in the 10-second wait, you will find locking.tdb
and share_entries.tdb empty after the scavenger has cleaned up. But
there will be an entry in leases.tdb left.

I have no clue how to test this properly, or how to have a reasonably
cheap assert in smbd during normal operations. The problem is that
this leak can't really be distinguished from a "normal" leak that a
crashed smbd would leave behind. Possibly we need a background job
walking leases.tdb to clean this up properly.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fbd97ee8 by Volker Lendecke at 2019-12-10T21:57:05+00:00
smbd: Fix a leases.tdb record leak

If we set e->stale=true in the share_mode_forall_entries() callback,
the share entry will be removed directly. Thus further down
share_mode_forall_leases() won't find anything anymore. Only find
possibly still connected entries in the first walk, and then remove
the share_entries.tdb record straight away after the leases and
brlocks have been removed.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Dec 10 21:57:05 UTC 2019 on sn-devel-184

- - - - -
de02a553 by Andrew Bartlett at 2019-12-11T02:55:32+00:00
.gitlab-ci.yml: Align tasks with "pages" dependency to get comprehensive code coverage

These two lists can get out of skew very easily.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
df38d511 by Andrew Bartlett at 2019-12-11T02:55:32+00:00
autobuild.py: Add missing samba-simpleserver job

This was missed when the job was split out in f0e8dd1a08698884209873bb84002d7b34db016c.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
d349d344 by Andrew Bartlett at 2019-12-11T02:55:32+00:00
autobuild.py: Avoid listing jobs twice

We use the tasks table instead, to avoid the issue shown in the previous commit.

Now we just have to keep .gitlab-ci.yml and the tasks table in sync.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
0be0c044 by Andrew Bartlett at 2019-12-11T02:55:32+00:00
autobuild: extend autobuild with samba-fuzz job to build the fuzzers in AFL mode using oss-fuzz scripts

This helps ensure the build_samba.sh file keeps working and the fuzzers build
(because they are excluded from the main build).

This is not in the default autobuild because it uses too much
space on sn-devel (4GB).

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
6e5aefc2 by Andrew Bartlett at 2019-12-11T02:55:32+00:00
lib/fuzzing: Ensure mem_ctx is freed each time fuzz_ldb_parse_tree is run

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
e6fc8e79 by Andrew Bartlett at 2019-12-11T02:55:32+00:00
lib/fuzzing: Split up automatically build fuzzers into TYPE_{IN,OUT,STRUCT}

The advise is that a fuzz target should be as small as possible
so we split this up.  Splitting up by function would build too
many fuzzers, but this should help a little.

See for example:
https://github.com/google/fuzzing/blob/master/docs/good-fuzz-target.md#large-apis

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
545711ff by Andrew Bartlett at 2019-12-11T04:21:28+00:00
lib/fuzzing: Fix argument order to ldb_filter_from_tree in fuzz_ldb_parse_tree

Found by the oss-fuzz CI tooling.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Dec 11 04:21:28 UTC 2019 on sn-devel-184

- - - - -
049f0c38 by Andrew Bartlett at 2019-12-11T22:18:47+00:00
lib/krb5_wrap: Remove unused smb_krb5_get_allowed_weak_crypto()

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>

Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Wed Dec 11 22:18:47 UTC 2019 on sn-devel-184

- - - - -
ee4617ec by Gary Lockyer at 2019-12-12T00:35:30+00:00
librpc dnsp test: Ensure length matches union selector

Ensure that a dnsp_DnsProperty is rejected if the length data does not not
correspond to the length indicated by the union id.  It was possible for
the union to be referencing memory past the end of the structure.

Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X fuzzer.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14206
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
fee5c6a4 by Andrew Bartlett at 2019-12-12T00:35:30+00:00
librpc/idl/dnsserver.idl: Ensure DnsProperty id matches what is pulled from the stored buffer

There are two concerns here, assuming the attacker can place arbitary values
in a dnsProperty attribute over LDAP (eg is a DNS administrator).

This comes from the fact that id is used as the switch value at the C layer
but at the NDR layer the wDataLength value is considered first.

One concern is that a pull/push round-trip could include server memory:

 The previous switch_is() behaviour could store the server memory back
 into the attribute.

 However this pattern of pull/push only happens in ndrdump and fuzzing tools, as
 dnsserver_db_do_reset_dword() operates only on the uint32/bitmap union
 arms, and fully initialises those.

The other is that a pull of the attacker-supplied value could
cause the server to expose memory.

 This would be over the network via DNS or the RPC dnsserver protocols.
 However at all times the ndr_pull_struct_blob is passed zeroed memory.

The final concern (which fuzz_ndr_X found) is that in the ndr_size_dnsPropertyData()
the union descriminent is only id.

 This has no impact as only zeroed memory is used so there will be a
 zero value in all scalars, including data->d_ns_servers.AddrArray.

 Therefore the server will not crash processing the attacker-supplied blob

[MS-DNSP] 2.3.2.1 dnsProperty has no mention of this special behaviour.
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dnsp/445c7843-e4a1-4222-8c0f-630c230a4c80

This was known as CVE-2019-14908 before being triaged back to a normal bug.

Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X fuzzer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14206
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at samba.org>

- - - - -
39dfc5c8 by Samuel Cabrero at 2019-12-12T00:35:30+00:00
librpc:core: Split dcesrv context init and endpoint servers init

The S4 server will initialize the endpoint servers specified in smb.conf,
but the S3 server need to initialize all registered endpoint servers (the
embedded ones).

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
90eb485c by Samuel Cabrero at 2019-12-12T00:35:30+00:00
librpc:core: Add public functions to initialize endpoint servers

The dcesrv_init_registered_ep_servers() will be used by the S3 server to
initialize all registered endpoint servers (for embedded services), and
the dcesrv_init_ep_server() function will be used by the external
daemons to initialize the required ones.

As serveral S3 services may require to initialize another one before
itself (svcctl and eventlog for example require winreg) a boolean flag is
added to track the initialization status.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
79af978c by Samuel Cabrero at 2019-12-12T00:35:30+00:00
librpc:core: Add a function to reinitialize the dcesrv_context

Clears all registered endpoints and interfaces, association groups and
broken connections.

To be used by S3 forked daemons.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
e24ce002 by Samuel Cabrero at 2019-12-12T00:35:31+00:00
pidl:NDR/Server: Allow to define endpoint server shutdown functions

The next commits will register legacy api_struct when the endpoint server
is initialized. This commit adds a shutdown function which will be used
to unregister the legacy api_struct.

The shutdown function will be also used to replace the rpc_srv_callbacks
struct shutdown member used, for example, by the spoolss service to
cleanup before exiting.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4a608b28 by Samuel Cabrero at 2019-12-12T00:35:31+00:00
s4:torture/rpc: Fix torture comment in mdssvc.c

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3f69c6b1 by Samuel Cabrero at 2019-12-12T02:00:19+00:00
selftest: Do not force the endpoint for fsrvp tests

The test suite will bind to the srvsvc interface, let it find the
correct endpoint through the endpoint mapper.

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Dec 12 02:00:19 UTC 2019 on sn-devel-184

- - - - -
cf83eec5 by Andrew Bartlett at 2019-12-12T02:30:39+00:00
selftest: Add test for structure with NDR_BUFFERS only in a union

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
6ef50145 by Andrew Bartlett at 2019-12-12T02:30:39+00:00
selftest: Add example xattr_NTACL packets to demonstrate switch/union behaviour

This is a good example with both buffers and scalars in the union.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f56fa3bb by Andrew Bartlett at 2019-12-12T02:30:39+00:00
selftest: Add test for ndr_size_union() faulting on a NULL pointer

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
bcffdc9a by Andrew Bartlett at 2019-12-12T02:30:39+00:00
selftest: Add test for ndr_size_struct() faulting on a NULL pointer

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
4501663f by Andrew Bartlett at 2019-12-12T02:30:39+00:00
libndr: Do not overwrite token list with NULL on allocation failure

This was one part of the minimum patch for CVE-2019-14908 before
being downgraded as not a security-release worthy issue.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
7a0ed44b by Andrew Bartlett at 2019-12-12T02:30:39+00:00
ndr: Restrict size of ndr_token lists to avoid memory abuse by malicious clients

This is designed to stop a very large number of tokens from being stored for
arrays of structures containing relative pointers in particular.

This was one part of the minimum patch for CVE-2019-14908 before
being downgraded as not a security-release worthy issue.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
ae43093b by Andrew Bartlett at 2019-12-12T02:30:40+00:00
s4-libcli/rap: Set the switch_value before NDR_BUFFERS to prepare for new libndr behaviour

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a22a22e4 by Andrew Bartlett at 2019-12-12T02:30:40+00:00
negoex: Set the switch_value before NDR_BUFFERS to prepare for new libndr behaviour

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f7bcf227 by Andrew Bartlett at 2019-12-12T02:30:40+00:00
librpc: Set the switch_value before NDR_BUFFERS to prepare for new libndr behaviour

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
603f23b1 by Andrew Bartlett at 2019-12-12T02:30:40+00:00
pidl: Generate and consume the switch level token for both NDR_SCALARS and NDR_BUFFERS in ndr_pull()

This means what was previously a list becomes a single variable that
could be passed as a function paraemter, but this is avoided for now
because it would change the ABI and be more intrusive.

Before this, a client could cause a NDR token containing the swith level
to be allocated for each and every element in the array that they
promised they were sending (without having to actually send them).

Found by Michael Hanselmann using Honggfuzz and an fuzzer for Samba's
NDR layer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e1a15710 by Andrew Bartlett at 2019-12-12T02:30:40+00:00
librpc/ndr: Add ndr_push_steal_switch_value()

This will allow generated code to instead push and pop union values onto the
switch_list stack, which is more memory efficient than creating a single large
list to be scannned and eventually discarded.

Merge into unreleased ABI 1.0.0

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e08461b2 by Andrew Bartlett at 2019-12-12T02:30:40+00:00
pidl: Add and use ndr_print_steal_switch_value(), removing ndr_print_get_switch_value()

This avoids really long token lists for switch values
that will not be needed past this point.

The function name is changed to clarify what exactly is being
done here, and the old function is removed to ensure it is
not being used anywhere else.

Merge the removal of ndr_print_get_switch_value into
just-tagged librpc/ABI/ndr-1.0.0.sigs as this
has not been put into any release yet.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
5eb560d2 by Andrew Bartlett at 2019-12-12T02:30:40+00:00
pidl: Mismatch between set and get of relative base pointers

The set was within the switch, the get was before the switch.

The difference is shown when there is an empty default element.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
362d70ff by Andrew Bartlett at 2019-12-12T02:30:40+00:00
librpc: Do not follow a NULL pointer when calculating the size of a structure

Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
456cdb7f by Andrew Bartlett at 2019-12-12T02:30:40+00:00
pidl: Mismatch between set and get of relative base pointers

The set was within the switch, the get was before the switch.

The difference is shown when there is an empty default element.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
92a7c5a7 by Andrew Bartlett at 2019-12-12T02:30:40+00:00
librpc: Do not follow a NULL pointer when calculating the size of a union

Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
b880bda5 by Andrew Bartlett at 2019-12-12T02:30:40+00:00
librpc: Remove last callers of ndr_pull_get_switch_value()

By removing this we know we do not need to worry about this list
growing without bounds.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
a4471739 by Andrew Bartlett at 2019-12-12T02:30:40+00:00
librpc: Remove last callers of ndr_push_get_switch_value()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
d30c377d by Andrew Bartlett at 2019-12-12T02:30:41+00:00
librpc/ndr: Remove ndr_{push,pull}_get_switch_value()

By removing this we know we do not need to worry about this list
growing without bounds.  We merge this into the recently created but
not yet released ABI 1.0.0

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
82aff583 by Andrew Bartlett at 2019-12-12T03:56:23+00:00
libndr: Return enum ndr_err_code from ndr_{pull,push}_steal_switch_value()

This breaks the ABI so we merge this into the unreleased libndr-1.0.0.

The advantage of the new functions is there (except for print, which
is unchanged) is an error raised when the token is not found, so
we can be confident in the changes to the token behaviour.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Dec 12 03:56:23 UTC 2019 on sn-devel-184

- - - - -
48ed60d7 by Ralph Boehme at 2019-12-12T20:22:51+00:00
lib/replace: work around an API conflict between ncurses and XFS xattr API

Compile error:

  [4530/4693] Compiling source3/utils/regedit_list.c
  In file included from ../../source3/utils/regedit_list.h:24,
                   from ../../source3/utils/regedit_list.c:20:
  /usr/include/curses.h:611:28: error: conflicting types for ‘attr_get’
    611 | extern NCURSES_EXPORT(int) attr_get (attr_t *, NCURSES_PAIRS_T *, void *); /* generated */
        |                            ^~~~~~~~
  compilation terminated due to -Wfatal-errors.

Both ncurses and XFS xattr API provide a get_attr() function. As a workaround
avoid including <sys|attr/attributes.h> if <attr|sys/xattr.h> is present.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Dec 12 20:22:51 UTC 2019 on sn-devel-184

- - - - -
2048ff3a by Jeremy Allison at 2019-12-16T14:05:33+00:00
s3: smbd: msdfs: Cleanup, don't mix int and size_t types for a count variable.

Add integer wrap check.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
cc1ec0a9 by Jeremy Allison at 2019-12-16T14:05:33+00:00
s3: smbd: cleanup. Change 'int referral_count' -> 'size_t referral_count' in struct junction_map.

This is a non-negative count. Fix remaing code to not mix int and size_t.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
af2d54bf by Jeremy Allison at 2019-12-16T15:32:08+00:00
s3: smbd: msdfs: Factor out the code to create a msdfs:referral,list into a separate function.

This will allow it to be called from other places once the get/set_msdfs
calls are moved into being first class VFS functions.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Mon Dec 16 15:32:08 UTC 2019 on sn-devel-184

- - - - -
f42e089a by Volker Lendecke at 2019-12-16T19:02:31+00:00
smbd: Avoid casts in open_directory()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
810fd90a by Volker Lendecke at 2019-12-16T19:02:31+00:00
smbd: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
fe7f2412 by Volker Lendecke at 2019-12-16T19:02:31+00:00
torture4: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
6abcc833 by Volker Lendecke at 2019-12-16T19:02:32+00:00
smbd: Explicitly state when modifying share_mode_data

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1c188c37 by Volker Lendecke at 2019-12-16T19:02:32+00:00
smbd: Use explicit share_mode_wakeup_waiters()

We don't need to unparse the locking.tdb record, we just need to wake
up waiters when downgrading a lease

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
97ad5054 by Volker Lendecke at 2019-12-16T20:27:59+00:00
smbd: Use explicit share_mode_wakeup_waiters()

We don't need to unparse the locking.tdb record, we just need to wake
up waiters when removing an oplock

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Dec 16 20:27:59 UTC 2019 on sn-devel-184

- - - - -
5d34c887 by Günther Deschner at 2019-12-17T07:58:39+00:00
s3-rpc_server: always print the full PDU.

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
2241ce8e by Simo Sorce at 2019-12-17T09:24:56+00:00
mit-kdb: Fix license on header file

Signed-off-by: Simo Sorce <idra at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Dec 17 09:24:56 UTC 2019 on sn-devel-184

- - - - -
fca2d3e0 by Anoop C S at 2019-12-17T21:53:07+00:00
s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir

On receiving an already initialized stat_ex buffer for readdir() call we
invoke readdirplus() GlusterFS API, an optimized variant of readdir(),
which then returns stat information along with dir entry result. But for
symlink entries we don't know if link or target info is needed. In that
case it is better to leave this decision back to caller by resetting
nlinks value inside stat information to make it invalid.

This was also preventing us from displaying msdfs link as directories
inside the share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14182

Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Günther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Dec 17 21:53:07 UTC 2019 on sn-devel-184

- - - - -
54293f92 by David Disseldorp at 2019-12-17T22:40:31+00:00
vfs_ceph_snapshots: fix root relative path handling

For file paths relative to root, ceph_snap_get_parent_path() may return
an empty parent dir string, in which case the CephFS snashot path should
be ".snap".

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14216

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
28d9c418 by Volker Lendecke at 2019-12-17T22:40:32+00:00
smbd: Add share_mode_count_entries()

In order to not write the share mode on every open/close, we need to get rid of
share_mode_data->num_share_modes. "net tdb" needs this information precisely
though, and it's pretty cheap to calculate.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
3e5f1be8 by Volker Lendecke at 2019-12-17T22:40:32+00:00
net: Use share_mode_count_entries()

Avoid a reference to share_mode_data->num_share_modes

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
21eff9d1 by Volker Lendecke at 2019-12-17T22:40:32+00:00
smbd: Pass num_share_modes to share_mode_entry_do() callback

mark_share_mode_disconnected_fn() will need this, the information is
easily available and should not hurt the other callers.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5a2fa457 by Volker Lendecke at 2019-12-17T22:40:32+00:00
smbd: Avoid a reference to share_mode_data->num_share_modes

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0df06f51 by Volker Lendecke at 2019-12-17T22:40:32+00:00
smbd: Avoid a reference to share_mode_data->num_share_modes

share_mode_data->num_share_modes will go away soon, count the values
directly while walking the array.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
15977f5d by Volker Lendecke at 2019-12-17T22:40:32+00:00
smbd: Introduce share_mode_have_entries()

This hides a use of share_mode_data->num_share_modes in
share_mode_lock.c

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
42ce7499 by Volker Lendecke at 2019-12-17T22:40:32+00:00
smbd: Avoid a direct access to share_mode_data->num_share_modes

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9734bad3 by Volker Lendecke at 2019-12-17T22:40:32+00:00
smbd: Use share_mode_data->num_share_modes as a boolean

This is a micro-commit showing that we don't actually need
share_mode_data->num_share_modes as a number *counting* the share mode
entries in share_entries.tdb anymore. Instead, we are only using it as
an indication for share_mode_lock_destructor() to see whether share
entries are around or not, i.e. whether it's worth keeping or deleting
the record in locking.tdb.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4a60e577 by Volker Lendecke at 2019-12-17T22:40:32+00:00
smbd: Don't store "num_share_modes" in locking.tdb

With the last commit we don't store the share mode entry count
anymore. With this commit we go one step further and avoid storing
it. If there's valid record in locking.tdb, there is a corresponding
record in share_entries.tdb, so there's no point storing that once
more explicitly.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1141fbe9 by Volker Lendecke at 2019-12-18T00:05:13+00:00
smbd: Convert share_mode_data->num_share_modes into a boolean8

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Dec 18 00:05:13 UTC 2019 on sn-devel-184

- - - - -
66d12eb9 by Andrew Bartlett at 2019-12-18T06:39:26+00:00
lib/fuzzing: Initialise st buffer in fuzz_ndr_X

An NDR pull of a function will fill in either the in. or out.
elements of this structure, but never both.

However, some structures have size_is() in the out. that reference
the in. elements.  This is the reason for the --context-file option
in ndrdump.

We have a special handler in the fuzzing case embedded in the
pidl-generated output to cope with this, by filling in pointers
for elements declared [ref,in] but it relies on the in-side
(at least) of the buffer being zeroed.

So zero the buffer before we start.  Sadly this means things
like valgrind can not find a use of uninitialised data, but that
is a price we have to pay.

Credit to OSS-Fuzz

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
5a989d66 by Andrew Bartlett at 2019-12-18T06:39:26+00:00
lib/fuzzing: Allow load of fuzz inputs as files on the command line

This is easier to put under gdb.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
5ccb5e23 by Andrew Bartlett at 2019-12-18T06:39:26+00:00
sefltest: Demonstrate crash in manually written printer for drsuapi_DsAttributeValue

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
0e651b45 by Andrew Bartlett at 2019-12-18T06:39:26+00:00
librpc: Fix manually written printer for drsuapi_DsAttributeValue

Credit to OSS-Fuzz

Found using the ndr_fuzz_X target.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
4d9753df by Gary Lockyer at 2019-12-18T06:39:26+00:00
lib ldb: fix use after free

Fix ASAN detected use after free.  No security implications as  the
talloc_free is followed immediately by the print statement and the value
printed is an integer

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
bbc4ebbc by Andrew Bartlett at 2019-12-18T06:39:26+00:00
lib/fuzzer: Allow coverage build for oss-fuzz

This still does not seem to be enough but it is one step towards a working
coverage build.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
5eac5813 by Andrew Bartlett at 2019-12-18T06:39:26+00:00
lib/fuzzing and librpc: Do not generate fuzzers for pointless targets

We need to focus the fuzzing effort on reachable code, and these IDL
are just historical artifacts, many are entirely [todo] and have
no samba client nor server.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
ad9a81c6 by Andrew Bartlett at 2019-12-18T08:05:05+00:00
librpc: Move winstation.idl to the top level and exclude from fuzzing

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Dec 18 08:05:05 UTC 2019 on sn-devel-184

- - - - -
f8f3b33e by Ralph Boehme at 2019-12-18T10:13:41+00:00
lib/replace: prefer <sys/xattr.h> over <attr/xattr.h>

This prevents the following compile error that may happens if "system/filesys.h"
is included before "system/capability.h" on Ubuntu 16.04:

  [1802/4407] Compiling source3/lib/system.c
  In file included from ../../lib/replace/system/filesys.h:112:0,
                   from ../../source3/include/vfs.h:29,
                   from ../../source3/include/smb.h:150,
                   from ../../source3/include/includes.h:284,
                   from ../../source3/lib/system.c:23:
  /usr/include/x86_64-linux-gnu/sys/xattr.h:32:3: error: expected identifier before numeric constant
     XATTR_CREATE = 1, /* set value, fail if attr already exists.  */
     ^

The above error is from compiling a source tree which includes a change that
adds an include "system/filesys.h" to the top of "source3/include/vfs.h".

"source3/lib/system.c" has the following includes:

  #include "includes.h"
  #include "system/syslog.h"
  #include "system/capability.h"
  #include "system/passwd.h"
  #include "system/filesys.h"
  #include "../lib/util/setid.h"

The first include of "includes.h" pulls in "vfs.h" which will pull in
"system/filesys.h" with the mentioned change. "system/filesys.h" pulls in
<attr/xattr.h> which has this define

  #define XATTR_CREATE  0x1

Later in "source3/lib/system.c" "system/capability.h" is included which includes
<sys/xattr.h> on Ubuntu 16.04 (not in later versions of glibc). This defines the
XATTR_* values as an enum:

  enum {
    XATTR_CREATE = 1,     /* set value, fail if attr already exists.  */
    XATTR_REPLACE = 2     /* set value, fail if attr does not exist.  */
  };

The previous define of XATTR_CREATE as 1 makes this

  enum {
    1 = 1,     /* set value, fail if attr already exists.  */
    2 = 2     /* set value, fail if attr does not exist.  */
  };

which is invalid C. The compiler error diagnostic is a bit confusing, as it
prints the original enum from the include file.

See also:

<https://bugs.freedesktop.org/show_bug.cgi?id=78741>
<https://bugs.launchpad.net/ubuntu/+source/attr/+bug/1288091>
<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756097>

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Björn Baumbach <bb at samba.org>

- - - - -
5fd65edc by Björn Baumbach at 2019-12-18T11:37:53+00:00
samba_kcc: avoid ValueError when local connections are less than 2

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

Autobuild-User(master): Björn Baumbach <bb at sernet.de>
Autobuild-Date(master): Wed Dec 18 11:37:53 UTC 2019 on sn-devel-184

- - - - -
f0eb1e62 by Torsten Fohrer at 2019-12-18T14:33:58+00:00
Avoiding bad call flags with python 3.8, using METH_NOARGS instead of zero.

(C) SBE network solutions GmbH

Signed-off-by: Torsten Fohrer <torsten.fohrer at sbe.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Dec 18 14:33:58 UTC 2019 on sn-devel-184

- - - - -
f8799bf0 by Fabrice Fontaine at 2019-12-18T15:32:40+00:00
lib/ldb/tests: include stdint.h before cmocka.h

This fix the following build failures:

[2466/3864] Linking bin/default/lib/ldb/ldbmodify
In file included from /home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/lib/gcc/mips64el-buildroot-linux-uclibc/5.5.0/include/stdint.h:9:0,
                 from ../../lib/tevent/tevent.h:31,
                 from ../../lib/ldb/include/ldb.h:51,
                 from ../../lib/ldb/tests/test_ldb_dn.c:25:
/home/buildroot/autobuild/instance-0/output-1/host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/stdint.h:122:27: error: conflicting types for 'uintptr_t'
 typedef unsigned long int uintptr_t;
                           ^
In file included from ../../lib/ldb/tests/test_ldb_dn.c:23:0:
/home/buildroot/autobuild/instance-0/output-1/host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/cmocka.h:132:28: note: previous declaration of 'uintptr_t' was here
       typedef unsigned int uintptr_t;
                            ^

In file included from /home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/lib/gcc/mips64el-buildroot-linux-uclibc/5.5.0/include/stdint.h:9:0,
                 from ../../lib/tevent/tevent.h:31,
                 from ../../lib/ldb/tests/ldb_key_value_test.c:48:
/home/buildroot/autobuild/instance-0/output-1/host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/stdint.h:122:27: error: conflicting types for 'uintptr_t'
 typedef unsigned long int uintptr_t;
                           ^
In file included from ../../lib/ldb/tests/ldb_key_value_test.c:43:0:
/home/buildroot/autobuild/instance-0/output-1/host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/cmocka.h:132:28: note: previous declaration of 'uintptr_t' was here
       typedef unsigned int uintptr_t;
                            ^

Fixes:
 - http://autobuild.buildroot.org/results/9507739b3d5d51024ee9c60b74c2f85d5004e7e2

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14218

Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Reviewed-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1bfb3840 by Fabrice Fontaine at 2019-12-18T16:57:52+00:00
source4/utils/oLschema2ldif: include stdint.h before cmocka.h

This fix the following build failure:

In file included from /home/fabrice/buildroot/output/host/opt/ext-toolchain/lib/gcc/mips64el-buildroot-linux-uclibc/5.5.0/include/stdint.h:9:0,
                 from /home/fabrice/buildroot/output/host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/inttypes.h:27,
                 from ../../lib/replace/../replace/replace.h:64,
                 from ../../source4/include/includes.h:23,
                 from ../../source4/utils/oLschema2ldif/test.c:25:
/home/fabrice/buildroot/output/host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/stdint.h:122:27: error: conflicting types for ‘uintptr_t’
 typedef unsigned long int uintptr_t;
                           ^
In file included from ../../source4/utils/oLschema2ldif/test.c:23:0:
/home/fabrice/buildroot/output/host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/cmocka.h:132:28: note: previous declaration of ‘uintptr_t’ was here
       typedef unsigned int uintptr_t;

Fixes:
 - http://autobuild.buildroot.org/results/9507739b3d5d51024ee9c60b74c2f85d5004e7e2

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14218

Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Reviewed-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Dec 18 16:57:52 UTC 2019 on sn-devel-184

- - - - -
dd694bdc by Andreas Schneider at 2019-12-19T14:20:41+00:00
s3:script: Try to fix a Perl warning

Scalar value @ENV{"BASH_ENV"} better written as $ENV{"BASH_ENV"} at
/tmp/samba-testbase/b23/samba-ad-dc-1/source3/script/tests/printing/modprinter.pl
line 134.

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ea51a426 by Andreas Schneider at 2019-12-19T14:20:41+00:00
s3:libsmb: Generate the inode only based on the path component

Currently we use the full smb url which includes also username and
password.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14101

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
bf9a3a7a by Andreas Schneider at 2019-12-19T14:20:42+00:00
s3:libsmb: Add try_posixinfo to SMBSRV struct. Only enable for SMB1 with UNIX for now.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14101

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0fe9dc52 by Andreas Schneider at 2019-12-19T14:20:42+00:00
s3:libsmb: Return a 'struct stat' buffer for SMBC_getatr()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14101

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b3e3cb3b by Andreas Schneider at 2019-12-19T14:20:42+00:00
s3:libsmb: Add a setup_stat_from_stat_ex() function

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14101

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8b04590e by Andreas Schneider at 2019-12-19T15:44:25+00:00
libsmbclient: If over SMB1 first try to do a posix stat on the file.

Disable in future, if server doesn't support this.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14101

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Dec 19 15:44:25 UTC 2019 on sn-devel-184

- - - - -
c20179a4 by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: use ad_dc_ntvfs env instead of ad_dc_default for samba4.ldb.ldaps

ad_dc_default is currently an alias for ad_dc_ntvfs, so this is currently no
change in behaviour, but this is going to change.

As the ad_dc_ntvfs env specifies "ldap server require strong auth =
allow_sasl_over_tls" and this is needed for the test, we have to let the test
use the ad_dc_ntvfs env explicitly.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
2d2809be by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: make testenv name logic more flexible for the rpc testcases

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
9174968b by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: hardcode ad_dc_ntvfs for the rpc.netlogon testsuite

The rpc.netlogon testsuite has a test that verifies LSA over netlogon which is
only enabled in the ad_dc_ntvfs env.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
7974e550 by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: run rpc.srvsvc and rpc.mgmt against ad_dc_ntvfs explicitly

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
88a38138 by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: run samba.tests.dcerpc.srvsvc against ad_dc_ntvfs explicitly

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
0f5b6623 by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: run samba4.ldap.dirsync.python against ad_dc_ntvfs explicitly

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
f3f22851 by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: run samba.ldap.referrals against ad_dc_ntvfs explicitly

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
ac115db1 by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: run samba.tests.samba_tool.user against ad_dc_ntvfs:local explicitly

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
8d1206c9 by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: make ad_dc_default an alias for ad_dc, not ad_dc_ntvfs

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
bba0cafa by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: make ad_dc_slowtests an alias for ad_dc, not ad_dc_ntvfs

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
01141d06 by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: make fl2008dc an alias for ad_dc, not ad_dc_ntvfs

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
db24892d by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: don't use NTVFS fileserver in promoted_dc

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
fbcf1ab7 by Ralph Boehme at 2019-12-20T06:08:40+00:00
selftest: don't use NTVFS fileserver in vampire_dc

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
bd141ead by Ralph Boehme at 2019-12-20T06:08:41+00:00
selftest: don't use NTVFS fileserver in fl2000dc

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
3518151c by Ralph Boehme at 2019-12-20T06:08:41+00:00
selftest: don't use NTVFS fileserver in fl2003dc

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
629254ec by Ralph Boehme at 2019-12-20T06:08:41+00:00
selftest: don't use NTVFS fileserver in fl2008r2dc

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
2e5188f5 by Ralph Boehme at 2019-12-20T06:08:41+00:00
selftest: don't use NTVFS fileserver in rodc

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
1cf23972 by Ralph Boehme at 2019-12-20T07:34:42+00:00
selftest: don't use NTVFS fileserver in chgdcpass

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Dec 20 07:34:42 UTC 2019 on sn-devel-184

- - - - -
f0cebbe4 by Gary Lockyer at 2019-12-20T07:35:41+00:00
test upgradedns: ensure lmdb lock files linked

Add tests to check that the '-lock' files for the dns partitions as well as
the data files are linked when running
    samba_dnsupgrade --dns-backend=BIND9_DLZ
failure to create these links can cause corruption of the corresponding
data file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
0bd47914 by Gary Lockyer at 2019-12-20T07:35:41+00:00
upgradedns: ensure lmdb lock files linked

Ensure that the '-lock' files for the dns partitions as well as the data
files are linked when running
  samba_dnsupgrade --dns-backend=BIND9_DLZ
failure to create these links can cause corruption of the corresponding
data file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
f11e207e by Andreas Schneider at 2019-12-20T07:35:41+00:00
librpc: Fix string length checking in ndr_pull_charset_to_null()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14219

Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b28d1dca by Andreas Schneider at 2019-12-20T09:01:30+00:00
librpc: Add test for ndr_string_length()

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Dec 20 09:01:30 UTC 2019 on sn-devel-184

- - - - -
30cbc5b9 by Andrew Bartlett at 2019-12-20T10:09:34+00:00
s4-smbd: Also restart prefork children lost to SIGKILL (-9)

Samba 4.10 and later versions have a process restart capability to greatly
reduce the impact of crashes due to a NULL pointer de-reference or abort().

However SIGKILL was deliberatly omitted.

Sadly this is the most likely case, due to the OOM killer, as raised here:

https://lists.samba.org/archive/samba-technical/2019-November/134529.html

Subsequent discussion (offline) has been to agree that we should restart in
this case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14221

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
49197368 by Andrew Bartlett at 2019-12-20T10:09:34+00:00
WHATSNEW: Celebrate the end of smbdes and the almost-end of in-tree AES

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
16557e44 by Andrew Bartlett at 2019-12-20T10:09:34+00:00
selftest: Confirm parse of dnsProperty records

This confirms a name of "." will round-trip correctly.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a85d257c by Andrew Bartlett at 2019-12-20T11:33:52+00:00
librpc: Do not access name[-1] trying to push "" into a dnsp_name

This simply matches the behaviour from before e7b1acaddf2ccc7de0301cc67f72187ab450e7b5
when the logic for a trailing . was added.  This matches what is added in
the dnsRecord attribute for a name of "." over the dnsserver RPC
management interface and is based on what Windows does for that name
in (eg) an MX record.

No a security bug because we use talloc and so name will be just the
end of the talloc header.

Credit to OSS-Fuzz

Found using the fuzz_ndr_X fuzzer

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Dec 20 11:33:52 UTC 2019 on sn-devel-184

- - - - -
8517bb10 by Ralph Boehme at 2019-12-20T11:41:40+00:00
s3: pass session info to get_referred_path()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
8a0ad072 by Ralph Boehme at 2019-12-20T11:41:40+00:00
s3: pass session_info to create_msdfs_link()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
e12a724f by Ralph Boehme at 2019-12-20T11:41:40+00:00
s3: pass session_info to remove_msdfs_link()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
8d457a83 by Ralph Boehme at 2019-12-20T11:41:40+00:00
smbd: pass session_info to junction_to_local_path_tos()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
457c9140 by Ralph Boehme at 2019-12-20T11:41:40+00:00
s3: pass session_info to enum_msdfs_links()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
d6a5aa6d by Ralph Boehme at 2019-12-20T11:41:40+00:00
smbd: pass session info to count_dfs_links()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
10fa50a8 by Ralph Boehme at 2019-12-20T11:41:40+00:00
smbd: pass session_info to form_junctions()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
0e57dbb8 by Ralph Boehme at 2019-12-20T11:41:41+00:00
smbd: pass session info to create_conn_struct_tos_cwd()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
7fb188c1 by Ralph Boehme at 2019-12-20T11:41:41+00:00
s3:rpc_server: pass session_info to elog_check_access()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
d68d8c65 by Ralph Boehme at 2019-12-20T11:41:41+00:00
s3:rpc_server: pass session_info to get_nt_acl_no_snum()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
459233b9 by Ralph Boehme at 2019-12-20T11:41:41+00:00
smbd: pass session_info to create_conn_struct_tos()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
cfc0ca73 by Ralph Boehme at 2019-12-20T11:41:41+00:00
python: move system_session_unix to new auth_util.py

system_session_unix() will be used by many more callers soon.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9796ebce by Ralph Boehme at 2019-12-20T11:41:41+00:00
pysmbd: reformat py_smbd_set_simple_acl() kwnames and PyArg_ParseTupleAndKeywords() call

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
399ebb56 by Ralph Boehme at 2019-12-20T11:41:41+00:00
pysmbd: reformat py_smbd_chown() kwnames and PyArg_ParseTupleAndKeywords() call

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
b08c955a by Ralph Boehme at 2019-12-20T11:41:41+00:00
pysmbd: reformat py_smbd_unlink() kwnames and PyArg_ParseTupleAndKeywords() call

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
59a6c9a4 by Ralph Boehme at 2019-12-20T11:41:41+00:00
pysmbd: reformat py_smbd_have_posix_acls() kwnames and PyArg_ParseTupleAndKeywords() call

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
33f33dc0 by Ralph Boehme at 2019-12-20T11:41:41+00:00
pysmbd: reformat py_smbd_get_nt_acl() kwnames

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
af1f6e9f by Ralph Boehme at 2019-12-20T11:41:41+00:00
pysmbd: reformat py_smbd_set_sys_acl() kwnames and PyArg_ParseTupleAndKeywords() call

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9ff37867 by Ralph Boehme at 2019-12-20T11:41:41+00:00
pysmbd: reformat py_smbd_get_sys_acl() kwnames and PyArg_ParseTupleAndKeywords() call

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
d80259d8 by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: reformat py_smbd_mkdir() kwnames

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
927c87d2 by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: reformat py_smbd_create_file() kwnames

No change in behaviour.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9807d69e by Ralph Boehme at 2019-12-20T11:41:42+00:00
python/tests: use a system session_info in posixacl.py

Previously posixacl.py passed None as session_info object from
get_session_info().

That meant that the if/else branch referring to session_info:

        if nwrap_winbind_active or session_info:
             self.assertEquals(posix_acl.acl[1].a_perm, 7)
         else:
             self.assertEquals(posix_acl.acl[1].a_perm, 6)

must be tweaked to take into account that session info is now either

* a system session_info in which case we must continue to use the if branch in
  the code, or

* a user session_info in which case we must continue to go through the else
  branch

Using

  is_user_session = not session_info.security_token.is_system()

in place of just "session_info" does the trick.

Cf the classes SessionedPosixAclMappingTests and
UnixSessionedPosixAclMappingTests in posixacl.py, those are the ones that
trigger test execution with a user session.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
e6d40e6f by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: add "session_info" arg to py_smbd_set_simple_acl()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
da2a9857 by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: add "session_info" arg to py_smbd_chown()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
a4f3860d by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: add "session_info" arg to py_smbd_unlink()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
437af4d0 by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: make "session_info" arg to py_smbd_set_nt_acl() mandatory

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
9b2c415d by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: make "session_info" arg to py_smbd_get_nt_acl() mandatory

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
a9184a10 by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: add "session_info" arg to py_smbd_set_sys_acl()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5cef3a13 by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: add "session_info" arg to py_smbd_get_sys_acl()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
7121d475 by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: add "session_info" arg to py_smbd_mkdir()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ee5bf296 by Ralph Boehme at 2019-12-20T11:41:42+00:00
pysmbd: add "session_info" arg tp py_smbd_create_file()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
1fa05e5c by Ralph Boehme at 2019-12-20T11:41:42+00:00
s3: simplify create_conn_struct_as_root()

Now that all callers pass in a valid session_info, we can remove handling of
session_info=NULL. Add an assert(session_info != NULL) just in case... :)

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
5db4a881 by Ralph Boehme at 2019-12-20T11:41:42+00:00
s3: remove unused macro FSP_BELONGS_CONN()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
670205ac by Ralph Boehme at 2019-12-20T13:06:20+00:00
s3: remove unused session_keystr from struct user_struct

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Dec 20 13:06:20 UTC 2019 on sn-devel-184

- - - - -
946beafb by David Mulder at 2019-12-20T22:01:28+00:00
Convert samba4.base.*attr tests to smb2

Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Ralph Böhme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
33212832 by David Mulder at 2019-12-20T22:01:28+00:00
Convert samba4.base.rw1 test to smb2

Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Ralph Böhme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
31d5e945 by awalker at 2019-12-20T22:01:28+00:00
vfs_zfsacl: load parameters on connect

Convert zfsacl:denymissingspecial so that the parameter loads on connect.

Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
2c7699e7 by awalker at 2019-12-20T22:01:28+00:00
vfs_zfsacl: add manpage entry for zfsacl:denymissingspecial

Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
cd313d0a by Ralph Boehme at 2019-12-20T22:01:28+00:00
vfs_zfsacl: pass nfs4_params to smb_set_nt_acl_nfs4()

Now that we parse nfs4_params in the VFS connect in this module, we can pass it
to smb_set_nt_acl_nfs4() which avoids having smb_set_nt_acl_nfs4() parse
it *every time* it's called.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
063fadd3 by Ralph Boehme at 2019-12-20T22:01:28+00:00
vfs_zfsacl: pass config to zfs_get_nt_acl_common()

Not used for now, that comes next.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
30f9e1dd by awalker at 2019-12-20T23:24:54+00:00
vfs_zfsacl: fix issue with ACL inheritance in zfsacl

Add parameter zfsacl:map_dacl_protected to address issue preventing Windows Clients
from disabling inheritance on ACLs. FreeBSD does not currently expose the ACL_PROTECTED
NFS4.1 flag, but it does expose ACE4_INHERITED_ACE. When the parameter is enabled,
map the absence of ACE4_INHERITED_ACE to SEC_DESC_DACL_PROTECTED.

See also the discussion at

https://gitlab.com/samba-team/samba/merge_requests/719

Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Dec 20 23:24:54 UTC 2019 on sn-devel-184

- - - - -
bf592a19 by Volker Lendecke at 2019-12-22T17:29:28+00:00
torture3: Introduce "key" helper variable

Call string_term_tdb_data() once instead of three times

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
bc00eaca by Volker Lendecke at 2019-12-22T17:29:28+00:00
torture3: Parametrize lock4_child()s locktype

We'll call it twice soon

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
12638d48 by Volker Lendecke at 2019-12-22T17:29:28+00:00
torture3: Add a test that contends with a READ, not a WRITE lock

This walks different code paths in the subsequent locker. And the one
that we did not test so far is in fact buggy

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
40ecc2f6 by Volker Lendecke at 2019-12-22T18:57:17+00:00
lib: Fix contending with a READ lock

When contending a WRITE with an existing READ, the contender puts
himself into the exclusive slot, waiting for the READers to go
away. If the async lock request is canceled before we got the lock, we
need to remove ourselves again. This is done in the destructor of the
g_lock_lock_state. In the successful case, the destructor needs to go
away.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sun Dec 22 18:57:17 UTC 2019 on sn-devel-184

- - - - -
df5040b1 by Stefan Metzmacher at 2020-01-01T12:04:52+00:00
Happy New Year 2020!

Signed-off-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Jan  1 12:04:52 UTC 2020 on sn-devel-184

- - - - -
693080ab by Martin Schwenke at 2020-01-02T22:36:34+00:00
ctdb-scripts: Strip square brackets when gathering connection info

ss added square brackets around IPv6 addresses in versions > 4.12.0
via commit aba9c23a6e1cb134840c998df14888dca469a485.  CentOS 7 added
this feature somewhere mid-release.  So, backward compatibility is
obviously needed.

As per the comment protocol/protocol_util.c should probably print and
parse such square brackets.  However, for backward compatibility the
brackets would have to be stripped in both places in
update_tickles()...  or added to the ss output when missing.  Best to
leave this until we have a connection tracking daemon.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14227

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
9edf15af by Martin Schwenke at 2020-01-03T00:00:55+00:00
ctdb-tests: Skip some tests that don't work with IPv6

See the comments added to the tests.

It may be possible to rewrite these so they do something sane for
IPv6... some other time.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14227

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Jan  3 00:00:55 UTC 2020 on sn-devel-184

- - - - -
ba97f408 by Volker Lendecke at 2020-01-03T00:04:43+00:00
lib: Remove an unused variable from security_token_debug()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
605bb4e9 by Volker Lendecke at 2020-01-03T00:04:43+00:00
ntlm_auth: Fix a DEBUG message

This is not routine auth_generic_prepare

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
f53c8fbd by Volker Lendecke at 2020-01-03T00:04:43+00:00
audit_log: Align integer types

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
fd406528 by Volker Lendecke at 2020-01-03T00:04:43+00:00
dsdb: Align integer types

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
5954a068 by Volker Lendecke at 2020-01-03T00:04:43+00:00
lsasd: Align integer types

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
ed3ee452 by Volker Lendecke at 2020-01-03T00:04:43+00:00
smbd: Avoid a "? True : False"

VALID_STAT() already is a boolean expression

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
1d0ffcf3 by Volker Lendecke at 2020-01-03T01:30:24+00:00
smbd: Remove an unused parameter from defer_open()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Fri Jan  3 01:30:24 UTC 2020 on sn-devel-184

- - - - -
4d4443d1 by David Disseldorp at 2020-01-03T20:55:29+00:00
loadparm: check for AD DC required VFS modules

When Samba is running as a domain controller and the "vfs objects"
parameter is not set, then the dfs_samba4 and acl_xattr modules are
automatically enabled.
However, if the "vfs objects" is defined, then the setting is left
as-is. This means that attempts to us other VFS modules have the side
effect of disabling the dfs_samba4 and acl_xattr modules, causing
unexpected behaviour, which is then blamed on the VFS modules that were
explicitly defined.

This change ensures that when running as a domain controller, Samba logs
an error if the required VFS modules are not enabled by an explicit
"vfs objects" definition.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10560

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>

- - - - -
03b42aeb by Björn Jacke at 2020-01-03T22:19:47+00:00
python/loadparm: check for AD DC required VFS modules

same as the previous commit, just for python's testparm code

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10560

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>

Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Fri Jan  3 22:19:47 UTC 2020 on sn-devel-184

- - - - -
7283413a by Volker Lendecke at 2020-01-06T01:47:30+00:00
tests: Fix a typo

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
b2f07034 by Volker Lendecke at 2020-01-06T01:47:30+00:00
auth3: Check for talloc failure

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
bcf94444 by Volker Lendecke at 2020-01-06T01:47:30+00:00
auth3: Simplify auth_get_ntlm_challenge()

Use generate_random_buffer() directly on the talloc'ed buffer

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
d034e839 by Volker Lendecke at 2020-01-06T01:47:30+00:00
auth3: Avoid a casts in auth3_check_password()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
33d4d482 by Volker Lendecke at 2020-01-06T01:47:30+00:00
winbind: Fix CID 1456624 Uninitialized scalar variable

Coverity does not get that for (rc!=0) gnutls_error_to_ntstatus()
never returns NT_STATUS_OK

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
59cb155a by Volker Lendecke at 2020-01-06T01:47:30+00:00
auth: Remove the "typedef auth_methods"

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
8ec4e4b6 by Volker Lendecke at 2020-01-06T01:47:30+00:00
auth: Check for talloc failure in smb_pwd_check_ntlmv2()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
b78cc821 by Volker Lendecke at 2020-01-06T01:47:30+00:00
auth: Slightly simplify smb_pwd_check_ntlmv2()

Do an early return for the failure case

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
2bd941cc by Volker Lendecke at 2020-01-06T01:47:30+00:00
auth: Check for talloc failure in smb_pwd_check_ntlmv1()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
4014d91b by Volker Lendecke at 2020-01-06T01:47:30+00:00
auth: Slightly simplify smb_pwd_check_ntlmv1()

Do an early return for the failure case

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e02d24c0 by Volker Lendecke at 2020-01-06T01:47:30+00:00
auth: Check for talloc failure in smb_sess_key_ntlmv2()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
e4ad0013 by Volker Lendecke at 2020-01-06T03:12:19+00:00
auth: Avoid casts in ntlm_check.c

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Mon Jan  6 03:12:20 UTC 2020 on sn-devel-184

- - - - -
004e5531 by Isaac Boukris at 2020-01-06T20:33:55+00:00
winbindd_pam.c: split winbindd_dual_pam_auth_samlogon

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Jan  6 20:33:55 UTC 2020 on sn-devel-184

- - - - -
d3d2e6df by Volker Lendecke at 2020-01-06T22:09:32+00:00
auth3: Replace auth3_check_password() by _send and _recv

This is just fake async, but it avoids one use of a sync function
pointer in auth4_context

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
066c4eea by Volker Lendecke at 2020-01-06T22:09:32+00:00
ntlm_auth: Replace local_pw_check() by _send and _recv

This is just fake async, but it avoids one use of a sync function
pointer in auth4_context

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
add8fd21 by Volker Lendecke at 2020-01-06T22:09:32+00:00
ntlm_auth: Replace winbind_pw_check() by _send and _recv

This is just fake async, but it avoids one use of a sync function
pointer in auth4_context

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
7f75dec8 by Volker Lendecke at 2020-01-06T23:34:00+00:00
auth: Simplify struct auth4_context

The fake async code has been pushed down into the 3 users, remove the sync
callback. Overall it's more lines of code, but the central interface is
simplified.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Jan  6 23:34:00 UTC 2020 on sn-devel-184

- - - - -
ad8e6863 by Christof Schmitt at 2020-01-08T00:01:35+00:00
system: Rename argument for kernel_flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e8d9a214 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs: Rename argument for kernel_flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
974aae41 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_not_implemented: Rename argument for flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
537d226e by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_catia: Rename argument for flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
83f59ac0 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_ceph: Rename argument for flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
46673994 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_full_audit: Rename argument of flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0d5794f6 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_glusterfs: Rename argument of flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
86c2578a by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_gpfs: Rename argument of flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b306a736 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_streams_xattr: Rename argument of flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
00fb46c7 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_time_audit: Rename argument of flock function

MS-SMB2 and the smbd code refer to this field as share_access. Use the
same name in the function argument.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
208007b8 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_gpfs: Remove check for open file in share mode function

The calling code already ensures that the file is open with a valid file
descriptor.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
05c54b72 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_gpfs: Move mapping from access mask to sharemode allow to helper function

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
79a50e75 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_gpfs: Move mapping to sharemode deny to helper function

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
eff66787 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_gpfs: Cleanup clearing file system share mode

The VFS flock function is called with a zero access_mask to indicate
that the share mode should be cleared. Adjust the check to directly
check the access_mask and provide a better message to indicate this
case.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5d5763ea by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_gpfs: Cleanup debug message file system share mode

Use the newer debug macro and the full variable names.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
56cf9b15 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_gpfs: Remove unncessary check from close function

The fsp has a valid file descriptor when this function is called. No
need for the additional check.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d9128955 by Christof Schmitt at 2020-01-08T00:01:36+00:00
vfs_gpfs: Add comment explaining why sharemode is dropped in close call.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c993480e by Christof Schmitt at 2020-01-08T00:01:37+00:00
vfs_gpfs: Log error if clearing of sharemode fails on close

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ef52a907 by Christof Schmitt at 2020-01-08T00:01:37+00:00
vfs_gpfs: Only clear sharemode on close when sharemode has been taken

This avoids a redundant error message in case the call to acquire the
sharemode had failed before.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
f03c4485 by Christof Schmitt at 2020-01-08T00:01:37+00:00
vfs_gpfs: Remove logging for unsupported file system

The gpfs_set_share API call has been around for a long time and
definitely all supported GPFS versions have it. Remove the check and
fallback for old versions without this API.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
03705f4c by Christof Schmitt at 2020-01-08T00:01:37+00:00
vfs_gpfs: Switch share mode helper function to return int

Follow the convention to return 0 on success and -1 when hitting an
error.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a64978e0 by Christof Schmitt at 2020-01-08T00:01:37+00:00
vfs_gpfs: Use early return in sharemode function

This removes one level of indentation.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
191e375d by Christof Schmitt at 2020-01-08T00:01:37+00:00
vfs_gpfs: Explicitly log when share mode has been denied

As this denies access to a file, provide a better error message for
easier troubleshooting.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
47a2c670 by Christof Schmitt at 2020-01-08T00:01:37+00:00
vfs_gpfs: Print message when share modes are disabled in file system

GPFS file systems can be configured without support for share modes. As
this results in an unique error code, print a message explaining this
situation and the required config changes.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5c20ef88 by Christof Schmitt at 2020-01-08T00:01:37+00:00
vfs_gpfs: Log failed gpfs_set_share call as error

Any other error code from gpfs_set_share should never happen. Print a
error message in case this is ever encountered.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4ff13c01 by Christof Schmitt at 2020-01-08T01:26:46+00:00
vfs_gpfs: Update message for requesting sharemode on stream

User newer debug macro and print full path to affected file.

Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan  8 01:26:46 UTC 2020 on sn-devel-184

- - - - -
55fbd4c0 by Björn Jacke at 2020-01-08T15:37:45+00:00
docs-xml/winbindnssinfo: clarify interaction with idmap_ad etc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14122
RN: docs: clarify interaction between winbind nss info and idmap backend

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Jan  8 15:37:46 UTC 2020 on sn-devel-184

- - - - -
ba53e284 by Anoop C S at 2020-01-08T23:24:58+00:00
s3: lib: dbwrap: Set rec->value_valid to avoid backtrace in `smbstatus`

Following backtrace is observed on executing `smbstatus` with at least
one SMB client connection established:

PANIC: assert failed at ../../lib/dbwrap/dbwrap.c(82): rec->value_valid
PANIC (pid 350270): assert failed: rec->value_valid
BACKTRACE: 15 stack frames:
 #0 /usr/local/lib/libsamba-util.so.0(log_stack_trace+0x1f)
[0x7fbbd9b32047]
 #1 /usr/local/lib/libsmbconf.so.0(smb_panic_s3+0x74) [0x7fbbd9c1e6ff]
 #2 /usr/local/lib/libsamba-util.so.0(smb_panic+0x28) [0x7fbbd9b32012]
 #3 /usr/local/lib/samba/libdbwrap-
samba4.so(dbwrap_record_get_value+0x86) [0x7fbbd95800ac]
 #4 /usr/local/lib/samba/libsmbd-base-samba4.so(+0x28f563)
[0x7fbbd999e563]
 #5 /usr/local/lib/samba/libsamba-cluster-support-samba4.so(+0x7851)
[0x7fbbd92c7851]
 #6 /usr/local/lib/samba/libsamba-cluster-support-
samba4.so(ctdbd_traverse+0x4ca) [0x7fbbd92cc641]
 #7 /usr/local/lib/samba/libsamba-cluster-support-samba4.so(+0x73eb)
[0x7fbbd92c73eb]
 #8 /usr/local/lib/samba/libsamba-cluster-support-samba4.so(+0x7a52)
[0x7fbbd92c7a52]
 #9 /usr/local/lib/samba/libdbwrap-samba4.so(dbwrap_traverse_read+0x35)
[0x7fbbd9580de5]
 #10 /usr/local/lib/samba/libsmbd-base-
samba4.so(smbXsrv_tcon_global_traverse+0xc5) [0x7fbbd999e7d9]
 #11 smbstatus(connections_forall_read+0x114) [0x55d17872b8ee]
 #12 smbstatus(main+0x7b2) [0x55d17872a2f3]
 #13 /lib64/libc.so.6(__libc_start_main+0xf3) [0x7fbbd93a21a3]
 #14 smbstatus(_start+0x2e) [0x55d17872894e]
Can not dump core: corepath not set up

Assertion on rec->value_valid fails as it is uninitialized in the
following functions:

traverse_read_callback
traverse_persistent_callback_read

Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan  8 23:24:58 UTC 2020 on sn-devel-184

- - - - -
e17c8e1b by Günther Deschner at 2020-01-08T23:51:30+00:00
librpc: fix IDL for spoolss_GetCorePrinterDrivers()

The charset determination makes it more difficult to deal with the real
REG_MULTI_SZ nature of that element.

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8ceddba1 by Günther Deschner at 2020-01-08T23:51:30+00:00
s3-rpcclient: add cmd_spoolss_get_core_printer_drivers

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
479cf553 by Günther Deschner at 2020-01-08T23:51:30+00:00
librpc: add IDL for spoolss_EnumPerMachineConnections

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a340aecd by Günther Deschner at 2020-01-08T23:51:30+00:00
s3-rpcclient: properly check and initialize buffers in getdriverpackagepath

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ce00972a by Günther Deschner at 2020-01-08T23:51:30+00:00
s3-rpcclient: add enumpermachineconnections command

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d3c2833f by Günther Deschner at 2020-01-08T23:51:30+00:00
s3-rpcclient: add addpermachineconnection command

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d642c9a2 by Günther Deschner at 2020-01-08T23:51:30+00:00
s3-rpcclient: add delpermachineconnection command

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
0a76a7c3 by Günther Deschner at 2020-01-08T23:51:30+00:00
s4-torture: add test for spoolss AddPerMachineConnection

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
210a8f35 by Günther Deschner at 2020-01-08T23:51:30+00:00
s4-torture: add test for spoolss_EnumPerMachineConnections

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
10386138 by Günther Deschner at 2020-01-08T23:51:30+00:00
librpc: better naming for NDR_SPOOLSS_{PUSH|PULL}_ENUM variants

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c9bebbcc by Günther Deschner at 2020-01-08T23:51:31+00:00
librpc/ndr: provide infrastructure for NDR_SPOOLSS_{PUSH|PULL}_ENUM macros

The new macros allow the same macro convenience for enum functions without
level discriminator.

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c433dac5 by Günther Deschner at 2020-01-08T23:51:31+00:00
librpc: pidlify spoolss_EnumPerMachineConnections

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
94157af2 by Günther Deschner at 2020-01-08T23:51:31+00:00
s3-rpcclient: give slightly better descriptions to clusapi commands

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c9077f16 by Günther Deschner at 2020-01-08T23:51:31+00:00
s3-rpcclient: add clusapi_pause_node command.

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
17e692a9 by Günther Deschner at 2020-01-09T01:15:34+00:00
s3-rpcclient: add clusapi_resume_node command.

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Jan  9 01:15:34 UTC 2020 on sn-devel-184

- - - - -
1cd20731 by Volker Lendecke at 2020-01-09T18:55:36+00:00
printing: Align integer types

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d78b4a84 by Volker Lendecke at 2020-01-09T18:55:36+00:00
printing: Avoid EBADF from EPOLL_CTL_DEL

TALLOC_FREE the fde before closing the fd. Otherwise the fde
destructor tries to remove a nonexisting fd from the epoll set.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
91f069cc by Volker Lendecke at 2020-01-09T18:55:36+00:00
ntlm_auth: Add a NULL check

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4b95ea37 by Volker Lendecke at 2020-01-09T18:55:36+00:00
ntlm_auth: Add type-safety instead of a simple cast

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
60b72f58 by David Disseldorp at 2020-01-09T20:20:05+00:00
vfs_ceph: assert renameat() fsps match cwd

As discussed with Jeremy in bug 14232, the vfs_ceph.renameat_fn
implementation currently ignores srcfsp and dstfsp. As a result,
relative smb_fname_src/smb_fname_dest paths will be processed as
relative to cwd.
This is currently a valid assumption, as srcfsp and dstfsp should
always match conn->cwd_fsp. Add an assert to clarify this.

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Jan  9 20:20:05 UTC 2020 on sn-devel-184

- - - - -
86a31def by Gary Lockyer at 2020-01-09T21:49:00+00:00
ndr basic: Check ndr_token_store return code

Fix for

*** CID 1457529:  Error handling issues  (CHECKED_RETURN)
/librpc/ndr/ndr_basic.c: 786 in ndr_push_full_ptr()
...
ID 1457529:  Error handling issues  (CHECKED_RETURN)
    Calling "ndr_token_store" without checking return value (as is done
    elsewhere 14 out of 17 times).

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: David Disseldorp <ddiss at samba.org>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Thu Jan  9 21:49:00 UTC 2020 on sn-devel-184

- - - - -
b0b9dd2f by Jeremy Allison at 2020-01-10T19:38:42+00:00
s3: VFS: Add SMB_VFS_CREATE_DFS_PATHAT().

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
421d26a8 by Jeremy Allison at 2020-01-10T19:38:42+00:00
s3: VFS: Implement create_dfs_pathat() in ceph.

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
235e5948 by Jeremy Allison at 2020-01-10T19:38:42+00:00
s3: VFS: Implement create_dfs_pathat() in gluster.

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
6a46c5f2 by Jeremy Allison at 2020-01-10T19:38:42+00:00
s3: VFS: Implement create_dfs_pathat() in shadow_copy2.

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
51fd8756 by Jeremy Allison at 2020-01-10T19:38:42+00:00
s3: VFS: Implement create_dfs_pathat() in snapper.

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
23df9281 by Jeremy Allison at 2020-01-10T19:38:42+00:00
s3: VFS: Implement create_dfs_pathat() in full_audit.

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
54f9da44 by Jeremy Allison at 2020-01-10T19:38:42+00:00
s3: VFS: Implement create_dfs_pathat() in time_audit.

Not yet used.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
748379c6 by Jeremy Allison at 2020-01-10T21:05:25+00:00
s3: smbd: msdfs: Change create_msdfs_link() to call SMB_VFS_CREATE_DFS_PATHAT().

No change in the (rather strange) logic.

First step in abstracting MSDFS storage from direct symlink calls.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jan 10 21:05:25 UTC 2020 on sn-devel-184

- - - - -
888002f9 by David Disseldorp at 2020-01-11T13:34:30+00:00
vfs_ceph: drop support for building without statx

libcephfs statx became available with the Kraken (11.2.0) release of
Ceph in Jan 2017. Versions prior to this are no longer supported
upstream, so we can drop support within Samba vfs_ceph.

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>

- - - - -
e61ddeef by David Disseldorp at 2020-01-11T14:59:36+00:00
vfs_ceph: drop support for pre-hammer libcephfs versions

The last Ceph Hammer release (0.94.10) came in Feb 2017, as is no longer
supported upstream. Drop support for building Samba vfs_ceph against
version prior to 0.94.0.

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>

Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Sat Jan 11 14:59:36 UTC 2020 on sn-devel-184

- - - - -
e1c6e7d1 by Douglas Bagnall at 2020-01-12T19:50:37+00:00
decode_ndr_X_crash: always find pipe in honggfuzz file

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
1d359621 by Douglas Bagnall at 2020-01-12T19:50:37+00:00
fuzz_ldap_decode: do not print to stdout

The fuzzer doesn't care and it slows things down

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
16ca3850 by Douglas Bagnall at 2020-01-12T19:50:37+00:00
ldb controls: fix typo in bypassoperational message

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
beb386b5 by Douglas Bagnall at 2020-01-12T21:21:30+00:00
fuzz: add a fuzzer for parsing ldb controls

We have had issues here in the past.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun Jan 12 21:21:30 UTC 2020 on sn-devel-184

- - - - -
c6d880a1 by Alexander Bokovoy at 2020-01-13T15:05:28+00:00
s3-rpcserver: fix security level check for DsRGetForestTrustInformation

Harmonize _netr_DsRGetForestTrustInformation with source4/ logic which
didn't change since DCE RPC channel refactoring.

With the current code we return RPC faul as can be seen in the logs:

2019/12/11 17:12:55.463081,  1, pid=20939, effective(1284200000, 1284200000), real(1284200000, 0), class=rpc_parse] ../librpc/ndr/ndr.c:471(ndr_print_function_debug)
       netr_DsRGetForestTrustInformation: struct netr_DsRGetForestTrustInformation
          in: struct netr_DsRGetForestTrustInformation
              server_name              : *
                  server_name              : '\\some-dc.example.com'
              trusted_domain_name      : NULL
              flags                    : 0x00000000 (0)
[2019/12/11 17:12:55.463122,  4, pid=20939, effective(1284200000, 1284200000), real(1284200000, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1561(api_rpcTNP)
  api_rpcTNP: fault(5) return.

This is due to this check in processing a request:
        if (!(p->pipe_bound && (p->auth.auth_type != DCERPC_AUTH_TYPE_NONE)
                       && (p->auth.auth_level != DCERPC_AUTH_LEVEL_NONE))) {
                p->fault_state = DCERPC_FAULT_ACCESS_DENIED;
                return WERR_ACCESS_DENIED;
        }

and since we get AuthZ response,

  Successful AuthZ: [netlogon,ncacn_np] user [EXAMPLE]\[admin] [S-1-5-21-1234567-890123456-500] at [Wed, 11 Dec 2019 17:12:55.461164 UTC]
  Remote host [ipv4:Y.Y.Y.Y:59017] local host [ipv4:X.X.X.X:445]
[2019/12/11 17:12:55.461584,  4, pid=20939, effective(0, 0), real(0, 0)] ../lib/audit_logging/audit_logging.c:141(audit_log_json)
  JSON Authorization: {"timestamp": "2019-12-11T17:12:55.461491+0000",
   "type": "Authorization", "Authorization": {"version": {"major": 1, "minor": 1},
   "localAddress": "ipv4:X.X.X.X:445", "remoteAddress": "ipv4:Y.Y.Y.Y:59017",
   "serviceDescription": "netlogon", "authType": "ncacn_np",
   "domain": "EXAMPLE", "account": "admin", "sid": "S-1-5-21-1234567-890123456-500",
   "sessionId": "c5a2386f-f2cc-4241-9a9e-d104cf5859d5", "logonServer": "SOME-DC",
   "transportProtection": "SMB", "accountFlags": "0x00000010"}}

this means we are actually getting anonymous DCE/RPC access to netlogon
on top of authenticated SMB connection. In such case we have exactly
auth_type set to DCERPC_AUTH_TYPE_NONE and auth_level set to
DCERPC_AUTH_LEVEL_NONE in the pipe->auth. Thus, returning an error.

Update the code to follow the same security level check as in s4 variant
of the call.

Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Mon Jan 13 15:05:28 UTC 2020 on sn-devel-184

- - - - -
36ea1e18 by Jeremy Allison at 2020-01-13T19:41:34+00:00
s3: lib: dbwrap_ctdb: Ensure value_valid is set true if we find the record in the marshall buffer.

Found by "Christopher O Cowan - Christopher.O.Cowan at ibm.com" <Christopher.O.Cowan at ibm.com>

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
15ee379e by Jeremy Allison at 2020-01-13T19:41:34+00:00
s3: lib: dbwrap. Cleanup. Add a couple of missing 'return NULL' statements on talloc fail.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

- - - - -
aa27bcef by Ralph Boehme at 2020-01-13T19:41:34+00:00
smbd: add session to struct smb_request

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8aae1ef5 by Ralph Boehme at 2020-01-13T19:41:34+00:00
smbd: move homes_snum from struct user_struct to struct smbXsrv_session

No change in behaviour. A first step in removing user_struct.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5992f8fa by Ralph Boehme at 2020-01-13T19:41:34+00:00
smbd: pass smbXsrv_session to make_connection_snum()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
bcadd7d7 by Ralph Boehme at 2020-01-13T19:41:34+00:00
smbd: use session->global->session_wire_id instead of session->compat->vuid

session->compat->vuid is set to session->global->session_wire_id after a
successful session setup, so both variables will always carry the same value. Cf
the next commit which removes vuid from user_struct.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
61fa0f99 by Ralph Boehme at 2020-01-13T19:41:34+00:00
smbd: remove vuid from struct user_struct

The previous commit removed all users of struct user_struct.vuid.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c1d0a70d by Ralph Boehme at 2020-01-13T19:41:34+00:00
smbd: use session->global->auth_session_info in make_connection_snum()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
96fd0ddd by Ralph Boehme at 2020-01-13T19:41:35+00:00
smbd: remove vuser arg from make_connection_snum()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
e80aca04 by Ralph Boehme at 2020-01-13T19:41:35+00:00
smbd: introduce smbXsrv_session_info_lookup()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
57d46892 by Ralph Boehme at 2020-01-13T19:41:35+00:00
smbd: use smbXsrv_session_info_lookup() in change_to_user_and_service()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
46f51912 by Ralph Boehme at 2020-01-13T19:41:35+00:00
smbd: share level security is long gone...

vuid will always be valid as will be vuser.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c3f890fb by Ralph Boehme at 2020-01-13T19:41:35+00:00
smbd: use smbXsrv_session_info_lookup() in api_WWkstaUserLogon()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
25524c8e by Ralph Boehme at 2020-01-13T19:41:35+00:00
smbd: use smbXsrv_session_info_lookup() in api_reply()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
54d626cc by Ralph Boehme at 2020-01-13T19:41:35+00:00
smbd: remove dependency on session->compat in smbXsrv_session_logoff()

This is not needed anymore because a previous commit changes this to use
session->global->session_wire_id insteaf of session->compat->vuid, so we're not
depending on session->compat anymore.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a22b5038 by Ralph Boehme at 2020-01-13T19:41:35+00:00
smbd: use session->global->auth_session_info in switch_message()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
dd9735b1 by Ralph Boehme at 2020-01-13T19:41:35+00:00
smbd: add get_valid_smbXsrv_session()

In memory of get_valid_user_struct() and functionally equivalent it only returns
the session if session setup was successfully completed and
session->global->auth_session_info is valid.

This function is similar to smbXsrv_session_local_lookup() and it's wrappers,
but it doesn't implement the state checks of those. get_valid_smbXsrv_session()
is NOT meant to be called to validate the session wire-id of incoming SMB
requests, it MUST only be used in later internal processing where the session
wire-id has already been validated.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c3d22018 by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: use get_valid_smbXsrv_session() in invalidate_vuid()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d2b5f85d by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: remove enum server_allocated_state magic from get_valid_user_struct()

This has been obsoleted a long time ago by
a129e271b5385853fb39a8e54b56b508b00a3e41.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
18b43aeb by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: add smbXsrv_session_local_traverse()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4b89100d by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: use smbXsrv_session_local_traverse() in id_in_use()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8be0ca8e by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: remove use of user_struct from reply_ulogoffX()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9ef30c75 by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: use req->session instead of vuser->session in make_connection_smb1()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
893aba4d by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: remove unused vuser arg from make_connection_smb1()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
758c42ec by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: remove unused vuser arg from make_connection_smb2()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
1d797a83 by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: don't use vuser in make_connection()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
cdab99ba by Ralph Boehme at 2020-01-13T19:41:36+00:00
smbd: remove using vuser from smbd_smb2_tree_connect()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
5f85090d by Ralph Boehme at 2020-01-13T19:41:37+00:00
smbd: use smbXsrv_session_info_lookup() in become_user_without_service()

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
a18ffe26 by Ralph Boehme at 2020-01-13T21:09:01+00:00
smbd: RIP user_struct

At last, the nail in the coffin. :)

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Jan 13 21:09:01 UTC 2020 on sn-devel-184

- - - - -
7c01a44f by Douglas Bagnall at 2020-01-13T22:25:38+00:00
libgpo: parse_gp_ext: do not crash upon no ext_strings

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
b07eff31 by Douglas Bagnall at 2020-01-13T23:52:26+00:00
net_ads_gpo: remove old '#if 0' blocks

I think the dump_gpo() calls do enough, and this code has done nothing
for a decade.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Mon Jan 13 23:52:26 UTC 2020 on sn-devel-184

- - - - -
89ed960b by Björn Jacke at 2020-01-14T10:28:40+00:00
tests/DNS: \n.COM shouldn't be a valid DNS record

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13788

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Björn Baumbach <bb at samba.org>

- - - - -
af7a0e33 by Björn Jacke at 2020-01-14T10:28:40+00:00
samba-tool: fix adding of dns SRV/MX/SOA records

Thanks to Denis Cardon for finding

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13788

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Björn Baumbach <bb at samba.org>

- - - - -
de768710 by Björn Jacke at 2020-01-14T11:58:20+00:00
tests/DNS: add MX/SRV record tests with multiple spaces

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13788

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Björn Baumbach <bb at samba.org>

Autobuild-User(master): Björn Baumbach <bb at sernet.de>
Autobuild-Date(master): Tue Jan 14 11:58:20 UTC 2020 on sn-devel-184

- - - - -
dc74b437 by Andreas Schneider at 2020-01-14T15:18:02+00:00
docs-xml: 'mangled names = illegal' is the new default

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jan 14 15:18:02 UTC 2020 on sn-devel-184

- - - - -
75ddd1d6 by Volker Lendecke at 2020-01-14T19:17:28+00:00
nfs4acl: Align integer types

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4546aff8 by Volker Lendecke at 2020-01-14T19:17:28+00:00
lib: Use tevent version of timeval_current_ofs()

We have tevent available anyway, use that infrastructure

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8100b56b by Volker Lendecke at 2020-01-14T19:17:28+00:00
lib: Remove "msg_ctx" from server_id_watch_send()

Not needed

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
46565a04 by Volker Lendecke at 2020-01-14T19:17:28+00:00
lib: Avoid an unnecessary include

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
be0a5ab8 by Volker Lendecke at 2020-01-14T19:17:28+00:00
test3: Fix usage check for test_sharesec.sh

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
9e67b6b9 by Volker Lendecke at 2020-01-14T19:17:29+00:00
smbd: Protect against non-string "close-share" sharenames

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d2d50079 by Björn Jacke at 2020-01-14T19:17:29+00:00
smbclient/tar: add verbose mode

A verbose mode got lost with the introduction of libarchive support.

The verbose mode is optional, default is quiet mode.

The output format is close to the verbose output format of POSIX tar
implementations and should be good parsable.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11642

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
199f44ff by Björn Jacke at 2020-01-14T19:17:29+00:00
smbtar: adopt for new tar verbose option

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
d512b275 by Björn Jacke at 2020-01-14T20:42:10+00:00
clitar: use modern DBG macros

Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jan 14 20:42:10 UTC 2020 on sn-devel-184

- - - - -
8403527b by Björn Baumbach at 2020-01-15T12:05:33+00:00
samba-tool: implement user setprimary group command (set primaryGroupID)

Introduce an option to set the primaryGroupID attribute of a user account..

Pair-programmed-with: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a77f758d by Stefan Metzmacher at 2020-01-15T12:05:33+00:00
samba-tool: implement user getgroups command

samba-tool user getgroups command to list a users group memberships.

Pair-programmed-with: Björn Baumbach <bb at sernet.de>

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
d73a9d1a by Björn Baumbach at 2020-01-15T12:05:33+00:00
selftest: create working directory for blackbox test

Required to run test separately.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
fd1c905e by Björn Baumbach at 2020-01-15T12:05:33+00:00
tests: Test samba-tool user getgroups command

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
6b8a6838 by Björn Baumbach at 2020-01-15T13:30:53+00:00
tests: Test samba-tool user setprimarygroup command

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Jan 15 13:30:53 UTC 2020 on sn-devel-184

- - - - -
79460b1b by Gary Lockyer at 2020-01-15T19:58:41+00:00
lib ldb common: Fix memory leak

TALLOC_FREE the ldb_control allocated in ldb_parse_control_from_string
when none of the cases match.

Credit to OSS-Fuzz

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: David Disseldorp <ddiss at samba.org>

- - - - -
13bd82db by Douglas Bagnall at 2020-01-15T19:58:41+00:00
fuzz: ldb_dn parsing

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
da478600 by Douglas Bagnall at 2020-01-15T19:58:41+00:00
fuzz: add ldb ldif fuzzer

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
f4bafcca by Douglas Bagnall at 2020-01-15T19:58:41+00:00
fuzz: ldb binary decode/enode

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
0fcc2e93 by Douglas Bagnall at 2020-01-15T21:24:31+00:00
fuzz: add nmblib/parse_packet target

We want to ensure that parse_packet() can parse a packet without
crashing, and that that parsed packet won't cause trouble further down
the line.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Wed Jan 15 21:24:31 UTC 2020 on sn-devel-184

- - - - -
2198da1b by Samuel Cabrero at 2020-01-15T21:25:34+00:00
s3:libsmb: Fix querying all names registered within broadcast area

Wait for additional replies until timeout when '*' is given to nmblookup
as name.

Introduced by 8da8c36b53cc115f0d446b666fc24fc9423d808e.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=8927

Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
43719826 by Volker Lendecke at 2020-01-15T21:25:34+00:00
texpect: Use lib/replace's closefrom()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4fabe1d1 by Volker Lendecke at 2020-01-15T21:25:34+00:00
texpect: Reformat long line

There will be more deps soon

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
733f7980 by Volker Lendecke at 2020-01-15T21:25:34+00:00
texpect: Avoid duplicate sys_write()

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
c9850e3d by Volker Lendecke at 2020-01-15T21:25:34+00:00
smbd: Move sharename check of conn_force_tdis() into a callback

Next commit will have an additional check

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
53948851 by Volker Lendecke at 2020-01-15T21:25:35+00:00
smbd: Add close-denied-share message

This is like close-share, but kicks out only active users where share
access controls are changed such that now access would be denied

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ebced94a by Volker Lendecke at 2020-01-15T22:51:14+00:00
torture: Test smbcontrol close-denied-share

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan 15 22:51:14 UTC 2020 on sn-devel-184

- - - - -
4bc481c5 by Douglas Bagnall at 2020-01-16T20:09:42+00:00
samba-tool gpo: improve UNC parsing

The "UNC doesn't start with \\\\ or //" message was unreachable due to
a logic error, and an UNC starting with \\ would have been split on
/ if there were enough /s in the string.

The unreachable exception was first noticed by Gerhard Lausser in a
github pull request (https://github.com/samba-team/samba/pull/123),
but that patch no longer applies with this more thorough rewrite.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
8dca8aaf by Günther Deschner at 2020-01-16T20:09:42+00:00
librpc: add various new clusapi functions and types

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
efe353ed by Günther Deschner at 2020-01-16T20:09:42+00:00
s4-torture: save cluster version in clusapi test context

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
21157c66 by Günther Deschner at 2020-01-16T20:09:42+00:00
s4-torture: fix asserts in clusapi_NodeControl tests

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
edf21f5e by Günther Deschner at 2020-01-16T20:09:42+00:00
s4-torture: add clusapi GroupSet tests

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
83bbc5cc by Günther Deschner at 2020-01-16T20:09:42+00:00
s4-torture: fix copy/paste error in clusapi group test

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
ac5b7427 by Günther Deschner at 2020-01-16T20:09:42+00:00
s4-torture: increase various bufsizes to better deal with Windows 2019 clusters

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
75367e4b by Günther Deschner at 2020-01-16T21:34:27+00:00
librpc: add clusapi_GroupSetControlCode enum

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Jan 16 21:34:27 UTC 2020 on sn-devel-184

- - - - -
6786ec2c by Douglas Bagnall at 2020-01-17T12:59:35+00:00
fuzzing: check for NULL on ldb_init()

We simply return 0 because failure here is not a problem with the code we
are actually trying to fuzz. Without this asan is unhappy.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6c7b722b by Douglas Bagnall at 2020-01-17T14:33:18+00:00
fuzz_oLschema2ldif: check multiple possible NULLs

Address sanitizer will object to a theoretically possible NULL dereference
so we can't ignore these checks in set-up.

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jan 17 14:33:18 UTC 2020 on sn-devel-184

- - - - -
c9adf47a by Anoop C S at 2020-01-17T17:14:43+00:00
vfs_glusterfs: Return fake fd from pipe() during open

GlusterFS currently doesn't have an API implementation to set flags on
open file descriptor. Thus we use pipe() to provide valid file descriptor
from the system.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14241

Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Fri Jan 17 17:14:43 UTC 2020 on sn-devel-184

- - - - -
7606800b by Ralph Boehme at 2020-01-17T22:38:14+00:00
smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid

When we're about to create a file, the stat info will be all zero, so
vfs_file_id_from_sbuf() would return a bogus file_id. This is normally not a
problem, as open_file() itself also calls vfs_file_id_from_sbuf() after having
created the file.

This is however a problem when using the VFS module fileid, as that is doing
caching of /etc/mtab and failing to find smb_fname->st.st_ex_dev (all zero in
this case when creating a new file) in the mtab cache will trigger a mtab reload
which can be *very* expensive.

Copying many small files to a Samba server in this situation will result in
abysimal performance.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14237

Pair-Programmed-With: Jeremy Allison <jra at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jan 17 22:38:14 UTC 2020 on sn-devel-184

- - - - -
cffcc39f by Andrew Bartlett at 2020-01-18T12:25:16+00:00
heimdal_build: Remove bashism from --address-sanitizer build rule

export FOO=bar is a Bash extension, and is not required in this case, we only need the asn1_compile
to run under the variable, there are no further commands in this sub-shell.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>

Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Sat Jan 18 12:25:16 UTC 2020 on sn-devel-184

- - - - -
37eb87d2 by Volker Lendecke at 2020-01-19T18:29:39+00:00
lib: Align integer types

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
229518ec by Volker Lendecke at 2020-01-19T18:29:39+00:00
dsdb: Align integer types

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
b274bc69 by Volker Lendecke at 2020-01-19T18:29:39+00:00
dsdb: Use write_data() to write to the password check script

A simple write() might be interrupted or do short writes. Highly
unlikely, but if it happens, it will be impossible to diagnose.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
42a3e2e5 by Volker Lendecke at 2020-01-19T18:29:39+00:00
ctdbd: Use struct initialization

2 lines less

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
25bcf0e7 by Volker Lendecke at 2020-01-19T18:29:39+00:00
lib: Use closefrom() in smbrun.c

INSURE is never defined or used.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

- - - - -
4dd026d0 by Volker Lendecke at 2020-01-19T19:58:01+00:00
smbd: Fix claiming version

We now have to do an explicit DOWNGRADE when we want to change from
G_LOCK_WRITE to G_LOCK_READ.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sun Jan 19 19:58:01 UTC 2020 on sn-devel-184

- - - - -
5ff83809 by Martin Schwenke at 2020-01-20T04:25:57+00:00
s3: lib: dbwrap_ctdb: Ensure value_valid is set when creating empty record

Fixes:

  PANIC: assert failed at ../../lib/dbwrap/dbwrap.c(82): rec->value_valid
  PANIC (pid 902392): assert failed: rec->value_valid
  BACKTRACE: 16 stack frames:
   #0 bin/shared/libsamba-util.so.0(log_stack_trace+0x30) [0x7fb161f69cb0]
   #1 bin/shared/libsmbconf.so.0(smb_panic_s3+0x23) [0x7fb1619f4863]
   #2 bin/shared/libsamba-util.so.0(smb_panic+0x2f) [0x7fb161f69daf]
   #3 bin/shared/private/libdbwrap-samba4.so(dbwrap_record_get_value+0x27) [0x7fb160a04c57]
   #4 bin/shared/libsamba-passdb.so.0(+0x2d27c) [0x7fb1618e627c]
   #5 bin/shared/libsamba-passdb.so.0(pdb_add_aliasmem+0x33) [0x7fb1618db663]
   #6 bin/shared/libsamba-passdb.so.0(+0x1edbb) [0x7fb1618d7dbb]
   #7 bin/shared/libsamba-passdb.so.0(create_builtin_administrators+0x167) [0x7fb1618d8217]
   #8 bin/shared/private/libauth-samba4.so(finalize_local_nt_token+0x39d) [0x7fb16194bd5d]
   #9 bin/shared/private/libauth-samba4.so(create_local_nt_token_from_info3+0x304) [0x7fb16194c3f4]
   #10 bin/shared/private/libauth-samba4.so(create_local_token+0x3d6) [0x7fb161945106]
   #11 bin/shared/private/libauth-samba4.so(+0x154b4) [0x7fb1619474b4]
   #12 bin/shared/private/libauth-samba4.so(init_guest_session_info+0x58) [0x7fb161947798]
   #13 ./bin/smbd(main+0x80f) [0x55944ef8f91f]
   #14 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xeb) [0x7fb161076bbb]
   #15 ./bin/smbd(_start+0x2a) [0x55944ef90f8a]

This is a similar, additional fix to commit
36ea1e188d5ea8d40c47ffc466a494c1160e471c.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Jan 20 04:25:57 UTC 2020 on sn-devel-184

- - - - -
558bd7c8 by Martin Schwenke at 2020-01-21T08:12:17+00:00
util: Add detection of libunwind

The current detection doesn't seem to work, so libunwind doesn't seem
to be used.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Tue Jan 21 08:12:17 UTC 2020 on sn-devel-184

- - - - -
7b19e221 by Andrew Bartlett at 2020-01-21T10:11:38+00:00
CVE-2019-14902 selftest: Add test for replication of inherited security descriptors

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
d64670ba by Andrew Bartlett at 2020-01-21T10:11:38+00:00
CVE-2019-14902 selftest: Add test for a special case around replicated renames

It appears Samba is currently string-name based in the ACL inheritence code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
febe15ab by Andrew Bartlett at 2020-01-21T10:11:38+00:00
selftest: Add test to confirm ACL inheritence really happens

While we have a seperate test (sec_descriptor.py) that confirms inheritance in
general we want to lock in these specific patterns as this test covers
rename.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
545d205e by Andrew Bartlett at 2020-01-21T10:11:38+00:00
CVE-2019-14902 dsdb: Explain that descriptor_sd_propagation_recursive() is proctected by a transaction

This means we can trust the DB did not change between the two search
requests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
5d714c1c by Andrew Bartlett at 2020-01-21T10:11:38+00:00
CVE-2019-14902 dsdb: Add comments explaining why SD propagation needs to be done here

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
3f379176 by Andrew Bartlett at 2020-01-21T10:11:38+00:00
CVE-2019-14902 dsdb: Ensure we honour both change->force_self and change->force_children

If we are renaming a DN we can be in a situation where we need to

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
520d2ae1 by Andrew Bartlett at 2020-01-21T10:11:38+00:00
CVE-2019-14902 repl_meta_data: schedule SD propagation to a renamed DN

We need to check the SD of the parent if we rename, it is not the same as an incoming SD change.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4c622100 by Andrew Bartlett at 2020-01-21T10:11:38+00:00
CVE-2019-14902 repl_meta_data: Fix issue where inherited Security Descriptors were not replicated.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
b7030f9a by Andrew Bartlett at 2020-01-21T10:11:38+00:00
CVE-2019-14902 repl_meta_data: Set renamed = true (and so do SD inheritance) after any rename

Previously if there was a conflict, but the incoming object would still
win, this was not marked as a rename, and so inheritence was not done.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
2b182827 by Andrew Bartlett at 2020-01-21T10:11:38+00:00
CVE-2019-14902 dsdb: Change basis of descriptor module deferred processing to be GUIDs

We can not process on the basis of a DN, as the DN may have changed in a rename,
not only that this module can see, but also from repl_meta_data below.

Therefore remove all the complex tree-based change processing, leaving only
a tree-based sort of the possible objects to be changed, and a single
stopped_dn variable containing the DN to stop processing below (after
a no-op change).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
512ea179 by Andrew Bartlett at 2020-01-21T10:11:39+00:00
repl_meta_data: Add comment explaining what is being renamed after the conflict is resolved

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
9e126852 by Andrew Bartlett at 2020-01-21T10:11:39+00:00
repl_meta_data: Do not set *rename = true unless there has been a conflict on the incoming DN

The normal case of a partner-sent rename is not a cause for updating the replPropertyMetaData

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
86023642 by Andrew Bartlett at 2020-01-21T10:11:39+00:00
repl_meta_data: Only reset replMetaData entry for name if we made a conflict name here

We previously set it for any rename

Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
34a8cee3 by Andrew Bartlett at 2020-01-21T10:11:39+00:00
CVE-2019-14907 lib/util: Do not print the failed to convert string into the logs

The string may be in another charset, or may be sensitive and
certainly may not be terminated.  It is not safe to just print.

Found by Robert Święcki using a fuzzer he wrote for smbd.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14208
Signed-off-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
13658324 by Gary Lockyer at 2020-01-21T11:38:38+00:00
CVE-2019-19344 kcc dns scavenging: Fix use after free in dns_tombstone_records_zone

ldb_msg_add_empty reallocates the underlying element array, leaving
old_el pointing to freed memory.

This patch takes two defensive copies of the ldb message, and performs
the updates on them rather than the ldb messages in the result.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14050

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>

Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Tue Jan 21 11:38:38 UTC 2020 on sn-devel-184

- - - - -
93fc3185 by Martin Schwenke at 2020-01-21T11:39:40+00:00
ctdb-tests: Add local_daemons.sh option for recovery lock recheck interval

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
64501f51 by Martin Schwenke at 2020-01-21T11:39:40+00:00
ctdb-tests: Put recovery lock for local daemons into a subdirectory

This makes it more like the way it works with a cluster filesystem.
It also allows the subdirectory to be manipulated in tests.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
14b1dffc by Martin Schwenke at 2020-01-21T11:39:40+00:00
ctdb-tests: Add some tests to check recovery from recovery lock issues

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
aa2977e1 by Martin Schwenke at 2020-01-21T11:39:40+00:00
ctdb-mutex: Change default re-check time for fcntl helper to 5s

Testing against a commonly used cluster filesystem has shown no
performance impact, as expected.

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

- - - - -
85478847 by Martin Schwenke at 2020-01-21T13:05:00+00:00
WHATSNEW: Add CTDB changes for 4.12

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Jan 21 13:05:00 UTC 2020 on sn-devel-184

- - - - -
4f1e4f9c by Volker Lendecke at 2020-01-21T14:38:43+00:00
testenv: Be more careful deleting environment tmpfiles

If there is more than one server we will have for example nt4_dc.smbd,
nt4_dc.nmbd and nt4_dc.winbind as daemon environments, together with
the commandline environment "nt4_dc" coming last. Before this patch we
would have deleted all previous tmpfiles in the commandline environment.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
1ca1c601 by Volker Lendecke at 2020-01-21T14:38:43+00:00
testenv: Properly kill daemons

Without this, all the daemons were kept around

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
823e4de3 by Volker Lendecke at 2020-01-21T14:38:44+00:00
testenv: Simplify "in_screen"

We don't need "seq", bash can do that itself, and we assume bash here

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0a77890b by Volker Lendecke at 2020-01-21T14:38:44+00:00
testenv: No "mktemp" for in_screen

We don't use this

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
b56c56ee by David Disseldorp at 2020-01-21T14:38:44+00:00
vfs_ceph: add .fcntl_fn hook

This hook is currently called via vfs_set_blocking(), so can safely be
ignored.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14241

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
cc4a55d2 by David Disseldorp at 2020-01-21T14:38:44+00:00
vfs_glusterfs: add .fcntl_fn hook

This hook is currently called via vfs_set_blocking(), so can safely be
ignored.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14241

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
b813ef6a by David Disseldorp at 2020-01-21T14:38:44+00:00
Revert "vfs_glusterfs: Return fake fd from pipe() during open"

This reverts commit c9adf47ac5a5aa0dd12572c34b08cc51f15b2e97.
The fake fd is no longer necessary, as vfs_glusterfs now provides a
fcntl_fn hook.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14241

Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
51d4c82f by Björn Baumbach at 2020-01-21T14:38:44+00:00
samba-tool: add --full-dn option to group list command

With this option the command lists the groups distringuished names
instead of the sAMAccountNames.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e64f7de3 by Jule Anger at 2020-01-21T14:38:44+00:00
samba-tool tests: Add test-case for 'group list --full-dn'

Check if the --full-dn option displays DN instead of the sAMAccountName.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
29326e32 by Jule Anger at 2020-01-21T14:38:44+00:00
samba-tool: add --full-dn option to computer list command

With this option the command lists the computers distringuished names
instead of the sAMAccountNames.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2e767e81 by Jule Anger at 2020-01-21T14:38:44+00:00
samba-tool tests: add test case for 'computer list --full-dn'

Check if the --full-dn option displays DN instead of the sAMAccountName.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
31060963 by Jule Anger at 2020-01-21T14:38:44+00:00
samba-tool: add --full-dn option to user list command

With this option the command lists the users distringuished names
instead of the sAMAccountNames.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
08207f77 by Jule Anger at 2020-01-21T14:38:44+00:00
samba-tool tests: add test case for 'user list --full-dn'

Check if the --full-dn option displays DN instead of the sAMAccountName.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
bb66b322 by Jule Anger at 2020-01-21T14:38:44+00:00
samba-tool: add --full-dn option to group listmembers command

With this option the command lists the groupmembers distinguished names
instead of the sAMAccountName.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d2d34510 by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool tests: add test-case for 'group listmembers --full-dn'

Check if the group listmembers --full-dn command displays DN instead of the sAMAccountName.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
41262d1d by Björn Baumbach at 2020-01-21T14:38:45+00:00
samba-tool: add --full-dn option for user getgroups command

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b545ab1a by Björn Baumbach at 2020-01-21T14:38:45+00:00
samba-tool tests: add test-case for 'user getgrouops --full-dn'

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8f68236d by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool: add -b/--base-dn option to groups list command

With this option it's e.g. possible to list the groups of a
specify OU or groups which are located under a different specific
place in the AD.

Signed-off-by: Jule Anger <ja at sernet.de>
Pair-programmed-with: Björn Baumbach <bb at samba.org>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
bced03b0 by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool tests: add test-case for 'group list --base-dn'

Check if the group list --base-dn / -b command uses a specific base dn.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b292a266 by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool: add -b/--base-dn option to computer list command

With this option it's e.g. possible to list the computers of a
specify OU or computers which are located under a different specific
place in the AD.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
88f0a139 by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool tests: add test-case for 'computer list --base-dn'

Check if the computer list --base-dn / -b command uses a specific base dn..

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8a45adb2 by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool: add -b/--base-dn option to contacts list command

With this option it's e.g. possible to list the contacts of a
specify OU or contacts which are located under a different specific
place in the AD.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
55be0f1d by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool tests: add test-case for 'contact list --base-dn'

Check if the contact list --base-dn / -b command uses a specific base dn.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
d4de2e31 by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool: add -b/--base-dn option to users list command

With this option it's e.g. possible to list the users of a
specify OU or users which are located under a different specific
place in the AD.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
918d91bb by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool tests: add test-case for 'user list --base-dn'

Check if the user list --base-dn / -b command uses a specific base dn.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2186c5a6 by Jule Anger at 2020-01-21T14:38:45+00:00
samba-tool: add -b/--base-dn option to OUs list command

With this option it's e.g. possible to list the OUs which are
located under a different specific place in the AD.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
b081bd97 by Jule Anger at 2020-01-21T14:38:46+00:00
samba-tool tests: add test-case for 'ou list --base-dn'

Check if the ou list --base-dn / -b command uses a specific base dn.

Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
662b7458 by Björn Baumbach at 2020-01-21T14:38:46+00:00
python/samdb: add option to specify types of group members

The option can be used to specify the type of the object which have to
be added to (or removed) from a group. The search filter for the objects
will be created according to the types.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e3099ac4 by Björn Baumbach at 2020-01-21T14:38:46+00:00
python/samdb: add more object types for adding/remove group members

The filters are based on the MS Windows filter, which are used by the
basic group member management dialog.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2abebee1 by Björn Baumbach at 2020-01-21T14:38:46+00:00
python/samdb: fetch specific error if there are more than one search results

There can be more than one contact with the same name.

Signed-off-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
2baa3012 by Björn Baumbach at 2020-01-21T14:38:46+00:00
python/samdb: add 'computer' to the default group member types for group member filters

Add the 'computer' type to the default member types, so that the next
commit does not change the default behavior.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
45abb4fd by Björn Baumbach at 2020-01-21T14:38:46+00:00
python/samdb: adapt search filter for user object type

Use a user search filter which is similar to the filter which is used
by the basic MS Windows group membership management.

The filter filters for objects with the sAMAccountType ATYPE_NORMAL_ACCOUNT.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
c4e899d6 by Björn Baumbach at 2020-01-21T14:38:46+00:00
python/samdb: adapt search filter for group object type

Use a group search filter which is similar to the filter which is used
by the basic MS Windows group membership management.

The filter excludes the group type GROUP_TYPE_BUILTIN_LOCAL_GROUP.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f9bf6b78 by Björn Baumbach at 2020-01-21T14:38:46+00:00
python/samdb: add type "all" to search for all common types of group members

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
a4d77bfd by Björn Baumbach at 2020-01-21T14:38:46+00:00
python/samdb: validation of group member types for group member filter

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
f2e25799 by Björn Baumbach at 2020-01-21T14:38:46+00:00
samba-tool group addmembers: add new option --object-types

With this option the admin can specify the object types of the group
members which will be added to the group. The search filter for the objects
will be created according to the types.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
aedcf6a5 by Björn Baumbach at 2020-01-21T14:38:46+00:00
samba-tool group addmembers: add --member-dn option

The --member-dn option allows to specify an object by it's DN.

This is required to select a specific object if there are more than one
with the same name. Multiple contacts can exist with the same name in
different OUs.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
47f9ee91 by Björn Baumbach at 2020-01-21T14:38:46+00:00
samba-tool group removemembers: adapt functionality to addmembers command

Adds --member-dn and --object-types options.

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
5b129bf1 by Björn Baumbach at 2020-01-21T14:38:47+00:00
samba-tool group {add,remove}members: allow to use --member-dn in combination with listofmembers

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
557fa1d4 by Björn Baumbach at 2020-01-21T14:38:47+00:00
samba-tool group addmembers: add --member-base-dn option for group member search

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
347c6543 by Björn Baumbach at 2020-01-21T14:38:47+00:00
selftest: add test for new samba-tool group addmembers --member-dn option

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
8c5a266e by Björn Baumbach at 2020-01-21T14:38:47+00:00
selftest: add tests for samba-tool group addmembers --object-types option

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
26974152 by Björn Baumbach at 2020-01-21T14:38:47+00:00
selftest: add test for samba-tool groupmember --member-base-dn option

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
cf9850b4 by Björn Baumbach at 2020-01-21T14:38:47+00:00
samba-tool group addmembers: avoid python traceback on member add failure

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>

- - - - -
e1e55a47 by Stefan Metzmacher at 2020-01-21T14:38:47+00:00
WHATSNEW: Add release note for Samba 4.12.0rc1.

Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
773c5de6 by Stefan Metzmacher at 2020-01-21T14:38:47+00:00
VERSION: Disable GIT_SNAPSHOT for the 4.12.0rc1 release...

Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
1e3b0034 by Stefan Metzmacher at 2020-01-21T17:05:58+01:00
VERSION: Bump version up to 4.12.0rc2...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
814be288 by Stefan Metzmacher at 2020-01-21T19:32:50+01:00
script/release.sh: make it possible to run from a git worktree

.git is a regular file in that case.

Also check that script/release.sh is present as a relative path
to ensure we're called from the expected location.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 648f94d2031c6e758bdf54089d1e710c265ca732)

- - - - -
601b9528 by Jeremy Allison at 2020-01-31T12:32:21+00:00
s3: lib: nmblib. Clean up and harden nmb packet processing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14239
OSS-FUZZ: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20156
OSS-FUZZ: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20157

Credit to oss-fuzz.
No security implications.

Signed-off-by: Jeremy Allison <jra at samba.org>
Pair programmed with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jan 21 23:33:41 UTC 2020 on sn-devel-184

(cherry picked from commit ad236bb7590e423b4c69fe6028f2f3495977f48b)

- - - - -
01afd3a9 by Andreas Schneider at 2020-01-31T12:32:21+00:00
lib:util: Log mkdir error on correct debug levels

For smbd we want an error and for smbclient we only want it in NOTICE
debug level.
The default log level of smbclient is log level 1 so we need notice to
not spam the user.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14253

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Mon Jan 27 15:55:24 UTC 2020 on sn-devel-184

(cherry picked from commit 0ad6a243b259d284064c0c5abcc7d430d55be7e1)

- - - - -
7b1be793 by Andreas Schneider at 2020-01-31T13:57:54+00:00
s4:torture: Skip the deltest20 as user root

The test is meant to be run as a user and not root.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14257

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Jan 30 16:54:33 UTC 2020 on sn-devel-184

(cherry picked from commit 677bc1b18420e717154dc73f632044239ac3ff9e)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Fri Jan 31 13:57:54 UTC 2020 on sn-devel-184

- - - - -
f17d3edb by Karolin Seeger at 2020-02-04T11:06:10+01:00
script/release.sh: Don't use quotations any longer.

Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Mon Feb  3 12:45:39 UTC 2020 on sn-devel-184

(cherry picked from commit f699df32cdbae4fbc585c259828029c74163323b)

- - - - -
74b22159 by Karolin Seeger at 2020-02-04T11:08:05+01:00
WHATSNEW: Add release notes for Samba 4.12.0rc2.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
b017377c by Karolin Seeger at 2020-02-04T11:08:41+01:00
VERSION: Disable GIT_SNAPSHOT for the 4.12.0rc2 release.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
75977baa by Karolin Seeger at 2020-02-04T11:09:35+01:00
VERSION: Bump version up to 4.12.0rc3...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
8e4c08de by Andreas Schneider at 2020-02-05T08:45:30+00:00
libcli:smb: Improve check for gnutls_aead_cipher_(en|de)cryptv2

This is available since version 3.6.10, but 3.6.10 has a bug which got fixed
in 3.6.11, see:

    https://gitlab.com/gnutls/gnutls/-/merge_requests/1085

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14250

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Feb  4 06:44:00 UTC 2020 on sn-devel-184

(cherry picked from commit d459ca04fc46a52276a860e73ae9ec8f813c260e)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Wed Feb  5 08:45:30 UTC 2020 on sn-devel-184

- - - - -
044a1fee by Karolin Seeger at 2020-02-05T11:40:25+00:00
WHATSNEW: Add some more changes since 4.11.

Mention new parameter 'spotlight backend' and note that vfs_netatalk has been
removed.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Wed Feb  5 11:40:25 UTC 2020 on sn-devel-184

- - - - -
d0a0bcf6 by Andreas Schneider at 2020-02-06T13:10:31+00:00
wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9

See https://docs.python.org/3.9/whatsnew/3.9.html#changes-in-the-python-api

"open(), io.open(), codecs.open() and fileinput.FileInput no longer accept 'U'
(“universal newline”) in the file mode. This flag was deprecated since Python
3.3. In Python 3, the “universal newline” is used by default when a file is
open in text mode. The newline parameter of open() controls how universal
newlines works."

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14266

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Feb  6 07:30:13 UTC 2020 on sn-devel-184

(cherry picked from commit 52722746a5eb40c309ba59f78bd8e3d897417bdc)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Thu Feb  6 13:10:31 UTC 2020 on sn-devel-184

- - - - -
9a177304 by Stefan Metzmacher at 2020-02-10T10:10:46+00:00
libcli:smb: Don't use forward declartions for GnuTLS typedefs

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14271

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Feb  7 13:48:27 UTC 2020 on sn-devel-184

(cherry picked from commit 3894f878183e645421ec440afd8e010218a58eef)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Mon Feb 10 10:10:46 UTC 2020 on sn-devel-184

- - - - -
5d852de7 by Stefan Metzmacher at 2020-02-11T07:51:34+00:00
s3:auth_sam: replace confusing FALL_THROUGH; with break;

There's no real logic change here, but is makes it easier to
understand.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 85b168c6dac88f5065c0ec6e925937439f2c12ed)

- - - - -
88b89f0a by Stefan Metzmacher at 2020-02-11T07:51:34+00:00
s3:auth_sam: unify the debug messages of all auth_sam*_auth() functions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 72ef8d3a52c1ab07c079a4c014ba8ac7bff528f7)

- - - - -
f9ac1033 by Stefan Metzmacher at 2020-02-11T07:51:34+00:00
s3:auth_sam: make sure we never handle empty usernames

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 01b8374e7942141e7f6cbdec7623c981a008e4c1)

- - - - -
c579ab09 by Stefan Metzmacher at 2020-02-11T07:51:34+00:00
s3:auth_sam: introduce effective_domain helper variables

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit a63e2a312c761093fedb09bd234b6736485a930a)

- - - - -
2b56b5a0 by Stefan Metzmacher at 2020-02-11T07:51:34+00:00
s3:selftest: test authentication with an empty userdomain and upn names

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit a9eeea6ef78cc44c8423c7125fa1376921060018)

- - - - -
9c1b614e by Stefan Metzmacher at 2020-02-11T07:51:34+00:00
s3:auth_sam: map an empty domain or '.' to the local SAM name

When a domain member gets an empty domain name or '.', it should
not forward the authentication to domain controllers of
the primary domain.

But we need to keep passing UPN account names with
an empty domain to the DCs as a domain member.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 590df382bea44eec2dbfd2a28c659b0a29188bca)

- - - - -
7163ae8a by Andrew Bartlett at 2020-02-11T07:51:34+00:00
bootstrap: Remove un-used dependency python3-crypto

This became unused in bbeef554f2c15e739f6095fcb57d9ef6646b411c
(except for repl_cleartext_pwd.py, a development script) and we now use
GnuTLS via a Samba wrapper.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14255

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 446c92017369007139af7532dae8503f9db40d48)

- - - - -
b1fba6c7 by Stefan Metzmacher at 2020-02-11T10:01:33+00:00
winbindd: handling missing idmap in getgrgid()

A similar hunk was added via commit
89f753c1fc824fef29aebb7d783ab7e09cd1f04e ("winbind: Use xids2sids in getpwuid"),
but it was missing in commit
e2dda192e7f8b65a5f02120be56cf0f07d03679f ("winbind: Use xids2sids in getgrgid")

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14265

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Feb  5 17:56:58 UTC 2020 on sn-devel-184

(cherry picked from commit 4d0bda9467ac3f45f85f48a281cdb173ce1064eb)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Tue Feb 11 10:01:33 UTC 2020 on sn-devel-184

- - - - -
3e222ac6 by Martin Schwenke at 2020-02-18T07:18:20+00:00
ctdb-tcp: Make error handling for outbound connection consistent

If we can't bind the local end of an outgoing connection then
something has gone wrong.  Retrying is better than failing into a
zombie state.  The interface might come back up and/or the address my
be reconfigured.

While here, do the same thing for the other (potentially transient)
failures.

The unknown address family failure is special but just handle it via a
retry.  Technically it can't happen because the node address parsing
can only return values with address family AF_INET or AF_INET6.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14274
RN: Retry inter-node TCP connections on more transient failures

Reported-by: 耿纪超 <gengjichao at jd.com>
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit a40fc709cc972dadb40efbf1394b10fae3cfcc07)

- - - - -
1e61aa6d by Volker Lendecke at 2020-02-18T07:18:20+00:00
auth: Fix CID 1458420 Null pointer dereferences (REVERSE_INULL)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 503fc8f2ba662ecbec0788bd1710440464dc5cfd)

- - - - -
46ff9e1b by Volker Lendecke at 2020-02-18T09:27:36+00:00
auth: Fix CID 1458418 Null pointer dereferences (REVERSE_INULL)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit ef0350221e194a3dd3350eab02b38baeb32d8fd3)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Tue Feb 18 09:27:36 UTC 2020 on sn-devel-184

- - - - -
60deff09 by Volker Lendecke at 2020-02-19T06:19:36+00:00
lib: Simplify register_msg_pool_usage()

We can do as much as we want in the filter. This gives us automatic
retry, we don't have to do the messaging_filtered_read_send() over and
over again

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14281

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 8a23031b7bfea4cdaa71d6815bca24dcc3685b22)

- - - - -
1b4db22b by Volker Lendecke at 2020-02-19T06:19:36+00:00
lib: Add a TALLOC_CTX to base register_msg_pool_usage() on

Add a simple way to deactivate the registration

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14281

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit dab982d88e9132cbff52db22f441c08ee59bb159)

- - - - -
fd63e94a by Volker Lendecke at 2020-02-19T06:19:36+00:00
lib: Introduce messaging_context->per_process_talloc_ctx

Consolidate "msg_dgm_ref" and "msg_ctdb_ref": The only purpose of
those pointers was to TALLOC_FREE() them in messaging_reinit(). We'll
have a third entity to talloc_free() in the next commit, make that
simpler.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14281

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 7209357f9ba5525a207d301b299931d6bdee9c2f)

- - - - -
9463a387 by Volker Lendecke at 2020-02-19T06:19:36+00:00
lib: Fix a shutdown crash with "clustering = yes"

This is a bit confusing now, sorry for that:

register_msg_pool_usage() in the ctdb case uses
messaging_ctdb_register_tevent_context(), which talloc_reference()s
the central struct messaging_ctdb_fde_ev of the
messaging_ctdb_context. In messaging_reinit(), we talloc_free only one
of those references and allocate a new messaging_ctdb_fde_ev. The
remaining messaging_ctdb_fde_ev should have been deleted as well, but
due to the second reference this does not happen. When doing the
shutdown messaging_ctdb_fde_ev_destructor() is called twice, once on
the properly reinitialized fde_ev, and once much later on the leftover
one which references invalid data structures.

By the way, this is not a problem with talloc_reference(), this would
have happened with explicit refcounting too.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14281

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Björn Baumbach <bb at sernet.de>
Autobuild-Date(master): Tue Feb 18 13:05:53 UTC 2020 on sn-devel-184

(cherry picked from commit f1577c2bc13c91ea912ae461870e470065f250c1)

- - - - -
40c84bfc by Stefan Metzmacher at 2020-02-19T06:19:36+00:00
lib/replace: remove unused check for aio.h

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit c1b9bf993402f7d74f992c609ede94653e87172f)

- - - - -
ac78557d by Stefan Metzmacher at 2020-02-19T06:19:36+00:00
bootstrap: replace libaio-dev/libaio-devel with liburing-dev/liburing-devel

We'll never use libaio, but will soon add a io_uring vfs module.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit fb5a99fa0200785ef1b5a8c9bc4a645d09fbeb5e)

- - - - -
a1486fb2 by Stefan Metzmacher at 2020-02-19T06:19:36+00:00
s3:modules: add vfs_io_uring module

The module makes use of the new io_uring infrastructure
(intruduced in linux 5.1), see https://lwn.net/Articles/778411/ and
http://git.kernel.dk/cgit/liburing/

Currently this only implements SMB_VFS_{PREAD,PWRITE,FSYNC}_SEND/RECV
and avoids the overhead of our userspace threadpool.

In future we'll hopefully make more use of more advanced io_uring
features.

For now we don't have automated tests as our test infrastructure
doesn't use a recent kernel. At least we're able to do compile tests
on fedora31.

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Sat Feb 15 11:37:45 UTC 2020 on sn-devel-184

(cherry picked from commit 195e88cea34c983afc02cfb521a60cdd1edbe9e1)

- - - - -
59815861 by Stefan Metzmacher at 2020-02-19T06:19:36+00:00
WHATSNEW: announce vfs_io_uring

Signed-off-by: Stefan Metzmacher <metze at samba.org>

- - - - -
ce3bf591 by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: VFS: Implement create_dfs_pathat() in catia.

Now we use this instead of symlinks to create
DFS links, it's needed in catia.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit fa2f83e13aa92a12bd8d0113576a04a1e4431a44)

- - - - -
1ba9c318 by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: VFS: Implement create_dfs_pathat() in cap

Now we use this instead of symlinks to create
DFS links, it's needed in cap.

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Jan 30 18:21:47 UTC 2020 on sn-devel-184

(cherry picked from commit 042249d95ff59d304cf37914860ee0c4d1f546f8)

- - - - -
7f034780 by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: smbd: dfs: Cleanup, reformat calls to parse_msdfs_symlink()

Make parameter easier to change.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit d22b0d907252939c2ded9d73cc67dbbf8bb57fb7)

- - - - -
3ff14a2e by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: smbd: dfs: Move lp_msdfs_shuffle_referrals() call out of parse_msdfs_symlink().

Removes dependency on snum for what is text parsing code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 028c33e09ab52b55f33f83e26a12498f57918334)

- - - - -
9f877846 by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: smbd: dfs: Make parse_msdfs_symlink() external.

So it can be called by a future new VFS call.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 012b812188f636d9b8cf0edee34df5d43d2ac0a8)

- - - - -
2f2794a7 by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: smbd: dfs: Apply some README.Coding to parse_msdfs_symlink().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit a211c640878d856e859ab2fdfbbe61036240b8eb)

- - - - -
c13c6e44 by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: smbd: dfs: Allow parse_msdfs_symlink() to be called with NULL pointers.

In case we don't want all the data.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 4e4afc52e6f63fa4058310c6b0a0314b8f73c189)

- - - - -
b4285b8d by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: smbd: dfs: Make parameter names consistent.

Initialize reflist to NULL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit ed527dc1d8bd21d942bc14677d83363144e5f46b)

- - - - -
6d5220f2 by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: smbd: dfs: Clean up exits / talloc heirarchy in parse_msdfs_symlink()..

Ensure on error or clean return we don't leave memory on mem_ctx.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 74b47bf578dab9ce94a9f2439fa672e51afe809e)

- - - - -
6fae0415 by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: VFS: Add SMB_VFS_READ_DFS_PATHAT().

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 96bc3298fc025d1d76fc06833fece6c62faa5e1a)

- - - - -
7bbfc1c3 by Jeremy Allison at 2020-02-19T06:19:36+00:00
s3: VFS: ceph: Add vfswrap_ceph_read_dfs_pathat().

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit e52e2135dd9b8bd2e65261c210e7b8d36a727396)

- - - - -
5c8f5a48 by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: VFS: gluster: Add vfs_gluster_read_dfs_pathat().

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 018af49b93f8e9a2cbc0d40cc68b8202e5c95c9a)

- - - - -
13c6e747 by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: VFS: shadow_copy2: Add shadow_copy2_read_dfs_pathat().

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 9e92d46b757d6a4cdd0f956c24b30df89adf2798)

- - - - -
895c06cc by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: VFS: cap: Add cap_read_dfs_pathat().

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 9f6c01b2cd82963bfa05552aa41dfafcb0bf7637)

- - - - -
dfabe8e7 by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: VFS: catia: Add read_dfs_pathat().

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 16acdc348db71a29bec93d62073ca30a4a920389)

- - - - -
2633e182 by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: VFS: vfs_full_audit: Add read_dfs_pathat().

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 263df988831a40ba751b19c1715277e80095818c)

- - - - -
ce94b410 by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: VFS: vfs_time_audit: Add read_dfs_pathat().

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 0528584482f798753d636675da778917f50ca845)

- - - - -
967e0e15 by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: DFS: Change simple is_msdfs_link() call to use SMB_VFS_READ_DFS_PATHAT().

This will need an extra dirfsp parameter in future, but this
is the easiest change for now.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 07a3cd56cddfc0e27a75ca76e556e2fdb18c3291)

- - - - -
007c96ab by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: DFS: Parse the returned target path in dfs_path_lookup().

Currently unused, but this will ease the transition to
using SMB_VFS_READ_DFS_PATHAT().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 1ffc52abedae9787f745795a4f502c26b4c005d1)

- - - - -
92722a1b by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: DFS: Change dfs_path_lookup() to return struct referral list and count directly.

Remove external parse of returned link targetpath, expose
the parsing previously added to dfs_path_lookup().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 1668c9ee15b421093756ac9d709f55ce3e808791)

- - - - -
86908803 by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: DFS: Replace calls to is_msdfs_link_internal() inside dfs_path_lookup() with SMB_VFS_READ_DFS_PATHAT().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 3c77a9e7116bc3f1e3c9bf89c28a32bdb6cdffe1)

- - - - -
bbbfc6b8 by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: DFS: Change the last use of is_msdfs_link_internal() -> SMB_VFS_READ_DFS_PATHAT() inside form_junctions().

is_msdfs_link_internal() is no longer used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 94068b5438013479b0426fea7f83bbd7f8f935e9)

- - - - -
6c886973 by Jeremy Allison at 2020-02-19T06:19:37+00:00
s3: DFS: Remove is_msdfs_link_internal() - no longer used.

All DFS links are now read through the VFS and not via
symlink calls.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14282

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Feb 18 22:34:16 UTC 2020 on sn-devel-184

(cherry picked from commit 9ee1320049cf148a2bb102bbdee4a4bcc24c0de1)

- - - - -
19d74ce5 by Jeremy Allison at 2020-02-19T07:52:15+00:00
WHATSNEW.txt update explaining SMB_VFS_CREATE_DFS_PATHAT() / SMB_VFS_READ_DFS_PATHAT().

Signed-off-by: Jeremy Allison <jra at samba.org>

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Wed Feb 19 07:52:15 UTC 2020 on sn-devel-184

- - - - -
5987adfa by Karolin Seeger at 2020-02-19T11:08:16+01:00
VERSION: Add release notes for Samba 4.12.0rc3.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
3a807493 by Karolin Seeger at 2020-02-19T11:08:49+01:00
VERSION: Disable GIT_SNAPSHOT for the 4.12.0rc3 release.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
f72bb650 by Karolin Seeger at 2020-02-19T11:09:30+01:00
VERSION: Bump version up to 4.12.0rc4...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
5a794f3b by Jeremy Allison at 2020-02-20T10:32:15+00:00
s3: DFS: Don't allow link creation on a read-only share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14269

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit b4195cd488e1366887acfea6ae03bf4198514a15)

- - - - -
339566fe by Jeremy Allison at 2020-02-20T10:32:15+00:00
s3: DFS: Don't allow link deletion on a read-only share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14269

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 0450593e38d62fe0b925d789486517ade31fe3c6)

- - - - -
da446308 by Douglas Bagnall at 2020-02-20T10:32:15+00:00
pidl/wscript: configure should insist on Parse::Yapp::Driver

following 83ffe6752d589180eac96d7b8e7d1a54e3476bfd, you get a build
error if you lack a system perl Parse::Yapp. Let's make it a configure
failure instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14284

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun Feb  2 10:09:11 UTC 2020 on sn-devel-184

(cherry picked from commit af47a77673f58cc6436798b250c90be0e325d20e)

- - - - -
537acf2a by Andrew Bartlett at 2020-02-20T12:58:45+00:00
build: Do not check if system perl modules should be bundled

We do not ship any perl modules in third_party at this time, so
this check is pointless and breaks the build for --bundled-libraries=ALL.

As reported by aaptel on https://gitlab.com/samba-team/samba/-/merge_requests/1104#note_281050331

This changes our autobuild script to cover this case in the
samba-static job.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14284

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
(cherry picked from commit cf4984947b39e9f6f8afd29de8a760703bf9e092)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Thu Feb 20 12:58:46 UTC 2020 on sn-devel-184

- - - - -
0b964d99 by Andrew Bartlett at 2020-02-21T09:20:28+00:00
WHATSNEW: Add zlib and fuzzing notes

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Karolin Seeger <kseeger at samba.org>

- - - - -
828b8347 by Andrew Bartlett at 2020-02-21T09:20:28+00:00
WHATSNEW: samba-tool improvements

This text is based on https://gitlab.com/samba-team/samba/-/merge_requests/1015
by Björn Baumbach, just re-worked a little to suit the WHATSNEW.

I wrote the second section

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Karolin Seeger <kseeger at samba.org>

- - - - -
9b6e4da5 by Ralph Boehme at 2020-02-21T10:46:08+00:00
WHATSNEW: Announce new Spotlight backend for Elasticsearch

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Karolin Seeger <kseeger at samba.org>

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Fri Feb 21 10:46:08 UTC 2020 on sn-devel-184

- - - - -
670b83a1 by Volker Lendecke at 2020-02-25T19:32:28+00:00
test: Intercept open in vfs_error_inject

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14285
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 305204a241b74c599f4f6a064cac6608afd9c893)

- - - - -
dcdfa4a7 by Volker Lendecke at 2020-02-25T19:32:28+00:00
test: Show that smbd does not handle EINTR from open() correctly

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14285
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 7bbba73b30f06304e9a2ad48e853d9ec8171dd30)

- - - - -
1a47b0fd by Volker Lendecke at 2020-02-25T19:32:28+00:00
lib: Map EINPROGRESS->NT_STATUS_MORE_PROCESSING_REQUIRED

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14285
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 4a943d842a51674425f0c4019f823ef0a9d09f49)

- - - - -
a21688e7 by Volker Lendecke at 2020-02-25T19:32:28+00:00
smbd: Separate aio_pthread indicator from normal EINTR

According to Posix and the Linux open(2) manpage, the open-syscall can
return EINTR. If that happens, core smbd saw this as an indication
that aio_pthread's open function was doing its job. With a real EINTR
without aio_pthread this meant we ended up in a server_exit after 20
seconds, because there was nobody to do the retry.

EINTR is mapped to NT_STATUS_RETRY. Handle this by just retrying after
a second.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14285
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Feb 20 22:14:25 UTC 2020 on sn-devel-184

(cherry picked from commit aebe427b77b5315eb5d2b05b8c72824ca0389723)

- - - - -
ea4c35f1 by Andrew Bartlett at 2020-02-25T19:32:28+00:00
ldb: Add tests for one-level indexes in conjunction with other indexes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14270

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 17bd63dbea7f6e6358f81f0ac5b9392b2321bb32)

- - - - -
71c072c3 by Andrew Bartlett at 2020-02-25T19:32:28+00:00
ldb: Add tests aimed at the SCOPE_ONELEVEL particular

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14270

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 167676973b7f1db563da04d54e8ce5668034081c)

- - - - -
c521913e by Andrew Bartlett at 2020-02-25T19:32:28+00:00
ldb: Ensure @IDXONE modes is tested in ldb.python (apy.py) tests

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit ec34a7095705592279647c5046a000e0bf052d1a)

- - - - -
81bdcf9e by Andrew Bartlett at 2020-02-25T19:32:28+00:00
ldb: Fix search with scope ONE and small result sets

This changes the LDB behaviour in the combination of a SCOPE_ONE search and
an index returning less than 10 results.

After b6b5b5fe355fee2a4096e9214831cb88c7a2a4c6 the list->strict flag
became set to false in all cases, rather than being left to the
value set by the caller.

This changes the ldb_kv_index_dn_one() code to force strict
mode on success instead.

Thanks to Marcus Granér, ICEYE Oy for reporting.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14270

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 3c7261c43da491b57f50e0e64d7050d85c6b973e)

- - - - -
f83104fb by Andrew Bartlett at 2020-02-25T19:32:28+00:00
ldb: Add tests aimed at the SCOPE_ONELEVEL bug in particular

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14270

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 0b8ab0200805127e36eeb2affe561f3aee59604a)

- - - - -
20195a35 by Stefan Metzmacher at 2020-02-25T21:09:41+00:00
ldb: version 2.1.1

* Bug 14270:
  Samba 4.11 and later give incorrect results for SCOPE_ONE searches

Signed-off-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Tue Feb 25 12:59:02 UTC 2020 on sn-devel-184

(cherry picked from commit 0ca46a37268c8219192abc3ab5f2546a02ed8862)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Tue Feb 25 21:09:41 UTC 2020 on sn-devel-184

- - - - -
0f1d595c by Karolin Seeger at 2020-02-26T08:36:33+01:00
WHATSNEW: Add release notes for Samba 4.12.0rc4.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
e629b923 by Karolin Seeger at 2020-02-26T08:37:26+01:00
VERSION: Disable GIT_SNAPSHOT for th Samba 4.12.0rc4 release.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
201489ed by Karolin Seeger at 2020-02-26T08:38:24+01:00
VERSION: Bump version up to 4.12.0rc5...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
c6b90fbc by Andrew Bartlett at 2020-02-26T10:25:22+00:00
dsdb: Correctly handle memory in objectclass_attrs

el->values is caller-provided memory that should be thought of as constant,
it should not be assumed to be a talloc context.

Otherwise, if the caller gives constant memory or a stack
pointer we will get an abort() in talloc when it expects
a talloc magic in the memory preceeding the el->values.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14258

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 3657bbc21182d764ddfcd603025f24ec240fd263)

- - - - -
a99445e2 by Andrew Bartlett at 2020-02-26T12:35:59+00:00
selftest: Test behaviour of DNS scavenge with an existing dNSTombstoned value

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14258

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Feb  6 16:24:25 UTC 2020 on sn-devel-184

(cherry picked from commit c8e3c78d4f2a6f3e122fe458aa6835772290a700)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Wed Feb 26 12:35:59 UTC 2020 on sn-devel-184

- - - - -
a1b4c4a0 by Karolin Seeger at 2020-03-03T10:45:39+01:00
WHATSNEW: Add release notes for Samba 4.12.0.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
21679048 by Karolin Seeger at 2020-03-03T10:47:25+01:00
VERSION: Disable GIT_SNAPSHOT for the 4.12.0 release...

and bump version up to 4.12.0.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
fdc2f7d2 by Karolin Seeger at 2020-03-03T11:06:18+01:00
VERSION: Bump version up to 4.12.1...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
b8ef341f by Art M. Gallagher at 2020-03-18T10:29:09+00:00
vfs_fruit: tmsize prevent overflow Force the type during arithmetic in order to prevent overflow when summing the Time Machine folder size. Increase the precision to off_t (used for file sizes), leave the overflow error traps but with more precise wording.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13622
Signed-off-by: Art M. Gallagher <smblock at artmg.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Mar  7 01:37:31 UTC 2020 on sn-devel-184

(cherry picked from commit b0ba7cd4f96a6ea227943cb05ef51a463e292b2d)

- - - - -
e98dcaa1 by Ralph Boehme at 2020-03-18T10:29:09+00:00
smbd: ignore set NTACL requests which contain S-1-5-88 NFS ACEs

We apply the same "ignore" logic already in the POSIX ACL code and in the
vfs_acl_xattr|tdb VFS modules to smb_set_nt_acl_nfs4() in the nfs4_acl helper
subsystem which is common to a bunch of VFS modules: GPFS, ZFS, NFS4_xattr and
aixacl2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14307

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Mar  3 19:15:10 UTC 2020 on sn-devel-184

(cherry picked from commit f89c7ad851681c0e0ab39a1bedb3eeb672516fbb)

- - - - -
8f4e8be8 by Ralph Boehme at 2020-03-18T10:29:09+00:00
VFS: default: let vfswrap_is_offline() take conn, not handle

vfswrap_is_offline() has been converted to a "helper" function some time ago, it
had been a VFS interface function before. To make this change more obvious let
it take a struct connection_struct instead of a struct vfs_handle_struct which
is the canonical first parameter to VFS functions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14293

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit d4c69d82bdc0fa029609032a9d32f32fa1708beb)

- - - - -
69e66865 by Ralph Boehme at 2020-03-18T10:29:09+00:00
VFS: default: remove unused arg from vfswrap_is_offline()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14293

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 99873724cd493366c9957fd9fe230d52a6f02691)

- - - - -
cfaca1c0 by Ralph Boehme at 2020-03-18T10:29:09+00:00
VFS: default: avoid a crash in vfswrap_getxattrat_do_sync()

Must use tevent_req_data() to get our tevent_req state, talloc_get_type_abort()
will just crash as struct tevent_req != struct vfswrap_getxattrat_state..

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14293

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit cbca811212a930b94f9917e5a82b6a95ab085e91)

- - - - -
34f3476d by Ralph Boehme at 2020-03-18T10:29:10+00:00
VFS: default: use correct type for pathlen in vfswrap_getxattrat_do_sync()

full_path_tos() returns a ssize_t.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14293

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit ace296b97642d9160ea66db89dcd0f24a21dba4e)

- - - - -
b0f59005 by Ralph Boehme at 2020-03-18T10:29:10+00:00
VFS: default: add support for FILE_ATTRIBUTE_OFFLINE to async dosmode

This had been missing in the initial async dosmode implementation. It's the
responsibility of the sync and async dosmode functions to call
vfswrap_is_offline() since the offline functionality has been converted from a
first class VFS function to be a part of the DOS attributes VFS functions..

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14293

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a23f8d913fa8d77bab394aea9a8e7df2704e8b19)

- - - - -
ea15a4bd by Günther Deschner at 2020-03-18T10:29:10+00:00
s4-torture: add rpc test for ChangeServiceConfigW

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 0825324bc75d2ab10164a1f137be782d84c822b8)

- - - - -
ea4603fd by Günther Deschner at 2020-03-18T10:29:10+00:00
s4-torture: add ndr svcctl testsuite

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit c3fa0b2df9fc53dddcc3160b6a3dc751bbb389a4)

- - - - -
1d226313 by Günther Deschner at 2020-03-18T10:29:10+00:00
librpc: fix IDL for svcctl_ChangeServiceConfigW

Found while trying to run winexe against Windows Server 2019.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit ebda529b59105e9b70cc74377fe4d54cc16b4f37)

- - - - -
8b86109e by Ralph Boehme at 2020-03-18T10:29:10+00:00
vfs_recycle: prevent flooding the log if we're called on non-existant paths

vfs_recycle is assuming that any path passed to unlink must exist, otherwise it
logs this error. Turn this into a DEBUG level message.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14316
See also: https://bugzilla.redhat.com/show_bug.cgi?id=1780802

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>

Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Mon Mar  9 14:15:06 UTC 2020 on sn-devel-184

- - - - -
f50790c1 by Douglas Bagnall at 2020-03-18T12:26:05+00:00
nmblib: avoid undefined behaviour in handle_name_ptrs()

If *offset is length - 1, we would read ubuf[(*offset)+1] as the lower
bits of the new *offset. This value is undefined, but because it is
checked against the valid range, there is no way to read further
beyond that one byte.

Credit to oss-fuzz.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14242
OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20193

Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Feb  7 10:19:39 UTC 2020 on sn-devel-184

(cherry picked from commit 3bc7acc62646b105b03fd3c65e9170a373f95392)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Wed Mar 18 12:26:06 UTC 2020 on sn-devel-184

- - - - -
0706d539 by Ralph Boehme at 2020-03-19T10:56:08+00:00
ctdb-daemon: ensure restart() callback is called in half-connected state

If NODE_FLAGS_DISCONNECTED is set the node can be in half-connected state. With
this change we ensure to restart the transport for this case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 6a4fa0785fc83561939fa41617d526eb96c1af89)

- - - - -
6f6357c3 by Martin Schwenke at 2020-03-19T10:56:08+00:00
ctdb-daemon: more logical whitespace, debug modernisation

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 15762a34559599cf908e30651a2d4c11560068ed)

- - - - -
5a51d363 by Noel Power at 2020-03-19T10:56:08+00:00
ctdb-tcp: move free of inbound queue to TCP restart

Since commit 77deaadca8e8dbc3c92ea16893099c72f6dc874e, a nodeA which
had previously accepted a connection from nodeB (where nodeB dies
e.g. as as result of fencing) when nodeB attempts to connect again
after restarting is always rejected with

 ctdb_listen_event: Incoming queue active, rejecting connection from w.x.y.z

messages.

Consolidate dead node handling in the TCP restart handling.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 0ff1b78fc2f0491f9e11131d0040bdaba8873770)

- - - - -
2e619f51 by Ralph Boehme at 2020-03-19T10:56:09+00:00
ctdb-tcp: always call node_dead() upcall in ctdb_tcp_tnode_cb()

ctdb_tcp_tnode_cb() is called when we receive data on the outgoing connection.

This can happen when we get an EOF on the connection because the other side as
closed. In this case data will be NULL.

It would also be called if we received data from the peer. In this case data
will not be NULL.

The latter case is a fatal error though and we already call
ctdb_tcp_stop_connection() for this case as well, which means even though the
node is not fully connected anymore, by not calling the node_dead() upcall
NODE_FLAGS_DISCONNECTED will not be set.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit b83ef98c7466b2a81968555de83fb977bb6ca9f0)

- - - - -
167ef355 by Ralph Boehme at 2020-03-19T10:56:09+00:00
ctdb-tcp: Remove redundant restart in ctdb_tcp_tnode_cb()

The node dead upcall has already restarted the outgoing connection.
There's no need to repeat it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit ea37ecdcd5960311f54a7a5510b88a654da23daa)

- - - - -
26e29f72 by Ralph Boehme at 2020-03-19T10:56:09+00:00
ctdb-tcp: rename ctdb_tcp_stop_connection() to ctdb_tcp_stop_outgoing()

No change in behaviour.  This makes the code self-documenting.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 1e2a967ff41cc29c3a0d7f61a46937c68fdb90ba)

- - - - -
3b5af720 by Ralph Boehme at 2020-03-19T10:56:09+00:00
ctdb-tcp: add ctdb_tcp_stop_incoming()

No change in behaviour.  This makes the code self-documenting.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 2c73dbafba50b28e72a8ec7b4382fae42fca6d17)

- - - - -
e9b727b4 by Martin Schwenke at 2020-03-19T10:56:09+00:00
ctdb-tcp: Factor out function ctdb_tcp_start_outgoing()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Signed-off-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 3c8747fe29486a4f95308b335a5e3ec1807f62cb)

- - - - -
25642c7e by Martin Schwenke at 2020-03-19T12:19:52+00:00
ctdb-tcp: Do not stop outbound connection in ctdb_tcp_node_connect()

The only place the outgoing connection needs to be stopped is when
there is a timeout when waiting for the connection to become writable.
Add a new function ctdb_tcp_node_connect_timeout() to handle this
case.

All of the other cases are attempts to establish a new outgoing
connection (initial attempt, retry after an error or disconnect, ...)
so drop stopping the connection in those cases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14295

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Signed-off-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Thu Mar 12 05:29:20 UTC 2020 on sn-devel-184

(cherry picked from commit 319c93f0c6a949545229b616dfbd4f51baf11171)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Thu Mar 19 12:19:52 UTC 2020 on sn-devel-184

- - - - -
a17de0ee by Karolin Seeger at 2020-03-20T11:03:26+00:00
WHATSNEW: Fix date.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Fri Mar 20 11:03:26 UTC 2020 on sn-devel-184

- - - - -
20d47858 by Björn Baumbach at 2020-03-27T11:54:40+00:00
samba-tool group listmembers: hide python backtracke on command error

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 789d84c0a9a406f7e0c9ab48cf2f31afdc4d3829)

- - - - -
439aeba4 by Björn Baumbach at 2020-03-27T11:54:40+00:00
samba-tool group listmembers: handle group-does-not-exist error

Return a error with a proper message instead of just do nothing when
the target group does not exist.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14296

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 40e498e743e4677a42030373e8d97f6f9763080a)

- - - - -
88edeec6 by Björn Baumbach at 2020-03-27T11:54:40+00:00
samba-tool group listmembers: find group members by groups SID

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14296

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 1d2e9f27fa9cff55245e45a194f696fc9ca4376d)

- - - - -
2dbe9c13 by Björn Baumbach at 2020-03-27T11:54:40+00:00
samba-tool group listmembers: use binary encoded group names

Allows to find groups with names like e.g. 'group1 (xy)'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14296

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit d0f8e833653df652df01a472c4bbfd256f10f810)

- - - - -
ecd119fc by Björn Baumbach at 2020-03-27T11:54:40+00:00
samba-tool group move: use binary encoded group name

Allows to move groups with names like e.g. 'group1 (xy)'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14296

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 626209beab2fc9b0fdb7e90338cdfec5cfa48dd7)

- - - - -
fc8961c1 by Björn Baumbach at 2020-03-27T11:54:40+00:00
samba-tool group delete: use binary encoded group name

Allows to delete groups with names like e.g. 'group1 (xy)'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14296

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 104582b73caf008600e15d76d57424263a0f28d4)

- - - - -
f2dae546 by Björn Baumbach at 2020-03-27T11:54:41+00:00
samba-tool group edit: use binary encoded group name

Allows to edit groups with names like e.g. 'group1 (xy)'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14296

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f3e7ea0405d46ddfbeba9b3a84c13b7878464180)

- - - - -
ee06963c by Björn Baumbach at 2020-03-27T13:19:20+00:00
selftest: test samba-tool group commands with groupnames with brackets and spaces

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14296

Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 534809a0f09775390e89fa1cbfae3a1d0fafecb8)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Fri Mar 27 13:19:20 UTC 2020 on sn-devel-184

- - - - -
be8d05f5 by Amitay Isaacs at 2020-03-30T08:06:12+00:00
ctdb-recovery: Fetched vnnmap is never used, so don't fetch it

New vnnmap is constructed using the information from all the connected
nodes.  So there is no need to fetch the vnnmap from recovery master.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 072ff4d12b8f34766120ddae888d772e97bca491)

- - - - -
ad5c6f3a by Amitay Isaacs at 2020-03-30T08:06:12+00:00
ctdb-recovery: Consolidate node state

This avoids passing multiple arguments to async computation.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 6e2f8756f1bce4dfc7fdc435e082f400116e29ec)

- - - - -
f468f654 by Amitay Isaacs at 2020-03-30T08:06:12+00:00
ctdb-recovery: Don't trust nodemap obtained from local node

It's possible to have a node stopped, but recovery master not yet
updated flags on the local ctdb daemon when recovery is started.  So do
not trust the list of active nodes obtained from the local node.  Query
the connected nodes to calculate the list of active nodes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit c6a0ff1bed0265e44fd6135d16bfc41919fe5bf5)

- - - - -
b7f7f7b6 by Amitay Isaacs at 2020-03-30T08:06:12+00:00
ctdb-recovery: Refactor banning a node into separate computation

If a node is marked for banning, confirm that it's not become inactive
during the recovery.  If yes, then don't ban the node.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 1c56d6413f86cc15ebac232f39ef1e2a53ae4297)

- - - - -
c9fa4fb0 by Martin Schwenke at 2020-03-30T08:06:12+00:00
ctdb-daemon: Fix database attach deferral logic

Commit 3cc230b5eeca749ab68d19cfda969f72c269f1f6 says:

  Dont allow clients to connect to databases untile we are well past
  and through the initial recovery phase

It is unclear what this commit was attempting to do.  The commit
message implies that more attaches should be deferred but the code
change adds a conjunction that causes less attaches to be deferred.
In particular, no attaches will be deferred after startup is complete.
This seems wrong.

To implement what seems to be stated in the commit message an "or"
needs to be used so that non-recovery daemon attaches are deferred
either when in recovery or before startup is complete.  Making this
change highlights that attaches need to be allowed during the
"startup" event because this is when smbd is started.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit c6c89495fbe9b6f238d10a538eccc92b937a69de)

- - - - -
aefd9b2e by Martin Schwenke at 2020-03-30T08:06:12+00:00
ctdb-daemon: Remove unused old client database functions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit fc23cd1b9cdd1d70067491614b16e616291e8ff2)

- - - - -
7c1f9bde by Martin Schwenke at 2020-03-30T08:06:12+00:00
ctdb-protocol: Add control flag CTDB_CTRL_FLAG_ATTACH_RECOVERY

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 17ed0425904a98624284d351ab7617b3e02c0f7b)

- - - - -
05c2d86d by Martin Schwenke at 2020-03-30T08:06:12+00:00
ctdb-recovery: Use CTDB_CTRL_FLAG_ATTACH_RECOVERY to attach during recovery

ctdb_ctrl_createdb() is only called by the recovery daemon, so this is
a safe, temporary change.  This is temporary because
ctdb_ctrl_createdb(), create_missing_remote_databases() and
create_missing_local_databases() will all go away soon.

Note that this doesn't cause a change in behaviour.  The main daemon
will still only defer attaches from non-recoverd processes during
recovery.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 98e3d0db2bc5f33217e26fab1dfb4bb91eae534f)

- - - - -
1e57e5c4 by Martin Schwenke at 2020-03-30T08:06:12+00:00
ctdb-daemon: Respect CTDB_CTRL_FLAG_ATTACH_RECOVERY when attaching databases

This is currently only set by the recovery daemon when it attaches
missing databases, so there is no obvious behaviour change.  However,
attaching missing databases can now be moved to the recovery helper as
long as it sets this flag.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 7e5a8a4884ea87bb985fe0e2b65ff130fc2ba8aa)

- - - - -
808c7aab by Martin Schwenke at 2020-03-30T08:06:12+00:00
ctdb-recovery: Replace use of ctdb_dbid_map with local db_list

This will be used to build a merged list of databases from all nodes,
allowing the recovery helper to create missing databases.

It would be possible to also include the db_name field in this
structure but that would cause a lot of churn.  This field is used
locally in the recovery of each database so can continue to live in
the relevant state structure(s).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 4c0b9c36050a0ed8a180d4ac1853224089528e8e)

- - - - -
58f83582 by Martin Schwenke at 2020-03-30T08:06:12+00:00
ctdb-recovery: GET_DBMAP from all nodes

This builds a complete list of databases across the cluster so it can
be used to create databases on the nodes where they are missing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit c6f74e590f602e2ed38fe293468770a5e669aefa)

- - - - -
71310819 by Martin Schwenke at 2020-03-30T08:06:12+00:00
ctdb-recovery: Pass db structure for each database recovery

Instead of db_id and db_flags.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 1bdfeb3fdc06947a607957ab3d114f97bad5d7d7)

- - - - -
63db9658 by Martin Schwenke at 2020-03-30T08:06:12+00:00
ctdb-recovery: Fetch database name from all nodes where it is attached

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit e6e63f8fb8194634135bf34cda18f6cc8ff69a7c)

- - - - -
c8354a9c by Martin Schwenke at 2020-03-30T08:06:13+00:00
ctdb-recovery: Create database on nodes where it is missing

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 76a8174279f42486b36cc41d5831d4e6613f172e)

- - - - -
2049792f by Martin Schwenke at 2020-03-30T08:06:13+00:00
ctdb-recovery: Remove old code for creating missing databases

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 3a66d181b6f6199fca362fcb0aa06513645b589d)

- - - - -
60dc3c32 by Martin Schwenke at 2020-03-30T08:06:13+00:00
ctdb-daemon: Remove more unused old client database functions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 052f1bdb9cf78f53f584edd32f81ae8e01e8e86e)

- - - - -
b1b41b88 by Martin Schwenke at 2020-03-30T08:06:13+00:00
ctdb-daemon: Don't allow attach from recovery if recovery is not active

Neither the recovery daemon nor the recovery helper should attach
databases outside of the recovery process.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14294

Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
(cherry picked from commit 147afe77de372ddb9c180228d6fe1b04cca4610f)

- - - - -
2dabb4c5 by Martin Schwenke at 2020-03-30T09:36:01+00:00
ctdb-recoverd: Avoid dereferencing NULL rec->nodemap

Inside the nested event loop in ctdb_ctrl_getnodemap(), various
asynchronous handlers may dereference rec->nodemap, which will be
NULL.

One example is lost_reclock_handler(), which causes rec->nodemap to be
unconditionally dereferenced in list_of_nodes() via this call chain:

  list_of_nodes()
  list_of_active_nodes()
  set_recovery_mode()
  force_election()
  lost_reclock_handler()

Instead of attempting to trace all of the cases, just avoid leaving
rec->nodemap set to NULL.  Attempting to use an old value is generally
harmless, especially since it will be the same as the new value in
most cases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14324

Reported-by: Volker Lendecke <vl at samba.org>
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Tue Mar 24 01:22:45 UTC 2020 on sn-devel-184

(cherry picked from commit 716f52f68b248ae7cfd66479b3fc678c4a0d8b38)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Mon Mar 30 09:36:01 UTC 2020 on sn-devel-184

- - - - -
784e4266 by Günther Deschner at 2020-04-01T08:51:15+00:00
nsswitch: fix use-after-free causing segfault in _pam_delete_cred

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14327

Guenther

Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Mon Mar 30 13:01:20 UTC 2020 on sn-devel-184

(cherry picked from commit 047b0d8ab534c7a10a8572fd9f21e2456fd30710)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Wed Apr  1 08:51:15 UTC 2020 on sn-devel-184

- - - - -
b82cec52 by Noel Power at 2020-04-03T12:24:36+00:00
s3/utils: Fix double free error with smbtree

==3632==
WORKGROUP
	\\ATP
		\\ATP\IPC$           	IPC Service ()
==3632== Invalid read of size 8
==3632==    at 0x773C926: poptResetContext (in /usr/lib64/libpopt.so.0.0.0)
==3632==    by 0x773E5DD: poptFreeContext (in /usr/lib64/libpopt.so.0.0.0)
==3632==    by 0x10A8BC: main (smbtree.c:354)
==3632==  Address 0x16085e00 is 640 bytes inside a block of size 784 free'd
==3632==    at 0x4C2F1AD: free (vg_replace_malloc.c:530)
==3632==    by 0x773E6F7: poptFreeContext (in /usr/lib64/libpopt.so.0.0.0)
==3632==    by 0x10A84B: main (smbtree.c:342)
==3632==  Block was alloc'd at
==3632==    at 0x4C2FE45: calloc (vg_replace_malloc.c:711)
==3632==    by 0x773C79A: poptGetContext (in /usr/lib64/libpopt.so.0.0.0)
==3632==    by 0x10A829: main (smbtree.c:339)
==3632==

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14332
Signed-off-by: Noel Power <npower at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Wed Apr  1 18:51:43 UTC 2020 on sn-devel-184

(cherry picked from commit 24b03fd28ed19cea8f875f96b3e300f808dfc4ae)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Fri Apr  3 12:24:36 UTC 2020 on sn-devel-184

- - - - -
21095de9 by Karolin Seeger at 2020-04-06T10:03:43+02:00
WHATSNEW: Add release notes for Samba 4.12.1.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
dcaa10c6 by Karolin Seeger at 2020-04-07T08:37:55+02:00
VERSION: Disable GIT_SNAPSHOT for the 4.12.1 release.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
a3157b95 by Karolin Seeger at 2020-04-07T08:38:40+02:00
VERSION: Bump version up to 4.12.2...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
be695ae6 by Ralph Boehme at 2020-04-07T08:12:32+00:00
s4/torture: fix a timestamps test to work on ext filesystem

ext filesystem has a time_t limit of 15032385535 (0x0x37fffffff). From
Documentation/filesystems/ext4/inodes.rst:

  If the inode structure size ``sb->s_inode_size`` is larger than 128 bytes and
  the ``i_inode_extra`` field is large enough to encompass the respective
  ``i_[cma]time_extra`` field, the ctime, atime, and mtime inode fields are
  widened to 64 bits. Within this “extra” 32-bit field, the lower two bits are
  used to extend the 32-bit seconds field to be 34 bit wide; the upper 30 bits
  are used to provide nanosecond timestamp accuracy. Therefore, timestamps
  should not overflow until May 2446. ...

Changing the test to use the value 0x37fffffff instead of 100000000000 allows
running the test locally on ext filesytems.

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 73fedf014bbe02a408360d48e35bce4a6dbc9c36)

- - - - -
2d21f3c4 by Ralph Boehme at 2020-04-07T08:12:32+00:00
torture/smb2: mtime update logic with 2 handles: write io on handle 1, then set mtime on handle 2

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 47508c5ecf0713ef404d5226499a4269651dc020)

- - - - -
6c7b69c7 by Ralph Boehme at 2020-04-07T08:12:32+00:00
torture/smb2: add a test verifying a flush flushes a pending writetime update

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit c63d6c9e256cdf6a3620373ef0f595e61d43fa97)

- - - - -
f79e3915 by Ralph Boehme at 2020-04-07T08:12:33+00:00
torture/smb2: add a test verifying a setinfo(basicinfo) flushes a pending writetime update

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 4e3c2afbd6f12159252405f6efc6528fa9345f08)

- - - - -
8d05e789 by Ralph Boehme at 2020-04-07T08:12:33+00:00
smbd: always flush pending write time update when setting filesize

We need to flush a pending write time update even when we're setting the
filesize to current filesize.

Note that we're already doing it this way in the relevant places listed my
dochelp at MS in

https://lists.samba.org/archive/cifs-protocol/2019-December/003364.html

  Cleanup (= Close)
  SetBasicInfo
  SetAllocationInfo
  SetEndOfFileInfo
  SetValidDataLengthInfo
  Flush
  FSCTL_SET_ENCRYPTION
  FSCTL_OFFLOAD_WRITE

Cleanup (= Close):

  Already implemented by update_write_time_on_close() and friends.

SetBasicInfo:

  Currently doesn't flush pending updates. Fixed by a subsequent commit.

SetAllocationInfo:

  smb_set_file_allocation_info() when setting a file's allocation size.

SetEndOfFileInfo:

  Currently doesn't flush pending updates. Fixed by a subsequent commit.

SetValidDataLengthInfo:

  Not implemented, returns NT_STATUS_NOT_SUPPORTED which seems wrong btw, as
  SetValidDataLengthInfo IS listed in MS-SMB2 2.2.39.

Flush:

  Currently doesn't flush pending updates. Fixed by subsequent commit..

FSCTL_SET_ENCRYPTION:

  Windows 2016 doesn't flush a pending writetime update, verified with a
  smbtorture test.

FSCTL_OFFLOAD_WRITE:

  NT_STATUS_NOT_IMPLEMENTED

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 79d7d6b9d01b8547f16b74a62926d0b471f18c39)

- - - - -
a8b94620 by Ralph Boehme at 2020-04-07T08:12:33+00:00
smbd: flush pending writetime update when flushing file

Cf the explanations in the previous commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit d99d5bf2c6d0a818ef2f3920e0c93fac38761c36)

- - - - -
f6497e76 by Ralph Boehme at 2020-04-07T08:12:33+00:00
smbd: flush pending writetime update when setting timestamps file

Cf the explanations in the previous commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 7b90fe69a865ae8648b6548eabbcf2fa8237ebd8)

- - - - -
8935fe7e by Ralph Boehme at 2020-04-07T08:12:33+00:00
torture/smb2: Windows 2019 15 ms timestamp resolution

This test demonstrates that Windows has a timestamp resolution of ~15ms.

When a smaller amount of time than that has passed between modifying operations
on a file, it's not necessarily detectable on a Windows 2019 server that
implements immediate timestamp updates (no delayed magic).

Note that this test relies on a low latency SMB connection. Even with a low
latency connection of eg 1m there's a chance of 1/15 that the first part of the
test expecting no timestamp change fails as the writetime is updated.

Due to this timing dependency this test is skipped in Samba CI, but it is
preserved here for future SMB2 timestamps behaviour archealogists.

See also: https://lists.samba.org/archive/cifs-protocol/2019-December/003358.html

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 6f7d1d8a37bfb877b3f07423cbcffd15710e8d08)

- - - - -
24ab1b46 by Ralph Boehme at 2020-04-07T08:12:33+00:00
smbd: avoid double chdir() in chdir_current_service()

Since 8e81090789e4cc3ba9e5aa792d4e52971909c894 we're doing chdir() twice, first
into conn->connectpath, then into conn->origpath.

Before commit 8e81090789e4cc3ba9e5aa792d4e52971909c894 if
chdir(conn->connectpath) succeeded, we wouldn't do the second chdir().

While at it, simplify the logging logic: if chdir() fails in this core function,
just always log is as error including the unix token.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14256
RN: smbd does a chdir() twice per request

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Feb  6 11:44:07 UTC 2020 on sn-devel-184

(cherry picked from commit f705629a171c1411131164f3adff36175154c093)

- - - - -
7c6a0354 by Jeremy Allison at 2020-04-07T08:12:33+00:00
s3: VFS: vfs_aio_pthread. Fix leak of state struct on error.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit a1e247c3ba579ecc6ee03f5aad9679ed79fac5ac)

- - - - -
addd33f6 by Jeremy Allison at 2020-04-07T08:12:33+00:00
s3: VFS: vfs_aio_pthread: Replace state destructor with explicitly called teardown function.

This will allow repurposing a real destructor to allow
connections structs to be freed whilst the aio open
request is in flight.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 8db831a318cd4a10ec9c1d629ebff4ca35b8acfe)

- - - - -
35583c7b by Jeremy Allison at 2020-04-07T08:12:34+00:00
s3: VFS: vfs_aio_pthread. Move xconn into state struct (opd).

We will need this in future to cause a pending open to
be rescheduled after the connection struct we're using
has been shut down with an aio open in flight. This will
allow a correct error reply to an awaiting client.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit ddb9038fe776b1d8239e563a4c9a70b4097645f3)

- - - - -
ef913259 by Jeremy Allison at 2020-04-07T08:12:34+00:00
s3: VFS: vfs_aio_pthread: Add a talloc context parameter to create_private_open_data().

Pass in NULL for now so no behavior change.
We will be changing this from NULL to fsp->conn in a later commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit e566066605981549b670a5392683fbd81ce93d18)

- - - - -
bb646d6b by Jeremy Allison at 2020-04-07T08:12:34+00:00
s3: VFS: vfs_aio_pthread: Make aio opens safe against connection teardown..

Allocate state off fsp->conn, not NULL, and add a destructor
that catches deallocation of conn which happens
on connection shutdown or force close.

Note - We don't allocate off fsp as the passed in
fsp will get freed once we return EINPROGRESS/NT_STATUS_MORE_PROCESSING_REQUIRED.
A new fsp pointer gets allocated on every re-run of the
open code path.

The destructor allows us to NULL out the saved conn struct pointer
when conn is deallocated so we know not to access deallocated memory.
This matches the async teardown code changes for bug #14301
in pread/pwrite/fsync vfs_default.c and vfs_glusterfs.c

state is still correctly deallocated in all code
paths so no memory leaks.

This allows us to safely complete when the openat()
returns and then return the error NT_STATUS_NETWORK_NAME_DELETED
to the client open request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 6b567e0c138d1cf2bcf58c84872ed2b0e89d628d)

- - - - -
8a6dc998 by Jeremy Allison at 2020-04-07T08:12:34+00:00
s3: smbd: In aio_del_req_from_fsp() talloc_free(fsp->aio_requests[]) when fsp->num_aio_requests reaches zero.

The add code in aio_add_req_to_fsp() re-tallocs
this array on demand, and talloc freeing it here
allows it to be used as the parent for a tevent
wait queue, so callers can get notified when
all outstanding aio on an fsp is finished.

We'll deal with any performance issues in
the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 0c952bba1edf7c8173d05ccdc6fdaa7232d2c6aa)

- - - - -
1ad20244 by Jeremy Allison at 2020-04-07T08:12:34+00:00
s3: smbd: Now we free fsp->aio_requests when it gets zero entries, talloc in chunks of 10 instead of 1.

Prevents incremental +1 tallocs, and the original
idea of this array was that it wasn't freed for
io efficiency reasons. Add paranoia integer wrap
protection also.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit b90bc0f28918133badbf6810d5e298fc326bd1aa)

- - - - -
49d50bed by Jeremy Allison at 2020-04-07T08:12:34+00:00
s3: smbd: In async SMB1 reply_close() set fsp->closing = true, as we already do in SMB2 async close.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit b7d09b30ad14d51bbcbe368a11348754121f6ff8)

- - - - -
efc902b2 by Jeremy Allison at 2020-04-07T08:12:34+00:00
s3: smbd: Every place we check fsp->deferred_close, also check for fsp->closing.

Eventually this will allow us to remove fsp->deferred_close
from the fsp struct (and also source3/lib/tevent_wait.[ch]).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 4287ea138e82103cce0a939e504f9810636b4747)

- - - - -
044cf379 by Jeremy Allison at 2020-04-07T08:12:34+00:00
s3: smbd: Don't allow force disconnect of a connection already being disconnected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit ac800ca6bcb43c74a1a6ef508b900e2e6cb532dc)

- - - - -
97e13688 by Jeremy Allison at 2020-04-07T08:12:34+00:00
s3: smbd: Add async internals of conn_force_tdis().

Commented out so it can be seen complete as
a diff. The next commit will replace the old
synchronous conn_force_tdis() code with the
new async code.

Uses a wait_queue to cause the force close
requests to stay pending until all outstanding
aio is finished on all file handles opened
on the connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 4f9e0459cd06f0332083a4a465f49b5f258838fa)

- - - - -
b22e8c8c by Jeremy Allison at 2020-04-07T08:12:35+00:00
s3: smbd: Replace synchronous conn_force_tdis() with the async version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 7891302ab8eeba8261b92171a4d429e2f538b89a)

- - - - -
83eace54 by Jeremy Allison at 2020-04-07T08:12:35+00:00
s3: smbd: Add async internals of reply_tdis().

Waits until all aio requests on all fsp's under this
conn struct are finished before returning to the client.

Charges the profile time in the done function. Not strictly
correct but better than the other SMB1 async code that
double-charges profiling in both send and done at the
moment.

Done this way (commented out) so it is a clean
diff and it's clear what is being added.

A later commit will remove the old synchronous version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 86cc67d5a7de0a81131b11447dad57b2681d8e01)

- - - - -
01450dec by Jeremy Allison at 2020-04-07T08:12:35+00:00
s3: smbd: In reply_tdis(), replace req -> smb1req.

Minimises the diff in the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit ca4521f1dd97bc5a05e381c652b05ae1eb8bd29b)

- - - - -
c613e113 by Jeremy Allison at 2020-04-07T08:12:35+00:00
s3: smbd: reply_tdis() Update to modern coding standards.

Minimizes the diff in the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 71725f1c4adaa04ef04c0dd400c49399952ef5fa)

- - - - -
999a14c5 by Jeremy Allison at 2020-04-07T08:12:35+00:00
s3: smbd: Remove old synchronous SMB1 reply_tdis().

SMB1 tree disconnect is now fully async.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 7613998e10c5f13c896667257fdef33824a45d2a)

- - - - -
f6bb69d9 by Jeremy Allison at 2020-04-07T08:12:35+00:00
s3: smbd: Add async internals of reply_ulogoffX.

Waits until all aio requests on all fsp's owned by this
vuid are finished before returning to the client.

Charges the profile time in the done function. Not strictly
correct but better than the other SMB1 async code that
double-charges profiling in both send and done at the
moment.

Done this way (commented out) so it is a clean
diff and it's clear what is being added.

A later commit will remove the old synchronous version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 4dd3012cb1b5e000ccf68d2601dbdbcb7ff538b5)

- - - - -
b619e204 by Jeremy Allison at 2020-04-07T08:12:35+00:00
s3: smbd: In reply_ulogoffX(), replace req -> smb1req.

Minimises the diff in later commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 5c073aa01b304f54a0039d9cd9dc74123191eb4b)

- - - - -
aa58b41b by Jeremy Allison at 2020-04-07T08:12:35+00:00
s3: smbd: reply_ulogoffX() Update to modern coding standards.

Minimizes the diff in the later commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 9cda76ad29db0cfbffa3dbb0764ec5dda24490f9)

- - - - -
83b44828 by Jeremy Allison at 2020-04-07T08:12:35+00:00
s3: smbd: Remove old synchronous SMB1 reply_ulogoffX().

SMB1 user logoff is now fully async.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 446b64ca66591d8ae5b4bf1aabdd46a1e8cb1c1c)

- - - - -
2b32fdde by Jeremy Allison at 2020-04-07T08:12:36+00:00
s3: smbd: Add async internals of reply_exit().

Waits until all aio requests on all fsp's owned by this
vuid are finished before returning to the client.

Charges the profile time in the done function. Not strictly
correct but better than the other SMB1 async code that
double-charges profiling in both send and done at the
moment.

Done this way (commented out) so it is a clean
diff and it's clear what is being added.

A later commit will remove the old synchronous version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 8f58feab58afbc7aa214fac2a1728dda68303c6b)

- - - - -
824bc7f7 by Jeremy Allison at 2020-04-07T08:12:36+00:00
s3: smbd: Remove old synchronous SMB1 reply_exit().

SMB1 exit is now fully async.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 1de0daa715f3324e3620ae8152b7fbaeb40ee9d9)

- - - - -
680157b5 by Jeremy Allison at 2020-04-07T08:12:36+00:00
s3: smbd: Remove file_close_pid().

The old synchronous reply_exit() was the only user.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 584933439c70af3d2fd047e62a3456c1c2eca45e)

- - - - -
a108dece by Jeremy Allison at 2020-04-07T08:12:36+00:00
smbd: enforce AIO requests draining

Assert we have no aio on a close.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Combined squash of commits:

(cherry picked from commit 410e7599bd2ae9b35429f60a529bb7c4aa88df25)
(cherry picked from commit acb0b01761330864a23932f643f7ad4e3d374634)
(cherry picked from commit f94cd10a211e2eae966ba4bd26921556bbe513fc)
(cherry picked from commit 0ae4f368c6c8d2c8c7aa34069007a984055df0da)
(cherry picked from commit 86dd5a080969e14ab0d131d8cb1054ec624a41ba)

- - - - -
58723f78 by Jeremy Allison at 2020-04-07T08:12:36+00:00
s3: tests: Add samba3.blackbox.force-close-share

Checks server stays up whilst writing to a force closed share.
Uses existing aio_delay_inject share to delay writes while
we force close the share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sun Mar  8 19:34:14 UTC 2020 on sn-devel-184

(cherry picked from commit bb22be08b077b7d5911ccdeb1012f4dea85647e5)
(cherry picked from commit 566658d914176c41942e3c6aba404ae369aeb123)

- - - - -
bd89299d by Ralph Boehme at 2020-04-07T08:12:36+00:00
smbd: remove stat call from mark_file_modified()

This stat dates back to d03453864ab1bc5fd3b4a3abaf96176a006c102b where the call
to trigger_write_time_update() had been to the file IO codepath. It was present
there for other reasons: to setup the write-cache based on the file's size.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 2c19d27113036d607850f370bb9afd62856d671e)

- - - - -
92b0555f by Ralph Boehme at 2020-04-07T08:12:36+00:00
torture/smb2: delayed timestamp update test: single write

Verify close only updates write-time when a delayed update is actually pending.

This scenario is not covered by basic.delaywrite.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 58fa7b4fd7b53d3100459a0c9c7ef4ca7481b58a)

- - - - -
f09cb423 by Ralph Boehme at 2020-04-07T08:12:37+00:00
torture/smb2: delayed timestamp updates test: more then one write

Verify a close updates the write-time for subsequent writes after an initial
write started the delayed update logic.

This covers a scenario that will become relevant with the two subsequent
commits. The next commit:

  smbd: let mark_file_modified() always call trigger_write_time_update()

ensures that trigger_write_time_update() is not only called for the first write
on a file. Without that preaparatory change, the second commit:

  smbd: let delayed update handler also update on-disk timestamps

alone would cause this test to fail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 60aecca9a727555847aa1412415c5bbd927df4ff)

- - - - -
6d3279d0 by Ralph Boehme at 2020-04-07T08:12:37+00:00
smbd: let mark_file_modified() always call trigger_write_time_update()

Preperatory change: the next commit will reset fsp->update_write_time_on_close
in the event handler, so this change ensures it gets set again for any
subsequent write.

This will NOT always result in a write-time update because
trigger_write_time_update() has its own only-once logic using the internal
variable fsp->update_write_time_triggered.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 53de2da7acfc24513082190502d93306c12b7434)

- - - - -
d6d93329 by Ralph Boehme at 2020-04-07T08:12:37+00:00
smbd: let delayed update handler also update on-disk timestamps

Let delayed update handler also update on-disk timestamps by calling
trigger_write_time_update_immediate().

trigger_write_time_update_immediate() sets fsp->update_write_time_on_close to
false which prevents updating the write-time on close if there was ever only one
write to the file.

Besides resetting fsp->update_write_time_on_close and setting the on-disk timestamps
trigger_write_time_update_immediate() takes the same steps as the removed code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Mar 19 03:05:40 UTC 2020 on sn-devel-184

(cherry picked from commit 81c1a14e3271aeed7ed4fe6311171b19ba963555)

- - - - -
dacbd35a by Andreas Schneider at 2020-04-07T08:12:37+00:00
s3:libads: Fix ads_get_upn()

This adds the userPrincipalName to ads_find_machine_acct() which
fetches the data for us.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14336

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit ec69752cb963ae850568d3f4905d2941e485627e)

- - - - -
d0ca4d17 by Andreas Schneider at 2020-04-07T09:36:45+00:00
testprogs: Add 'net ads join createupn' test also verifying the keytab

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14336

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Apr  6 19:09:53 UTC 2020 on sn-devel-184

(cherry picked from commit c4be195da2845be4f64e47883e3c911dedd90e48)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Tue Apr  7 09:36:45 UTC 2020 on sn-devel-184

- - - - -
6e3fd37a by Isaac Boukris at 2020-04-15T11:56:08+00:00
Adapt sign_authdata in our KDB module for krb5 v1.18

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14342

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

- - - - -
25fefdb7 by Isaac Boukris at 2020-04-15T11:56:08+00:00
Fix uxsuccess test with new MIT krb5 library 1.18

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14155
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14342

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
95880710 by Isaac Boukris at 2020-04-15T11:56:08+00:00
Sign and verify PAC with ticket principal instead of canon principal

With MIT library 1.18 the KDC no longer set
KRB5_KDB_FLAG_CANONICALIZE for enterprise principals which allows
us to not canonicalize them (like in Windows / Heimdal).

However, it now breaks the PAC signature verification as it was
wrongly done using canonical client rather than ticket client name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14342

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>

- - - - -
8bdcac93 by Andreas Schneider at 2020-04-15T11:56:08+00:00
selftest: Set KRB5RCACHETYPE to none for selftest

This is required that out tests work with MIT KRB5 1.18.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14342

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>

- - - - -
8e3484c1 by Isaac Boukris at 2020-04-15T11:56:08+00:00
mit-kdc: Explicitly reject S4U requests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14342

Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Tue Mar 10 14:46:04 UTC 2020 on sn-devel-184

- - - - -
8c537c8a by Noel Power at 2020-04-15T13:20:27+00:00
s3/librpc/crypto: Fix double free with unresolved credential cache

We free gse_ctx->k5ctx but then free it again in the
talloc dtor. This patch just lets the talloc dtor handle
things and removes the extra krb5_free_context

Failed to resolve credential cache 'DIR:/run/user/1000/krb5cc'! (No credentials cache found)
==30762== Invalid read of size 8
==30762==    at 0x108100F4: k5_os_free_context (in /usr/lib64/libkrb5.so.3.3)
==30762==    by 0x107EA661: krb5_free_context (in /usr/lib64/libkrb5.so.3.3)
==30762==    by 0x7945D2E: gse_context_destructor (gse.c:84)
==30762==    by 0x645FB49: _tc_free_internal (talloc.c:1157)
==30762==    by 0x645FEC5: _talloc_free_internal (talloc.c:1247)
==30762==    by 0x646118D: _talloc_free (talloc.c:1789)
==30762==    by 0x79462E4: gse_context_init (gse.c:241)
==30762==    by 0x794636E: gse_init_client (gse.c:268)
==30762==    by 0x7947602: gensec_gse_client_start (gse.c:786)
==30762==    by 0xBC87A3A: gensec_start_mech (gensec_start.c:743)
==30762==    by 0xBC87BC6: gensec_start_mech_by_ops (gensec_start.c:774)
==30762==    by 0xBC8167F: gensec_spnego_client_negTokenInit_step (spnego.c:633)
==30762==  Address 0x17259928 is 40 bytes inside a block of size 496 free'd
==30762==    at 0x4C2F50B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30762==    by 0x79462CA: gse_context_init (gse.c:238)
==30762==    by 0x794636E: gse_init_client (gse.c:268)
==30762==    by 0x7947602: gensec_gse_client_start (gse.c:786)
==30762==    by 0xBC87A3A: gensec_start_mech (gensec_start.c:743)
==30762==    by 0xBC87BC6: gensec_start_mech_by_ops (gensec_start.c:774)
==30762==    by 0xBC8167F: gensec_spnego_client_negTokenInit_step (spnego.c:633)
==30762==    by 0xBC813E2: gensec_spnego_client_negTokenInit_start (spnego.c:537)
==30762==    by 0xBC84084: gensec_spnego_update_pre (spnego.c:1943)
==30762==    by 0xBC83AE5: gensec_spnego_update_send (spnego.c:1741)
==30762==    by 0xBC85622: gensec_update_send (gensec.c:449)
==30762==    by 0x551BFD0: cli_session_setup_gensec_local_next (cliconnect.c:997)
==30762==  Block was alloc'd at
==30762==    at 0x4C306B5: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30762==    by 0x107EA7AE: krb5_init_context_profile (in /usr/lib64/libkrb5.so.3.3)
==30762==    by 0xB853215: smb_krb5_init_context_common (krb5_samba.c:3597)
==30762==    by 0x794615B: gse_context_init (gse.c:209)
==30762==    by 0x794636E: gse_init_client (gse.c:268)
==30762==    by 0x7947602: gensec_gse_client_start (gse.c:786)
==30762==    by 0xBC87A3A: gensec_start_mech (gensec_start.c:743)
==30762==    by 0xBC87BC6: gensec_start_mech_by_ops (gensec_start.c:774)
==30762==    by 0xBC8167F: gensec_spnego_client_negTokenInit_step (spnego.c:633)
==30762==    by 0xBC813E2: gensec_spnego_client_negTokenInit_start (spnego.c:537)
==30762==    by 0xBC84084: gensec_spnego_update_pre (spnego.c:1943)
==30762==    by 0xBC83AE5: gensec_spnego_update_send (spnego.c:1741)
==30762==

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14344
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Apr 14 22:55:51 UTC 2020 on sn-devel-184

(cherry picked from commit 34f8ab774d1484b0e60dbdec8ad2a1607ad92122)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Wed Apr 15 13:20:28 UTC 2020 on sn-devel-184

- - - - -
5ecac7b6 by Jeremy Allison at 2020-04-17T08:55:08+00:00
s3: VFS: full_audit. Add missing fcntl entry in vfs_op_names[] array.

Found by yannick at in2ip.nl.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14343

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 977d3c7bab3319725abc418839d581489fd9bbe9)

- - - - -
790bf2ab by Jeremy Allison at 2020-04-17T10:19:13+00:00
s3: VFS: Add cmocka test for vfs_full_audit to make sure all arrays are correct.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14343

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

(Back-ported from commit 5e987e2f40e7698de489696d795ebe26b7e75c9b)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Fri Apr 17 10:19:13 UTC 2020 on sn-devel-184

- - - - -
21f64af1 by Volker Lendecke at 2020-04-21T12:44:16+00:00
ctdb: Fix a memleak

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14348
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Martin Schwenke <martin at meltin.net>

Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Apr 17 08:32:35 UTC 2020 on sn-devel-184

(cherry picked from commit ad4b53f2d95de3d3609f3a23d96602f3dd516705)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Tue Apr 21 12:44:16 UTC 2020 on sn-devel-184

- - - - -
feb24fc1 by Karolin Seeger at 2020-04-22T12:50:42+02:00
VERSION: Bump version up to 4.12.2...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger at samba.org>
(cherry picked from commit a3157b958bfd9f1f77014fcfc6ca5ad1f38b0fbf)

- - - - -
8e597aa1 by Andrew Bartlett at 2020-04-22T12:50:42+02:00
CVE-2020-10700: dsdb: Add test for ASQ and ASQ in combination with paged_results

Thanks to Andrei Popa <andrei.popa at next-gen.ro> for finding,
reporting and working with us to diagnose this issue!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
b8244445 by Andrew Bartlett at 2020-04-22T12:50:42+02:00
CVE-2020-10700: ldb: Always use ldb_next_request() in ASQ module

We want to keep going down the module stack, and not start from the top again.

ASQ is above the ACL modules, but below paged_results and we do not wish to
re-trigger that work.

Thanks to Andrei Popa <andrei.popa at next-gen.ro> for finding,
reporting and working with us to diagnose this issue!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
fb3e5102 by Andrew Bartlett at 2020-04-22T12:50:42+02:00
CVE-2020-10700: dsdb: Do not permit the ASQ control for the GUID search in paged_results

ASQ is a very strange control and a BASE search can return multiple results
that are NOT the requested DN, but the DNs pointed to by it!

Thanks to Andrei Popa <andrei.popa at next-gen.ro> for finding,
reporting and working with us to diagnose this issue!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
fecb05c8 by Karolin Seeger at 2020-04-22T12:50:42+02:00
CVE-2020-10700: ldb: Bump version up to 2.1.2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>

- - - - -
109b128e by Gary Lockyer at 2020-04-22T12:50:42+02:00
CVE-2020-10704: lib util asn1: Add ASN.1 max tree depth

Add maximum parse tree depth to the call to asn1_init, which will be
used to limit the depth of the ASN.1 parse tree.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
74986c17 by Gary Lockyer at 2020-04-22T12:50:42+02:00
CVE-2020-10704: libcli ldap: test recursion depth in ldap_decode_filter_tree

Add tests to check that ASN.1 ldap requests with deeply nested elements
are rejected.  Previously there was no check on the on the depth of
nesting and excessive nesting could cause a stack overflow.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
16da9c6e by Gary Lockyer at 2020-04-22T12:50:42+02:00
CVE-2020-10704: lib util asn1: Check parse tree depth

Check the current depth of the parse tree and reject the input if the
depth exceeds that passed to asn1_init

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
4aeb07ef by Gary Lockyer at 2020-04-22T12:50:42+02:00
CVE-2020-10704: ldapserver tests: Limit search request sizes

Add tests to ensure that overly long (> 256000 bytes) LDAP search
requests are rejected.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
48a3bdd7 by Gary Lockyer at 2020-04-22T12:50:42+02:00
CVE-2020-10704: smb.conf: Add max ldap request sizes

Add two new smb.conf parameters to control the maximum permitted ldap
request size.

Adds:
   ldap max anonymous request size       default 250Kb
   ldap max authenticated request size   default 16Mb

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
8729c05b by Gary Lockyer at 2020-04-22T12:50:42+02:00
CVE-2020-10704: S4 ldap server: Limit request sizes

Check the size of authenticated and anonymous ldap requests and reject
them if they exceed the limits in smb.conf

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
db78f266 by Gary Lockyer at 2020-04-22T12:50:42+02:00
CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode

Add search request size limits to ldap_decode calls.

The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
71b92c95 by Gary Lockyer at 2020-04-22T12:50:42+02:00
CVE-2020-10704 libcli ldap: Check search request lengths.

Check the search request lengths against the limits passed to
ldap_decode.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

- - - - -
51b4bf0c by Karolin Seeger at 2020-04-22T12:53:26+02:00
WHATSNEW: Add release notes for Samba 4.12.2.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
ee9600d8 by Karolin Seeger at 2020-04-22T12:55:18+02:00
VERSION: Disable GIT_SNAPSHOT for the 4.12.2 release.

o CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ
o CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
11620a07 by Karolin Seeger at 2020-04-28T13:48:23+02:00
Merge tag 'samba-4.12.2' into v4-12-test

samba: tag release samba-4.12.2

- - - - -
af4d2a38 by Karolin Seeger at 2020-04-28T13:48:51+02:00
VERSION: Bump version up to 4.12.3.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
d3eb8ef9 by Volker Lendecke at 2020-05-04T11:36:07+00:00
libsmb: Don't try to find posix stat info in SMBC_getatr()

This wrongly used "frame" instead of "fname", which can never have
worked. A first attempt to fix in 51551e0d53fa6 caused a few followup
patches in an attempt to clean up the test failures 51551e0d53fa6
introduced. They were reverted after a few discussions. So rather than
changing behaviour, just remove the code that introduced the valgrind
error again.

Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Mar 20 05:06:07 UTC 2020 on sn-devel-184

(cherry picked from commit 39c910fd9cba3caf7414274b678b9eee33d7e20b)

- - - - -
d2e0eafa by Anoop C S at 2020-05-04T11:36:07+00:00
dbwrap_watch: Set rec->value_valid while returning nested share_mode_do_locked()

As reported on samba-technical by Rouven WEILER <Rouven_Weiler at gmx.net>:
https://lists.samba.org/archive/samba-technical/2020-April/135116.html

Following backtrace was observed with vfs_fruit for time machine backup:

[2020/04/10 08:00:38.107917,  0] ../../lib/dbwrap/dbwrap.c:82(dbwrap_record_get_value)
  PANIC: assert failed at ../../lib/dbwrap/dbwrap.c(82): rec->value_valid
[2020/04/10 08:00:38.108499,  0] ../../source3/lib/util.c:830(smb_panic_s3)
  PANIC (pid 3427): assert failed: rec->value_valid
[2020/04/10 08:00:38.109541,  0] ../../lib/util/fault.c:265(log_stack_trace)
  BACKTRACE: 37 stack frames:
   #0 /usr/lib/samba/amd64/libsamba-util.so.0.0.1'log_stack_trace+0x26 [0xfffffd7fee51de66]
   #1 /usr/lib/samba/amd64/libsmbconf.so.0'smb_panic_s3+0x26 [0xfffffd7fedf5a596]
   #2 /usr/lib/samba/amd64/libsamba-util.so.0.0.1'smb_panic+0x1f [0xfffffd7fee51df3f]
   #3 /usr/lib/samba/private/amd64/libdbwrap-samba4.so'dbwrap_record_get_value+0x2a [0xfffffd7feccb627a]
   #4 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'get_share_mode_lock+0x109 [0xfffffd7fee7195c9]
   #5 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'smbd_contend_level2_oplocks_begin+0xa1 [0xfffffd7fee7f7761]
   #6 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'brl_lock+0x635 [0xfffffd7fee710f45]
   #7 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'do_lock_fn+0xa4 [0xfffffd7fee70d534]
   #8 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'share_mode_do_locked_fn+0x86 [0xfffffd7fee7174b6]
   #9 /usr/lib/samba/amd64/libsmbconf.so.0'dbwrap_watched_do_locked_fn+0xfa [0xfffffd7fedf622ca]
   #10 /usr/lib/samba/private/amd64/libdbwrap-samba4.so'db_tdb_do_locked+0x12f [0xfffffd7feccb95cf]
   #11 /usr/lib/samba/private/amd64/libdbwrap-samba4.so'dbwrap_do_locked+0x48 [0xfffffd7feccb69a8]
   #12 /usr/lib/samba/amd64/libsmbconf.so.0'dbwrap_watched_do_locked+0x6f [0xfffffd7fedf60d7f]
   #13 /usr/lib/samba/private/amd64/libdbwrap-samba4.so'dbwrap_do_locked+0x48 [0xfffffd7feccb69a8]
   #14 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'share_mode_do_locked+0xd2 [0xfffffd7fee719b82]
   #15 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'do_lock+0xf0 [0xfffffd7fee70dfe0]
   #16 /usr/lib/samba/amd64/vfs/fruit.so'fruit_create_file+0x7ba [0xfffffd7fe88855aa]
   #17 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'smbd_smb2_request_process_create+0xa07 [0xfffffd7fee7d3237]
   #18 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'smbd_smb2_request_dispatch+0xc8f [0xfffffd7fee7c985f]
   #19 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'smbd_smb2_connection_handler+0x621 [0xfffffd7fee7ca7e1]
   #20 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'tevent_common_invoke_fd_handler+0x80 [0xfffffd7fecd3a580]
   #21 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'epoll_event_loop_once+0x22c [0xfffffd7fecd4180c]
   #22 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'std_event_loop_once+0x40 [0xfffffd7fecd3f8f0]
   #23 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'_tevent_loop_once+0x95 [0xfffffd7fecd39bd5]
   #24 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'tevent_common_loop_wait+0x23 [0xfffffd7fecd39e43]
   #25 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'std_event_loop_wait+0x40 [0xfffffd7fecd3f870]
   #26 /usr/lib/samba/private/amd64/libsmbd-base-samba4.so'smbd_process+0x777 [0xfffffd7fee7b8677]
   #27 /usr/lib/samba/sbin/amd64/smbd'smbd_accept_connection+0x189 [0x40d5b9]
   #28 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'tevent_common_invoke_fd_handler+0x80 [0xfffffd7fecd3a580]
   #29 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'epoll_event_loop_once+0x22c [0xfffffd7fecd4180c]
   #30 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'std_event_loop_once+0x40 [0xfffffd7fecd3f8f0]
   #31 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'_tevent_loop_once+0x95 [0xfffffd7fecd39bd5]
   #32 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'tevent_common_loop_wait+0x23 [0xfffffd7fecd39e43]
   #33 /usr/lib/samba/private/amd64/libtevent.so.0.10.2'std_event_loop_wait+0x40 [0xfffffd7fecd3f870]
   #34 /usr/lib/samba/sbin/amd64/smbd'main+0x1a0f [0x40f9ff]
   #35 /usr/lib/samba/sbin/amd64/smbd'_start_crt+0x83 [0x408e73]
   #36 /usr/lib/samba/sbin/amd64/smbd'_start+0x18 [0x408dd8]

In this particular nested share_mode_do_locked() invocation, callback
comes through dbwrap_watched_do_locked_fn() where it fails to update
rec->value_valid which further gets assigned to static_share_mode_record
within share_mode_do_locked_fn().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14352

Signed-off-by: Anoop C S <anoopcs at redhat.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Apr 21 17:37:43 UTC 2020 on sn-devel-184

(cherry picked from commit 5651fafe9856e69c93dba3efa6253780cf3c10a1)

- - - - -
21cf1419 by Alexander Bokovoy at 2020-05-04T13:06:07+00:00
s3: pass DCE RPC handle type to create_policy_hnd

Various RPC services expect policy handles of a specific type.

s3 RPC server did not allow to create policy handles with a specific
type while actually requiring that policy handle type itself in some
places.

Make sure we are able to specify the policy on-wire handle type when
creating the policy handle. The changes follow s4 DCE RPC server
implementation.

The original logic to always set on-wire handle type to 0 can be tracked
down to commit fdeea341ed1bae670382e45eb731db1b5838ad21 when we didn't
really know about differences in on-wire handle types.

All but LSA trusted domain RPC calls do not check the on-wire handle
type in s3 RPC server.

Fixes trusted domain operations when Samba RPC client attempts to call
s3 RPC server to perform lsa_lsaRSetForestTrustInformation in FreeIPA.
This fix is a pre-requisite for FreeIPA-FreeIPA forest trust.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14359

Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>

Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Apr 28 22:55:29 UTC 2020 on sn-devel-184

(cherry picked from commit c7a4578d06427a82ead287f0c5248c1a54cc9336)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Mon May  4 13:06:07 UTC 2020 on sn-devel-184

- - - - -
6bc407b2 by Amit Kumar at 2020-05-14T07:25:44+00:00
Add a test for smbclient -l basename

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14345

Signed-off-by: Amit Kumar <amitkuma at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 2a7fc40fb3f3ca994cecad3e2957433d7a411208)

- - - - -
f6468de0 by Amit Kumar at 2020-05-14T07:25:44+00:00
lib:util: Fix smbclient -l basename dir

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14345

Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Amit Kumar <amitkuma at redhat.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit c83ce5f4f99aef94530411ec82cc03e9935b352d)

- - - - -
2b8faefa by Gary Lockyer at 2020-05-14T07:25:44+00:00
ldb tests: Confirm lmdb free list handling

Add cmocka tests to confirm lmdb's handling of the free list.

As a result of lmdb's MVCC (Multiversion Concurrency Control) long
running read transactions or stale readers (read transactions where the
process exited without ending the transaction) can cause the database to
run out of space.

Items in the free list are only reused when they would not be visible in
a read transaction.  So long running read transactions prevent entries
in the free list being reused, and the database can run out of space.

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit fc13304d1575ad6bc6e04cdb3eedf46d3c3678c7)

- - - - -
d294eb47 by Gary Lockyer at 2020-05-14T07:25:44+00:00
lib ldb: lmdb clear stale readers on write txn start

In use process failures and Bind9 shut downs leave stale entries in the
lmdb reader table.  This can result in lmdb filling it's database file, as
the free list can not be reclaimed due to the stale reader.

In this fix we call mdb_reader_check at the start of each transaction,
to free any stale readers.  As the default maximum number of readers is
127, this should not impact on performance to any great extent.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14330

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Mar 31 01:26:07 UTC 2020 on sn-devel-184

(cherry picked from commit 89041a6d18a1d091ea713e6986cac5ca66c2b481)

- - - - -
39742f3f by Gary Lockyer at 2020-05-14T07:25:44+00:00
lib ldb: lmdb init var before calling mdb_reader_check

Initilalise "stale" to zero before passing a pointer to it to
mdb_reader_check.

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Apr  7 12:29:00 UTC 2020 on sn-devel-184

(cherry picked from commit d1f4002b914efb31aa34a59e7c93d80f3174727c)

- - - - -
f9f03c0a by Gary Lockyer at 2020-05-14T07:25:44+00:00
ldb: Bump version to 2.1.3

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14330

Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>

- - - - -
3cedb9c9 by Ralph Boehme at 2020-05-14T07:25:44+00:00
CI: add two tests for shadow_copy2 VFS module

Note that the test "fetch a previous version of a regular file via non-canonical
basepath" doesn't fail by "luck" because it runs into the "creating file"
optimisation in unix_convert().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14350

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 6557777c86d72a185b3fe4061a8b5791fd748924)

- - - - -
6bf40566 by Ralph Boehme at 2020-05-14T07:25:44+00:00
smbd: make get_real_filename_full_scan() public

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14350

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit aa5f19ddf1dec1ac4386441929bca94727f30ee6)
[Conflicts: source3/smbd/proto.h: more functions are missing in 4.12]

- - - - -
105ed96a by Ralph Boehme at 2020-05-14T07:25:44+00:00
s3/lib: add is_gmt_token()

This is not present in master as master has been converted to use struct
smb_filename.twrp instead of @GMT string tokens as part of the path.

Signed-off-by: Ralph Boehme <slow at samba.org>

- - - - -
392863d3 by Ralph Boehme at 2020-05-14T07:25:44+00:00
vfs_shadow_copy2: implement case canonicalisation in shadow_copy2_get_real_filename()

unix_convert() can't do this for us in snapdirseverywhere mode, so we do it
ourselves.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14350

Signed-off-by: Ralph Boehme <slow at samba.org>
(Similar to commit a3d1ac2a597e2441d6855db566306298ae5db99b)

- - - - -
b5087430 by Stefan Metzmacher at 2020-05-14T07:25:44+00:00
s4:torture: add tests to test the SMB2 read/write offset/length boundaries

[MS-FSA] 2.1.5.2 Server Requests a Read and
2.1.5.3 Server Requests a Write define some contraints.

These tests demonstrate that ((int64_t)offset) < 0) is
not allowed for both reads and writes for SMB.
Also the special case for writes at offset -2 is not possible
nor the append mode with offset < 0.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 54de0e4a3e46a53db5262963e64b109c567554a1)

- - - - -
b171d816 by Stefan Metzmacher at 2020-05-14T07:25:44+00:00
lib: util: Add sys_valid_io_range()

This implements the contraints of
[MS-FSA] 2.1.5.2 Server Requests a Read.

The special handling of [MS-FSA] 2.1.5.3 Server Requests a Write
with offset < 0, should be handled by higher layers!
Which means the check can also be used for writes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e02cbd5c3ea6903d2b7b43c3193b8662d029ecdd)

- - - - -
442fa5a9 by Jeremy Allison at 2020-05-14T07:25:44+00:00
lib: util: Add sys_pread_full().

A pread wrapper that will deal with EINTR and never return a short
read unless pread returns zero meaning EOF.

Thread-safe so may be used as a replacement for pread
inside pread_do() thread functions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Jeremy Allison <jra at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 36af33bf9fcdf93fce5ef1520fcb7ddbb07b355e)

- - - - -
6c51b562 by Jeremy Allison at 2020-05-14T07:25:44+00:00
lib: util: Add sys_pwrite_full().

A pwrite wrapper that will deal with EINTR and never return a short
write unless the file system returns an error. Copes with the
unspecified edge condition of pwrite returning zero by changing
the return to -1, errno = ENOSPC.

Thread-safe so may be used as a replacement for pwrite
inside pwrite_do() thread functions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>

Signed-off-by: Jeremy Allison <jra at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 3ba7a89cea85d134eacf1e624e011fe6f66146fc)

- - - - -
f3114c72 by Stefan Metzmacher at 2020-05-14T07:25:44+00:00
smb2_server: fix smbd_smb2_request_verify_sizes() for SMB2_OP_WRITE

Writes with a length of 0 are allowed.

The readfile related check we had before was not really useful
as min_dyn_len can only every be 0 or 1 (and for SMB2_OP_WRITE it's
always 1). So we checked
  if (unread_bytes > 0) {
     if (unread_bytes < 1) {
       return error;
     }
  }

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a6eee38ba2f89280676f0a32d26745afd95b551c)

- - - - -
9b0aba40 by Stefan Metzmacher at 2020-05-14T07:25:44+00:00
s3:smbd: handle 0 length writes as no-op.

They should never touch the SMB_VFS layer
and they never trigger an DISK_FULL error.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit ba68f21286c2c2f1fef8bf8c9cd500a622077887)

- - - - -
3197bd27 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
s3:smbd: add vfs_valid_{pread,pwrite}_range() helper functions

These implement the SMB2 visible behavior of the [MS-FSA]
2.1.5.2 Server Requests a Read and 2.1.5.3 Server Requests a Write
constraints. Note that offset < 0 is not allowed over SMB.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 70fa4b884d2c22669984c25fe757c2fc528f7331)

- - - - -
0d29e442 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
smbd: add vfs_valid_{pread,pwrite}_range() checks where needed

I checked all callers of SMB_VFS_PWRITE[_SEND](),
all callers of SMB_VFS_PREAD[_SEND]() and also
places where we append to the file and allocate
more space.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 6fa753a1a67d563cd22d0cad73ae15ee267512fc)

- - - - -
f6baeeec by Jeremy Allison at 2020-05-14T07:25:45+00:00
s3: VFS: aio_fork: Change sys_pread() -> sys_pread_full() to protect against short reads.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 60f590000d545292760018694deb34a7cc4ded6d)

- - - - -
b60d60bd by Jeremy Allison at 2020-05-14T07:25:45+00:00
s3: VFS: aio_fork: Change sys_pwrite() -> sys_pwrite_full() to protect against short writes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 20ee8b03bbe5bef4ea968170808e3c4c9d22318e)

- - - - -
aff82c00 by Jeremy Allison at 2020-05-14T07:25:45+00:00
s3: VFS: default. Change sys_pread() -> sys_pread_full() in SMB_VFS_PREAD() to protect against short reads.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 7daa79908b6a0362db30276b3b6f0db176b6ae3c)

- - - - -
838a52fa by Jeremy Allison at 2020-05-14T07:25:45+00:00
s3: VFS: default. Change sys_pwrite() -> sys_pwrite_full() in SMB_VFS_PWRITE() to protect against short writes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit ca8c3619f657dc38db7cb248f1a657f5bfe20757)

- - - - -
00e0cf42 by Jeremy Allison at 2020-05-14T07:25:45+00:00
s3: VFS: default. Change pread() -> sys_pread_full() in SMB_VFS_PREAD_SEND() to protect against short reads.

Note that as sys_pread_full() deals with the EINTR case
we can remove the do {} while loop here.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit bf2e546be38abfc77cf40e0b0fef42937696dcde)

- - - - -
6b347a40 by Jeremy Allison at 2020-05-14T07:25:45+00:00
s3: VFS: default. Change pwrite() -> sys_pwrite_full() in SMB_VFS_PWRITE_SEND() to protect against short writes.

Note that as sys_pwrite_full() deals with the EINTR case
we can remove the do {} while loop here.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 801c06f4c9400343b72cad998086288931f7c6b3)

- - - - -
7130e37d by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: fix the prefix for parametric options from 'vfs_io_uring' to 'io_uring'

This is what the manpage describes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit fadc7043a71b409ad60a1a4076a7f88f379d2056)

- - - - -
5acc7ee7 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: replace vfs_io_uring_request->state with _tevent_req_data()

We don't need a direct pointer to the state...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f78e98e0226fe70899b613e0aa5c804d8458bdb0)

- - - - -
a15861f6 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: introduce vfs_io_uring_request->completion_fn()

We'll need to add more logic than a simple _tevent_req_done()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 456533c9cfc332d3a83ea03a6f969b0d64ccbeb6)

- - - - -
3dc60c54 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: move error handling out of vfs_io_uring_pread_recv()

We should do that as early as possible and that's in
vfs_io_uring_pread_completion().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a1487067a6c9df3136fd5d4d16dda4c0f63cb662)

- - - - -
d9e2acf9 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: move error handling out of vfs_io_uring_pwrite_recv()

We should do that as early as possible and that's in
vfs_io_uring_pwrite_completion().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a51969b8c7e6e49c0d3b776d897aea4f309f8678)

- - - - -
2588cf0d by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: move error handling out of vfs_io_uring_fsync_recv()

We should do that as early as possible and that's in
vfs_io_uring_fsync_completion().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 40be2232a44a86cb5dfdda330801e615826408ba)

- - - - -
49847bad by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: make use of sys_valid_io_range() in vfs_io_uring_pread_send()

This makes the follow up commits easier as we don't have to care
about overflows.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 5005ae3fb24018e370ae60cc23c5e9cfe8357bc9)

- - - - -
efdcf63d by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: make use of sys_valid_io_range() in vfs_io_uring_pwrite_send()

This makes the follow up commits easier as we don't have to care
about overflows.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 388bc2e6e44470ea4043ecb22750e241145355d2)

- - - - -
2ab5eaeb by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: avoid stack recursion of vfs_io_uring_queue_run()

Instead we remember if recursion was triggered and jump to
the start of the function again from the end.

This should make it safe to be called from the completion_fn().

This is hideously complex stuff, so document the hell
out of it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f96f45c9ba8d4c8fa4026c22ac4201d66335e5c4)

- - - - -
adac9ae7 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: split out a vfs_io_uring_request_submit() function

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit ab89b8e75354c5fd571985e924e1ccbec99de990)

- - - - -
bd41e956 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: split out a vfs_io_uring_pread_submit() function

This can be reused when we add handling for short reads.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 9de4f8be1dc8b4274891016191a5ca1f724e08b3)

- - - - -
0c3523d8 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: split out a vfs_io_uring_pwrite_submit() function

This can be reused when we add handling for short writes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 2f6abb00b0daeb4de9ad0aea1b5c56559391aef9)

- - - - -
dadb1698 by Stefan Metzmacher at 2020-05-14T07:25:45+00:00
vfs_io_uring: protect vfs_io_uring_pread_completion() against invalid results

We should never get back more than we asked for.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit f085dbf8b2bed2695e0065a5bf4523232cb532c7)

- - - - -
9b1281a7 by Stefan Metzmacher at 2020-05-14T07:25:46+00:00
vfs_io_uring: protect vfs_io_uring_pwrite_completion() against invalid results

We should never get more acked than we asked for.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 283f96872237517f0b3bc4e63e8d3c482ecd5fa4)

- - - - -
8ed9668c by Stefan Metzmacher at 2020-05-14T07:25:46+00:00
vfs_io_uring: protect vfs_io_uring_fsync_completion() against invalid results

We should never get back a value > 0.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit c57a731c4ce395fd710f0b066cd6f1b72223ae07)

- - - - -
0baa1036 by Stefan Metzmacher at 2020-05-14T07:25:46+00:00
vfs_io_uring: retry after a short read in vfs_io_uring_pread_completion()

We need to be prepared for short reads from the kernel depending on
the state of the page cache. Windows and Mac clients don't
expect short reads for files, so we need to retry ourself.

For the future we may be able to play with some io_uring flags
in order to avoid the retries in userspace, but for now we just fix
the data corruption bug...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 42e77c4cf245d8420641d216d1abefe81f7a3b79)

- - - - -
43bc61b1 by Stefan Metzmacher at 2020-05-14T07:25:46+00:00
vfs_io_uring: retry after a short writes in vfs_io_uring_pwrite_completion()

We need to be prepared for short writes from the kernel depending on
the state of the page cache.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361

Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0f01b10679c06dbd28da72ca6c6280ddf81672ba)

- - - - -
20d61b9c by Jeremy Allison at 2020-05-14T07:25:46+00:00
s3: RPC: Don't crash on trying to talloc_free(-1) if smb_iconv_open_ex() fails.

Assign output from smb_iconv_open_ex() to a temporary
handle. Only assign to mds_ctx->[handles] if correctly
opened otherwise we end up trying to call smb_iconv_close(-1).

MacOSX Catalina triggers this.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14372

Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu May  7 18:03:16 UTC 2020 on sn-devel-184

(cherry picked from commit 14df5d20a8ec00bf8627732284f427f6463177e3)

- - - - -
31f91b59 by Ralph Boehme at 2020-05-14T07:25:46+00:00
selftest: split a knownfail entry

Lists the two existing subtests indidivually in preparation of adding a third
that is going to pass against ad_dc_ntvfs.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14375

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit c83ef1d90573fdc9db3d0acbc1335a5b2325f5c5)

- - - - -
5c76c6f2 by Ralph Boehme at 2020-05-14T07:25:46+00:00
s4/torture: reproducer for bug 14375

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14375

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 2ace545a6378970ca3d8a1a30d4c7da66aaa9721)

- - - - -
2b1525ca by Ralph Boehme at 2020-05-14T07:25:46+00:00
smbd: make conflicting_access available to other functions

The next commit adds more users of conflicting_access.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14375

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 3f37008edaa31c3bc8c9b291dc1af00550ce4f9a)

- - - - -
6b650659 by Ralph Boehme at 2020-05-14T07:25:46+00:00
smbd: fix for bug 14375

... with many thanks to an enthusiastic Samba user from Poland for helping to
track this down.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14375

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 59f55aa083ce2d87ad6f43dc941f725c79c8ec59)

- - - - -
136a83c5 by Ralph Boehme at 2020-05-14T07:25:46+00:00
s3/locking: prime flags in a fresh sharemode data object

This is needed to prime the logic in share_mode_flags_restrict() for the
following scenario:

* (First) CREATE on a file with FILE_SHARE_NONE and
  access_mask=FILE_READ_ATTRIBUTES (a stat-open).

* share_mode_flags_restrict() gets called with

    share_mode_flags_restrict(flags=0,
                              access_mask=0x80,
                              share_mode=0,
                              lease_type=UINT32_MAX)

  and returns a value where none of the FILE_SHARE_* flags is set.

As a result share_mode_data.flags doesn't reflect the share-modes in effect.

This doesn't change any current visible behaviour outside of open_mode_check(),
but it avoids calling share_mode_forall_entries() in open_mode_check_fn()..

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14375

Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>

Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue May 12 19:52:48 UTC 2020 on sn-devel-184

(cherry picked from commit bf04ca5658dcf7d7cdf5f718eec0e5e21f9a0d64)

- - - - -
848a1ad7 by Volker Lendecke at 2020-05-14T07:25:46+00:00
libsmb: Fix indentation in cli_RNetShareEnum()

Also remove a level of indentation with a "goto done;"

Best review with "git show -b", almost no code change

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14366
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit ae91d67a247424d4ddc89230f52365558d6ff402)

- - - - -
8dc3d1e4 by Volker Lendecke at 2020-05-14T07:25:46+00:00
libsmb: Protect cli_RNetShareEnum() against rprcnt<6

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14366
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 4a9fe4efefa67d6f24efcbe29722a43fc4859fdc)

- - - - -
054e7de5 by Volker Lendecke at 2020-05-14T07:25:46+00:00
libsmb: Protect cli_RNetServerEnum against rprcnt<6

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14366
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit ce8b70df7bd63e96723b8e8dc864f1690f5fad7b)

- - - - -
8d8549f5 by Volker Lendecke at 2020-05-14T07:25:46+00:00
libsmb: Protect cli_oem_change_password() from rprcnt<2

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14366
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue May  5 17:12:04 UTC 2020 on sn-devel-184

(cherry picked from commit f80c97cb8da64f3cd9904e2e1fd43c29b691166d)

- - - - -
f1c602ea by Andreas Schneider at 2020-05-14T09:33:57+00:00
docs-xml: Fix usernames in pam_winbind manpages

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14358

Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>

Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Apr 29 09:44:55 UTC 2020 on sn-devel-184

(cherry picked from commit 3abd92d7824e803f1ff53425088ebee30b58894b)

Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-12-test): Thu May 14 09:33:57 UTC 2020 on sn-devel-184

- - - - -
53d94505 by Karolin Seeger at 2020-05-19T12:04:50+02:00
WHATSNEW: Add release notes for Samba 4.12.3.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
659c8c3d by Karolin Seeger at 2020-05-19T12:05:25+02:00
VERSION: Disable GIT_SNAPSHOT for the 4.12.3 release.

Signed-off-by: Karolin Seeger <kseeger at samba.org>

- - - - -
df7c3d5b by Mathieu Parent at 2020-06-21T08:04:25+02:00
New upstream version 4.12.3+dfsg
- - - - -


30 changed files:

- − .bzrignore
- − .gitignore
- .gitlab-ci.yml
- Makefile
- + SECURITY.md
- VERSION
- WHATSNEW.txt
- auth/common_auth.h
- auth/credentials/credentials.c
- auth/credentials/credentials_ntlm.c
- auth/credentials/pycredentials.c
- auth/credentials/pycredentials.h
- auth/gensec/gensec_util.c
- auth/gensec/schannel.c
- auth/gensec/spnego.c
- auth/ntlmssp/ntlmssp_client.c
- auth/ntlmssp/ntlmssp_private.h
- auth/ntlmssp/ntlmssp_server.c
- auth/ntlmssp/ntlmssp_sign.c
- bootstrap/.gitlab-ci.yml
- bootstrap/READMD.md
- bootstrap/config.py
- bootstrap/generated-dists/Vagrantfile
- bootstrap/generated-dists/centos6/bootstrap.sh
- bootstrap/generated-dists/centos6/packages.yml
- bootstrap/generated-dists/centos7/bootstrap.sh
- bootstrap/generated-dists/centos7/packages.yml
- + bootstrap/generated-dists/centos8/Dockerfile
- + bootstrap/generated-dists/centos8/bootstrap.sh
- bootstrap/generated-dists/fedora28/locale.sh → bootstrap/generated-dists/centos8/locale.sh


The diff was not included because it is too large.


View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/1fea3f8c98e228fd8ff00783ec8799b34853e5ab...df7c3d5b0045d2a1a73dda7546142fcd0b517b19

-- 
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/1fea3f8c98e228fd8ff00783ec8799b34853e5ab...df7c3d5b0045d2a1a73dda7546142fcd0b517b19
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20200625/3daa5d30/attachment-0001.html>


More information about the Pkg-samba-maint mailing list