[Pkg-samba-maint] [Git][samba-team/samba][master] 5956 commits: VERSION: Bump version to 4.14.0pre1...
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Thu Mar 31 14:36:55 BST 2022
Michael Tokarev pushed to branch master at Debian Samba Team / samba
Commits:
7b99d0bc by Karolin Seeger at 2020-07-09T07:19:38+00:00
VERSION: Bump version to 4.14.0pre1...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
92b1078e by Karolin Seeger at 2020-07-09T08:43:25+00:00
WHATSNEW: Start release notes for Samba 4.14.0pre1.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Thu Jul 9 08:43:25 UTC 2020 on sn-devel-184
- - - - -
60b09289 by Volker Lendecke at 2020-07-09T20:16:40+00:00
libcli/ldap: Test decoding an exop response
ldap-starttls-response.dat is a reply to a starttls extended
operation. Right now ldap_decode() does not handle this correctly.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0bb1488d by Volker Lendecke at 2020-07-09T20:16:40+00:00
libcli/ldap: Fix decoding struct ldap_ExtendedResponse
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
89d21f50 by Volker Lendecke at 2020-07-09T20:16:40+00:00
torture3: Silence two signed/unsigned warnings
A longer fix would be to change the callbacks to use "int" instead of
"unsigned". Arguably that might be cleaner, but as this is torture
code I opted for the minimum necessary change.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
10ea0e0b by Volker Lendecke at 2020-07-09T20:16:40+00:00
torture3: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
04eafce6 by Volker Lendecke at 2020-07-09T20:16:40+00:00
winbind: Add test for lookuprids cache problem
When reading entries from gencache, wb_cache_rids_to_names() can
return STATUS_SOME_UNMAPPED, which _wbint_LookupRids() does not handle
correctly.
This test enforces this situation by filling gencache with one wbinfo
-R and then erasing the winbindd_cache.tdb. This forces winbind to
enter the domain helper process, which will then read from gencache
filled with the previous wbinfo -R.
Without having the entries cached this does not happen because
wb_cache_rids_to_names() via the do_query: path calls deep inside
calls dcerpc_lsa_lookup_sids_noalloc(), which hides the
STATUS_SOME_UNMAPPED that came in as lsa_LookupSids result value.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
cd4122d9 by Volker Lendecke at 2020-07-09T21:40:52+00:00
winbind: Fix lookuprids cache problem
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Jul 9 21:40:52 UTC 2020 on sn-devel-184
- - - - -
4c74db69 by Andreas Schneider at 2020-07-10T09:40:37+00:00
docs: Fix documentation for require_membership_of of pam_winbind
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14358
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jul 10 09:40:37 UTC 2020 on sn-devel-184
- - - - -
10f61cd3 by Isaac Boukris at 2020-07-13T10:41:37+00:00
selftest: add tests for net-ads over TLS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
9ec83cae by Isaac Boukris at 2020-07-13T10:41:37+00:00
Decouple ldap-ssl-ads from ldap-ssl option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
b3af1d33 by Isaac Boukris at 2020-07-13T10:41:38+00:00
Fix ads_set_sasl_wrap_flags to only change sasl flags
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
39b293c2 by Isaac Boukris at 2020-07-13T10:41:38+00:00
ads: set sasl-wrapping to plain when over TLS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
965d1888 by Isaac Boukris at 2020-07-13T12:06:06+00:00
net: ignore possible SIGPIPE upon ldap_unbind when over TLS
>From local tests with strace:
socket(AF_UNIX, SOCK_STREAM, 0) = 12
write(2, "Connecting to 10.53.57.21 at por"..., 38) = 38
...
write(2, "ads_domain_func_level: 3\n", 25) = 25
write(12, "\27\3\3\0\37\0\0\0\0\0\0\0\16nl[\374\375i\325\334\25\227kxG@\326\311R\225x"..., 36) = 36
write(12, "\25\3\3\0\32\0\0\0\0\0\0\0\17Hh\304\254\244\17\342<\334\210L&\20_\177\307\232P", 31) = -1 EPIPE (Broken pipe)
--- SIGPIPE {si_signo=SIGPIPE, si_code=SI_USER, si_pid=12089, si_uid=1000} ---
+++ killed by SIGPIPE +++
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14439
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Mon Jul 13 12:06:07 UTC 2020 on sn-devel-184
- - - - -
aa4d1357 by Jeremy Allison at 2020-07-14T07:42:54+00:00
s3: lib: Fix missing TALLOC_FREE in error code path.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14441
Reported by Alexander Pyhalov <apyhalov at gmail.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Jul 14 07:42:54 UTC 2020 on sn-devel-184
- - - - -
3fa9c3d5 by Stefan Metzmacher at 2020-07-14T13:38:35+00:00
s4:torture/smb2: split replay_smb3_specification into durable handle and multichannel
It's better to have durable handles and multichannel tested separate:
1. we test both cases in the server
2. it makes it easier to deal with knownfail entries if only one
of these features is active on the server.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
8fbb7ad2 by Stefan Metzmacher at 2020-07-14T13:38:35+00:00
s4:torture/smb2: make smb2.durable-v2-delay tests more robust
We should not crash when the test fails, so we use a 2nd independent
connection to unlink the file at the end.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
e5a8b16a by Stefan Metzmacher at 2020-07-14T13:38:35+00:00
s3:smbd: move exit_firsttime checking to the start of exit_server_common()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14433
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
d23e2678 by Stefan Metzmacher at 2020-07-14T14:59:18+00:00
s3:smbd: stop accepting multichannel connections early in exit_server_common()
This is just a step in the correct direction, but there's still a
possible race...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14433
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Tue Jul 14 14:59:19 UTC 2020 on sn-devel-184
- - - - -
2162d503 by Christof Schmitt at 2020-07-16T01:29:45+00:00
smbd: Remove code inside #ifdef NEXT2
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
268994f5 by Christof Schmitt at 2020-07-16T01:29:45+00:00
s4:client: Remove code inside #ifdef NEXT2
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
eecd65d4 by Christof Schmitt at 2020-07-16T01:29:45+00:00
lib/util: Remove code inside #ifdef NEXT2
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
ee6b31ad by Christof Schmitt at 2020-07-16T01:29:45+00:00
lib/util: Remove code inside #ifdef HAVE_BROKEN_READDIR_NAME
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
6fc0a486 by Christof Schmitt at 2020-07-16T01:29:45+00:00
smbd: Remove code inside #ifdef HAVE_BROKEN_READDIR_NAME
This is dead code, the define is never set.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
cfd34eef by Martin Schwenke at 2020-07-16T01:29:45+00:00
tdb: Fix some signed/unsigned comparisons
[207/389] Compiling lib/tdb/tools/tdbdump.c
../../../lib/tdb/tools/tdbrestore.c: In function ‘read_linehead’:
../../../lib/tdb/tools/tdbrestore.c:43:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare]
43 | for (i=0; i<sizeof(prefix); i++) {
| ^
../../../lib/tdb/tools/tdbrestore.c: In function ‘read_data’:
../../../lib/tdb/tools/tdbrestore.c:95:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’} [-Wsign-compare]
95 | for (i=0; i<size; i++) {
| ^
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
d8f1d267 by Martin Schwenke at 2020-07-16T04:00:52+00:00
util: Fix a signed/unsigned comparison
[107/390] Compiling lib/util/time.c
../../../lib/util/time.c: In function ‘timespec_string_buf’:
../../../lib/util/time.c:416:10: warning: comparison of integer expressions of different signedness: ‘size_t’ {aka ‘long unsigned int’} and ‘int’ [-Wsign-compare]
416 | if (len == -1) {
| ^~
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Jul 16 04:00:52 UTC 2020 on sn-devel-184
- - - - -
bc174243 by Martin Schwenke at 2020-07-16T05:28:42+00:00
ctdb-tools: Drop undocumented ONNODE_SSH_OPTS variable
Options can be set in ONNODE_SSH, so this variable is unnecessary.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
00eb88b2 by Martin Schwenke at 2020-07-16T05:28:42+00:00
ctdb-tools: Whitespace fixups
Drop some unnecessary whitespace and re-indent push().
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
5f217d60 by Martin Schwenke at 2020-07-16T05:28:42+00:00
ctdb-tools: Allow onnode -P to respect ONNODE_SSH
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0e287127 by Martin Schwenke at 2020-07-16T06:51:47+00:00
ctdb-tools: Improve onnode's ShellCheck credibility
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Thu Jul 16 06:51:47 UTC 2020 on sn-devel-184
- - - - -
527d7df0 by Jeremy Allison at 2020-07-16T06:52:36+00:00
s3: lib: Cleanup - all the ipstr_XXX() functions are only used in namecache.c.
Move them there. Will remove from the global namespace next.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
2371c45f by Jeremy Allison at 2020-07-16T06:52:36+00:00
s3: lib: Cleanup - nothing uses ipstr_list_free(). Remove it.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
c7e8c3d4 by Jeremy Allison at 2020-07-16T06:52:36+00:00
s3: lib: Cleanup - make ipstr_list_make() and ipstr_list_parse() private to the only user.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
be410351 by Jeremy Allison at 2020-07-16T06:52:36+00:00
s3: libsmb: Cleanup modern coding standards. 'True/False' -> 'true/false'.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
67ea64d2 by Jeremy Allison at 2020-07-16T06:52:36+00:00
s3: libsmb: Cleanup - move talloc frame out of inner scope.
Make it available thoughout the function. Prepare to use
talloc for namecache_key().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
06f0a7e9 by Jeremy Allison at 2020-07-16T06:52:36+00:00
s3: libsmb: Cleanup - namecache_store() initialize stack variables.
Preparing for common out: exit.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
df0e54be by Jeremy Allison at 2020-07-16T06:52:36+00:00
s3: libsmb: Cleanup - namecache_store() - use common out.
Prepare for moving malloc values to talloc.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
56d5cbe8 by Jeremy Allison at 2020-07-16T06:52:36+00:00
s3: libsmb: Cleanup - make namecache_key() use talloc.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
bd205f2a by Jeremy Allison at 2020-07-16T06:52:37+00:00
s3: libsmb: Cleanup - make namecache_status_record_key() use talloc.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
1d712add by Jeremy Allison at 2020-07-16T06:52:37+00:00
s3: libsmb: Cleanup - Move DEBUG -> DBG_XXX() macros.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
8ea51f41 by Jeremy Allison at 2020-07-16T08:16:31+00:00
s3: libsmb: Cleanup - Make ipstr_list_make() talloc rather than malloc.
Remove the excessive and unneeded ipstr_list_add() function,
fold it into ipstr_list_make() to make it much clearer what
we're doing.
The only use of MALLOC now is in ipstr_list_parse() returned
by namecache_fetch(). We need to fix the caller before
we can move that to talloc. As that is used inside internal_resolve_name()
which is designed to return a MALLOC'ed ip list from all
name resolution mechanisms leave that fix for another day.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Jul 16 08:16:31 UTC 2020 on sn-devel-184
- - - - -
d67e9149 by Isaac Boukris at 2020-07-16T10:41:40+00:00
s3-libads: Pass timeout to open_socket_out in ms
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13124
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Jul 16 10:41:40 UTC 2020 on sn-devel-184
- - - - -
57badc46 by Jeremy Allison at 2020-07-17T05:54:29+00:00
s3: libsmb: Namecache. Fix bug missed by me in previous cleanup.
In ipstr_list_make() we need to look at the correct array entry
to determine the ss_family for the sockaddr_storage.
Otherwise we are always storing the type of the first entry.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Jul 17 05:54:31 UTC 2020 on sn-devel-184
- - - - -
5e4e18d0 by Douglas Bagnall at 2020-07-17T05:55:49+00:00
s4/torture/smb2/oplock: fix compilation by initialising variable
With gcc (Ubuntu 9.3.0-10ubuntu2) 9.3.0:
../../source4/torture/smb2/oplock.c:2709:2: error: variable 'h2' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
torture_assert_ntstatus_ok_goto(tctx, status, ret, done, "Incorrect status");
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../lib/torture/torture.h:734:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto'
torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../lib/torture/torture.h:302:6: note: expanded from macro 'torture_assert_ntstatus_equal_goto'
if (!NT_STATUS_EQUAL(__got, __expected)) { \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../source4/torture/smb2/oplock.c:2730:25: note: uninitialized use occurs here
smb2_util_close(tree1, h2);
^~
../../source4/torture/smb2/oplock.c:2709:2: note: remove the 'if' if its condition is always false
torture_assert_ntstatus_ok_goto(tctx, status, ret, done, "Incorrect status");
^
../../lib/torture/torture.h:734:3: note: expanded from macro 'torture_assert_ntstatus_ok_goto'
torture_assert_ntstatus_equal_goto(torture_ctx,expr,NT_STATUS_OK,ret,label,cmt)
^
../../lib/torture/torture.h:302:2: note: expanded from macro 'torture_assert_ntstatus_equal_goto'
if (!NT_STATUS_EQUAL(__got, __expected)) { \
^
../../source4/torture/smb2/oplock.c:2652:2: note: variable 'h2' is declared here
struct smb2_handle h, h1, h2;
^
1 error generated.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8e1d72b7 by Douglas Bagnall at 2020-07-17T07:16:31+00:00
s4/torture: fix compilation in smb2/multichannel
GCC 9.3.0 doesn't like a true array being compared to NULL.
[3628/3972] Compiling source4/torture/smb2/multichannel.c
../../source4/torture/smb2/multichannel.c:1077:7: error: comparison of array 'trees2' equal to a null pointer is always false [-Werror,-Wtautological-pointer-compare]
if (trees2 == NULL || trees2[i] == NULL) {
^~~~~~ ~~~~
../../source4/torture/smb2/multichannel.c:1284:7: error: comparison of array 'trees2' equal to a null pointer is always false [-Werror,-Wtautological-pointer-compare]
if (trees2 == NULL || trees2[i] == NULL) {
^~~~~~ ~~~~
../../source4/torture/smb2/multichannel.c:2337:7: error: comparison of array 'trees2' equal to a null pointer is always false [-Werror,-Wtautological-pointer-compare]
if (trees2 == NULL || trees2[i] == NULL) {
^~~~~~ ~~~~
3 errors generated.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Jul 17 07:16:31 UTC 2020 on sn-devel-184
- - - - -
5a078bc9 by Douglas Bagnall at 2020-07-17T07:17:39+00:00
dbcheck: omit unused argument in err_wrong_default_sd
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
65b49259 by Douglas Bagnall at 2020-07-17T07:17:39+00:00
python/ms_forest_updates_markdown: avoid implicit global variable
out_dict would have been shared across all calls, aggregating values as it went.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
e15ee51e by Douglas Bagnall at 2020-07-17T07:17:40+00:00
s4/scripting/samba_dnsupdate: remove unreachable code
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
78383dd8 by Douglas Bagnall at 2020-07-17T07:17:40+00:00
samba-tool ntacl: remove unused imports and variables
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
820b3d82 by Douglas Bagnall at 2020-07-17T07:17:40+00:00
python/upgradehelpers: remove unused imports and variables
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
98f6ece5 by Douglas Bagnall at 2020-07-17T07:17:40+00:00
python/join: use the provided krbtgt link in cleanup_old_accounts
Before we were putting it in an otherwise unused variable, and
deleting the previous krbtgt_dn, if any.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
914226bf by Douglas Bagnall at 2020-07-17T07:17:40+00:00
python: wrap 'import dckeytab' in an explanatory function
The samba.dckeytab module has magic effects on samba.net, but never
appears to be used. That can be confusing, both to people and to
linters. Here we wrap that confusion up into a well-commented
function, so we never again have to wonder why the unused import is
there.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
d05fc858 by Douglas Bagnall at 2020-07-17T08:39:37+00:00
python: samba.compat rejects Python 2
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jul 17 08:39:38 UTC 2020 on sn-devel-184
- - - - -
71b7140f by Andreas Schneider at 2020-07-17T13:07:44+00:00
docs: Fix documentation for require_membership_of of pam_winbind.conf
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14358
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jul 17 13:07:44 UTC 2020 on sn-devel-184
- - - - -
fd364b01 by Christof Schmitt at 2020-07-17T17:12:33+00:00
pam_winbind: Fix CID 242274 Time of check time of use
Always issue the mkdir call to avoid the TOCTOU issue. Only if there is
already an object with the requested name, check whether it is a
directory.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
0b1bec43 by Christof Schmitt at 2020-07-17T17:12:34+00:00
test_vfs_posixacl: Add unit test for Linux POSIX ACL mapping
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
63b9b2a1 by Christof Schmitt at 2020-07-17T18:33:41+00:00
vfs_posixacl: Remove unnecessary call to acl_set_permset
After the initial acl_get_permset, the permset is alreadying pointing to
the ACL entry and all changes are done on the ACL entry. There is no
need to overwrite the permissions in the ACL entry again with the same
value in the acl_set_permset call.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Fri Jul 17 18:33:41 UTC 2020 on sn-devel-184
- - - - -
4523a0b4 by Ralph Boehme at 2020-07-18T05:58:40+00:00
smbd: ensure we do a base open for internal stream deletes
Otherwise we're not opening the basefile so fsp->base_fsp remains NULL for fsp
handles on streams. As there are some places that use the check (fsp->base_fsp
!= NULL) to check for stream handles, eg streams_xattr_fstat(), we must ensure
it is set otherwise we open a pretty big window for undefined behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
916ebade by Ralph Boehme at 2020-07-18T05:58:40+00:00
smbd: remove unused NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE
The previous commit removed the only consumer of the flags.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6ab75d2c by Ralph Boehme at 2020-07-18T05:58:40+00:00
smbd: use a helper variable in open_file()
No change in behaviour, this just prepares for changes to come.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a929644b by Ralph Boehme at 2020-07-18T05:58:41+00:00
smbd: check for conn->cwd_fsp in file_free()
This avoids doing the check in all callers.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
afdeba88 by Ralph Boehme at 2020-07-18T05:58:41+00:00
smbd: check for conn->cwd_fsp in fd_close()
This avoids doing the check in all callers.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b6e40dbf by Ralph Boehme at 2020-07-18T05:58:41+00:00
smbd: use (global) POSIX pathname state in non_widelink_open()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1508d661 by Ralph Boehme at 2020-07-18T05:58:41+00:00
smbd: remove a nested block in non_widelink_open()
No change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
92d8b5f5 by Ralph Boehme at 2020-07-18T05:58:41+00:00
smbd: remove errno saving from fd_open()
This is not needed anymore since 97d061237b0f2e07ae9c8e893734e222e58cfa4e..
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8c2c7491 by Ralph Boehme at 2020-07-18T05:58:41+00:00
smbd: use helper variable for fd in fd_open()
No change in behaviour. Fwiw, no need to set fsp->fh->fd to -1 in the error case,
as that is initialized to -1 in fsp_new().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
567f7987 by Ralph Boehme at 2020-07-18T05:58:41+00:00
s3/lib: fsp_str_dbg() doesn't show a possible stream name
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9c187e29 by Ralph Boehme at 2020-07-18T05:58:41+00:00
smbd: don't mess with smb_dname->base_name in call_trans2findfirst()
Create a fresh name instead. Needed to proper support for path-ref fsps in the
future.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
09cfac65 by Ralph Boehme at 2020-07-18T05:58:41+00:00
smbd: factor out fsp_bind_smb()
Needed for path-ref fsps in the future.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f31108cd by Ralph Boehme at 2020-07-18T05:58:41+00:00
smbd: consolidate fsp allocation for open_directory() and open_file_ntcreate()
...at one place in the caller create_file_unixpath().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
da1103db by Ralph Boehme at 2020-07-18T07:21:10+00:00
smbd: build smb_fname per file to delete in unlink_internals()
Make sure to pass fresh smb_fname's to do_unlink(). Needed for path-ref fsps in
the future.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Jul 18 07:21:11 UTC 2020 on sn-devel-184
- - - - -
91c36c16 by Martin Schwenke at 2020-07-22T02:42:37+00:00
ctdb-build: Don't build/install tests in top-level build by default
The standalone build still includes tests, as does the top-level build
when --enable-selftest is used. The latter is consistent with the use
of --enable-selftest in the rest of the tree.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
9694ba6f by Martin Schwenke at 2020-07-22T02:42:37+00:00
ctdb-tests: Enable SOCKET_WRAPPER_DIR_ALLOW_ORIG
This will allow local daemons to be used in more contexts, especially
in tests run by Jenkins where the directory names for some targets can
be very long.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
c78de201 by Martin Schwenke at 2020-07-22T02:42:37+00:00
ctdb-tests: Show hung script debugging output
The output in a test failure appears to contain no pstree output
because "00\.test\.script,.*" does not match. However, this is just a
guess because the output is not shown.
Showing the output makes it easier to understand test failures.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
847aa0e3 by Martin Schwenke at 2020-07-22T02:42:37+00:00
ctdb-tests: Redirect stderr too when checking for shellcheck
Avoid:
.../UNIT/shellcheck/scripts/local.sh: line 14: type: shellcheck: not found
The "type" command in dash prints the "not found" message to stdout
but the bash version prints to stderr, so redirect stderr too.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
a55dd6f1 by Martin Schwenke at 2020-07-22T02:42:37+00:00
ctdb-tests: Drop unreachable line
ctdb_test_skip() will exit.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
65f56505 by Martin Schwenke at 2020-07-22T02:42:37+00:00
ctdb-tests: Update preamble for INTEGRATION tests
* Use "#!/usr/bin/env bash" for improved portability
* Drop test_info() definition and replace it with a comment
The use of test_info() is pointless.
* Drop call to cluster_is_healthy()
This is a holdover from when the previous test would restart daemons
to get things ready for a test. There was also a bug where going
into recovery during the restart would sometimes cause the cluster
to become unhealthy. If we really need something like this then we
can add it to ctdb_test_init().
* Make order of preamble consistent
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
9a7cabd3 by Martin Schwenke at 2020-07-22T02:42:37+00:00
ctdb-tests: Use "#!/usr/bin/env bash" for improved portability
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
0f04b8a7 by Martin Schwenke at 2020-07-22T02:42:37+00:00
ctdb-tests: Make integration.bash pass shellcheck
Apart from the non-constant sourcing of include files.
Mostly avoidance of quoting warnings.
One subtle change is to simply pass "120" to wait_until_ready() to
stop warnings that it expects arguments but none are passed (both
SC2119 and SC2120). There seems no way to indicate to structure
function argument handling so that shellcheck realises arguments are
optional. In later shellcheck versions, disabling SC2120 for a
function also silences complaints about its callers... but not all of
our testing uses "later" shellcheck versions.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
30293baa by Martin Schwenke at 2020-07-22T02:42:37+00:00
ctdb-tests: Make unit.sh pass shellcheck
Mostly avoidance of quoting warnings.
Silencing warnings about unquoted $CTDB_TEST_CAT_RESULTS_OPTS is
handled by passing '-' to cat when that variable's value is empty.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
44e05ac8 by Martin Schwenke at 2020-07-22T02:42:38+00:00
ctdb-tests: Do not trigger ctdb_test_error() from ctdb_init()
The only caller calls ctdb_test_error() on failure and nesting this
calls can be confusing. A future change will make this even more
confusing.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
e9df17b5 by Martin Schwenke at 2020-07-22T02:42:38+00:00
ctdb-tests: Separate custom cluster startup from test initialisation
Separate cluster startup from test initialisation for tests that start
the cluster with customised configuration. In these cases the result
of the cluster startup is actually the point of the test.
Additionally, pubips.013.failover_noop.sh claims to have completed
test initialisation twice, which just seems wrong.
The result is:
* ctdb_test_init() takes one option (-n) to indicate when it should
not configure/start the cluster
* New function ctdb_nodes_start_custom() accepts options for special
cluster configuration, only operates on local daemons and triggers a
test failure rather than a test error on failure.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
58f9f699 by Martin Schwenke at 2020-07-22T02:42:38+00:00
ctdb-tests: Don't bother shutting down daemons in ctdb_init()
They'll never be up here...
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
aa5b214e by Martin Schwenke at 2020-07-22T02:42:38+00:00
ctdb-tests: Drop uses of "onnode any ..." in testcases
It would be nice to get rid of "onnode any". There's no use making
tests nondeterministic. If covering different cases matters then they
should be explicitly handled.
In most places "any" is replaced by "$test_node". In some cases,
where $test_node is not set, a fixed node that is already used
elsewhere can be reused.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
1079d6e3 by Martin Schwenke at 2020-07-22T02:42:38+00:00
ctdb-tests: Improve test portability
"wc -l" on some platforms (e.g. FreeBSD) contains leading spaces and
stops "$num from being a number. Create a more portable solution and
put it in a function instead of repeating the logic.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
ea1cbff6 by Martin Schwenke at 2020-07-22T02:42:38+00:00
ctdb-tests: Improve test quality
Select test node with IPs instead of using a fixed node. Remove
unnecessary code, use more modern commands, code
improvements (shellcheck).
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
1f655691 by Martin Schwenke at 2020-07-22T02:42:38+00:00
ctdb-tests: Improve test portability
"wc -l" on some platforms (e.g. FreeBSD) contains leading spaces, so
strip them.
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
a308f253 by Martin Schwenke at 2020-07-22T02:42:38+00:00
ctdb-tests: Improve test quality
Simplify code, use more modern commands, code improvements (shellcheck).
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
d2f8cd83 by Martin Schwenke at 2020-07-22T02:42:38+00:00
ctdb-tests: Improve test portability/quality
Avoid use of non-portable md5sum by constructing database names using
index. Improve indentation, use more modern commands, code
improvements (shellcheck).
Signed-off-by: Martin Schwenke <martin at meltin.net>
- - - - -
5707781c by Martin Schwenke at 2020-07-22T04:10:47+00:00
ctdb-tests: Stop cat command failure from causing test failure
In certain circumstance, which aren't obvious, cat(1) can fail when
attempting to write a lot of data. This is due to something (probably
write(2)) returning EAGAIN.
Given that the -v option should only really be used for test
debugging, ignore the failure instead of spending time debugging it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14446
Signed-off-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Wed Jul 22 04:10:47 UTC 2020 on sn-devel-184
- - - - -
5948a579 by Martin Schwenke at 2020-07-22T05:07:45+00:00
Revert "ctdb-tests: Stop cat command failure from causing test failure"
Fix missing Reviewed-by: tag.
This reverts commit 5707781ccf682d95a5a05a7c3e00a43003dbe62e.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d035b69b by Martin Schwenke at 2020-07-22T05:07:45+00:00
Revert "ctdb-tests: Improve test portability/quality"
Fix missing Reviewed-by: tag.
This reverts commit d2f8cd835da39784f2d99231f9a1067ae56ede7a.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
979a6c8c by Martin Schwenke at 2020-07-22T05:07:45+00:00
Revert "ctdb-tests: Improve test quality"
Fix missing Reviewed-by: tag.
This reverts commit a308f2534d3991866efa2c662921ec63b4238888.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
cf3b1fb3 by Martin Schwenke at 2020-07-22T05:07:45+00:00
Revert "ctdb-tests: Improve test portability"
Fix missing Reviewed-by: tag.
This reverts commit 1f6556916e7f3a731d7d760fa6fd857e7f571541.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
c83ece42 by Martin Schwenke at 2020-07-22T05:07:45+00:00
Revert "ctdb-tests: Improve test quality"
Fix missing Reviewed-by: tag.
This reverts commit ea1cbff624383fb9d5b83b863fa6bd00a8fb77fa.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
635d5cfa by Martin Schwenke at 2020-07-22T05:07:45+00:00
Revert "ctdb-tests: Improve test portability"
Fix missing Reviewed-by: tag.
This reverts commit 1079d6e3ae5805ef65a3628edf0a3ac2cd7fac1c.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
c9dfdead by Martin Schwenke at 2020-07-22T05:07:45+00:00
Revert "ctdb-tests: Drop uses of "onnode any ..." in testcases"
Fix missing Reviewed-by: tag.
This reverts commit aa5b214eaa88414c87410fd068fe7624e9790185.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
941a2d0a by Martin Schwenke at 2020-07-22T05:07:45+00:00
Revert "ctdb-tests: Don't bother shutting down daemons in ctdb_init()"
Fix missing Reviewed-by: tag.
This reverts commit 58f9f699f181ac217cda8de512b8385da173f884.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e11526ad by Martin Schwenke at 2020-07-22T05:07:45+00:00
Revert "ctdb-tests: Separate custom cluster startup from test initialisation"
Fix missing Reviewed-by: tag.
This reverts commit e9df17b500146e62539feac66d0cd4b3ef7aa47a.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
da654f97 by Martin Schwenke at 2020-07-22T05:07:46+00:00
Revert "ctdb-tests: Do not trigger ctdb_test_error() from ctdb_init()"
Fix missing Reviewed-by: tag.
This reverts commit 44e05ac8515be3220a334ae8001db83b06bec59f.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
548f2021 by Martin Schwenke at 2020-07-22T05:07:46+00:00
Revert "ctdb-tests: Make unit.sh pass shellcheck"
Fix missing Reviewed-by: tag.
This reverts commit 30293baae5f22628405d327fc0b6bae993e96cd8.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
60d999ad by Martin Schwenke at 2020-07-22T05:07:46+00:00
Revert "ctdb-tests: Make integration.bash pass shellcheck"
Fix missing Reviewed-by: tag.
This reverts commit 0f04b8a70be3b8e157a4a88e9e54e87fa380022e.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
271ad95e by Martin Schwenke at 2020-07-22T05:07:46+00:00
Revert "ctdb-tests: Use "#!/usr/bin/env bash" for improved portability"
Fix missing Reviewed-by: tag.
This reverts commit 9a7cabd342d0aed450ed3305931702a7351f814a.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4438e44f by Martin Schwenke at 2020-07-22T05:07:46+00:00
Revert "ctdb-tests: Update preamble for INTEGRATION tests"
Fix missing Reviewed-by: tag.
This reverts commit 65f56505e29c01d5891e5bc1050b6c37b8cbdee7.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a694c071 by Martin Schwenke at 2020-07-22T05:07:46+00:00
Revert "ctdb-tests: Drop unreachable line"
Fix missing Reviewed-by: tag.
This reverts commit a55dd6f17b6d65db77bcd4f5a011e9aef64729e5.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
e4b1cdc7 by Martin Schwenke at 2020-07-22T05:07:46+00:00
Revert "ctdb-tests: Redirect stderr too when checking for shellcheck"
Fix missing Reviewed-by: tag.
This reverts commit 847aa0e367c721944650aa34d67f8073461ae272.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6a3372e8 by Martin Schwenke at 2020-07-22T05:07:46+00:00
Revert "ctdb-tests: Show hung script debugging output"
Fix missing Reviewed-by: tag.
This reverts commit c78de201f84f9fae9916af9592d42cbc71f805c5.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
bdd89d52 by Martin Schwenke at 2020-07-22T05:07:47+00:00
Revert "ctdb-tests: Enable SOCKET_WRAPPER_DIR_ALLOW_ORIG"
Fix missing Reviewed-by: tag.
This reverts commit 9694ba6fe4d073c653f49080127ee9efa21a8e9e.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
6436c74e by Martin Schwenke at 2020-07-22T06:29:43+00:00
Revert "ctdb-build: Don't build/install tests in top-level build by default"
Fix missing Reviewed-by: tag.
This reverts commit 91c36c16c8516359380a00ee3d2229422b048d9f.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Wed Jul 22 06:29:43 UTC 2020 on sn-devel-184
- - - - -
3ff8765d by Martin Schwenke at 2020-07-22T07:53:35+00:00
ctdb-tests: Stop cat command failure from causing test failure
In certain circumstance, which aren't obvious, cat(1) can fail when
attempting to write a lot of data. This is due to something (probably
write(2)) returning EAGAIN.
Given that the -v option should only really be used for test
debugging, ignore the failure instead of spending time debugging it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14446
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
066c205e by Martin Schwenke at 2020-07-22T07:53:35+00:00
ctdb-build: Don't build/install tests in top-level build by default
The standalone build still includes tests, as does the top-level build
when --enable-selftest is used. The latter is consistent with the use
of --enable-selftest in the rest of the tree.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
70c38d40 by Martin Schwenke at 2020-07-22T07:53:35+00:00
ctdb-tests: Enable SOCKET_WRAPPER_DIR_ALLOW_ORIG
This will allow local daemons to be used in more contexts, especially
in tests run by Jenkins where the directory names for some targets can
be very long.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
15654465 by Martin Schwenke at 2020-07-22T07:53:35+00:00
ctdb-tests: Show hung script debugging output
The output in a test failure appears to contain no pstree output
because "00\.test\.script,.*" does not match. However, this is just a
guess because the output is not shown.
Showing the output makes it easier to understand test failures.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
29a3fce2 by Martin Schwenke at 2020-07-22T07:53:35+00:00
ctdb-tests: Redirect stderr too when checking for shellcheck
Avoid:
.../UNIT/shellcheck/scripts/local.sh: line 14: type: shellcheck: not found
The "type" command in dash prints the "not found" message to stdout
but the bash version prints to stderr, so redirect stderr too.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0f201dd6 by Martin Schwenke at 2020-07-22T07:53:35+00:00
ctdb-tests: Drop unreachable line
ctdb_test_skip() will exit.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8b24cae6 by Martin Schwenke at 2020-07-22T07:53:35+00:00
ctdb-tests: Update preamble for INTEGRATION tests
* Use "#!/usr/bin/env bash" for improved portability
* Drop test_info() definition and replace it with a comment
The use of test_info() is pointless.
* Drop call to cluster_is_healthy()
This is a holdover from when the previous test would restart daemons
to get things ready for a test. There was also a bug where going
into recovery during the restart would sometimes cause the cluster
to become unhealthy. If we really need something like this then we
can add it to ctdb_test_init().
* Make order of preamble consistent
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d6673528 by Martin Schwenke at 2020-07-22T07:53:35+00:00
ctdb-tests: Use "#!/usr/bin/env bash" for improved portability
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
be3065ea by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Make integration.bash pass shellcheck
Apart from the non-constant sourcing of include files.
Mostly avoidance of quoting warnings.
One subtle change is to simply pass "120" to wait_until_ready() to
stop warnings that it expects arguments but none are passed (both
SC2119 and SC2120). There seems no way to indicate to structure
function argument handling so that shellcheck realises arguments are
optional. In later shellcheck versions, disabling SC2120 for a
function also silences complaints about its callers... but not all of
our testing uses "later" shellcheck versions.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a369bedf by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Make unit.sh pass shellcheck
Mostly avoidance of quoting warnings.
Silencing warnings about unquoted $CTDB_TEST_CAT_RESULTS_OPTS is
handled by passing '-' to cat when that variable's value is empty.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a766136d by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Do not trigger ctdb_test_error() from ctdb_init()
The only caller calls ctdb_test_error() on failure and nesting this
calls can be confusing. A future change will make this even more
confusing.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
37c26a95 by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Separate custom cluster startup from test initialisation
Separate cluster startup from test initialisation for tests that start
the cluster with customised configuration. In these cases the result
of the cluster startup is actually the point of the test.
Additionally, pubips.013.failover_noop.sh claims to have completed
test initialisation twice, which just seems wrong.
The result is:
* ctdb_test_init() takes one option (-n) to indicate when it should
not configure/start the cluster
* New function ctdb_nodes_start_custom() accepts options for special
cluster configuration, only operates on local daemons and triggers a
test failure rather than a test error on failure.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
ce3de398 by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Don't bother shutting down daemons in ctdb_init()
They'll never be up here...
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
41ff5833 by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Drop uses of "onnode any ..." in testcases
It would be nice to get rid of "onnode any". There's no use making
tests nondeterministic. If covering different cases matters then they
should be explicitly handled.
In most places "any" is replaced by "$test_node". In some cases,
where $test_node is not set, a fixed node that is already used
elsewhere can be reused.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
760c3039 by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Improve test portability
"wc -l" on some platforms (e.g. FreeBSD) contains leading spaces and
stops "$num from being a number. Create a more portable solution and
put it in a function instead of repeating the logic.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
244eaad7 by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Improve test quality
Select test node with IPs instead of using a fixed node. Remove
unnecessary code, use more modern commands, code
improvements (shellcheck).
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
c6c81ea2 by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Improve test portability
"wc -l" on some platforms (e.g. FreeBSD) contains leading spaces, so
strip them.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f4c2c77f by Martin Schwenke at 2020-07-22T07:53:36+00:00
ctdb-tests: Improve test quality
Simplify code, use more modern commands, code improvements (shellcheck).
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
484a764e by Martin Schwenke at 2020-07-22T09:14:35+00:00
ctdb-tests: Improve test portability/quality
Avoid use of non-portable md5sum by constructing database names using
index. Improve indentation, use more modern commands, code
improvements (shellcheck).
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Wed Jul 22 09:14:35 UTC 2020 on sn-devel-184
- - - - -
6982fcb3 by Martin Schwenke at 2020-07-24T04:41:25+00:00
ctdb-recoverd: Drop unused nodemap argument from update_flags_on_all_nodes()
An unused argument needlessly extends the length of function calls. A
subsequent change will allow rec->nodemap to be used if necessary.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
cb3a3147 by Martin Schwenke at 2020-07-24T04:41:25+00:00
ctdb-recoverd: Change update_flags_on_all_nodes() to take rec argument
This makes fields such as recmaster and nodemap easily available if
required.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f681c0e9 by Martin Schwenke at 2020-07-24T04:41:25+00:00
ctdb-recoverd: Introduce some local variables to improve readability
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
915d24ac by Martin Schwenke at 2020-07-24T04:41:25+00:00
ctdb-recoverd: Use update_flags_on_all_nodes()
This is clearer than using the MODFLAGS control directly.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b1e631ff by Martin Schwenke at 2020-07-24T04:41:25+00:00
ctdb-recoverd: Improve a call to update_flags_on_all_nodes()
This should take a PNN, not an array index.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a88c10c5 by Martin Schwenke at 2020-07-24T04:41:25+00:00
ctdb-recoverd: Move ctdb_ctrl_modflags() to ctdb_recoverd.c
This file is the only user of this function.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0c6a7db3 by Martin Schwenke at 2020-07-24T04:41:25+00:00
ctdb-recoverd: Flatten update_flags_on_all_nodes()
The logic currently in ctdb_ctrl_modflags() will be optimised so that
it no longer matches the pattern for a control function. So, remove
this function and squash its functionality into the only caller.
Although there are some superficial changes, the behaviour is
unchanged.
Flattening the 2 functions produces some seriously weird logic for
setting the new flags, to the point where using ctdb_ctrl_modflags()
for this purpose now looks very strange. The weirdness will be
cleaned up in a subsequent commit.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
9475ab04 by Martin Schwenke at 2020-07-24T04:41:25+00:00
ctdb-recoverd: Do not retrieve nodemap from recovery master
It is already in rec->nodemap.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3654e416 by Martin Schwenke at 2020-07-24T04:41:25+00:00
ctdb-recoverd: Correctly find nodemap entry for pnn
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
5ce6133a by Martin Schwenke at 2020-07-24T06:03:23+00:00
ctdb-recoverd: Simplify calculation of new flags
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Fri Jul 24 06:03:23 UTC 2020 on sn-devel-184
- - - - -
16b84855 by Martin Schwenke at 2020-07-24T08:37:31+00:00
ctdb: Change NAT gateway to use leader/follower
Instead of master/slave.
Nearly all of these are simple textual substitutions, which preserve
the case of the original.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f37b3cf2 by Martin Schwenke at 2020-07-24T08:37:31+00:00
ctdb: Change LVS to use leader/follower
Instead of master/slave.
Nearly all of these are simple textual substitutions, which preserve
the case of the original. A couple of minor cleanups were made in the
documentation (such as "LVSMASTER" -> "LVS leader").
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
db4b52b7 by Martin Schwenke at 2020-07-24T09:58:53+00:00
WHATSNEW: Document CTDB NAT gateway and LVS changes
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Jul 24 09:58:53 UTC 2020 on sn-devel-184
- - - - -
bbcab579 by Martin Schwenke at 2020-07-26T13:01:09+00:00
WHATSNEW: Fix description of CTDB NAT gateway and LVS changes
Oops! Using parentheses makes it harder to get this wrong.
Reported-by: Volker Lendecke <vl at samba.org>
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Sun Jul 26 13:01:09 UTC 2020 on sn-devel-184
- - - - -
334dd8ce by Martin Schwenke at 2020-07-27T05:42:31+00:00
ctdb-scripts: Use nfsconf as a last resort to set NFS_HOSTNAME
If nfsconf exists then use it as last resort to attempt to extract
[statd]:name from /etc/nfs.conf.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14444
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
642dc6de by Martin Schwenke at 2020-07-27T07:06:57+00:00
ctdb-scripts: Use nfsconf as a last resort get nfsd thread count
If nfsconf exists then use it as last resort to attempt to extract
[nfsd]:threads from /etc/nfs.conf.
Invocation of nfsconf requires "|| true" because this script uses "set
-e". Add a stub that always fails to at least test this much.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14444
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Mon Jul 27 07:06:58 UTC 2020 on sn-devel-184
- - - - -
6e496aa3 by Khem Raj at 2020-07-28T10:52:00+00:00
nsswitch/nsstest.c: Avoid nss function conflicts with glibc nss.h
glibc 2.32 will define these varibles [1] which results in conflicts
with these static function names, therefore prefix these function names
with samba_ to avoid it
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=499a92df8b9fc64a054cf3b7f728f8967fc1da7d
Signed-off-by: Khem Raj <raj.khem at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Jul 28 10:52:00 UTC 2020 on sn-devel-184
- - - - -
07399831 by Isaac Boukris at 2020-07-28T12:40:26+00:00
Add a test with old msDS-SupportedEncryptionTypes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
4baa7cc8 by Stefan Metzmacher at 2020-07-28T14:04:26+00:00
kdc:db-glue: ignore KRB5_PROG_ETYPE_NOSUPP also for Primary:Kerberos
Currently we only ignore KRB5_PROG_ETYPE_NOSUPP for
Primary:Kerberos-Newer-Keys, but not for Primary:Kerberos.
If a service account has msDS-SupportedEncryptionTypes: 31
and DES keys stored in Primary:Kerberos, we'll pass the
DES key to smb_krb5_keyblock_init_contents(), but may get
KRB5_PROG_ETYPE_NOSUPP.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Jul 28 14:04:26 UTC 2020 on sn-devel-184
- - - - -
05228c4e by Andrew Bartlett at 2020-07-29T03:19:02+00:00
dbcheck: Allow a dangling forward link outside our known NCs
If we do not have the NC of the target object we can not be really sure
that the object is redundent and so we want to keep it for now
and not (as happened until now) break the dbcheck run made during the
replication stage of a "samba-tool domain backup rename".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14450
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
2aace18f by Douglas Bagnall at 2020-07-29T04:43:23+00:00
ldb_controls: control_to_string avoids crash
Otherwise a malformed control with unexpected NULL data will segfault
ldb_control_to_string(), though this is not very likely to affect
anyone in practice as converting controls to strings is rarely
necessary. If it happens at all in Samba it is in Python code.
Found by Honggfuzz using fuzz_ldb_parse_control.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Wed Jul 29 04:43:23 UTC 2020 on sn-devel-184
- - - - -
698d20d3 by Ralph Boehme at 2020-07-29T13:44:47+00:00
smbd: remove get_current_vuid()
The last user was removed by 3d09993725412bb0e856cc2ebf6ac68f8e762730.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Jul 29 13:44:47 UTC 2020 on sn-devel-184
- - - - -
326bc84c by Douglas Bagnall at 2020-08-03T02:51:35+00:00
oss-fuzz: use uninstrumented dynamic python
We can't link to the instrumented statically built Python, so instead
we use the system Python in the docker image.
REF: https://github.com/google/oss-fuzz/issues/4223
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22618
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14451
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9bf331b4 by Douglas Bagnall at 2020-08-03T02:51:35+00:00
ndr: maintain proper talloc tree in pull_string_array
We don't want to leave other parts of the ndr struct hanging off this
string array just because LIBNDR_FLAG_REMAINING is used.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9148f38c by Douglas Bagnall at 2020-08-03T02:51:35+00:00
ndr: avoid excessive reallocing in pull_string_array
Before, talloc_realloc() was being called n times for an array of
length n. This could be very expensive on long string arrays since it
is reasonable to assume each realloc moves O(n) bytes.
This addresses at least one OSS-Fuzz bug, making a timing out test case
100 times faster. Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19706
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
14210c24 by Douglas Bagnall at 2020-08-03T02:51:35+00:00
python tests: drop python 2.6 compatibility functions
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
06f87f14 by Douglas Bagnall at 2020-08-03T04:13:37+00:00
README.Coding: target Python 3.6+
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Aug 3 04:13:37 UTC 2020 on sn-devel-184
- - - - -
611e643d by Samuel Thibault at 2020-08-03T09:39:02+00:00
ldap_server: fix hurd build
There is no hardcoded IOV_MAX iov limitation on GNU/Hurd. We however do
not want unbound allocation, so define it to a reasonable amount.
Signed-off-by: Samuel Thibault <samuel.thibault at ens-lyon.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Mon Aug 3 09:39:02 UTC 2020 on sn-devel-184
- - - - -
23274717 by Ralph Boehme at 2020-08-03T22:21:02+00:00
lib: relicense smb_strtoul(l) under LGPLv3
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Swen Schillig <swen at linux.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Aug 3 22:21:04 UTC 2020 on sn-devel-184
- - - - -
12c526f1 by Jeremy Allison at 2020-08-04T06:30:25+00:00
s3: scripts: Selfttest. samba3.blackbox.smbclient_iconv.*
Fix missing 'include' in temporary client smb.conf file.
The current temporary generated smb.conf file for the client, "client_cp850_smbconf"
doesn't include the normal client smb.conf file "client.conf".
This means it's missing the:
interfaces = XXXX,YYYY
line we needed to find the server via socketwrapper. Currently this test is finding the server by accident :-).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Aug 4 06:30:25 UTC 2020 on sn-devel-184
- - - - -
a4c85116 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - ensure we don't try and continue resolving names on failure of convert_ss2service().
Logic change, but correct error cleanup - jump to new 'fail:' label.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
bfe1b6ee by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for resolve_hosts().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
e74b323a by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for KDC resolve_ads().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
139d7a73 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for resolve_ads().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
114fe823 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for resolve_lmhosts_file_as_sockaddr().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
02f72478 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for 0x1D name in resolve_wins().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
ba656a79 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for resolve_wins().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
75469fcf by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for name_resolve_bcast().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
d4e43063 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - use helper 'ok' bool for resolve_hosts().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
8e20de54 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - use helper 'ok' bool for resolve_lmhosts_file_as_sockaddr().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
d48d6059 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - use helper 'ok' bool for resolve_wins().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
4abcb300 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - use helper 'ok' bool for name_resolve_bcast().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
1499fd8a by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - use helper 'ok' bool for internal_resolve_name().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
14433e2a by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - split allocation and NULL check in internal_resolve_name().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
e07fa953 by Jeremy Allison at 2020-08-04T08:51:41+00:00
s3: libsmb: Cleanup - modernize DEBUG -> DBG_ in internal_resolve_name()
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
2ad48899 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - Remove incorrect comment in resolve_ads(). The DNS code copes fine with IPv6 addresses.
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
dd165b2c by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - reformatting resolve_hosts() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
cd3cc111 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - reformatting resolve_ads() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
d42ba0b1 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - reformatting 2nd use of resolve_ads() parameters inside internal_resolve_name().
No logic change.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
e8db4b09 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - reformatting resolve_lmhosts_file_as_sockaddr() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
1cb67bd3 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - reformatting resolve_wins() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
53474b57 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - reformatting name_resolve_bcast() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
f12cee23 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - put talloc parameter first in resolve_hosts().
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
7ad92b37 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3/s4: Cleanup. Move TALLOC_CTX * parameter to be first in resolve_lmhosts_file_as_sockaddr() to match modern conventions.
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
cef158a7 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - put talloc parameter first in resolve_wins().
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
eaea3c0a by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - put talloc parameter first in name_resolve_bcast().
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
2297c883 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Cleanup - ensure ss_list variables are initialized with NULL.
No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
97781fe0 by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Pass in TALLOC_CTX * parameter to resolve_ads() instead of creating one internally.
Pass in talloc_tos() to make it match the other resolve_XXX() functions.
No memory leaks as this is used for transient data and is cleaned up
when the calling frame in internal_resolve_name() is destroyed.
Preparing to have it return a talloc'ed struct sockaddr_storage array
rather than a malloc'ed struct ip_service array.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
d0fa32bd by Jeremy Allison at 2020-08-04T08:51:42+00:00
s3: libsmb: Add in (currently unused) function dns_lookup_list().
This function takes a list of names returned from a DNS SRV
query which didn't have returned IP addresses and returns an
array of struct sockaddr_storage.
Currently synchronous, but this is the function that will
be changed to be asynchronous later.
Compiles but commented out for now so we don't get "unused
function" warnings.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
d53ade5b by Jeremy Allison at 2020-08-04T08:51:43+00:00
s3: libsmb: Rewrite resolve_ads() to use the previously added dns_lookup_list() function.
Clean up internals - a LOT.
This one needs careful review. Ditch the (unused) port returns from
the SRV replies.
Internally uses talloc'ed arrays of struct sockaddr_storage
which it then convert to MALLOC'ed struct ip_service.
Still returns struct ip_service but this will be
fixed in the next commit.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
ecaa4244 by Jeremy Allison at 2020-08-04T08:51:43+00:00
s3: libsmb: Change resolve_ads() to return a talloc'ed ss_list, matching the other name resolution methods.
Now we can move all the convert_ss2service() calls to one place.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
03112db1 by Jeremy Allison at 2020-08-04T08:51:43+00:00
s3: libsmb: Now all resolution functions return a ss_list on success, we only need one local variable for this.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
860510b1 by Jeremy Allison at 2020-08-04T10:13:53+00:00
s3: libsmb: Move all calls to convert_ss2service() to one place now all methods return a sockaddr_storage.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Tue Aug 4 10:13:53 UTC 2020 on sn-devel-184
- - - - -
182cde4f by Ralph Boehme at 2020-08-05T10:17:06+00:00
lib: fix smb_strtox.[c|h] license header
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Aug 5 10:17:06 UTC 2020 on sn-devel-184
- - - - -
ae56a07a by David Mulder at 2020-08-06T16:38:35+00:00
gpo: Test gpo hourly scripts apply
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
42f043ab by David Mulder at 2020-08-06T16:38:35+00:00
gpo: Apply Group Policy Hourly Scripts
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
63703c9a by David Mulder at 2020-08-06T16:38:35+00:00
gpo: Test gpo monthly scripts apply
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1810e4f1 by David Mulder at 2020-08-06T16:38:35+00:00
gpo: Apply Group Policy Monthly Scripts
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7e5c842c by David Mulder at 2020-08-06T16:38:35+00:00
gpo: Test gpo weekly scripts apply
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b30a604f by David Mulder at 2020-08-06T16:38:35+00:00
gpo: Apply Group Policy Weekly Scripts
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
cd4efb95 by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Move all scripts to a sub-category in samba.admx
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
edf4b6eb by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Scripts extension use 'gp_' prefix, not 'tmp'
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e387aa93 by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Scripts gpo add warning about generated scripts
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
9679ba95 by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Test Group Policy Sudo Rights
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
88b62661 by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Apply Group Policy Sudo Rights
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
70a38eb5 by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Test proper decoding of utf-16 inf files
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0f3066ab by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Properly decode utf-8/16 inf files from bytes
This code was python 2 specific (string handling
has changed dramatically in python 3), and didn't
correctly decode utf-16 in python3. We should
instead read the file as bytes, then attempt a
utf-8 decode (the default), and try utf-16 if
encountering a decode failure.
The existing code actually throws an exception on
the initial file read when the data is utf-16,
since it tries to decode the bytes to a utf-8
string.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f5202c7b by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Add --rsop option to samba-gpupdate
This command prints the Resultant Set of Policy
for applicable GPOs, for either the Computer or
User policy (depending on the target specified).
Policy specific output must be implemented for
each client side extension.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5361f258 by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Test samba-gpupdate --rsop
Test that the rsop command produces the expected
output.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1f631030 by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Add RSOP output for Security Extension
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
bf74bf1c by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Add RSOP output for Scripts Extension
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
89718761 by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Extract Kerberos policy from Security extension
Rewrite the extension to be easier to understand,
and to remove references to gp_ext_setter.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
627fb547 by David Mulder at 2020-08-06T16:38:36+00:00
gpo: Extract Access policy from Security extension
Rewrite the extension to be easier to understand,
and to remove references to gp_ext_setter.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d512b1a4 by David Mulder at 2020-08-06T18:01:49+00:00
gpo: Remove unused gp_ext_setter code
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): David Mulder <dmulder at samba.org>
Autobuild-Date(master): Thu Aug 6 18:01:49 UTC 2020 on sn-devel-184
- - - - -
41beb510 by Volker Lendecke at 2020-08-06T19:00:36+00:00
libcli/ldap: Fix CID 1465278 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
de2a7574 by Volker Lendecke at 2020-08-06T19:00:36+00:00
libcli/ldap: Fix CID 1462696 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1b139de5 by Volker Lendecke at 2020-08-06T19:00:36+00:00
libcli/ldap: Fix CID 1462695 Resource leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
04b2db7d by Volker Lendecke at 2020-08-06T20:23:53+00:00
libsmb: Fix CID 1465656 Resource leak
This is very likely a false positive, because Coverity does not see
that we only assign "dns_addrs" when NT_STATUS_IS_OK(status), so we
might not want this. But it is a fresh finding and looks cleaner this
way.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Aug 6 20:23:53 UTC 2020 on sn-devel-184
- - - - -
ebaa0022 by Stefan Metzmacher at 2020-08-07T03:23:43+00:00
wafsamba: run SAMBA_GENERATOR('VERSION') with group='setup'
This means this is the first thing that's done.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4e8f3fdf by Gary Lockyer at 2020-08-07T03:23:43+00:00
heimdal: Use #ifdef HAVE_DLOPEN around functions used only by HAVE_DLOPEN
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1687813e by Gary Lockyer at 2020-08-07T03:23:43+00:00
heimdal: Use #ifdef HAVE_DLOPEN around function used by HAVE_DLOPEN
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1663ada9 by Andrew Bartlett at 2020-08-07T03:23:43+00:00
heimdal: Exclude more of plugin.c if HAVE_DLOPEN (which Samba unsets) is not set
This allows us to avoid warnings and errors due to unsued variables
and functions.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
cb721715 by Gary Lockyer at 2020-08-07T03:23:43+00:00
Make HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE available in krb5.h
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e8f5a25f by Gary Lockyer at 2020-08-07T03:23:43+00:00
heimdal_build: Include keys.c in the hdb autoproto
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
8a148193 by Gary Lockyer at 2020-08-07T03:23:43+00:00
heimdal_build: provide a prototype with the dummy afs header-only function stubs
We do not do AFS in Samba
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c51c1514 by Andrew Bartlett at 2020-08-07T03:23:44+00:00
Compile .l files (flex) with the waf rule at runtime
Other parts of Samba already compile these directly.
This makes these files compile with modern compiler warnings.
The primary difference (other than being built with a newer
flex) is the loss of the #include "config.h" but
this is not used in the other .l files elsewehre and does not
seem to matter on modern systems.
The generated output from compile_et asn1_compile has not changed
(so I think the hx509 case is safe).
The mdssvc case just has changed file locations and line numbers.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
fb041236 by Gary Lockyer at 2020-08-07T03:23:44+00:00
heimdal_build: Do not allow warnings in the heimdal code!
(const excepted)
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Updated to 2020 requirements since changes in
13a2f70a4dd6dd68e0dbd0379d35409c5f100f06
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d4a9e882 by Andrew Bartlett at 2020-08-07T03:23:44+00:00
Revert "build: fix the coverage build"
This reverts commit 3e072b3fb78f0d3132b1d3ce719b8f3706e8491a.
This is no longer required now that --noline is set globally
and that is a much nicer solution.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b063bbf8 by Andrew Bartlett at 2020-08-07T03:23:44+00:00
heimdal_build: Add missing dependency on heimbase
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
9b706650 by Andrew Bartlett at 2020-08-07T03:23:44+00:00
selftest: Work around existing CA certificates to get PKINIT tests working
This could be reverted in the future, but for now the certificate validation is not what
we are testing and this allows the heimdal upgrade to work.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
889c461c by Andrew Bartlett at 2020-08-07T03:23:44+00:00
kdc: Remind us that these values need to match other values
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
bf16cd72 by Douglas Bagnall at 2020-08-07T03:23:44+00:00
ndr: fix ndr_pull_string_array() off by one alloc
The correct line should have been
talloc_realloc(ndr->current_mem_ctx, a, const char *, count + 2);
because if the loop does not increment count on exit (it exits via
break), so count is left pointing at the thing that just got put in.
i.e., if there was one item it is at a[0], count is 0, but we also
need the trailing NULL byte at a[1] and the length is 2. Thus + 2, not
+ 1.
This will not affect ordinary (that is, non-malicious) traffic,
because talloc_realloc will not actually realloc unless it is saving a
kilobyte. Since the allocation grows slowly with the exponent ~1.25,
the actual reallocs will start happening at some point between 512 and
1024 items.
In the example we have, there were 666 pointers, and space for 824 was
allocated.
Rather than doing the +2 realloc, it is simpler to leave it off
altogether; in the common case (<512 items) it is a no-op anyway, and
in the best possible case it reduces the temporary array by 20%.
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24646
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
fc83b470 by Douglas Bagnall at 2020-08-07T04:44:17+00:00
libprc/test: add pull_string_array large array test
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Fri Aug 7 04:44:17 UTC 2020 on sn-devel-184
- - - - -
47c1b874 by Jeremy Allison at 2020-08-07T06:34:36+00:00
lib: addns: Add code for asynchronously looking up A records.
Returns an array of struct samba_sockaddr.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a1b90237 by Jeremy Allison at 2020-08-07T06:34:36+00:00
lib: addns: Add code for asynchronously looking up AAAA records.
Returns an array of struct samba_sockaddr.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
b3671de4 by Jeremy Allison at 2020-08-07T06:34:36+00:00
s3: net: Add new 'net ads dns async <name>' command.
Will test the async DNS lookups in the next commit.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
156f1dfc by Jeremy Allison at 2020-08-07T06:34:36+00:00
s4: tests: Add new async DNS unit test - samba4.blackbox.net_ads_dns_async(ad_member:local).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
8a140391 by Jeremy Allison at 2020-08-07T06:34:37+00:00
s3: Parameters. Add 'async dns timeout' parameter. Default to 10. Minimum value 1.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
5ffcd883 by Jeremy Allison at 2020-08-07T06:34:37+00:00
s3: libsmb: Add dns_lookup_list_async() - not yet used.
Take a list of hostnames and does async A and AAAA (if
supported) lookups on them. Interface compatible with
dns_lookup_list() (with the addition of one extra
parameter returning the query name list, for use inside
dsgetdcname() internals later) and we'll replace it in the next
commit. Waits for lp_get_async_dns_timeout() seconds to complete.
Commented out as not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
bc307f1e by Jeremy Allison at 2020-08-07T06:34:37+00:00
s3: libsmb: Use dns_lookup_list_async() instead of dns_lookup_list().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
f87ce5b0 by Jeremy Allison at 2020-08-07T06:34:37+00:00
s3: libsmb: Remove dns_lookup_list(). No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6411c64d by Jeremy Allison at 2020-08-07T06:34:37+00:00
s3: libsmb: Make dns_lookup_list_async() available to other Samba callers..
This allows the async DNS lookups to be re-used inside the dsgetdcname() internals
code as previously described.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
d882add6 by Jeremy Allison at 2020-08-07T06:34:37+00:00
s3: libsmb: Make discover_dc_dns() use async DNS.
Change to call dns_lookup_list_async(). This is
doing the samba SRV lookup followed by A and AAAA
record host lookup as resolve_ads() does and so
benefits from the same changes to make it async.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
3b13d4d6 by Jeremy Allison at 2020-08-07T06:34:37+00:00
s3: libsmb: Add utility function sockaddr_storage_to_samba_sockaddr().
As requested by Andreas and Metze, ensure new code uses
struct samba_sockaddr. This is part of changing dns_lookup_list_async()
and callers to use struct samba_sockaddr.
Currently putting this into namequery.c even though it's
used inside dsgetdcname.c as I have future patches that
heavily make use of this to convert sockaddr_storage -> samba_sockaddr..
I'm not committed to putting it here, it may fit better
in lib/util/util_net.[ch]. It just needs to be somewhere
other functions inside source/libsmb/*.c can get to it,
and currently namequery.h exports the most stuff.
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
eb5a4738 by Jeremy Allison at 2020-08-07T06:34:37+00:00
s3: libsmb: Change dns_lookup_list_async() and associated functions to return a struct samba_sockaddr * array.
This fullfills the promise to Andreas and Metze
of all new code using struct samba_sockaddr.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
1b42b79c by Jeremy Allison at 2020-08-07T06:34:37+00:00
s3: libsmb: Cleanup - Move dsgetdcname.c to using struct samba_sockaddr internally.
Mostly renames of ss -> sa and access union members. No logic changes.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6a9c7859 by Jeremy Allison at 2020-08-07T07:58:13+00:00
s3: libsmb: Cleanup - Remove the last use of a struct sockaddr_storage variable in dsgetdcname.c
Remove from process_dc_netbios().
This is a logic change, but as all the logic did was force a round-trip
through converting an already guaranteed numeric hostname printed by
print_sockaddr() inside discover_dc_netbios() to a struct
sockaddr_storage and then discard the result (!) I think it's harmless.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Aug 7 07:58:14 UTC 2020 on sn-devel-184
- - - - -
19ef9c40 by Stefan Metzmacher at 2020-08-08T09:36:28+00:00
s3:rpc_client: reverse rpccli_{is_connected,set_timeout}() and rpccli_bh_{is_connected,set_timeout}()
rpccli->transport should never be used directly,
everything should go via the binding handle.
Internal pipes don't have a transport, so p->transport is always
NULL. rpccli_is_connected() checks this and this causes all SAMR and LSA
requests for the local domain to be processed a second time by the triggered
retry logic.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14457
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f50987df by Ralph Boehme at 2020-08-08T10:59:38+00:00
winbind: directly use dcerpc_binding_handle_is_connected() in reset_connection_on_error() SAMR code
In the end we should avoid rpccli_is_connected(), rpccli_set_timeout() and the
whole rpc_pipe_client concept.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14457
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Sat Aug 8 10:59:38 UTC 2020 on sn-devel-184
- - - - -
a97c78fb by Stefan Metzmacher at 2020-08-09T00:30:26+00:00
lzxpress: add bounds checking to lzxpress_decompress()
lzxpress_decompress() would wander past the end of the array in
numerous locations.
Credit to OSS-Fuzz.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14190
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19382
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20083
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22485
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22667
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Sun Aug 9 00:30:26 UTC 2020 on sn-devel-184
- - - - -
08909e66 by Isaac Boukris at 2020-08-11T09:32:34+00:00
Revert "selftest: add tests for net-ads over TLS"
As we are removing the option.
This reverts commit 10f61cd39b9e03e7bb781edf04022ea6ae1f1cac.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14462
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
32eb7f39 by Isaac Boukris at 2020-08-11T10:53:05+00:00
Remove depracated "ldap ssl ads" smb.conf option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14462
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Tue Aug 11 10:53:05 UTC 2020 on sn-devel-184
- - - - -
323073f4 by Douglas Bagnall at 2020-08-11T16:37:35+00:00
python compat: remove integer_types
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
9cc65a55 by Douglas Bagnall at 2020-08-11T16:37:35+00:00
python compat: remove string_types
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
4d9d63b0 by Douglas Bagnall at 2020-08-11T16:37:35+00:00
python compat: remove StringIO
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
bcaf076d by Douglas Bagnall at 2020-08-11T16:37:35+00:00
python compat: reduce use of 'if PY3:'
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
ace50380 by Douglas Bagnall at 2020-08-11T16:37:35+00:00
python compat: remove binary_type
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
f0860de5 by Douglas Bagnall at 2020-08-11T16:37:35+00:00
python compat: remove text_type
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
9aa6b0cd by Volker Lendecke at 2020-08-11T18:00:26+00:00
libsmb: Fix CID 1465860 Control flow issues (DEADCODE)
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Aug 11 18:00:26 UTC 2020 on sn-devel-184
- - - - -
9f7ef21e by Matthew DeVore at 2020-08-15T07:30:30+00:00
s3: lib: Fix unneeded relative path in #include.
Signed-off-by: Matthew DeVore <matvore at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
53a1d034 by Matthew DeVore at 2020-08-15T08:51:09+00:00
lib/util: Standardize use of st_[acm]time ns
Commit 810397f89a10, and possibly others, broke the build for macOS and
other environments which don't have st_[acm]tim fields on 'struct stat'.
Multiple places in the codebase used the config.h values to determine
how to access the nanosecond or microsecond values of the stat
timestamps, so rather than add more, centralize them all into
lib/util/time.c.
Also allow pvfs_fileinfo.c to read nanosecond-granularity timestamps on
platforms where it didn't before, since its #if branches were not
complete.
Signed-off-by: Matthew DeVore <matvore at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Sat Aug 15 08:51:09 UTC 2020 on sn-devel-184
- - - - -
672212ce by Christof Schmitt at 2020-08-16T05:45:35+00:00
util: Allow symlinks in directory_create_or_exist
Commit 9f60a77e0b updated the check to avoid having files or other
objects instead of a directory. This missed the valid case that there
might be a symlink to a directory. Updated the check accordingly to
allow symlinks to directories.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14166
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
e89ec78e by Christof Schmitt at 2020-08-16T07:06:59+00:00
util: Add cmocka unit test for directory_create_or_exists
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14166
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Sun Aug 16 07:06:59 UTC 2020 on sn-devel-184
- - - - -
971c20e9 by Martin Schwenke at 2020-08-17T04:51:32+00:00
ctdb-tools: Drop "ctdb isnotrecmaster" command
This isn't used anywhere and can easily be checked via "ctdb pnn" and
"ctdb recmaster" commands.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8baf4791 by Martin Schwenke at 2020-08-17T04:51:32+00:00
WHATSNEW: Document removal of "ctdb isnotrecmaster" command
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
0cb61c6f by Martin Schwenke at 2020-08-17T06:13:11+00:00
ctdb-doc: Link to CTDB page in wiki
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Mon Aug 17 06:13:11 UTC 2020 on sn-devel-184
- - - - -
86ab4676 by Volker Lendecke at 2020-08-17T09:46:36+00:00
ldap_server: Avoid talloc_memdup() for ldap_decode()
Slight optimization for the ldap server: We don't need to copy the
client PDU into the ASN1 struct, the decoding process happens
immediately in the same routine.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
3514e410 by Volker Lendecke at 2020-08-17T11:10:04+00:00
ldap_server: Do an early TALLOC_FREE()
We don't need the asn1 struct after this point anymore
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Aug 17 11:10:04 UTC 2020 on sn-devel-184
- - - - -
2e7f3e5e by Volker Lendecke at 2020-08-17T19:35:37+00:00
lib: Move send_keepalive() to smbd/smb1_utils.c
This is a SMB1-only packet sent from smbd only
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2ccc9df4 by Volker Lendecke at 2020-08-17T19:35:37+00:00
lib: Move read_udp_v4_socket() to nmbd
This is the only consumer of it
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
630f228f by Volker Lendecke at 2020-08-17T19:35:37+00:00
lib: Remove unused open_udp_socket()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
de03dba4 by Volker Lendecke at 2020-08-17T19:35:37+00:00
lib: Remove unused client_addr()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d5cca8d0 by Volker Lendecke at 2020-08-17T19:35:37+00:00
lib: Remove unused client_socket_addr()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b0d270d9 by Volker Lendecke at 2020-08-17T19:35:37+00:00
lib: Align integer types in same_net()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f3c43c65 by Volker Lendecke at 2020-08-17T19:35:37+00:00
lib: Remove unused client_socket_port()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
753b6cc5 by Volker Lendecke at 2020-08-17T19:35:37+00:00
lib: Move get_socket_port() to its only consumer
This is only used in netbios_session_retarget()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2d29bb42 by Volker Lendecke at 2020-08-17T19:35:37+00:00
test: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
acd8de28 by Volker Lendecke at 2020-08-17T19:35:37+00:00
auth_log_test: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
af34a411 by Volker Lendecke at 2020-08-17T19:35:37+00:00
gensec: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5416fd2c by Volker Lendecke at 2020-08-17T19:35:37+00:00
torture: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a6e506af by Volker Lendecke at 2020-08-17T19:35:37+00:00
torture: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
07c64844 by Volker Lendecke at 2020-08-17T19:35:37+00:00
torture: Align a few integer types
Also move a variable closer to its use
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4f3ab0e9 by Volker Lendecke at 2020-08-17T19:35:37+00:00
ldap_server: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f05f4031 by Volker Lendecke at 2020-08-17T19:35:38+00:00
Fix a comment typo copied around
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6c42bc48 by Volker Lendecke at 2020-08-17T19:35:38+00:00
tests: Fix typos
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
546a0f99 by Volker Lendecke at 2020-08-17T20:59:51+00:00
auth: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Aug 17 20:59:51 UTC 2020 on sn-devel-184
- - - - -
d3ff49f4 by Andrew Bartlett at 2020-08-18T00:10:39+00:00
selftest: Add test for suppression of deprecation warnings
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
d14cc45c by Andrew Bartlett at 2020-08-18T00:10:40+00:00
param: Allow tests to silence deprecation warnings
This helps make output sensitive tests more reliable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
9e212dd1 by Andrew Bartlett at 2020-08-18T00:10:40+00:00
selftest: Do not let deprecated option warnings muck this test up
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c6aa710f by Andrew Bartlett at 2020-08-18T00:10:40+00:00
docs: Deprecate NT4-like domains and SMBv1-only protocol options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
1b85db57 by Andrew Bartlett at 2020-08-18T00:10:40+00:00
docs: deprecate "client use spnego"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ac8e5ea2 by Andrew Bartlett at 2020-08-18T00:10:40+00:00
docs: deprecate "client lanman auth"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
5543c11c by Andrew Bartlett at 2020-08-18T00:10:40+00:00
docs: deprecate "client NTLMv2 auth"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
37583b19 by Andrew Bartlett at 2020-08-18T00:10:40+00:00
docs: deprecate "client plaintext auth"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
8c9d9441 by Andrew Bartlett at 2020-08-18T00:10:40+00:00
docs: deprecate "raw NTLMv2 auth"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
20606fd0 by Andrew Bartlett at 2020-08-18T01:32:21+00:00
WHATSNEW: list deprecated parameters
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Aug 18 01:32:21 UTC 2020 on sn-devel-184
- - - - -
52f520d3 by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Basic cleanups for get_remote_nodemaps()
Don't log an error on failure - let the caller can do this. Apart
from this: fix up coding style and modernise the remaining error
message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d2d90f25 by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Fix a local memory leak
The memory is allocated off the memory context used by the current
iteration of main loop. It is freed when main loop completes the fix
doesn't require backporting to stable branches. However, it is sloppy
so it is worth fixing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3324dd27 by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Change signature of get_remote_nodemaps()
Change 1st argument to a rec context, since this will be needed later.
Drop the nodemap argument and access it via rec->nodemap instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
2eaa0af6 by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Move memory allocation into get_remote_nodemaps()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
a079ee31 by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Add an intermediate state struct for nodemap fetching
This will allow an error callback to be added.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
10ce0dbf by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Add fail callback to assign banning credits
Also drop error handling in main_loop() that is replaced by this
change.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
368c83bf by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Fix node_pnn check and assignment of nodemap into array
This array is indexed by the same index as nodemap, not the PNN.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
762d1d8a by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Change get_remote_nodemaps() to use connected nodes
The plan here is to use the nodemaps retrieved by get_remote_nodes()
in update_local_flags(). This will improve efficiency, since
get_remote_nodes() fetches flags from nodes in parallel. It also
means that get_remote_nodes() can be used exactly once early on in
main_loop() to retrieve remote nodemaps. Retrieving nodemaps multiple
times is unnecessary and racy - a single monitoring iteration should
not fetch flags multiple times and compare them.
This introduces a temporary behaviour change but it will be of no
consequence when the above changes are made.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d50919b0 by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Do not fetch the nodemap from the recovery master
The nodemap has already been fetched from the local node and is
actually passed to this function. Care must be taken to avoid
referencing the "remote" nodemap for the recovery master. It also
isn't useful to do so, since it would be the same nodemap.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
910a0b3b by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Get remote nodemaps earlier
update_local_flags() will be changed to use these nodemaps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
702c7c49 by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Change update_local_flags() to use already retrieved nodemaps
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4aa8e72d by Martin Schwenke at 2020-08-18T05:02:25+00:00
ctdb-recoverd: Rename update_local_flags() -> update_flags()
This also updates remote flags so the name is misleading.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
8bb6a660 by Martin Schwenke at 2020-08-18T06:24:11+00:00
ctdb-recoverd: Broadcast takeover run message when verifying IPs
This makes it consistent with the monitoring code. If the master has
changed then this means the master will always get the message.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Aug 18 06:24:11 UTC 2020 on sn-devel-184
- - - - -
0535a265 by Jeremy Allison at 2020-08-18T08:25:39+00:00
s3: libads: Add utility function ads_zero_ldap().
When initializing or re-initializing the ldap part of the ADS_STRUCT,
we should call this to ensure that ads->ldap.ss is correctly recognized
as a zero IPaddr by is_zero_addr(). It zeros out the ads->ldap but
then adds zero_sockaddr() to initialize as AF_INET. Otherwise it's
left by accident as AF_UNSPEC (0).
Not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
61895749 by Jeremy Allison at 2020-08-18T08:25:39+00:00
s3: libads: Where we implicitly zero out ads->ldap in ads_init() or ads_destroy() ensure we call ads_zero_ldap() after.
For ads_destroy(), this has a mode where the memory is not destroyed
but is being re-initialized. Horrid, but that's the way it works right
now.
This clears out the memory, but also leaves ads->ldap as a valid (zero) IPaddr.
Otherwise it's left by accident as AF_UNSPEC (0).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
6b47f3db by Jeremy Allison at 2020-08-18T08:25:39+00:00
s3: libads: In ads_connect(), and ads_disconnect(), replace ZERO_STRUCT(ads->ldap) with calls to ads_zero_ldap(ads)
This clears out the memory, but also leaves ads->ldap as a valid (zero) IPaddr.
Otherwise it's left by accident as AF_UNSPEC (0).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c863cc2b by Jeremy Allison at 2020-08-18T08:25:39+00:00
s3: libads: ads_connect can be passed in an ADS_STRUCT with an existing IP address.
ads_connect can be passed in a reused ADS_STRUCT
with an existing ads->ldap.ss IP address that
is stored by going through ads_find_dc()
if ads->server.ldap_server was NULL.
If ads->server.ldap_server is still NULL but
the target address isn't a zero ip address,
then store it off before zeroing out ads->ldap
so we don't keep doing multiple calls to
ads_find_dc() in the reuse case.
If a caller wants a clean ADS_STRUCT they
will re-initialize by calling ads_init(), or
call ads_destroy() both of which ensures
ads->ldap.ss is a correctly zero'ed out IP address
by using ads_zero_ldap().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
1d066f37 by Jeremy Allison at 2020-08-18T08:25:39+00:00
s3: libads: Don't re-do DNS lookups in ads_current_time() if not needed.
ADS_STRUCT may be being reused after a
DC lookup from ads_find_dc(), so ads->ldap.ss may already have a
good address (even if ads->server.ldap_server == NULL).
Only re-initialize the ADS_STRUCT and redo the ads_find_fc()
DNS lookups if we have to.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
cf0cfa03 by Jeremy Allison at 2020-08-18T09:46:28+00:00
s3: libads: Don't re-do DNS lookups in ads_domain_func_level() if not needed.
ADS_STRUCT may be being reused after a
DC lookup from ads_find_dc(), so ads->ldap.ss may already have a
good address (even if ads->server.ldap_server == NULL).
Only re-initialize the ADS_STRUCT and redo the ads_find_fc()
DNS lookups if we have to.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Aug 18 09:46:28 UTC 2020 on sn-devel-184
- - - - -
53b6dd95 by Andreas Schneider at 2020-08-19T05:21:40+00:00
s3:tests: Add test for 'valid users = DOMAIN\%U'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14467
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5de7c91e by Andreas Schneider at 2020-08-19T06:43:10+00:00
s3:smbd: Fix %U substitutions if it contains a domain name
'valid users = DOMAIN\%U' worked with Samba 3.6 and broke in a newer
version.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14467
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Aug 19 06:43:10 UTC 2020 on sn-devel-184
- - - - -
cf432bd4 by Andreas Schneider at 2020-08-19T16:22:39+00:00
libcli:smb2: Do not leak ptext on error
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
46142d83 by Andreas Schneider at 2020-08-19T16:22:40+00:00
libcli:smb2: Use talloc NULL context if we don't have a stackframe
If we execute this code from python we don't have a talloc stackframe
around and segfault with talloc_tos().
To fix the crash we use the NULL context as we take care for freeing the
memory as soon as possible.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
e9135035 by Stefan Metzmacher at 2020-08-19T16:22:40+00:00
auth:creds: Introduce CRED_SMB_CONF
We have several places where we check '> CRED_UNINITIALISED',
so we better don't use CRED_UNINITIALISED for values from
our smb.conf.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
bd5a8887 by Andreas Schneider at 2020-08-19T16:22:40+00:00
param: Add 'server smb encrypt' parameter
And this also makes 'smb encrypt' a synonym of that.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
f03bb8ad by Andreas Schneider at 2020-08-19T16:22:40+00:00
param: Create and use enum_smb_encryption_vals
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
58e31f78 by Andreas Schneider at 2020-08-19T16:22:40+00:00
s3:smbd: Use 'enum smb_encryption_setting' values
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
5a733c3c by Andreas Schneider at 2020-08-19T16:22:40+00:00
docs-xml: Add 'client smb encrypt'
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
93e97d5a by Andreas Schneider at 2020-08-19T16:22:40+00:00
lib:param: Add lpcfg_parse_enum_vals()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
e5247190 by Andreas Schneider at 2020-08-19T16:22:40+00:00
libcli:smb: Add smb_signing_setting_translate()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
4bf8a667 by Andreas Schneider at 2020-08-19T16:22:40+00:00
libcli:smb: Add smb_encryption_setting_translate()
Add encryption enum and function to avoid confusion when reading the
code.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
b0ae876a by Andreas Schneider at 2020-08-19T16:22:40+00:00
s3:lib: Use smb_signing_setting_translate for cmdline parsing
The function will be removed soon.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
59a1272a by Andreas Schneider at 2020-08-19T16:22:40+00:00
auth:creds: Remove unused credentials autoproto header
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
58e0abc5 by Andreas Schneider at 2020-08-19T16:22:40+00:00
auth:creds: Add cli_credentials_(get|set)_smb_signing()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
098774b2 by Andreas Schneider at 2020-08-19T16:22:40+00:00
auth:creds: Add python bindings for (get|set)_smb_signing
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
71d65278 by Andreas Schneider at 2020-08-19T16:22:41+00:00
auth:creds: Add cli_credentials_(get|set)_smb_ipc_signing()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ef12caea by Andreas Schneider at 2020-08-19T16:22:41+00:00
auth:creds: Add python bindings for (get|set)_smb_ipc_signing
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
836c5e01 by Andreas Schneider at 2020-08-19T16:22:41+00:00
auth:creds: Add cli_credentials_(get|set)_smb_encryption()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
66c9c68b by Andreas Schneider at 2020-08-19T16:22:41+00:00
auth:creds: Add python bindings for (get|set)_smb_encryption
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
84f1e468 by Andreas Schneider at 2020-08-19T16:22:41+00:00
auth:creds: Add python bindings for cli_credentials_set_conf()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0188885a by Andreas Schneider at 2020-08-19T16:22:41+00:00
auth:creds: Bump library version
We added new functions so bump the version.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
be9e60ef by Andreas Schneider at 2020-08-19T16:22:41+00:00
s3:lib: Use cli_credential_(get|set)_smb_signing()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
34a81eca by Andreas Schneider at 2020-08-19T16:22:41+00:00
s3:lib: Set smb encryption also via cli creds API
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
d55950b8 by Andreas Schneider at 2020-08-19T16:22:41+00:00
python: Remove unused sign argument from smb_connection()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
946e43f0 by Andreas Schneider at 2020-08-19T16:22:41+00:00
python: Set smb signing via the creds API
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c58a301c by Andreas Schneider at 2020-08-19T16:22:41+00:00
s3:libsmb: Introduce CLI_FULL_CONNECTION_IPC
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
8c06dc13 by Andreas Schneider at 2020-08-19T16:22:41+00:00
s3:pylibsmb: Add ipc=True support for CLI_FULL_CONNECTION_IPC
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
1a74c790 by Andreas Schneider at 2020-08-19T16:22:42+00:00
python:tests: Mark libsmb connection as an IPC connection
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
67323b1f by Andreas Schneider at 2020-08-19T16:22:42+00:00
python:tests: Set smb ipc signing via the creds API
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
62a4705d by Andreas Schneider at 2020-08-19T16:22:42+00:00
s3:libsmb: Use 'enum smb_signing_setting' in cliconnect.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
6f552204 by Andreas Schneider at 2020-08-19T16:22:42+00:00
s3:client: Turn off smb signing for message op
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
886f245a by Andreas Schneider at 2020-08-19T16:22:42+00:00
s3:libsmb: Remove signing_state from cli_full_connection_creds_send()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ba04151a by Andreas Schneider at 2020-08-19T16:22:42+00:00
s3:libsmb: Remove signing_state from cli_full_connection_creds()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
8a5bc0a6 by Stefan Metzmacher at 2020-08-19T16:22:42+00:00
s3:libsmb: Add encryption support to cli_full_connection_creds*()
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
5bff7a06 by Andreas Schneider at 2020-08-19T16:22:42+00:00
python: Add a test for SMB encryption
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
1acc6408 by Andreas Schneider at 2020-08-19T16:22:42+00:00
s3:net: Use cli_credentials_set_smb_encryption()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
d0062d31 by Andreas Schneider at 2020-08-19T16:22:42+00:00
s3:libsmb: Use cli_credentials_set_smb_encryption()
This also adds a SMBC_ENCRYPTLEVEL_DEFAULT to 'enum
smbc_smb_encrypt_level' in order to use the smb.conf default value.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
5698fb41 by Andreas Schneider at 2020-08-19T16:22:42+00:00
s3:client: Remove unused smb encryption code
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0d0a3bbc by Andreas Schneider at 2020-08-19T16:22:42+00:00
s3:utils: Remove obsolete force encryption from smbacls
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
85e2660b by Andreas Schneider at 2020-08-19T16:22:42+00:00
s3:utils: Remove obsolete force encryption from mdfind
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
2bf58f18 by Andreas Schneider at 2020-08-19T16:22:43+00:00
s3:utils: Remove obsolete force encryption from smbcquotas
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
29504508 by Andreas Schneider at 2020-08-19T16:22:43+00:00
s3:rpcclient: Remove obsolete force encryption from rpcclient
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
d7c3d86f by Andreas Schneider at 2020-08-19T16:22:43+00:00
examples: Remove obsolete force encryption from smb2mount
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
dd1cacb6 by Andreas Schneider at 2020-08-19T16:22:43+00:00
s3:libsmb: Make cli_cm_force_encryption_creds() static
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
e2287011 by Andreas Schneider at 2020-08-19T16:22:43+00:00
s4:libcli: Return NTSTATUS errors for smb_composite_connect_send()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
7387c1da by Andreas Schneider at 2020-08-19T16:22:43+00:00
s4:libcli: Return if encryption is requested for SMB1
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
6454ed76 by Andreas Schneider at 2020-08-19T16:22:43+00:00
s3:libcli: Split out smb2_connect_tcon_start()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
d546dd1e by Andreas Schneider at 2020-08-19T16:22:43+00:00
s4:libcli: Add smb2_connect_enc_start()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
81052e41 by Andreas Schneider at 2020-08-19T16:22:43+00:00
s4:libcli: Require signing for SMB encryption
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
7e3ceaec by Andreas Schneider at 2020-08-19T17:46:28+00:00
python:tests: Add test for SMB encrypted DCERPC connection
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Aug 19 17:46:28 UTC 2020 on sn-devel-184
- - - - -
a9b6a837 by Günther Deschner at 2020-08-20T12:55:23+00:00
docs: Add missing winexe manpage
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14318
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Aug 20 12:55:23 UTC 2020 on sn-devel-184
- - - - -
0a526483 by Volker Lendecke at 2020-08-20T17:20:29+00:00
torture: Add subunit output to ldap.basic test
The next commit will make this fail, and we need to detect this in
knownfail.d/ldap. Without subunit output filter-subunit won't find it..
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0c36316e by Volker Lendecke at 2020-08-20T17:20:29+00:00
torture: Pass DN and password to ldap.basic test
Without this, test_multibind() only gets NULL for userdn and password,
not doing what the test claims. This now fails, because our LDAP
server does not allow plain text binds.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c5e85f4b by Volker Lendecke at 2020-08-20T17:20:29+00:00
torture: Inline test_bind_simple()
Avoid losing the specific error code with this simple wrapper function
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ef57bc6d by Volker Lendecke at 2020-08-20T18:44:49+00:00
torture: Fix ldap.basic multibind test
It gets LDAP_STRONG_AUTH_REQUIRED from current AD servers
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Aug 20 18:44:49 UTC 2020 on sn-devel-184
- - - - -
7dc53599 by Andrew Bartlett at 2020-08-20T22:49:25+00:00
bootstrap: Fix spelling of README.md
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
- - - - -
0573c13d by Andrew Bartlett at 2020-08-20T22:49:25+00:00
bootstrap: Fix python dependencies
Python2 dependencies are removed and the RPM name of python-iso8601
is added to allow removal from third_party.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
- - - - -
091e1126 by Andrew Bartlett at 2020-08-20T22:49:26+00:00
Remove pyiso8601 from third_party
The trend has been to remove widely available packages from third_party/
This module is both widely available, and only needed for --enable-selftest
It is, strangely enough, a BuildDependes in the RHEL/Fedora packages
just to stop it being installed in third_party.
The check for iso8601 being available is moved to python/wscript
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
- - - - -
2420b7c6 by Andrew Bartlett at 2020-08-20T22:49:26+00:00
python: Add checks for some more required python packages
This catches the most important packages we require, but
this may not be the full list.
python-gpg is not listed as we have a big workaround handler
for this in samba-tool.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
- - - - -
4dbe8d11 by Andrew Bartlett at 2020-08-21T00:12:51+00:00
python: Remove remaining references to third_party python libs
For now at least we do not have any in third_party.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Aug 21 00:12:52 UTC 2020 on sn-devel-184
- - - - -
c8c2f8ba by Volker Lendecke at 2020-08-21T19:14:32+00:00
build: Wrap a long line
There will be another entry in the next commit
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
35c4bb0b by Volker Lendecke at 2020-08-21T19:14:32+00:00
torture: Test ldap session expiry
LDAP connections should time out when the kerberos ticket used to authenticate
expires. Windows does this with a RFC4511 section 4.4.1 message (that as of
August 2020 is encoded not according to the RFC) followed by a TCP disconnect.
ldb sees the section 4.4.1 as a protocol violation and returns
LDB_ERR_PROTOCOL_ERROR.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
77f72fb0 by Volker Lendecke at 2020-08-21T19:14:32+00:00
ldap_server: Add the krb5 expiry to conn->limits
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
eb72f887 by Volker Lendecke at 2020-08-21T19:14:32+00:00
ldap_server: Terminate LDAP connections on krb ticket expiry
See RFC4511 section 4.4.1 and
https://lists.samba.org/archive/cifs-protocol/2020-August/003515.html
for details: Windows terminates LDAP connections when the krb5 ticket
expires, Samba should do the same. This patch slightly deviates from
Windows behaviour by sending a LDAP exop response with msgid 0 that is
ASN1-encoded conforming to RFC4511.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
b85dbc9c by Volker Lendecke at 2020-08-21T19:14:32+00:00
tldap: Only free() ld->pending if "req" is part of it
Best reviewed with "git show -U10". We need to check that "req" is
actually the last request that is being freed before freeing the whole
array.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
f816ccb8 by Volker Lendecke at 2020-08-21T19:14:33+00:00
tldap: Fix tldap_msg_received()
The callback of "req" might have destroyed "ld", we can't reference
this anymore after calling tevent_req_done(req). Defer calling the
callbacks, which also means that the callbacks can't have added
anything to ld->pending.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
14f6d199 by Volker Lendecke at 2020-08-21T19:14:33+00:00
tldap: Always remove ourselves from ld->pending at cleanup time
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
cb852c9d by Volker Lendecke at 2020-08-21T19:14:33+00:00
tldap: Maintain the ldap read request in tldap_context
Required for proper connection rundown, we need to TALLOC_FREE() the
read request before shutting down the tstream
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
f745f5b1 by Volker Lendecke at 2020-08-21T19:14:33+00:00
tldap: Centralize connection rundown on error
Whenever send or recv return -1, we have to cancel all pending
requests and our transport stream is no longer usable: Discard it upon
such an error.
To avoid duplicate state, tldap_connection_ok() now looks at whether
we have a tstream_context around.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
2a2a6b27 by Volker Lendecke at 2020-08-21T19:14:33+00:00
tldap: Make sure all requests are cancelled on rundown
Put messages into the ld->pending array before sending them out, not
after they have been sent.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
a2b281be by Volker Lendecke at 2020-08-21T19:14:33+00:00
tldap: Add PRINTF_ATTRIBUTE declaration to tldap_debug()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
7af2df01 by Stefan Metzmacher at 2020-08-21T19:14:33+00:00
idmap_ad: Pass tldap debug messages on to DEBUG()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
a4ecd112 by Volker Lendecke at 2020-08-21T19:14:33+00:00
test: Test winbind idmap_ad ticket expiry behaviour
We need to make sure that winbind's idmap_ad deals fine with an
expired krb ticket used to connect to AD via LDAP. In a customer
situation we have seen the RFC4511 section 4.4.1 unsolicited ldap exop
response coming through, but the TCP disconnect that Windows seems to
do after that did not make it. Winbind deals fine with a TCP
disconnect, but right now it does not handle just the section 4.4.1
response properly: It completely hangs.
This test requests a ticket valid for 5 seconds and makes the LDAP
server postpone the TCP disconnect after the ticket expiry for 10
seconds. The tests that winbind reacts to the ticket expiry exop
response by making sure in this situation the wbinfo call running into
the issue takes less than 8 seconds. If it did not look at the expiry
exop response, it would take more than 10 seconds.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
ccaf661f by Volker Lendecke at 2020-08-21T20:37:24+00:00
tldap: Receiving "msgid == 0" means the connection is dead
We never use msgid=0, see tldap_next_msgid(). RFC4511 section 4.4.1
says that the unsolicited disconnect response uses msgid 0. We don't
parse this message, which supposedly is an extended response: Windows
up to 2019 sends an extended response in an ASN.1 encoding that does
not match RFC4511.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14465
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Aug 21 20:37:25 UTC 2020 on sn-devel-184
- - - - -
7afe449e by Douglas Bagnall at 2020-08-23T22:55:29+00:00
s4: dns: Ensure variable initialization with NULL.
Ensure no use after free.
Based on patches from Francis Brosnan Blázquez <francis at aspl.es>
and Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12795
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
df98e7db by Douglas Bagnall at 2020-08-24T00:21:41+00:00
s4/dns: do not crash when additional data not found
Found by Francis Brosnan Blázquez <francis at aspl.es>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12795
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Mon Aug 24 00:21:41 UTC 2020 on sn-devel-184
- - - - -
d64886f3 by Douglas Bagnall at 2020-08-24T01:46:29+00:00
tests/vlv: remove redundant assignments
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3c026ba4 by Douglas Bagnall at 2020-08-24T01:46:29+00:00
tests/vlv: attempt to cause trouble by changing sort attribute
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
4a252f6e by David Mulder at 2020-08-24T01:46:30+00:00
python compat: remove ConfigParser
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7dabe5ac by Christof Schmitt at 2020-08-24T01:46:30+00:00
lib/util: Remove unnecessary semicolon from wscript_build
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
40afb0bb by Christof Schmitt at 2020-08-24T01:46:30+00:00
lib/util: Fix cleanup in unit test
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c057586f by Christof Schmitt at 2020-08-24T01:46:30+00:00
lib/util: Remove wrong return statement in unit test
Fixes CID 1466195
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d3109a11 by Christof Schmitt at 2020-08-24T03:10:09+00:00
lib/util: Move cleanup for unit test in teardown function
Where to call rmdir does not matter, but that should avoid the TOCTOU
warning from CID 1466194 and might be slightly cleaner.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Aug 24 03:10:09 UTC 2020 on sn-devel-184
- - - - -
9d935795 by Mathieu Parent at 2020-08-25T04:23:19+00:00
Fix FTBFS / Increase the over-estimation for sparse files
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14418
Signed-off-by: Mathieu Parent <math.parent at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Aug 25 04:23:19 UTC 2020 on sn-devel-184
- - - - -
928fb892 by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - Remove one call to set_socket_addr_v4().
The stack variable sockaddr_storage ss wasn't being used at all.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
fbc65a24 by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - change parameter and callers of set_socket_addr_v4() to samba_sockaddr.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
e3d9962e by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - Longlines cleanup for README.Coding standards.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
fa6d5bb3 by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - make node_status_query_send() use samba_sockaddr internally.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
d67c4a84 by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - make name_status_lmhosts() use samba_sockaddr internally.
Use existing utility function instead of direct memcmp.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
0ef885c0 by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - make name_query_send() use samba_sockaddr internally.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
a559eebc by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - convert addr_compare() to using samba_sockaddr internally.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
2056b0d9 by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - Use samba_sockaddr as intended in resolve_name() to make ugly casts go away.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
54454b30 by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - Remove two more sockaddr casts inside remove_duplicate_addrs2().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
189c7410 by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - Remove the last two sockaddr casts in namequery.c in name_query_validator().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
5151278c by Jeremy Allison at 2020-08-25T16:21:32+00:00
s3: libsmb: Cleanup - Remove a union in sock_packet_read_got_socket() that was an early attempt a samba_sockaddr.
Just use samba_sockaddr.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
a388f791 by Jeremy Allison at 2020-08-25T16:21:33+00:00
s3: libsmb: Cleanup - Pass samba_sockaddr directly to nb_trans_send().
Saves an ugly internal cast. We know this must be AF_INET.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
ce84521c by Jeremy Allison at 2020-08-25T16:21:33+00:00
s3: libads: Cleanup - Remove two more ugly const struct sockaddr * casts in get_kdc_ip_string().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
- - - - -
102e2a26 by Jeremy Allison at 2020-08-25T17:43:17+00:00
s3: libsmb: Cleanup - remove an ugly sockaddr_in cast inside resolve_wins_send().
Use samba_sockaddr for its intended purpose.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: David Mulder <dmulder at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Aug 25 17:43:17 UTC 2020 on sn-devel-184
- - - - -
49f58b2b by Andrew Bartlett at 2020-08-26T01:57:33+00:00
oss-fuzz: Try harder to ensure we always fail fast
During a previous attempt to fix the LANG= issue I changed
the script invocation to be via a shell, so the set -x et al
ensures these are always in place and we fail fast
rather than failures only being detected by lack of output.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
830c0206 by Andrew Bartlett at 2020-08-26T03:20:45+00:00
oss-fuzz: Ensure a UTF8 locale is set for the samba build
This ensures that LANG=en_US.UTF8 is set, which
Samba's build system needs to operate in UTF8 mode.
The change to use flex to generate code meant that this
difference between GitLab CI and oss-fuzz was exposed.
REF: https://github.com/google/oss-fuzz/pull/4366
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Aug 26 03:20:46 UTC 2020 on sn-devel-184
- - - - -
e9137a9e by Rowland Penny at 2020-08-26T04:44:51+00:00
docs-xml: pam_winbind manpage: grammar and typos
Signed-off-by: Rowland Penny <rpenny at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Aug 26 04:44:51 UTC 2020 on sn-devel-184
- - - - -
09fba1f3 by Andreas Schneider at 2020-08-26T08:39:29+00:00
selftest: Catch exception from dns_hub.py
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
fbe58531 by Andreas Schneider at 2020-08-26T09:59:28+00:00
third_party: Update resolv_wrapper to version 1.1.7
This fixes some Samba tests which redirect stderr to stdout and then get
more messages than expected.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Aug 26 09:59:28 UTC 2020 on sn-devel-184
- - - - -
42d01987 by Jeremy Allison at 2020-08-27T06:52:30+00:00
s3: libsmb: Inside get_dc_list() move one more sockaddr_storage -> samba_sockaddr.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
f8b7ee02 by Jeremy Allison at 2020-08-27T08:16:37+00:00
s3: libsmb: Remove one more ugly sockaddr cast in resolve_name_list() by converting to samba_sockaddr.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Aug 27 08:16:37 UTC 2020 on sn-devel-184
- - - - -
5249727f by David Mulder at 2020-08-27T15:59:32+00:00
Add WHATSNEW section on Client Group Policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4148af12 by David Mulder at 2020-08-27T15:59:32+00:00
gpo: Test rsop output for Sudoers policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
bc38d3af by David Mulder at 2020-08-27T15:59:32+00:00
gpo: Add rsop output for Sudoers policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0a7e2e39 by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Clarify the contents of deleted_gpo_list in process_group_policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
0544237e by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Avoid using distutils since it will be deprecated
We shouldn't use distutils.spawn.find-executable
here, since its use is discouraged:
https://docs.python.org/3/library/distutils.html
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7acbb440 by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Cleanup script policy test
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7c6969e9 by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Cleanup sudoers policy test
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
87fe8627 by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Script ext should not crash if script missing
If a user has manually removed a script, the
extension should not crash in an unapply removing
it.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
8626910c by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Sudoers ext should not crash if policy missing
If a user has manually removed a policy, the
extension should not crash in an unapply removing
it.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7e507dd8 by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Test multiple extention unapply
Verify that an unapply of multiple extentions
deletes the script files and policy settings.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c887f7a7 by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Fix unapply failure when multiple extensions run
When multiple Group Policy Extensions are present,
only the last executed extension saves it's
changes to the Group Policy Database, due to the
database being loaded seperately for each
extension.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7d6d160a by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Display Security Extension RSOP on ADDC only
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5128dc7d by David Mulder at 2020-08-27T15:59:33+00:00
gpo: Move gp_sec_ext conversion functions to top
These functions don't actually use self, so can
be moved to top level functions.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ab347c86 by David Mulder at 2020-08-27T15:59:33+00:00
gpo: gp_krb_ext always uses set_kdc_tdb to update
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
cb994bef by David Mulder at 2020-08-27T15:59:34+00:00
gpo: Add admx files for smb.conf parameters
Administrative Template (admx) files are
installed to the sysvol central store, and
apply Group Policy settings to the sysvol, via
the Group Policy Management Console (gpmc).
These admx files add smb.conf settings to the
gpmc.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
37661d1a by David Mulder at 2020-08-27T15:59:34+00:00
gpo: Test Group Policy smb.conf Extension
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
3303869c by David Mulder at 2020-08-27T15:59:34+00:00
gpo: Add CSE for applying smb.conf
Add an extension that applies smb.conf params
applied via the smb.conf admx files.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
101b5f17 by David Mulder at 2020-08-27T15:59:34+00:00
GPO: Test rsop output for smb.conf policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
fee00231 by David Mulder at 2020-08-27T15:59:34+00:00
GPO: Add rsop output for smb.conf policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e8757e0d by David Mulder at 2020-08-27T15:59:34+00:00
gpo: Test Group Policy Message of the day
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a4f598fd by David Mulder at 2020-08-27T15:59:34+00:00
gpo: Apply Group Policy Message of the day
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b76d55cc by David Mulder at 2020-08-27T15:59:34+00:00
gpo: Test Group Policy Login Prompt Message
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1544929f by David Mulder at 2020-08-27T15:59:34+00:00
gpo: Apply Group Policy Login Prompt Message
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
2ef88466 by David Mulder at 2020-08-27T15:59:34+00:00
GPO: Test rsop output for Messages policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
811e2f55 by David Mulder at 2020-08-27T17:19:48+00:00
GPO: Add rsop output for Messages policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): David Mulder <dmulder at samba.org>
Autobuild-Date(master): Thu Aug 27 17:19:48 UTC 2020 on sn-devel-184
- - - - -
afb5cee6 by Andreas Schneider at 2020-08-27T21:59:16+00:00
s3:smbd: Fix strict aliasing in get_socket_port()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Aug 27 21:59:17 UTC 2020 on sn-devel-184
- - - - -
87bf6aa7 by Matthew DeVore at 2020-08-28T00:56:34+00:00
s3: safe_string: remove unnecessary include
safe_string.h is only included by source3/include/includes.h, which
already includes ntstatus.h, so it is not necessary to include it
from within safe_string.h.
Signed-off-by: Matthew DeVore <matvore at google.com>
Reviewed-by: David Mulder <dmulder at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d485f369 by Matthew DeVore at 2020-08-28T00:56:34+00:00
lib/util: do not make string_wrappers.h public
string_wrappers.h is a collection of macros. All but one of the macros
rely on symbols not defined in public headers, so it is not useful as a
public header.
For instance, fstring is defined in includes.h. PTR_DIFF is defined in
lib/util/memory.h, which is not public.
checked_strlcpy is actually self-contained and is usable outside of a
Samba build, but without a Samba config.h, it is just aliased to
strlcpy.
Signed-off-by: Matthew DeVore <matvore at google.com>
Reviewed-by: David Mulder <dmulder at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1fde7db3 by Matthew DeVore at 2020-08-28T00:56:34+00:00
string_wrappers: include replace.h
To ensure we always get the right value for the config.h macro
`HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS`, #include "lib/util/replace.h"
rather than rely on it being included by the API user.
Signed-off-by: Matthew DeVore <matvore at google.com>
Reviewed-by: David Mulder <dmulder at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c2ac923c by Matthew DeVore at 2020-08-28T00:56:34+00:00
s3: safe_string: do not include string_wrappers.h
Rather than have safe_string.h #include string_wrappers.h, make users of
string_wrappers.h include it explicitly.
includes.h now no longer includes string_wrappers.h transitively. Still
allow includes.h to #include safe_string.h for now so that as many
modules as possible get the safety checks in it.
Signed-off-by: Matthew DeVore <matvore at google.com>
Reviewed-by: David Mulder <dmulder at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
232054c0 by Matthew DeVore at 2020-08-28T02:18:40+00:00
lib/util: remove extra safe_string.h file
lib/util/safe_string.h is similar to source3/include/safe_string.h, but
the former has fewer checks. It is missing bcopy, strcasecmp, and
strncasecmp.
Add the missing elements to lib/util/safe_string.h remove the other
safe_string.h which is in the source3-specific path. To accomodate
existing uses of str(n?)casecmp, add #undef lines to source files where
they are used.
Signed-off-by: Matthew DeVore <matvore at google.com>
Reviewed-by: David Mulder <dmulder at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Aug 28 02:18:40 UTC 2020 on sn-devel-184
- - - - -
560fe7b3 by Stefan Metzmacher at 2020-08-31T11:57:01+00:00
s3:selftest: also run durable_v2_reconnect_delay_msec in samba3.blackbox.durable_v2_delay
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
444f2bed by Stefan Metzmacher at 2020-08-31T11:57:01+00:00
s3:share_mode_lock: reproduce problem with stale disconnected share mode entries
This reproduces the origin of "PANIC: assert failed in get_lease_type()"
(https://bugzilla.samba.org/show_bug.cgi?id=14428).
share_mode_cleanup_disconnected() removes disconnected entries from
leases.tdb and brlock.tdb but not from locking.tdb.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
deb2f782 by Stefan Metzmacher at 2020-08-31T11:57:01+00:00
s3:share_mode_lock: let share_mode_forall_entries/share_entry_forall evaluate e.stale first
It's not really clear why e.stale would be ignored if *modified is set
to true.
This matches the behavior of share_mode_entry_do()
This also makes sure we see the removed entry in level 10 logs again.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
4d740ac2 by Stefan Metzmacher at 2020-08-31T11:57:01+00:00
s3:share_mode_lock: consistently debug share_mode_entry records
share_mode_entry_do(), share_mode_forall_entries() and
share_entry_forall() print the record before the callback is called
and when it was modified or deleted.
This makes it much easier to debug problems.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
1aa1ac97 by Stefan Metzmacher at 2020-08-31T11:57:01+00:00
s3:share_mode_lock: add missing 'goto done' in share_mode_cleanup_disconnected()
When cleanup_disconnected_lease() fails we should stop,
at least we do that if brl_cleanup_disconnected() fails.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
b5c0874f by Stefan Metzmacher at 2020-08-31T11:57:01+00:00
s3:share_mode_lock: make sure share_mode_cleanup_disconnected() removes the record
This fixes one possible trigger for "PANIC: assert failed in get_lease_type()"
https://bugzilla.samba.org/show_bug.cgi?id=14428
This is no longer enough to remove the record:
d->have_share_modes = false;
d->modified = true;
Note that we can remove it completely from
share_mode_cleanup_disconnected() as
share_mode_forall_entries() already sets it
when there are no entries left.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
b02f1d67 by Stefan Metzmacher at 2020-08-31T13:34:17+00:00
s3:share_mode_lock: remove unused reproducer for bug #14428
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Aug 31 13:34:17 UTC 2020 on sn-devel-184
- - - - -
05de29a4 by Noel Power at 2020-08-31T17:44:38+00:00
python/samba/tests/blackbox: Fix undetected deltree fail
With msdfs root share smbclient deltree command can fail without
setting the errorcode (e.g. when do_list encounters an error it will
log a warning message and continue rather than error out fatally)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8826d74a by Noel Power at 2020-08-31T17:44:38+00:00
python/samba/tests:blackbox: Fix local file delete test tree fallback
Wrong indentation ensures the fallback where we use file system removal
of test files if the test's tearDown method fails.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c681f5bf by Noel Power at 2020-08-31T17:44:38+00:00
python/samba/tests/blackbox: Preparatory change to support custom share
tearDown method doesn't handle local file deletion fallback if a share
other than 'tmp' is used
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0248fdd0 by Noel Power at 2020-08-31T17:44:38+00:00
add new '--propagate-inheritance' option for smbcacls
smbcacls now can take a '--propagate-inheritance' flag to indicate that the
add, delete, modify and set operations now support automatic propagation of
inheritable ACE(s)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8c581758 by David Disseldorp at 2020-08-31T17:44:38+00:00
doc: describe smbcacls --propagate-inheritance
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c4707e1d by Noel Power at 2020-08-31T17:44:38+00:00
doc: describe smbcacls --propagate-inheritance expanding INHERITANCE section
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7faab75b by Noel Power at 2020-08-31T17:44:38+00:00
python/samba/tests/blackbox: python smbcacls '--propagate-inherit' test
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
28719f3e by Noel Power at 2020-08-31T17:44:38+00:00
s3/utils: If dfs path is an ordinary path then really just return it
In cli_resolve_path if the share was a root dfs share then any self
hosted dfs paths end up not being returned as is but being decorated
with fileserver and share. This file path is not suitable for
passing to cli_list so we adjust it here.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5b04affc by Noel Power at 2020-08-31T17:44:38+00:00
s3/utils: restore client share connection after call to sec_desc_parse
This normally isn't a problem *except* for when the share is a dfs root
(which results in cli_resolve_patch creating an incorrect path)
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e3079c53 by Noel Power at 2020-08-31T19:09:24+00:00
python/samba/tests/blackbox: Tests with nested DFS container
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Aug 31 19:09:24 UTC 2020 on sn-devel-184
- - - - -
2e37d224 by Gary Lockyer at 2020-08-31T21:06:29+00:00
Fix clang 9 format-nonliteral warning
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9c3ff1b9 by Douglas Bagnall at 2020-08-31T21:06:29+00:00
lib/util/asn1: avoid technically undefined shift
UBSAN says
runtime error: left shift of 255 by 24 places cannot be represented in type 'int'
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22889
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
0c461f3b by Douglas Bagnall at 2020-08-31T22:31:13+00:00
lzxpress: avoid technically undefined shift
UBSAN:
runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Credit to OSS-fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22283
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Aug 31 22:31:13 UTC 2020 on sn-devel-184
- - - - -
38fcad60 by David Mulder at 2020-09-02T09:11:29+00:00
samba-tool: Test creating unix user with modified template homedir
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
07ce4808 by David Mulder at 2020-09-02T09:11:29+00:00
samba-tool: Create unix user with modified template homedir
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dff01a5e by David Mulder at 2020-09-02T09:11:30+00:00
gpo: Test rsop function for success
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
11f97148 by David Mulder at 2020-09-02T09:11:30+00:00
gpo: Pass necessary parameters to rsop
These parameters were missed by mistake when exts
were modified to be initialized within the rsop
command. Fixes an exception thrown when executing
samba-gpupdate --rsop:
Traceback (most recent call last):
File "/usr/sbin/samba-gpupdate", line 99, in <module>
rsop(lp, creds, gp_extensions, opts.target)
File "/usr/lib64/python3.8/site-packages/samba/gpclass.py", line 512, in rsop
ext = ext(logger, lp, creds, store)
NameError: name 'logger' is not defined
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1ba15c45 by David Mulder at 2020-09-02T09:11:30+00:00
GPO: Update the samba-gpupdate man page
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
50d900b6 by Volker Lendecke at 2020-09-02T10:35:53+00:00
tests: Make sure that idmap_ad retrieves unix nss attributes
Make sure that unix_primary_group and unix_nss_info idmap_ad options
work. We have two domains here and test wbinfo -i for both domains, so
we also run the test without those options for the trusted domain.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 2 10:35:53 UTC 2020 on sn-devel-184
- - - - -
b6805d5e by David Disseldorp at 2020-09-02T16:24:50+00:00
build: toggle vfs_snapper using --with-shared-modules
7ae03a19b3c ("build: add configure option to control vfs_snapper build")
added new --enable-snapper and --disable-snapper configure parameters to
control whether the vfs_snapper module was built.
The new parameters conflicted with existing
--with-shared-modules=[!]vfs_snapper behaviour.
This change reinstates working --with-shared-modules=[!]vfs_snapper
functionality. vfs_snapper stays enabled by default, but only on Linux.
Linux systems lacking the dbus library and header files should
explicitly disable the module via --with-shared-modules=!vfs_snapper as
documented.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14437
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Wed Sep 2 16:24:50 UTC 2020 on sn-devel-184
- - - - -
ff39211d by David Disseldorp at 2020-09-03T12:10:35+00:00
build: avoid unnecessary TO_LIST() calls for static strings
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
12fbd5dc by David Disseldorp at 2020-09-03T13:33:54+00:00
build: avoid some unnecessary list.extend() calls
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Thu Sep 3 13:33:54 UTC 2020 on sn-devel-184
- - - - -
bd9f64d1 by Hezekiah at 2020-09-04T16:57:30+00:00
Fixed arrow keys typo to the computer move command utility
Signed-off-by: Hezekiah <hezekiahmaina3 at gmail.com>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Fri Sep 4 16:57:30 UTC 2020 on sn-devel-184
- - - - -
9cf1aecd by Andreas Schneider at 2020-09-07T08:03:38+00:00
s3:libads: Remove DES legacy types for Kerberos
We already removed DES support for Kerberos in Samba 4.12.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
a5303967 by Andreas Schneider at 2020-09-07T08:03:38+00:00
s3:libads: Only add RC4 if weak crypto is allowed
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
- - - - -
6444a743 by Andreas Schneider at 2020-09-07T09:25:33+00:00
s3:libads: Also add a realm entry for the domain name
This is required if we try to authenticate as Administrator at DOMAIN so it
can find the KDC. This fixes 'net ads join' for ad_member_fips if we
require Kerberos auth.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14479
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Sep 7 09:25:33 UTC 2020 on sn-devel-184
- - - - -
b716dbc9 by Stefan Metzmacher at 2020-09-07T12:02:15+00:00
python/tests/gpo: this should fix a Popen deadlock
It is inspired by commit 5dc773a5b00834c7a53130a73a48f49048bd55e8
Author: Joe Guo <joeg at catalyst.net.nz>
Date: Fri Sep 15 16:13:26 2017 +1200
python: use communicate to fix Popen deadlock
`Popen.wait()` will deadlock when using stdout=PIPE and/or stderr=PIPE and the
child process generates large output to a pipe such that it blocks waiting for
the OS pipe buffer to accept more data. Use communicate() to avoid that.
Signed-off-by: Joe Guo <joeg at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Oct 19 09:27:16 CEST 2017 on sn-devel-144
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
e0e51632 by Stefan Metzmacher at 2020-09-07T12:02:15+00:00
bootstrap: document git push -o ci.variable='SAMBA_CI_REBUILD_IMAGES=yes'
This is much easier than going through the web interface.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
896b7bbc by Stefan Metzmacher at 2020-09-07T12:02:15+00:00
bootstrap: install perl-JSON on on rpm distributions
This will be needed for the next heimdal import.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5fc3a71d by David Mulder at 2020-09-07T12:02:15+00:00
waf: upgrade to 2.0.20
This contain an important change:
"Fix gccdeps.scan() returning nodes that no longer exist on disk."
https://gitlab.com/ita1024/waf/-/merge_requests/2293
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
b34e8dc8 by Stefan Metzmacher at 2020-09-07T12:02:15+00:00
auth:gensec: Add gensec_security_sasl_names()
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
5e3363e0 by Stefan Metzmacher at 2020-09-07T12:02:15+00:00
s4:ldap_server: Use samba_server_gensec_start() in ldapsrv_backend_Init()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
2186d413 by Stefan Metzmacher at 2020-09-07T12:02:15+00:00
auth:gensec: Make gensec_use_kerberos_mechs() a static function
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
a33a40bb by Stefan Metzmacher at 2020-09-07T12:02:15+00:00
auth:gensec: Pass use_kerberos and keep_schannel to gensec_use_kerberos_mechs()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
515cffb1 by Stefan Metzmacher at 2020-09-07T12:02:15+00:00
auth:gensec: If Kerberos is required, keep schannel for machine account auth
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
- - - - -
2c00bea2 by Andreas Schneider at 2020-09-07T12:02:15+00:00
auth:creds: Add cli_credentials_init_server()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
6c94ebf7 by Andreas Schneider at 2020-09-07T12:02:15+00:00
s4:rpc_server: Use cli_credentials_init_server()
Signed-off-by: Andreas Schneider <asn at samba.org>
- - - - -
0b742ec6 by Andreas Schneider at 2020-09-07T13:22:26+00:00
s4:smb_server: Use cli_credentials_init_server() for negprot
Signed-off-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Sep 7 13:22:26 UTC 2020 on sn-devel-184
- - - - -
f11dce99 by Jeremy Allison at 2020-09-07T13:23:39+00:00
s3: libsmb: discover_dc_netbios(). Remember to free on error return.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
c4c00d62 by Jeremy Allison at 2020-09-07T13:23:39+00:00
s3: libsmb: Cleanup - ensure we initialize all stack variables to 'safe' values when calling get_kdc_list() that may not touch returns on error.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
13acac25 by Jeremy Allison at 2020-09-07T13:23:39+00:00
s3: libsmb: Cleanup - ensure we initialize all stack variables to 'safe' values when calling get_sorted_dc_list() that may not touch returns on error.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
b95eea6b by Noel Power at 2020-09-07T13:23:39+00:00
s3: libsmb: Cleanup - ensure we initialize all stack variables to 'safe' values when calling resolve_name_list()
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6c28d715 by Jeremy Allison at 2020-09-07T13:23:40+00:00
s3: libsmb: Cleanup - correctly error on sockaddr_storage_to_samba_sockaddr() fail.
Instead of jumping out and leaking the memory onto ctx,
skip bad conversions and error out if there are no addresses
to return (and cleanup the memory there).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
a4073ae5 by Noel Power at 2020-09-07T13:23:40+00:00
s3: libsmb: Cleanup in resolve_name_list().
Don't modify out params (unless successful result).
Signed-off-by: Noel Power <npower at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6bee431b by Jeremy Allison at 2020-09-07T13:23:40+00:00
s3: libsmb: Cleanup - Use helper variable for return from namecache_fetch() in internal_resolve_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
02016acb by Jeremy Allison at 2020-09-07T13:23:40+00:00
s3: libsmb: Add utility funtion dup_ip_service_array().
Preparing to return ip_service arrays as talloc, not
malloc. Commented out as not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
e8a49169 by Jeremy Allison at 2020-09-07T13:23:40+00:00
s3: libsmb: Add get_kdc_list_talloc().
Talloc version of get_kdc_list(). Makes use of dup_ip_service_array().
Now to move the callers.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
8e1b6602 by Jeremy Allison at 2020-09-07T13:23:40+00:00
s3: libads: Make get_kdc_ip_string() use get_kdc_list_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
9d62c3e9 by Noel Power at 2020-09-07T13:23:40+00:00
s3/libads: Only set result to kdc_str on success
Prior to this change result was set even when any or all errors
occured in the function.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5307b0e3 by Noel Power at 2020-09-07T13:23:40+00:00
s3/libads: Cleanup() get_kdc_ip_string, free kdc_str on error
kdc_str will be cleaned up when the passed ctx is freed,
it just seems odd that we now return NULL without cleaning up allocated mem.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
11226af3 by Jeremy Allison at 2020-09-07T13:23:40+00:00
s3: utils: net_lookup. Convert to use get_kdc_list_talloc().
No more users of get_kdc_list().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
b7182c44 by Jeremy Allison at 2020-09-07T13:23:40+00:00
s3: libsmb: Remove now unused get_kdc_list() (non-talloc version).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
6deb23c6 by Jeremy Allison at 2020-09-07T13:23:40+00:00
s3: libads: Rename get_kdc_list_talloc() -> get_kdc_list().
It's the only version now.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
f305a140 by Jeremy Allison at 2020-09-07T13:23:40+00:00
s3: libsmb: Add get_sorted_dc_list_talloc().
Talloc version of get_sorted_dc_list_talloc().
Makes use of dup_ip_service_array().
Now to move the callers.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
fbc20318 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libads: Move callers of get_sorted_dc_list() -> get_sorted_dc_list_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
b4164093 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: Move callers of get_sorted_dc_list() -> get_sorted_dc_list_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
1d6c3c2d by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: net lookup: Move callers of get_sorted_dc_list() -> get_sorted_dc_list_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
e8b71624 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: winbindd: Move callers of get_sorted_dc_list() -> get_sorted_dc_list_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
a0984e50 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: Remove get_sorted_dc_list().
No more callers.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
23fb64f3 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: Rename get_sorted_dc_list_talloc() -> get_sorted_dc_list()
There are no non-talloc callers.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
3b3f92a2 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: Cleanup - rename ctx -> frame for a talloc_stackframe to match modern coding standards.
We will be passing in a real TALLOC_CTX soon.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
b9bc1e59 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: Change to an early return in get_dc_list().
No logic change. Will make later code changes clearer.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
46f7ab8f by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: Change get_dc_list() to return a size_t count parameter.
Remove paranoia checks and casts from callers, move internally.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
973ca8a5 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: Cleanup - use early return in get_dc_list().
No logic change. Makes later code changes clearer.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
c0ccdd70 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: Make get_dc_list() internal to namequery.c return talloc'ed ip_service array.
Moving closer to the target of making internal_resolve_name()
use talloc.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
c6fc75a7 by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: namequery - Add internal_resolve_name_talloc().
This is a wrapper function for internal_resolve_name()
that converts the replies from malloc() -> talloc().
Now to move the callers, and I can move the talloc
code down one level again.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
e18eb94f by Jeremy Allison at 2020-09-07T13:23:41+00:00
s3: libsmb: namequery - Make resolve_name() use internal_resolve_name_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
505272a8 by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Make resolve_name_list() use internal_resolve_name_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
12e346d9 by Noel Power at 2020-09-07T13:23:42+00:00
s3/libsmb: resolve_name_list don't update out params except for success
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
55b589e9 by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Make find_master_ip() use internal_resolve_name_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
37eaee03 by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Make get_pdc_ip() use internal_resolve_name_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
fed4b634 by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Make get_dc_list() use internal_resolve_name_talloc().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
a16d023c by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Make discover_dc_netbios() use internal_resolve_name_talloc()..
No more external users of internal_resolve_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
e5fd57d6 by Noel Power at 2020-09-07T13:23:42+00:00
s3/libsmb: Cleanup, don't modify out params except on success
All callers don't use out params on failure.
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a68d329b by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Remove internal_resolve_name() externally. All callers now use internal_resolve_name_talloc().
Make the wrapped internal_resolve_name() function static as _internal_resolve_name().
Now we can rename the callers back from internal_resolve_name_talloc() -> internal_resolve_name()
as all external callers are talloc-based.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
f5bb322e by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Rename internal_resolve_name_talloc() -> internal_resolve_name().
No more non-talloc callers.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
e065fc8e by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Move talloc_stackframe() initialization to the front of _internal_resolve_name().
Ensure we free correctly on all exit paths.
This will allow us to move the internal calls to
talloc more easily.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
aa20df21 by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Change remove_duplicate_addrs2() to take and return size_t, not int.
Will make converting _internal_resolve_name() to return a size_t easier.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
9ffb1885 by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Cleanup the code to do one address return given an IP address to _internal_resolve_name().
Will make easier to move to talloc later.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
4d4bf8ee by Jeremy Allison at 2020-09-07T13:23:42+00:00
s3: libsmb: Convert namecache_fetch() and it's only caller to return a talloc'ed array of struct samba_sockaddr.
Eventually everything will be talloced arrays of samba_sockaddr.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
f39ff136 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: _internal_resolve_name(). Remove unused free(s).
*return_iplist is guaranteeded to be always NULL here.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
cb01b5e4 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: Make namecache_store() take an unsigned count.
Counts can never be negative.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
9e4b5349 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: Change convert_ss2service() and it's one caller to take and return unsigned counts.
Getting closer to making _internal_resolve_name() return a pointer to size_t
for a count.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
6b0b7261 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: Cleanup coding in convert_ss2service().
Will make it easier to return a talloc'ed array.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
e68e0402 by Noel Power at 2020-09-07T13:23:43+00:00
s3/libsmb: Cleanup coding in convert_ss2service()
Don't update out params when unsuccessful
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5e819231 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: _internal_resolve_name() code cleanup.
Only set *return_count just before success return.
Preparing to move all counts to size_t.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
31674946 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: _internal_resolve_name() code cleanup.
Only set *return_iplist just before success return.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
863ab1af by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: Make _internal_resolve_name() return a size_t pointer for count.
Getting closer to being a idential to the wrapper function
internal_resolve_name() which we can then remove.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
68e12688 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: Finally change _internal_resolve_name() to return a talloc'ed ip_service array.
The wrapper internal_resolve_name() is now functionaly identical to _internal_resolve_name()
so we can remove it and rename _internal_resolve_name() back to internal_resolve_name().
dup_ip_service_array() is now no longer used, so comment it
out as it's a staic function.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
57349b65 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: Remove now unused dup_ip_service_array().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
f36a0be9 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: Comment out wrapper function internal_resolve_name(). Rename _internal_resolve_name() -> internal_resolve_name().
We can now remove the wrapper.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
c6cc05f5 by Jeremy Allison at 2020-09-07T13:23:43+00:00
s3: libsmb: Remove commented out wrapper for internal_resolve_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
39ecff71 by Jeremy Allison at 2020-09-07T13:23:44+00:00
s3: libsmb: Cleanup - resolve_name() get names from internal_resolve_names() which is guaranteed not to return zero addresses.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
7835e2cb by Jeremy Allison at 2020-09-07T13:23:44+00:00
s3: libsmb: Add internal ipstr_list_make_sa().
Duplicates ipstr_list_make() with samba_sockaddr, but doesn't store
ports. The duplication is temporary as the ipstr_list_make() function
will go away once namecache_store is converted to samba_sockaddr.
Compiles but commented out as not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
0e59fee2 by Jeremy Allison at 2020-09-07T13:23:44+00:00
s3: libsmb: Add namecache_store_sa(). Doesn't store ports and takes a samba_sockaddr array.
Now uses ipstr_list_make_sa(). Now convert
the callers, remove namecache_store() and
then rename namecache_store_sa() back to namecache_store().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
1593231e by Jeremy Allison at 2020-09-07T13:23:44+00:00
s3: libsmb: Use namecache_store_sa() instead of namecache_store().
Removes one more struct ip_service usage.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
4c81f390 by Jeremy Allison at 2020-09-07T13:23:44+00:00
s3: winbindd: Use namecache_store_sa() inside dcip_check_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
3dad456d by Jeremy Allison at 2020-09-07T13:23:44+00:00
s3: libsmb: Add internal conversion function ip_service_to_samba_sockaddr().
Compiles but commented out as not yet used. Next commit will
change that.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
9da8d26f by Jeremy Allison at 2020-09-07T13:23:44+00:00
s3: libsmb: Remove the last caller of namecache_store().
Convert to a struct samba_sockaddr array and use namecache_store_sa().
We can now remove the use of 'struct ip_list' from
the namecache code.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
2989d736 by Jeremy Allison at 2020-09-07T13:23:44+00:00
s3: libsmb: Remove use of struct ip_service from the namecache code.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
170051d6 by Jeremy Allison at 2020-09-07T13:23:44+00:00
s3: libsmb: Now we only have namecache_store_sa(), rename it back to namecache_store().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
7a3c368d by Noel Power at 2020-09-07T14:46:58+00:00
s3: libsmb: Cleanup in get_dc_list()
Don't modify out params (unless successful result),
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Mon Sep 7 14:46:58 UTC 2020 on sn-devel-184
- - - - -
c760ed61 by Andreas Schneider at 2020-09-07T23:57:48+00:00
gitlab-ci: Fix the sha1sum
The images where build with an invalid sha1sum.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Sep 7 23:57:48 UTC 2020 on sn-devel-184
- - - - -
0022cd94 by Stefan Metzmacher at 2020-09-08T13:59:58+00:00
lib/replace: move lib/replace/closefrom.c from ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE
This is where it really belongs and we avoid the strange interaction
with source4/heimdal_build/config.h. This a follow up for commit
f31333d40e6fa38daa32a3ebb32d5a317c06fc62.
This fixes a build problem if libbsd-dev is not installed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14482
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Sep 8 13:59:58 UTC 2020 on sn-devel-184
- - - - -
99565d2a by Christof Schmitt at 2020-09-08T21:35:41+00:00
wscript: Make list of shared modules available in STRING_SHARED_MODULES
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
80add26b by Christof Schmitt at 2020-09-08T21:35:41+00:00
selftest: Add function for checking whether a module is enabled
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fd7b77f4 by Christof Schmitt at 2020-09-08T21:35:41+00:00
selftest: Add unit test for vfs_gpfs
The mapping functions of the vfs_gpfs module can be easily unit tested.
Begin a cmocka test to cover those.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5cfe884b by Christof Schmitt at 2020-09-08T21:35:41+00:00
test_vfs_gpfs: Add test for lease mapping function
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c94ea50b by Christof Schmitt at 2020-09-08T21:35:41+00:00
test_vfs_gpfs: Add test for winattr mappings
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b65fbade by Christof Schmitt at 2020-09-08T22:57:03+00:00
test_vfs_gpfs: Add test for file id generation
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Tue Sep 8 22:57:03 UTC 2020 on sn-devel-184
- - - - -
21de9077 by Jeremy Allison at 2020-09-09T10:31:17+00:00
s3: libsmb: Fix bug in get_dc_list() introduced by ip-service cleanup.
Do an early return on error. On success assign to the correct
variables that are going to get copied into the 'out' parameters.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Wed Sep 9 10:31:17 UTC 2020 on sn-devel-184
- - - - -
53a368c5 by Christof Schmitt at 2020-09-10T23:19:56+00:00
idmap_ad: Honor "client ldap sasl wrapping" config setting
Instead of hard-coding SIGN and SEAL for the connections from this idmap
module, query the desired wrapping from "client ldap sasl wrapping".
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Sep 10 23:19:56 UTC 2020 on sn-devel-184
- - - - -
e60df214 by Andrew Bartlett at 2020-09-11T03:43:40+00:00
oss-fuzz: standardise on RUNPATH for the static-ish binaries
We use ld.bfd for the coverage builds, rather than the faster ld.gold.
We run the oss-fuzz autobuild target on Ubuntu 16.04 to more closely
mirror the environment provided by the Google oss-fuzz build
container.
On Ubuntu 16.04, when linking with ld.bfd built binaries get a RPATH,
but builds in Ubuntu 18.04 and those using ld.gold get a RUNPATH.
Just convert them all to RUNPATH to make the check_build.sh test (run
by the oss-fuzz autobuild target) easier.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6f5b0fef by David Mulder at 2020-09-11T03:43:40+00:00
ctdb: Prevent man page duplication
The new waf detects a duplicate instance of
ctdb_mutex_ceph_rados_helper.7.xml, which is due
to manpages_extra being a pointer to
manpages_misc, therefore each call to build()
added duplicate entries to the manpages_misc
global entry.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
671fe10f by David Disseldorp at 2020-09-11T03:43:40+00:00
s4:torture/rpc: run tests in the order that they're added
torture_rpc_tcase_add_test*() uses DLIST_ADD(), which sees them executed
in reverse order to which they're added. Use DLIST_ADD_END() instead to
fix this.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9bbfdb11 by David Disseldorp at 2020-09-11T03:43:40+00:00
s4:torture/rpc: flip order of netlogon tests
The previous change to not run rpc tests in reverse order results in
the following failure:
Testing netr_LogonGetDomainInfo
UNEXPECTED(failure): samba4.rpc.netlogon with
seal,padcheck.netlogon.GetDomainInfo(ad_dc)
REASON: Exception: ../../source4/torture/rpc/netlogon.c:320:
Expression `plain_pass != ((void *)0)' failed: plain_pass
Restore the dependent order of netlogon tests by reversing the
torture_rpc_tcase_add_test*() calls for the suite.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
47ee0c81 by David Disseldorp at 2020-09-11T03:43:40+00:00
s4:torture/rpc: move test_fsrvp_seq_timeout as last
test_fsrvp_seq_timeout may see share snapshots left-over, which can
cause problems if subsequent tests expect a clean slate
(i.e. enum_created).
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
ed9abf94 by Douglas Bagnall at 2020-09-11T05:05:59+00:00
utils/asn1: avoid undefined behaviour warning
UBSAN does not like an int >= 1<<24 being shifted left.
We check the overflow in the very next line.
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25436
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Sep 11 05:05:59 UTC 2020 on sn-devel-184
- - - - -
d9d8bf8c by Martin Schwenke at 2020-09-11T05:06:42+00:00
ctdb-tests: Simplify comment in large database recovery test
The older style controls mentioned are being removed.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f9685766 by Martin Schwenke at 2020-09-11T05:06:42+00:00
ctdb-recovery: Remove use of old pull and push controls
Removes use of the old controls without cleaning up the code. Clean
up can be done later.
After this change the CTDB_CAP_FRAGMENTED_CONTROLS capability is no
longer checked. This capability can be removed along with the
controls.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
595c1a7c by Martin Schwenke at 2020-09-11T05:06:42+00:00
ctdb-recovery: Simplify database pull function names
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
225a6996 by Martin Schwenke at 2020-09-11T05:06:42+00:00
ctdb-recovery: Drop passing of capabilities into database pull
This is no longer necessary because the capability new style database
pull is assumed to always be available.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
f4e2206e by Martin Schwenke at 2020-09-11T05:06:42+00:00
ctdb-recovery: Drop unnecessary database push wrapper
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
2efce7d4 by Martin Schwenke at 2020-09-11T05:06:42+00:00
ctdb-recovery: Simplify database push function names
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
28986954 by Martin Schwenke at 2020-09-11T05:06:42+00:00
ctdb-client: Drop unused synchronous functions for database pull/push
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
3bbb4a85 by Martin Schwenke at 2020-09-11T05:06:42+00:00
ctdb-protocol: Drop client functions for old-style database pull/push
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
7d826731 by Martin Schwenke at 2020-09-11T05:06:42+00:00
ctdb-protocol: Drop marshalling functions for old-style database pull/push
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
d98f68f9 by Martin Schwenke at 2020-09-11T06:29:32+00:00
ctdb-daemon: Drop implementation of old-style database pull/push controls
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Fri Sep 11 06:29:32 UTC 2020 on sn-devel-184
- - - - -
4d63a1a7 by Andrew Bartlett at 2020-09-11T07:05:33+00:00
bootstrap: Fix the spelling of README.md (again) and get a new GnuTLS
We re-run ./bootstrap/template.py --render to get a new GnuTLS on Fedora 32
This was missed with 7dc535995bbdb42b1b053c22acff5978cb5da516
and so caused e0e51632cf77be439ebcbcba025a42e8558fa824 to
break the sha1sum and so require 7077be01a3cc860ce1fcfafd9e5028829f0c1887
to fix it.
The sha1sum changes because we fixed the bug about the spelling of
README.md, which is helpful because otherwise we would not get a
new image.
This provides a GnuTLS 3.6.15 so that we still test using GnuTLS's
gnutls_aead_cipher_encryptv2() for the SMB encryption codepath.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14399
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
94808cc5 by Andreas Schneider at 2020-09-11T08:27:26+00:00
waf: Only use gnutls_aead_cipher_encryptv2() for GnuTLS > 3.6.14
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14399
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Sep 11 08:27:26 UTC 2020 on sn-devel-184
- - - - -
ff40135a by Christof Schmitt at 2020-09-12T06:29:37+00:00
s3:VFS: Remove function declaration for vfs_posixacl_init
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
8d34b673 by Christof Schmitt at 2020-09-12T06:29:37+00:00
lib: Make get_share_security_default static
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
8b4c6fb7 by Christof Schmitt at 2020-09-12T07:53:56+00:00
smbclient: Remove unused reference to extern override_logfile
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Sat Sep 12 07:53:56 UTC 2020 on sn-devel-184
- - - - -
8f868b0e by Laurent Menase at 2020-09-14T13:33:13+00:00
winbind: Fix a memleak
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14388
Signed-off-by: Laurent Menase <laurent.menase at hpe.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Sep 14 13:33:13 UTC 2020 on sn-devel-184
- - - - -
923648b0 by Jeremy Allison at 2020-09-15T10:09:36+00:00
s3: libsmb: Convert node_status_query() and associated functions and callers to expect a size_t * return.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
dbab4626 by Noel Power at 2020-09-15T10:09:36+00:00
s3/libsmb: Cleanup parse_node_status() only set out params on success
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
af6aaf62 by Jeremy Allison at 2020-09-15T10:09:36+00:00
s3: libsmb: Convert the WINS and broadcast name functions to return size_t * num addresses.
Have to do both at once as they are intimately related.
The uglyness inside internal_resolve_name() will go away
once all the resove_XXX() functions return size_t values.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
da9c7b19 by Jeremy Allison at 2020-09-15T10:09:37+00:00
libcli: nbt: cleanup resolve_lmhosts_file_as_sockaddr() - don't change return values on fail.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
e034072c by Jeremy Allison at 2020-09-15T10:09:37+00:00
libcli: nbt: Fix resolve_lmhosts_file_as_sockaddr() to return size_t * count of addresses.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
f5dda19d by Jeremy Allison at 2020-09-15T10:09:37+00:00
s3: libsmb: cleanup resolve_hosts() - don't change return values on fail.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
2a1c57f6 by Jeremy Allison at 2020-09-15T10:09:37+00:00
s3: libsmb: Fix resolve_hosts() to return size_t * count of addresses.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
1fc49be4 by Jeremy Allison at 2020-09-15T10:09:37+00:00
s3: libsmb: Make resolve_ads() return a size_t * address count.
All resolve_XXXX() functions inside internal_resolve_name()
now use size_t and we can clean this up.
Signed-off-by: Jeremy Allison <jra at samba.org>
Signed-off-by: Noel Power<npower at samba.org>
- - - - -
a8e0d46e by Jeremy Allison at 2020-09-15T10:09:37+00:00
s3: libsmb: internal_resolve_name() - get rid of the icount variables.
Plus the paranoia check. Everything now uses size_t * returns.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
2ebf3191 by Jeremy Allison at 2020-09-15T10:09:37+00:00
lib: addns: Fix ads_dns_lookup_srv() and functions to return size_t * num servers.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
62e99efa by Jeremy Allison at 2020-09-15T10:09:37+00:00
lib: addns: Fix ads_dns_lookup_ns(), ads_dns_query_dcs(), ads_dns_query_gcs(), ads_dns_query_kdcs(), ads_dns_query_pdc() to return size_t *.
Easier to do all callers at once.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
ed1e1e0b by Noel Power at 2020-09-15T10:09:37+00:00
s3/libsmb: cleanup discover_dc_dns, only set out params on success
Signed-off-by: Noel Power <npower at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1a10a430 by Noel Power at 2020-09-15T10:09:37+00:00
s3/libsmb: cleanup discover_dc_dns() Fix potential leak
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d8ff3652 by Jeremy Allison at 2020-09-15T10:09:37+00:00
s3: libsmb: Fix the count returns in discover_dc_netbios(), discover_dc_dns(), process_dc_dns() to return size_t * counts.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
ced8fbc7 by Jeremy Allison at 2020-09-15T10:09:37+00:00
s3: libsmb: Make prioritize_ipv4_list() use size_t counts.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
d044d20c by Jeremy Allison at 2020-09-15T10:09:37+00:00
s3: libads: Reformat args to cldap_ping_list().
Pure reformatting.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
76beee81 by Jeremy Allison at 2020-09-15T10:09:37+00:00
s3: libads: Use size_t counts inside cldap_ping_list().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
78b191c4 by Jeremy Allison at 2020-09-15T10:09:37+00:00
s3: libsmb: Make sort_addr_list() and sort_service_list() take size_t counts.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
afd83fa5 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libsmb: Add sort_sa_list() compare function. Not yet used.
Ready for when we start returning ordered samba_sockaddr arrays.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
47e104c4 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libsmb: Add get_kdc_list_sa() returns samba_sockaddr array.
Not yet used, but uses the previous utility functions.
Now to convert the get_kdc_list() callers and remove
one more external use of ip_service.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
0a347683 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: utils: Make net_lookup_kdc() use get_kdc_list_sa().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
516d8734 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libads: Convert get_kdc_ip_string() to use get_kdc_list_sa().
No more callers of get_kdc_list().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
0562154a by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libsmb: Remove get_kdc_list(). No more callers.
Next we can rename get_kdc_list_sa() -> get_kdc_list().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
1eecdd94 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libsmb: Rename get_kdc_list_sa() back to get_kdc_list().
The samba_sockaddr interface is now the only one.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
2b7629f3 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libsmb: Add function get_sorted_dc_list_sa(). Returns samba_sockaddr array.
Now to fix callers.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
1fb56f3f by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: utils: Make net_lookup_dc() use get_sorted_dc_list_sa().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
4b6fc2b0 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libads: Add an alternate version of cldap_ping_list() that takes an array of samba_sockaddrs.
Preparing for get_sorted_dc_list() returning such an array.
ifdef'ed out as not yet used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
6be32826 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libads: Make resolve_and_ping_netbios() use get_sorted_dc_list_sa().
Now we use cldap_ping_list_sa() so uncomment it.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
5a448e96 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libads: Make resolve_and_ping_dns() use get_sorted_dc_list_sa().
We no longer use cldap_ping_list(), comment it out
for removal.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
bef9ebd8 by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libads: Remove cldap_ping_list().
No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
2a57e7ed by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libads: Rename cldap_ping_list_sa() -> cldap_ping_list().
The old cldap_ping_list() is now gone.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
cb5b69fb by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: winbind: Fix get_dcs() to use get_sorted_dc_list_sa().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
ffed032b by Jeremy Allison at 2020-09-15T10:09:38+00:00
s3: libsmb: Remove last caller of get_sorted_dc_list() from rpc_dc_name()..
Now only get_sorted_dc_list_sa() left.
Now we can remove get_sorted_dc_list() and rename
get_sorted_dc_list_sa() back to get_sorted_dc_list().
One more external user of struct ip_service gone.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
8ae5408d by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Remove get_sorted_dc_list(). No longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
b59de9e5 by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Rename get_sorted_dc_list_sa() -> get_sorted_dc_list().
Everyone now uses samba_sockaddr arrays.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.com>
- - - - -
1cb9611b by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Convert internal function get_dc_list() to return a samba_sockaddr array.
Callers now don't need to convert. Getting closer to making internal_resolve_name()
return samba_sockaddr array.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
`
- - - - -
1181e5e1 by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Add remove_duplicate_addrs2_sa() - uses samba_sockaddr.
Not yet used, will be used when we migrate internal_resolve_name()
to samba_sockaddr.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
5bb63200 by Jeremy Allison at 2020-09-15T10:09:39+00:00
3: torture: Use remove_duplicate_addrs2_sa() instead of remove_duplicate_addrs2() in LOCAL-remove_duplicate_addrs2 test.
Spoiler, still passes :-).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
c5b1d4ff by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Add prioritize_ipv4_list_sa().
Re-arranges a samba_sockaddr array in IPv4 preference.
Not yet used so compiles but ifdef'ed out. Needed for conversion
of internal_resolve_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
fb8acf17 by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Add internal_resolve_name_sa(). A wrapper for internal_resolve_name().
Not yet used. Now to fix the callers, and convert internal_resolve_name()..
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <jra at samba.org>
- - - - -
a8ec446d by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Fix discover_dc_netbios() to call internal_resolve_name_sa().
All callers of internal_resolve_name() are now internal to namequery.c
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
489102b0 by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Remove the internal_resolve_name() external interface.
Change the internal version from internal_resolve_name() -> _internal_resolve_name().
Only external caller calls internal_resolve_name_sa().
After this we can rename internal_resolve_name_sa() back to internal_resolve_name()
as all internal use in namequery.c is via _internal_resolve_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
185f3027 by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Rename internal_resolve_name_sa() -> internal_resolve_name()
That's now the only external interface to it.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
178bd384 by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Convert resolve_name() to call internal_resolve_name() not _internal_resolve_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
3b1542a1 by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Convert resolve_name_list() to call internal_resolve_name() not _internal_resolve_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
be85a463 by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Convert find_master_ip() to call internal_resolve_name() not _internal_resolve_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
e6c581f0 by Jeremy Allison at 2020-09-15T10:09:39+00:00
s3: libsmb: Convert get_pdc_ip() to call internal_resolve_name() not _internal_resolve_name().
NB. sort_service_list() and ip_service_compare() are now no
longer used so comment them out for removal.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
5b8f5971 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: Remove now unused internal functions ip_service_compare() and sort_service_list().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
f03a6ef6 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: Convert get_dc_list() to call internal_resolve_name() not _internal_resolve_name().
prioritize_ipv4_list() is no longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
e0d060c6 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: Tidy up the talloc heirarchy allocation in get_dc_list().
Always allocate the return_salist off the frame pointer.
Only talloc_move() to return ctx on successful return.
Cleans up a nasty else in the exit path that caused
problems in the past - we can now always TALLOC_FREE(return_salist)
without remembering if we need to return it.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
5a2b5c74 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: Remove unused prioritize_ipv4_list().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
ef62fa93 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: Rename prioritize_ipv4_list_sa() -> prioritize_ipv4_list() now it's the only use.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
d3f6eccc by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: namequery: Add utility function sockaddr_array_to_samba_sockaddr_array().
Not yet used. Will help convert _internal_resolve_name() to internal_resolve_name().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
757934e8 by Jeremy Allison at 2020-09-15T10:09:40+00:00
3: libsmb: namequery: Convert _internal_resolve_name() -> internal_resolve_name() returning talloced samba_sockaddr arrays.
Wrapper function internal_resolve_name() is now commented out,
along with the now unused ip_service_to_samba_sockaddr() and
convert_ss2service() functions.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
7d37b8ba by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: namequery.c: Remove now unused ip_service_to_samba_sockaddr()..
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
a679c6c5 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: namequery.c: Remove now unused convert_ss2service().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
5b6245d1 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: namequery.c: Remove now unused internal_resolve_name() wrapper.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
d627ef14 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: namequery.c: Remove unused remove_duplicate_addrs2().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
526fdaa7 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: libsmb: namequery. Rename remove_duplicate_addrs2_sa() to remove_duplicate_addrs2()
It's now the only function.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
c1d39295 by Jeremy Allison at 2020-09-15T10:09:40+00:00
s3: Remove struct ip_service.
---------------
/ \
/ REST \
/ IN \
/ PEACE \
/ \
| |
| struct ip_service |
| |
| |
| 9 August |
| In the year of the |
| pandemic |
| 2020 |
*| * * * | *
_________)/\\_//(\/(/\)/\//\/\////|_)_______
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
67498ffd by Jeremy Allison at 2020-09-15T11:33:35+00:00
s3: libsmb: Cleanup - in internal_resolve_name() only write the out parameters on success.
All callers already correctly initialize them.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Sep 15 11:33:35 UTC 2020 on sn-devel-184
- - - - -
ebada816 by Samuel Cabrero at 2020-09-16T22:45:38+00:00
selftest: Create client directories in a loop
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
- - - - -
63b0d2dc by Samuel Cabrero at 2020-09-16T22:45:38+00:00
selftest: set pid directory in client's smb.conf
Set a pid file directory to avoid the following testparm error:
ERROR: pid directory /usr/local/samba/var/run does not exist
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
- - - - -
ed625d66 by Samuel Cabrero at 2020-09-17T00:05:51+00:00
tests: Disable kerberos for weak crypto test
Otherwise the test fails because the client is authenticated using
spnego and gse_krb5, not triggering the weak crypto restrictions.
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Thu Sep 17 00:05:51 UTC 2020 on sn-devel-184
- - - - -
7651c026 by Björn Jacke at 2020-09-18T00:35:40+00:00
srv_spoolss_nt.c: fix wrong value in debug message
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
787d7756 by Björn Jacke at 2020-09-18T00:35:40+00:00
cli_winreg_spoolss: handle also printer sharename
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9771
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
380938b0 by Björn Jacke at 2020-09-18T01:58:22+00:00
nt_printing_ads: add missing printShareName attribute when publishing printers
Without printShareName attribute in LDAP, Windows doesn't list the pinters at all.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9771
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Sep 18 01:58:22 UTC 2020 on sn-devel-184
- - - - -
b813cdca by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge()
It's good to have just a single isolated function that will generate
random challenges, in future we can add some logic in order to
avoid weak values, which are likely to be rejected by a server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
355efadc by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): s4:torture/rpc: make use of netlogon_creds_random_challenge()
This will avoid getting flakey tests once our server starts to
reject weak challenges.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
46642fd3 by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge() in netlogon_creds_cli.c
This will avoid getting rejected by the server if we generate
a weak challenge.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
caba2d80 by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): s3:rpc_server:netlogon: make use of netlogon_creds_random_challenge()
This is not strictly needed, but makes things more clear.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
74eb448a by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): s4:rpc_server:netlogon: make use of netlogon_creds_random_challenge()
This is not strictly needed, but makes things more clear.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
53528c71 by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_is_random_challenge() to avoid weak values
This is the check Windows is using, so we won't generate challenges,
which are rejected by Windows DCs (and future Samba DCs).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d3123858 by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in netlogon_creds_server_init()
This implements the note from MS-NRPC 3.1.4.1 Session-Key Negotiation:
7. If none of the first 5 bytes of the client challenge is unique, the
server MUST fail session-key negotiation without further processing of
the following steps.
It lets ./zerologon_tester.py from
https://github.com/SecuraBV/CVE-2020-1472.git
report: "Attack failed. Target is probably patched."
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d8a6e654 by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
9ec8b59b by Jeremy Allison at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Fix mem leak onto p->mem_ctx in error path of _netr_ServerPasswordSet2().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
82d41977 by Jeremy Allison at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: protect netr_ServerPasswordSet2 against unencrypted passwords
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Jeremy Allison <jra at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
be8e6394 by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check()
We should debug more details about the failing request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
f9b772bf by Stefan Metzmacher at 2020-09-18T12:48:38+00:00
CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no"
This allows to add expections for individual workstations, when using "server schannel = yes".
"server schannel = auto" is very insecure and will be removed soon.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
ca8a0098 by Stefan Metzmacher at 2020-09-18T12:48:39+00:00
CVE-2020-1472(ZeroLogon): s4:rpc_server/netlogon: log warnings about unsecure configurations
This should give admins wawrnings until they have a secure
configuration.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
9ef5b63e by Günther Deschner at 2020-09-18T12:48:39+00:00
CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: refactor dcesrv_netr_creds_server_step_check()
We should debug more details about the failing request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Günther Deschner <gd at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
b74017d2 by Günther Deschner at 2020-09-18T12:48:39+00:00
CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: support "server require schannel:WORKSTATION$ = no"
This allows to add expections for individual workstations, when using "server schannel = yes".
"server schannel = auto" is very insecure and will be removed soon.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Günther Deschner <gd at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
b8e4b0f4 by Günther Deschner at 2020-09-18T12:48:39+00:00
CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: log warnings about unsecure configurations
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Günther Deschner <gd at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d1790a0b by Stefan Metzmacher at 2020-09-18T12:48:39+00:00
CVE-2020-1472(ZeroLogon): docs-xml: document 'server require schannel:COMPUTERACCOUNT'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
4b262b03 by Gary Lockyer at 2020-09-18T12:48:39+00:00
CVE-2020-1472(ZeroLogon): s4 torture rpc: Test empty machine acct pwd
Ensure that an empty machine account password can't be set by
netr_ServerPasswordSet2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
9945f3e3 by Gary Lockyer at 2020-09-18T14:13:17+00:00
CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge
Ensure that client challenges with the first 5 bytes identical are
rejected.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Sep 18 14:13:17 UTC 2020 on sn-devel-184
- - - - -
454ccd98 by Ralph Boehme at 2020-09-21T07:26:54+00:00
s3: fix fcntl waf configure check
RN: Fix fcntl waf configure check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14503
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Sep 21 07:26:54 UTC 2020 on sn-devel-184
- - - - -
8e31c4e6 by Volker Lendecke at 2020-09-23T16:54:38+00:00
libsmb: Use direct struct initialization
Give the compiler more hints
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ed263ef4 by Volker Lendecke at 2020-09-23T16:54:38+00:00
libsmb: README.Coding for resolve_hosts()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a3572821 by Volker Lendecke at 2020-09-23T16:54:38+00:00
libsmb: Protect against rogue getaddrinfo result
Probably a "won't happen", but to me this looked fishy
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c6a11d8d by Volker Lendecke at 2020-09-23T16:54:38+00:00
libsmb: Use talloc_realloc() correctly in resolve_hosts()
On realloc failure the old value is still around
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
08c4dd58 by Volker Lendecke at 2020-09-23T18:20:36+00:00
libsmb: Fix CID 1467087: Resource leaks
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 23 18:20:36 UTC 2020 on sn-devel-184
- - - - -
56f022c3 by Volker Lendecke at 2020-09-23T20:40:47+00:00
smbd: Propagate reload-config message to all worker smbds
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 23 20:40:48 UTC 2020 on sn-devel-184
- - - - -
ff36cb74 by David Disseldorp at 2020-09-23T23:29:41+00:00
ctdb/ceph: register recovery lock holder with ceph-mgr
The Ceph Manager's service map is useful for tracking the status of
Ceph related services. By registering the CTDB recovery lock holder,
Ceph storage administrators can more easily identify where and when a
CTDB cluster is up and running.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
55dbd108 by David Disseldorp at 2020-09-23T23:29:41+00:00
ctdb/doc: mention ctdb_mutex_ceph_rados_helper mgr registration
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
68b981ee by David Disseldorp at 2020-09-24T00:52:42+00:00
ctdb/test_ceph_rados_reclock: check for service registration
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Thu Sep 24 00:52:42 UTC 2020 on sn-devel-184
- - - - -
cdb6c5d1 by Amitay Isaacs at 2020-09-24T04:32:41+00:00
bind9-dlz: Bind 9.13.x switched to using bool as isc_boolean_t instead of int.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Rowland Penny <rpenny at samba.org>
- - - - -
95278618 by Amitay Isaacs at 2020-09-24T04:32:41+00:00
provision: BIND 9.13.x is not supported
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Rowland Penny <rpenny at samba.org>
- - - - -
a167a215 by Amitay Isaacs at 2020-09-24T04:32:41+00:00
bind9-dlz: Add support for BIND 9.14.x
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Rowland Penny <rpenny at samba.org>
- - - - -
016c1174 by Amitay Isaacs at 2020-09-24T04:32:41+00:00
provision: Add support for BIND 9.14.x
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Rowland Penny <rpenny at samba.org>
- - - - -
4d097976 by Amitay Isaacs at 2020-09-24T04:32:41+00:00
provision: BIND 9.15.x is not supported
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Rowland Penny <rpenny at samba.org>
- - - - -
ca3c18a2 by Amitay Isaacs at 2020-09-24T04:32:41+00:00
bind9-dlz: Add support for BIND 9.16.x
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Rowland Penny <rpenny at samba.org>
- - - - -
5b2ccb1c by Amitay Isaacs at 2020-09-24T04:32:42+00:00
provision: Add support for BIND 9.16.x
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Rowland Penny <rpenny at samba.org>
- - - - -
1bccc67c by Amitay Isaacs at 2020-09-24T05:55:43+00:00
provision: BIND 9.17.x is not supported
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14487
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Rowland Penny <rpenny at samba.org>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Thu Sep 24 05:55:43 UTC 2020 on sn-devel-184
- - - - -
d53c91db by Andrew at 2020-09-24T21:41:12+00:00
s3:util:net_conf - allow empty path for [homes]
Validation for "net conf addshare" is overly strict. Empty string for
path for homes share is valid.
Signed-off-by: Andrew <awalker at ixsystems.com>
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Sep 24 21:41:12 UTC 2020 on sn-devel-184
- - - - -
fca8cb63 by Jeremy Allison at 2020-09-30T11:18:43+00:00
s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via TALLOC_FREE().
They may have been carefully set by the aio_del_req_from_fsp()
destructor so we must not overwrite here.
Found via some *amazing* debugging work from Ashok Ramakrishnan <aramakrishnan at nasuni.com>.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14515
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Sep 30 11:18:43 UTC 2020 on sn-devel-184
- - - - -
6ee90adf by Volker Lendecke at 2020-09-30T15:58:38+00:00
libsmb: Make cli_list() prototype more descriptive
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f67c8f95 by Volker Lendecke at 2020-09-30T15:58:38+00:00
libsmb: Make cli_smb2_list() prototype more descriptive
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2915522d by Volker Lendecke at 2020-09-30T15:58:38+00:00
smbd: Align integer types in gid_in_use()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
62237e6b by Volker Lendecke at 2020-09-30T15:58:38+00:00
smbd: process.c does not need libsmb.h
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
44fd7447 by Volker Lendecke at 2020-09-30T15:58:38+00:00
spoolss: Align some integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2c04e9a6 by Volker Lendecke at 2020-09-30T15:58:38+00:00
spoolss: Align some integer types
SPOOLSS_NOTIFY_MSG_CTR->num_groups is defined as uint32_t
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9d14187c by Volker Lendecke at 2020-09-30T15:58:38+00:00
lib: Remove an optimization in string_replace()
Why? This simplifies the code.
Why do I believe we can do this? I don't think this is a very common
operation in critical code paths. Also, next_codepoint() already has
the same optimization. If this turns out to be a measurable
performance issue, we should turn next_codepoint() into a static
inline function doing the 7-bit optimized code path inlined the same
way we did it for tdb_oob(). This way all callers would benefit from
this optimization.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8fa451d2 by Volker Lendecke at 2020-09-30T15:58:39+00:00
smbclient: Remove the "abort_mget" variable
This was never set to true anywhere in the code
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14517
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
71bc4d4b by Volker Lendecke at 2020-09-30T15:58:39+00:00
smbclient: Slightly simplify do_mget()
Put the prompt query into a separate if-statement, move the "quest"
variable closer to its use
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14517
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
254a5b03 by Volker Lendecke at 2020-09-30T15:58:39+00:00
test3: Add a test showing that smbclient recursive mget is broken
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14517
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9f24b509 by Volker Lendecke at 2020-09-30T17:23:45+00:00
smbclient: Fix recursive mget
Make do_mget rely on do_list() already doing the recursion in a
breadth-first manner. The previous code called do_list() from within
its callback. Unfortunately the recent simplifications of do_list()
broke this, leading to recursive mget to segfault. Instead of figuring
out how this worked before the simplifications in do_list() (I did
spend a few hours on this) and fixing it, I chose to restructure
do_mget() to not recursively call do_list() anymore but instead rely
on do_list() to do the recursion. Saves quite a few lines of code and
complexity.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14517
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 30 17:23:45 UTC 2020 on sn-devel-184
- - - - -
b8653f4e by Simo Sorce at 2020-09-30T20:45:23+00:00
Restrict GSSAPI query to the krb5 mechanism
Otherwise GSSAPI will consult other mechanisms if available and we can
only cope with krb5 credentials here.
Signed-off-by: Simo Sorce <idra at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Sep 30 20:45:23 UTC 2020 on sn-devel-184
- - - - -
33fffcd2 by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: dptr_create() doesn't need a separate wcard_has_wild parameter.
It can figure this out by itself.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
93fcb449 by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 reply_unlink() - the UCF_COND_ALLOW_WCARD_LCOMP makes no sense.
There's either a wildcard in the last component or not. Always use
UCF_ALWAYS_ALLOW_WCARD_LCOMP for calls that can take a wildcard.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
38bdb082 by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 reply_mv() - the UCF_COND_ALLOW_WCARD_LCOMP makes no sense..
There's either a wildcard in the last component or not. Always use
UCF_ALWAYS_ALLOW_WCARD_LCOMP for calls that can take a wildcard.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
10e034ec by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 reply_copy() - the UCF_COND_ALLOW_WCARD_LCOMP makes no sense.
There's either a wildcard in the last component or not. Always use
UCF_ALWAYS_ALLOW_WCARD_LCOMP for calls that can take a wildcard.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5082423f by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 reply_ntrename() - the UCF_COND_ALLOW_WCARD_LCOMP makes no sense.
There's either a wildcard in the last component or not. Always use
UCF_ALWAYS_ALLOW_WCARD_LCOMP for calls that can take a wildcard.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8d11a87e by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: MS-DFS - We no longer ever set UCF_COND_ALLOW_WCARD_LCOMP so don't check for it.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e188b74a by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 Remove the crazy semantics in filename_convert_internal() using UCF_COND_ALLOW_WCARD_LCOMP.
In the places where wildcards are allowed in SMB1
we always pass in UCF_ALWAYS_ALLOW_WCARD_LCOMP.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5547cc80 by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 comment out unused UCF_COND_ALLOW_WCARD_LCOMP flag.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b7ca811e by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 reply_ntrename() - the source cannot have a wildcard.
Simplify the wildcard processing of the source name.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
71c4c96d by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 reply_ntrename() - Move the call to get_original_lcomp() to before filename_convert() for the destination name.
Simple code re-arrangement to make the next change clear.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c518111e by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 reply_ntrename() - set dest_has_wcard from the parsed last component.
We eventually want to remove the last_component_has_wcard out of the srvstr_get_pathXXX()
calls and just use srvstr_get_path_req().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f43c0416 by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 reply_ntrename() - now we set dest_has_wcard separately we can use srvstr_get_path_req() instead of srvstr_get_path_req_wcard().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
db20ef39 by Jeremy Allison at 2020-09-30T20:46:39+00:00
s3: smbd: SMB1 reply_ntrename() - now we set dest_has_wcard separately we don't need to pass it to filename_convert().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
525ccadd by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: srvstr_get_path_req_wcard() is now static to reply.c
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
078f2d94 by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: In SMB2 query directory we don't need to do full path resolution of the mask component.
get_original_lcomp() does all the name canonicalization required for the mask.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
97a4dfbd by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: SMB1 reply_search() doesn't actually care if the mask contains a wildcard or not.
Don't pass to filename_convert().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e3611cc0 by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: SMB1 reply_search(). The dptr already knows if the mask has a wildcard.
Get the value from the dptr instead.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
edee7198 by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: SMB1 reply_search(). Use srvstr_get_path_req() not srvstr_get_path_req_wcard()
If we have a wildcard is found by other means now.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
49be6d38 by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: SMB1 reply_fclose() doesn't need wcard, use srvstr_get_path_req() not srvstr_get_path_req_wcard().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
96b9842e by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: unlink_internals() can figure out if the mask has a wildcard on its own.
Doesn't need a parameter for that.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ed0c07e2 by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: SMB1 call_trans2findfirst(). Don't need the wildcard status of the mask here.
dptr_create() can work this out all on its own.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
0fbce948 by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: SMB1 call_trans2findnext() doesn't need the mask_contains_wcard bool.
dptr already knows this.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
83b17f4f by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: SMB1 reply_unlink() - use srvstr_get_path_req() not srvstr_get_path_req_wcard()
Now unlink_internals() checks its own wildcard on the mask.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b89c0a6d by Jeremy Allison at 2020-09-30T20:46:40+00:00
s3: smbd: SMB1 rename_internals() can figure out the wildcard status of the paths by itself.
No need to pass them as parameters.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
079aec9d by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: SMB1 reply_mv() no longer needs the XX_has_wcard variables.
Use srvstr_get_path_req() not srvstr_get_path_req_wcard().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9269e9c2 by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: SMB1 reply_copy() - set the xxx_has_wild flags from the processed names.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
08d029c2 by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: SMB1 reply_copy(). Use srvstr_get_path_req() not srvstr_get_path_req_wcard()
Now we check the wildcard status elsewhere. Don't pass to filename_convert() either.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
bf966dc2 by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: SMB1 call_nt_transact_rename() never needs wcard bool.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9c16729a by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: smb_file_rename_information() doesn't need to use the wildcard status of the destination.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4f0ecc7d by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: srvstr_get_path_wcard_posix() is no longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
26e8bd7e by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: Remove srvstr_get_path_wcard() - no longer used.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9392b13d by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: Remove the wrapper srvstr_get_path_req_wcard().
Rename srvstr_get_path_req_wcard() -> srvstr_get_path_req()
as it no longer gets ward status.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7a1839ab by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: All callers to srvstr_get_path_wcard_internal() pass 'ignore' as the last parameter.
Move it internal to srvstr_get_path_wcard_internal().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
5ea69c26 by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: Rename srvstr_get_path_wcard_internal() -> srvstr_get_path_internal().
It now does nothing with wildcards.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4d7cdefb by Jeremy Allison at 2020-09-30T20:46:41+00:00
s3: smbd: As srvstr_get_path_internal() ignores the wcard parameter, use check_path_syntax() instead of check_path_syntax_wcard()
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ff4e8b2c by Jeremy Allison at 2020-09-30T20:46:42+00:00
s3: smbd: All callers to filename_convert() pass in NULL for the 'bool *ppath_contains_wcard' parameter.
Remove it.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
eb60ed6b by Jeremy Allison at 2020-09-30T20:46:42+00:00
s3: smbd: The only caller of filename_convert_with_privilege() passes in NULL for the 'bool *ppath_contains_wcard' parameter.
Remove it.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b3334eb9 by Jeremy Allison at 2020-09-30T20:46:42+00:00
s3: smbd: Remove the 'bool *ppath_contains_wcard' parameter from filename_convert_internal()
It's always ignored.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e59c810f by Jeremy Allison at 2020-09-30T20:46:42+00:00
s3: smbd: Remove unused 'bool *ppath_contains_wcard' parameter from resolve_dfspath_wcard()
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e7bb8075 by Jeremy Allison at 2020-09-30T20:46:42+00:00
s3: smbd: Remove unused 'bool *ppath_contains_wcard' parameter from dfs_redirect()
resolve_dfspath_wcard() is now a tranparent wrapper for dfs_redirect().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
b7bb348b by Jeremy Allison at 2020-09-30T20:46:42+00:00
s3: smbd: Remove wrapper resolve_dfspath_wcard(). Just call dfs_redirect() directly.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
25ef2552 by Jeremy Allison at 2020-09-30T20:46:42+00:00
s3: smbd: Implement the 'allow_wcards' parameter inside parse_dfs_path().
Previously this didn't actually restrict wildcards here, as check_path_syntax_wcard()
returns the fact there was a wildcard in the last component, but doesn't
return an error. Just use check_path_syntax() instead and check
for wildcards separately.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f9321ed7 by Jeremy Allison at 2020-09-30T20:46:42+00:00
s3: smbd: Remove unused 'bool *ppath_contains_wcard' parameter from parse_dfs_path().
check_path_syntax_wcard() is now unused.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
a9186829 by Jeremy Allison at 2020-09-30T22:08:01+00:00
s3: smbd: Remove unused check_path_syntax_wcard().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Sep 30 22:08:01 UTC 2020 on sn-devel-184
- - - - -
8557a529 by Andrew Bartlett at 2020-10-01T01:18:38+00:00
autobuild.py: Combine samba-static and samba-nopython
We expect these will complete in under an hour and reduce the number of
parallel jobs. Hopefully there will be some ccache hits between these
as well.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
3e488255 by Andrew Bartlett at 2020-10-01T01:18:38+00:00
build: Remove Python2 support from the build
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14488
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
40511af0 by Andrew Bartlett at 2020-10-01T01:18:38+00:00
build: Remove Python2 handling in SAMBA_CHECK_PYTHON_HEADERS()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5edc004f by Andrew Bartlett at 2020-10-01T01:18:38+00:00
.gitlab-ci.yml: Set interuptable: true
This should reduce some CI costs, avoiding spending CPU time on jobs that are
already out of date because a new branch has been pushed.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
21197bb5 by Andrew Bartlett at 2020-10-01T01:18:38+00:00
selftest: Move some more tests from the samba-o3 job
These tests do not need to be repeated over and over on multiple
distributions. This just wastes CI resources.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5419774b by Andrew Bartlett at 2020-10-01T01:18:39+00:00
autobuild: Remove the os.getpid() from the autobuild directory
This might help our CI runners get a ccache hit by keeping the path constant.
Otherwise, we only get a good ccache hit rate if the docker container gives
us the same pid each time.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e5b236d4 by Andrew Bartlett at 2020-10-01T01:18:39+00:00
.gitlab-ci.yml: Remove echo of (incorrect due previous commit) command
The command is now echoed by the gitlab interface now anyway,
so avoid having to keep these in sync.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
584f5106 by Andrew Bartlett at 2020-10-01T01:18:39+00:00
autobuild: Remove more "make install" steps
Running a "make install" involves a full re-link which takes quite some time
we really only need to test this in a couple of basic combinations, so remove
from a few more targets.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
88663eb9 by Andrew Bartlett at 2020-10-01T01:18:39+00:00
autobuild: Merge no-modules test with the library --disable-python build
This avoids another full compile cycle.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a22a80ed by Jule Anger at 2020-10-01T01:18:39+00:00
samdb: add prepare_attr_replace() method
Add a method to prepare a given Message to replace the given attribute.
If the given new value is None or the old value and the new value are
the same, do nothing.
If the new value is empty, prepare to replace the given attribute with
[].
Else prepare to replace the given attribute with the new value.
Use this for samdb.modify(msg).
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
899e66d4 by Jule Anger at 2020-10-01T01:18:39+00:00
samdb: add fullname_from_names() method
Add a method to construct the fullname, using the given name, the initials
and the surname.
If one of this values is empty, try to use the old one, given by an
attributs set.
If the combination is empty, the method will return the fallback-default
parameter.
Use this method to construct the CN or the displayName of users or
contacts.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
efa9889a by Jule Anger at 2020-10-01T01:18:39+00:00
testsuite: add test suite for samba-tool contact commands
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
891af240 by Björn Baumbach at 2020-10-01T01:18:39+00:00
samba-tool user: add new user 'rename' command
Usage: samba-tool user rename <username> [options]
Rename a user and related attributes.
This command allows to set the user's name related attributes. The user's
CN will be renamed automatically.
The user's new CN will be made up by combining the given-name, initials
and surname. A dot ('.') will be appended to the initials automatically.
Use the --force-new-cn option to specify the new CN manually.
The username specified on the command is the sAMAccountName.
Example1:
samba-tool user rename johndoe --surname='Bloggs'
Example1 shows how to change the surname of a user 'johndoe' to 'Bloggs' on
the local server. The user's CN will be renamed automatically, based on
the given name, initials and surname.
Pair-Programmed-With: Jule Anger <ja at sernet.de>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
06997d15 by Jule Anger at 2020-10-01T01:18:39+00:00
doc: add samba-tool user rename command to samba-tool man page
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ea8b3f92 by Jule Anger at 2020-10-01T01:18:39+00:00
samba-tool tests: add test-cases for 'user rename'
Tests the following options:
--surname
--given-name
--initials
--force-new-cn
--reset-cn
--display-name
--mail-address
--samaccountname
--upn
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4b06ff7f by Jule Anger at 2020-10-01T01:18:39+00:00
samba-tool group: add new group 'rename' command
Usage: samba-tool group rename <groupname> [options]
Rename a group and related attributes.
This command allows to set the group's name related attributes.
Use an empty attribute value to remove the specified attribute.
The groupname specified on the command is the sAMAccountName.
Example1:
samba-tool group rename employees --samaccountname=staff
Example1 shows how to change the sAMAaccountName of a group 'employees' to
'staff' on the local server.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
3ff79e81 by Jule Anger at 2020-10-01T01:18:39+00:00
doc: add samba-tool group rename command to samba-tool man page
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ac283a96 by Jule Anger at 2020-10-01T01:18:40+00:00
samba-tool tests: add test-cases for 'group rename'
Tests the following options:
--samaccountname
--force-new-cn
--reset-cn
--mail-address
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
bf04cb3b by Jule Anger at 2020-10-01T01:18:40+00:00
samba-tool contact: add new contact 'rename' command
Usage: samba-tool contact rename <contactname> [options]
Rename a contact and related attributes.
This command allows to set the contact's name related attributes.
Use an empty attribute value to remove the specified attribute.
The contactname specified on the command is the CN.
Example1:
samba-tool contact rename "John Doe" --surname=Bloggs \\
--force-new-cn=John
Example1 shows how to change the surname ('sn' attribute) of a contact
'John Doe' to 'Bloggs' and change the CN to 'John' on the local server.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
66b6d90c by Jule Anger at 2020-10-01T01:18:40+00:00
doc: add samba-tool contact rename command to samba-tool man page
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b83b4c92 by Jule Anger at 2020-10-01T01:18:40+00:00
samba-tool tests: add test-cases for 'contact rename'
Tests the following options:
--surname
--given-name
--initials
--force-new-cn
--reset-cn
--display-name
--mail-address
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
419e75cc by Jule Anger at 2020-10-01T01:18:40+00:00
samba-tool ou: rename 'ou create' to 'ou add'
Keep 'ou create' for compatibility reasons.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
3b8ed676 by Jule Anger at 2020-10-01T01:18:40+00:00
doc: rename 'ou create' to 'ou add'
And add 'ou create' as synonym for 'ou add'.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
6315deaa by Jule Anger at 2020-10-01T01:18:40+00:00
samba-tool tests: rename 'ou create' to 'ou add'
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
95ba8a3f by Jule Anger at 2020-10-01T01:18:40+00:00
samba-tool user: rename 'user create' to 'user add'
Keep 'user create' for compatibility reasons.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d93a7e21 by Jule Anger at 2020-10-01T01:18:40+00:00
doc: rename 'user create' to 'user add'
And add 'user create' as synonym for 'user add'.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
05136448 by Jule Anger at 2020-10-01T01:18:40+00:00
samba-tool tests: rename 'user create' to 'user add'
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1703ca11 by Jule Anger at 2020-10-01T01:18:40+00:00
samba-tool computer: rename 'computer create' to 'computer add'
Keep 'computer create' for compatibility reasons.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5f657d55 by Jule Anger at 2020-10-01T01:18:40+00:00
doc: rename 'computer create' to 'computer add'
And add 'computer create' as synonym for 'computer add'.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
1f61ef20 by Jule Anger at 2020-10-01T01:18:41+00:00
samba-tool tests: rename 'computer create' to 'computer add'
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
90988ff6 by Jule Anger at 2020-10-01T01:18:41+00:00
samba-tool group: add 'group create' as synonym for 'group add'
Add 'group create' command for a symmetric set of
samba-tool subcommands
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ee1c8126 by Jule Anger at 2020-10-01T01:18:41+00:00
doc: add 'group create' as synonym for 'group add'
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
66862358 by Jule Anger at 2020-10-01T01:18:41+00:00
samba-tool tests: rename 'group create' to 'group add'
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f38336ac by Jule Anger at 2020-10-01T01:18:41+00:00
samba-tool contact: rename 'contact create' to 'contact add'
Keep 'contact create' for compatibility reasons.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
3b7cf5f5 by Jule Anger at 2020-10-01T01:18:41+00:00
doc: rename 'contact create' to 'contact add'
And add 'contact create' as synonym for 'contact add'.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ab0e5e3c by Jule Anger at 2020-10-01T02:44:09+00:00
samba-tool tests: rename 'contact create' to 'contact add'
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Oct 1 02:44:09 UTC 2020 on sn-devel-184
- - - - -
91dc9bb6 by Jeremy Allison at 2020-10-01T21:21:38+00:00
s3: smbd: Remove the ignored last parameter 'bool *p_last_component_contains_wcard' from check_path_syntax_internal().
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
- - - - -
234957a2 by Alexander Bokovoy at 2020-10-01T22:45:29+00:00
Fix build after removal of an extra safe_string.h
Move of strcasecmp redefine to lib/util/safe_string.h in
https://gitlab.com/samba-team/samba/-/merge_requests/1507 broke build on
Fedora 33 with GCC 10.2.1 for those compilation units that use
ldb_att_cmp().
The reason for that is that ldb_attr_cmp() defined as
#define ldb_attr_cmp(a, b) strcasecmp(a, b)
because attribute names restricted to be ASCII by RFC2251 (LDAPv3 spec).
A solution is to add
#undef strcasecmp
to all source code files which use ldb_attr_cmp().
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct 1 22:45:29 UTC 2020 on sn-devel-184
- - - - -
85d2ff2f by David Mulder at 2020-10-02T13:29:35+00:00
python: Move dsdb_Dn to samdb
The import dsdb needed for dsdb_Dn causes import
errors when trying to import get_bytes/get_string
in some places.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a3cd3153 by David Mulder at 2020-10-02T14:49:36+00:00
python2 reduction: Merge remaining compat code into common
The remaining compat code (get_string, get_bytes,
cmp) are useful helper routines which we should
simply merge into common (especially since there
is some duplication here).
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): David Mulder <dmulder at samba.org>
Autobuild-Date(master): Fri Oct 2 14:49:36 UTC 2020 on sn-devel-184
- - - - -
80ac7fa7 by Ralph Boehme at 2020-10-02T19:39:43+00:00
build: remove smbd_conn private library
This is not needed anymore since 6822baa2920f30374ec84363497d97e24f359fab..
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
089d8f44 by Ralph Boehme at 2020-10-02T19:39:43+00:00
vfs: add and use vfs_fake_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
176290eb by Ralph Boehme at 2020-10-02T19:39:43+00:00
vfs_default: realign vfswrap_fgetxattr() args
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
616b64c3 by Ralph Boehme at 2020-10-02T19:39:43+00:00
s4/torture: use unique filename for torture_samba3_hide() test
The filename "test.txt" is also used by other tests and without O_PATH the file
can't be removed at the end of this tests: open_smb_fname_fsp() fails with
ACCESS_DENIED because the POSIX mode of the file is 0000 and become_root() used
in the #ifndef O_PATH fallback case doesn't work in CI.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4389ae9c by Ralph Boehme at 2020-10-02T19:39:43+00:00
vfs_fruit: ensure the buffer passed to file_lines_parse() is 0-terminated
Otherwise valgrind complains...
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
187353d9 by Ralph Boehme at 2020-10-02T19:39:43+00:00
smbd: switch caller of fd_openat() to fd_open()
fd_openat() was added to be used with real dirfsp, but after adding pathref fd
support we will never use this.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d196cf46 by Ralph Boehme at 2020-10-02T19:39:43+00:00
vfs_fruit: use VFS ftruncate function in fruit_ftruncate_rsrc_adouble()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7ccaff48 by Ralph Boehme at 2020-10-02T19:39:43+00:00
smbd: remove dirfsp arg from mkdir_internal()
Prepares for removing the dirfsp arg from SMB_VFS_CREATE_FILE() again. In the
future mkdir_internal() will open the dirfsp itself as needed.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a7544661 by Ralph Boehme at 2020-10-02T19:39:43+00:00
smbd: remove dirsp arg from open_directory()
Prepares for removing the dirfsp arg from SMB_VFS_CREATE_FILE() again. In the
future open_directory() will open the dirfsp itself.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9d84a235 by Ralph Boehme at 2020-10-02T19:39:44+00:00
smbd: remove dirfsp arg from create_file_unixpath()
Prepares for removing the dirfsp arg from SMB_VFS_CREATE_FILE() again. In the
future dirfsp has to opened as needed within create_file_unixpath() and below.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a366b756 by Ralph Boehme at 2020-10-02T19:39:44+00:00
vfs_fruit: avoid using fsp->dirsp
fsp->dirfsp will eventually go away again.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b133b81d by Ralph Boehme at 2020-10-02T19:39:44+00:00
smbd: avoid using dirfsp arg in create_file_default()
This is not used anymore in the callees.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1c444f9c by Ralph Boehme at 2020-10-02T19:39:44+00:00
smbd: remove fsp->dirfsp
This was supposed to be a shortcut to avoid passing dirfsp around as an explicit
function argument throughout the whole codebase when the new VFS design idea was
based on using *AT functions throughout the VFS.
Now that we've opted for basing the VFS on handles and *AT functions will only
be used in a much more limitted extent, it makes sense to remove this internal
dirfsp reference, otherwise the combination of internal fsp->dirfsp and
smb_fname->fsp is going to be a tough to wrap your head around.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
32257483 by Ralph Boehme at 2020-10-02T21:00:05+00:00
vfs: remove dirfsp arg from SMB_VFS_CREATE_FILE()
This was supposed to be a shortcut to avoid passing dirfsp around as an explicit
function argument throughout the whole codebase when the new VFS design idea was
based on using *AT functions throughout the VFS.
Now that we've opted for basing the VFS on handles and *AT functions will only
be used in a much more limitted extent, it makes sense to remove this internal
dirfsp reference, otherwise the combination of internal fsp->dirfsp and
smb_fname->fsp is going to be a tough to wrap your head around.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Oct 2 21:00:05 UTC 2020 on sn-devel-184
- - - - -
f02e76d0 by Volker Lendecke at 2020-10-02T21:30:32+00:00
libads: Improve a debug message
"kdc_str" is a multi-line string starting with a tab. It looks
better in the debug message when starting in a new line.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4c1f61cb by Volker Lendecke at 2020-10-02T21:30:32+00:00
libads: Improve a debug message
"kdc_ip_string" is a multi-line string starting with a tab. It looks
better in the debug message when starting in a new line.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9b453f47 by Volker Lendecke at 2020-10-02T21:30:32+00:00
libcli: Remove a pointless if-expression
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bb8d3330 by Volker Lendecke at 2020-10-02T21:30:32+00:00
libcli: Don't leave a pointer uninitialized
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6d369438 by Volker Lendecke at 2020-10-02T21:30:33+00:00
vfs: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f58ae505 by Volker Lendecke at 2020-10-02T21:30:33+00:00
torture3: Fix a cut&paste error in a printf message
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
818103c8 by Volker Lendecke at 2020-10-02T21:30:33+00:00
vfs: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
552ceb5b by Volker Lendecke at 2020-10-02T21:30:33+00:00
smbd: Use ISDOT/ISDOTDOT instead of strcmp
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bcbe7363 by Volker Lendecke at 2020-10-02T21:30:33+00:00
vfs_fruit: Fix typos
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5a143c09 by Volker Lendecke at 2020-10-02T21:30:33+00:00
lib: Avoid a use of includes.h
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a61ed4df by Volker Lendecke at 2020-10-02T21:30:33+00:00
libcli: Align some integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dfc870b6 by Volker Lendecke at 2020-10-02T21:30:33+00:00
mdssvc: Slightly simplify dalloc_size()
talloc_get_size() and thus talloc_array_length() deals fine with a
NULL pointer
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bbb01763 by Volker Lendecke at 2020-10-02T21:30:33+00:00
librpc: Add GUID_to_ndr_buf()
Avoids talloc
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
29e3c0cd by Volker Lendecke at 2020-10-02T21:30:33+00:00
librpc: Use GUID_to_ndr_buf() in GUID_to_ndr_blob()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
77877cfe by Volker Lendecke at 2020-10-02T21:30:33+00:00
libcli: Use GUID_to_ndr_buf() in ldap_encode_ndr_GUID()
Avoid a talloc/free
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bc638871 by Volker Lendecke at 2020-10-02T21:30:33+00:00
smbd: Use GUID_to_ndr_buf() in smbXsrv_client_global_id_to_key()
Avoid a talloc/free
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5f1161f4 by Volker Lendecke at 2020-10-02T21:30:33+00:00
smbd: Use GUID_to_ndr_buf() in fsctl_validate_neg_info()
Avoid a talloc/free
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b1fa3e2b by Volker Lendecke at 2020-10-02T21:30:34+00:00
libcli: Use GUID_to_ndr_buf() in smbcli_push_guid()
Avoid two talloc/free
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
39180ca2 by Volker Lendecke at 2020-10-02T21:30:34+00:00
libcli: Use GUID_to_ndr_buf() in smb2_create_send()
Avoid talloc/free
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
63ab004e by Volker Lendecke at 2020-10-02T21:30:34+00:00
libcli: Use GUID_to_ndr_buf() in smbXcli_negprot_smb2_subreq()
Avoid a talloc/free
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
666d2a38 by Volker Lendecke at 2020-10-02T22:50:43+00:00
libcli: Use GUID_to_ndr_buf() in smb2cli_validate_negotiate_info_send()
Avoid a talloc/free
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Oct 2 22:50:43 UTC 2020 on sn-devel-184
- - - - -
83ab59d9 by David Disseldorp at 2020-10-05T12:38:34+00:00
Revert "vfs_ceph: drop fdopendir handler"
This reverts commit 76d7d05b1da6c0703b1c2bade0c4467c7cc1adec.
OpenDir_fsp() no longer falls back to regular open, so this hook is
required.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14519
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Mon Oct 5 12:38:34 UTC 2020 on sn-devel-184
- - - - -
5cfc9271 by Christof Schmitt at 2020-10-05T20:06:04+00:00
third_party: Update gpfs.h to 5.0.5.3 version
4.2.3 went out of support, so update the header file to the oldest
currently supported GPFS version. Going forward, this will allow usage
of newer API calls.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Mon Oct 5 20:06:04 UTC 2020 on sn-devel-184
- - - - -
3ab52b52 by Martin Schwenke at 2020-10-06T03:12:35+00:00
ctdb-recoverd: Drop unnecessary code
This has already been done in update_flags().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14513
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
4b01f540 by Martin Schwenke at 2020-10-06T03:12:35+00:00
ctdb-recoverd: Drop unnecessary and broken code
update_flags() has already updated the recovery master's canonical
node map, based on the flags from each remote node, and pushed out
these flags to all nodes.
If i == j then the node map has already been updated from this remote
node's flags, so simply drop this case.
Although update_flags() has updated flags for all nodes, it did not
update each node map in remote_nodemaps[] to reflect this. This means
that remote_nodemaps[] may contain inconsistent flags for some nodes
so it should not be used to check consistency when i != j.
Further, a meaningful difference in flags can only really occur if
update_flags() failed. In that case this code is never reached.
These observations combine to imply that this whole loop should be
dropped.
This leaves potential sub-second inconsistencies due to out-of-band
healthy/unhealthy flag changes pushed via CTDB_SRVID_PUSH_NODE_FLAGS.
These updates could be dropped (takeover run asks each node for
available IPs rather than making centralised decisions based on node
flags) but for now they will be fixed in the next iteration of
main_loop().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14513
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
- - - - -
b68105b8 by Martin Schwenke at 2020-10-06T04:32:06+00:00
ctdb-tests: Strengthen node state checking in ctdb disable/enable test
Check that the desired state is set on all nodes instead of just the
test node. This ensures that node flags have correctly propagated
across the cluster.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14513
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Tue Oct 6 04:32:06 UTC 2020 on sn-devel-184
- - - - -
c587685d by Björn Jacke at 2020-10-06T23:06:50+00:00
docs: fix default value of spoolss:architecture
"Windows x64" is the default here since a couple of years already.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14522
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Oct 6 23:06:50 UTC 2020 on sn-devel-184
- - - - -
728dd396 by Jeremy Allison at 2020-10-08T15:07:30+00:00
nsswitch: Add an async DNS kerberos locator plugin.
Used in production on a large customer site.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f3281e0b by Jeremy Allison at 2020-10-08T15:07:30+00:00
s3: selftest: Add new SMB1-only wildcard unlink regression test.
samba3.smbtorture_s3.crypt_client.SMB1-WILD-MANGLE-UNLINK(nt4_dc_smb1)
samba3.smbtorture_s3.plain.SMB1-WILD-MANGLE-UNLINK(fileserver_smb1)
knownfail for now.
The recent wildcard changes broke something that used to work.
Consider a directory with 2 files:
dir/
a
*
The '*' file has a mangled name of _2X68P~X.
SMB1unlink("_2X68P~X") will delete *both* files
as the new 'unlink has wildcard' check is done after
the name unmangle.
SMB2 doesn't suffer from this problem, as it doesn't
allow wildcard unlinks.
Fix to follow.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
43d30ddb by Jeremy Allison at 2020-10-08T15:07:30+00:00
s3: selftest: Add new SMB1-only wildcard rename regression test.
samba3.smbtorture_s3.crypt_client.SMB1-WILD-MANGLE-RENAME(nt4_dc_smb1)
samba3.smbtorture_s3.plain.SMB1-WILD-MANGLE-RENAME(fileserver_smb1)
knownfail for now.
The recent wildcard changes broke something that used to work.
Consider a directory with 2 files:
dir/
foo
fo*
The 'fo*' file has a mangled name of FSHCRD~2.
SMB1rename("dir/FSHCRD~2", "dir/ba*") will rename *both* files
as the new 'rename has wildcard' check is done after
the name unmangle.
SMB2 doesn't allow wildcard renames so doesn't have this problem.
Fix to follow.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e4fd7bc7 by Jeremy Allison at 2020-10-08T15:07:30+00:00
s3: smbd: SMB1 reply_copy. Check untouched last component for wildcards in src and dst.
Not doing a test for this as wildcard SMB1copy() is evil and
should be removed. It's the same fix I'm doing for unlink
and rename, so this shouldn't be an issue.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
4ba14283 by Jeremy Allison at 2020-10-08T15:07:30+00:00
s3: smbd: Pure reformatting of unlink_internals() to make it obvious when I add a parameter.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
90bce2c0 by Jeremy Allison at 2020-10-08T15:07:30+00:00
s3: smbd: Fix SMB1 reply_unlink() to handle wildcards.
Add a 'bool have_wcard' to unlink_internals().
Move the wildcard detection out of unlink_internals() as it
was looking at the wrong thing.
This is now correctly set only from the unmangled last component
of the path sent to reply_unlink().
We now pass:
Samba3.smbtorture_s3.crypt_client.SMB1-WILD-MANGLE-UNLINK(nt4_dc_smb1)
samba3.smbtorture_s3.plain.SMB1-WILD-MANGLE-UNLINK(fileserver_smb1)
so remove the knownfail.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f75e633f by Jeremy Allison at 2020-10-08T15:07:30+00:00
s3: smbd: Add a 'const char *src_orginal_lcomp' (last component) parameter to rename_internals().
Not yet used. Passing as NULL means explicitly no wildcards
in the source name. There's only one place where we have to handle
wildcards here and that is from SMB1 reply_mv().
Could have used a bool here as in unlink_internals() but
using a string here makes the parameters more symmetrical
around src and destination values.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f696d29f by Jeremy Allison at 2020-10-08T16:29:27+00:00
s3: smbd: Fix SMB1 reply_mv() to handle wildcards.
Pass in the original source last component to rename_internals()
from reply_mv().
Change the wildcard detection in rename_internals() to
look at the correct thing for the source path.
This is now correctly set only from the unmangled last component
of the source path sent to reply_mv().
We now pass:
Samba3.smbtorture_s3.crypt_client.SMB1-WILD-MANGLE-RENAME(nt4_dc_smb1)
samba3.smbtorture_s3.plain.SMB1-WILD-MANGLE-RENAME(fileserver_smb1)
so remove the knownfail.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Oct 8 16:29:27 UTC 2020 on sn-devel-184
- - - - -
8fbda54e by Björn Jacke at 2020-10-08T17:52:46+00:00
nt_printing_ads: support more attributes for AD published printers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9578
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct 8 17:52:46 UTC 2020 on sn-devel-184
- - - - -
c75e8ff4 by Andreas Schneider at 2020-10-09T19:16:45+00:00
selftest: Rename 'smb encrypt' to 'server smb encrypt'
This makes it more clear what we want. 'smb encrypt' is a synonym for
'server smb encrypt'.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1b67943f by Andreas Schneider at 2020-10-09T19:16:45+00:00
selftest: Move enc_desired to provision to have it in 'fileserver' too
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e7577ab6 by Andreas Schneider at 2020-10-09T19:16:45+00:00
s3:tests: Add smbclient tests for 'client smb encrypt'
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1189b20c by Andreas Schneider at 2020-10-09T19:16:45+00:00
s3:client: Remove global smb_encrypt
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a9fbc8da by Andreas Schneider at 2020-10-09T19:16:45+00:00
s3:libsmb: Remove force_encrypt from cli_cm_open()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d27e237c by Andreas Schneider at 2020-10-09T19:16:45+00:00
s3:libsmb: Remove force_encrypt from cli_cm_connect()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
615a9a68 by Andreas Schneider at 2020-10-09T19:16:45+00:00
s3:libsmb: Remove force_encrypt from clidfs do_connect()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4ddec1ca by Andreas Schneider at 2020-10-09T19:16:45+00:00
s3:libsmb: Remove force_encrypt from cli_check_msdfs_proxy()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
276563de by Andreas Schneider at 2020-10-09T19:16:45+00:00
s3:libsmb: Pass cli_credentials to clidfs do_connect()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c8349111 by Andreas Schneider at 2020-10-09T19:16:45+00:00
s3:libsmb: Pass cli_credentials to cli_cm_connect()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
df1623ab by Andreas Schneider at 2020-10-09T19:16:46+00:00
s3:libsmb: Pass cli_credentials to cli_cm_open()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5245ab3c by Andreas Schneider at 2020-10-09T19:16:46+00:00
s3:libsmb: Pass cli_credentials to cli_resolve_path(), using helper variables.
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Jeremy Allison <jra at samba.org>
- - - - -
d07f2864 by Andreas Schneider at 2020-10-09T19:16:46+00:00
s3:client: Remove global max_protocol
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4aac9daf by Andreas Schneider at 2020-10-09T19:16:46+00:00
s3:libsmb: Remove max_protocol from cli_cm_open()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
21595826 by Andreas Schneider at 2020-10-09T19:16:46+00:00
s3:libcmb: Remove max_protocol from cli_cm_connect()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
50b59b4c by Andreas Schneider at 2020-10-09T19:16:46+00:00
s3:libsmb: Remove max_protocol from clidfs do_connect()
The if check for max_protocol == 0 is part of lp_client_max_protocol().
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d4d8218b by Andreas Schneider at 2020-10-09T19:16:46+00:00
s3:include: Move loadparm prototypes to own header file
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
925cc9aa by Andreas Schneider at 2020-10-09T20:36:12+00:00
s3:lib: Move interface prototypes to own header file
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Oct 9 20:36:13 UTC 2020 on sn-devel-184
- - - - -
74fbe0b9 by Anoop C S at 2020-10-14T10:08:24+00:00
vfs_shadow_copy2: Avoid closing snapsdir twice
As per man page for closedir(3):
. . .
The closedir() function closes the directory stream associated with
dirp. A successful call to closedir() also closes the underlying file
descriptor associated with dirp.
. . .
Therefore we don't have to attempt an additional close of file
descriptor after closedir().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14530
Signed-off-by: Jeremy Allison <jra at samba.org>
Signed-off-by: Anoop C S <anoopcs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Oct 14 10:08:24 UTC 2020 on sn-devel-184
- - - - -
b78ff571 by Jones Syue at 2020-10-14T11:07:36+00:00
interface: fix if_index is not parsed correctly
Replace probed_ifaces[i] with ifs.
In SDC 2020 SMB3 Virtual IO Lab,
run Windows Protocol Test Suite to test FileServer multichannel test cases.
Samba server has 2 virtual interfaces for VPN connection:
> name=tun2001, ip/mask=192.168.144.9/22
> name=tun2002, ip/mask=192.168.144.10/22
test suite client can ping these 2 ip addresses and browse shares.
Then client try to use IOCTL FSCTL_QUERY_NETWORK_INTERFACE_INFO to get the
virtual ip addresses of samba server, but samba server responded it
without the virtual ip addresses. My VPN setup is point-to-point and the
virtual interfaces 'tun2001' & 'tun2002' are without flag IFF_BROADCAST.
So edit smb.conf and add
"interfaces = ${virtual_ip}/${mask_length};if_index=${id}", like this:
> interfaces = eth4 eth8 eth11 eth10 qvs0 "192.168.144.9/22;if_index=50" "192.168.144.10/22;if_index=51"
then samba server IOCTL response could return the virtual ip addresses,
but found a issue:
the interface index of virtual ip addresses is always 4294967295
(0xFFFFFFFF, -1).
Quote Metze: https://gitlab.com/samba-team/devel/samba/-/commit/6cadb55d975a6348a417caed8b3258f5be2acba4#note_419181789
This looks good, I think that also explains
the possible memory corruption/crash I mentioned in the bug report.
As 'i' is most likely the same as 'total_probed' and
probed_ifaces[i] is not valid, so we overwrite unrelated memory.
Later I see 'realloc(): invalid pointer' and this backtrace:
BACKTRACE:
#0 log_stack_trace + 0x29 [ip=0x7f2f1b6fffa9] [sp=0x7ffcd0ab53e0]
#1 smb_panic + 0x11 [ip=0x7f2f1b700301] [sp=0x7ffcd0ab5d10]
#2 sig_fault + 0x54 [ip=0x7f2f1b7004f4] [sp=0x7ffcd0ab5e20]
#3 funlockfile + 0x50 [ip=0x7f2f17ce6dd0] [sp=0x7ffcd0ab5ec0]
#4 gsignal + 0x10f [ip=0x7f2f1794970f] [sp=0x7ffcd0ab6b90]
#5 abort + 0x127 [ip=0x7f2f17933b25] [sp=0x7ffcd0ab6cb0]
#6 __libc_message + 0x297 [ip=0x7f2f1798c897] [sp=0x7ffcd0ab6de0]
#7 malloc_printerr + 0x1c [ip=0x7f2f17992fdc] [sp=0x7ffcd0ab6ef0]
#8 realloc + 0x23a [ip=0x7f2f17997f6a] [sp=0x7ffcd0ab6f00]
#9 _talloc_realloc + 0xee [ip=0x7f2f1a365d2e] [sp=0x7ffcd0ab6f50]
#10 messaging_filtered_read_send + 0x18c [ip=0x7f2f1a10f54c] [sp=0x7ffcd0ab6fb0]
#11 messaging_read_send + 0x55 [ip=0x7f2f1a10f705] [sp=0x7ffcd0ab7000]
#12 smb2srv_session_table_init + 0x83 [ip=0x7f2f1b3a6cd3] [sp=0x7ffcd0ab7040]
#13 smbXsrv_connection_init_tables + 0x2d [ip=0x7f2f1b373f4d] [sp=0x7ffcd0ab7060]
#14 smbd_smb2_request_process_negprot + 0x827 [ip=0x7f2f1b38cb47] [sp=0x7ffcd0ab7080]
#15 smbd_smb2_request_dispatch + 0x19db [ip=0x7f2f1b38921b] [sp=0x7ffcd0ab71d0]
#16 smbd_smb2_process_negprot + 0x298 [ip=0x7f2f1b38bb38] [sp=0x7ffcd0ab7260]
#17 process_smb + 0x2ca [ip=0x7f2f1b37537a] [sp=0x7ffcd0ab72b0]
#18 smbd_server_connection_read_handler + 0xd0 [ip=0x7f2f1b376420] [sp=0x7ffcd0ab7350]
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14514
Signed-off-by: Jones Syue <jonessyue at qnap.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
55dad704 by David Disseldorp at 2020-10-14T11:07:36+00:00
smb2_ioctl_network_fs: fix minor leak in error path
The struct fsctl_net_iface_info array needs to be cleaned up.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
0253ba15 by David Disseldorp at 2020-10-14T11:07:36+00:00
s3:smbd: rename has_ctdb_public_ip to has_cluster_movable_ip
This provides a little more detail to what's actually being tracked
with this boolean.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
6b9564c1 by David Disseldorp at 2020-10-14T12:29:55+00:00
s3:ctdbd_conn: simplify get_public_ips() / find_in_public_ips() API
These calls are used to check whether an IP address is static to the
host, or whether it could be migrated by ctdb.
Combine the calls into a simple ctdbd_public_ip_foreach(cb) function,
which avoids the need to expose struct ctdb_public_ip_list_old.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Oct 14 12:29:56 UTC 2020 on sn-devel-184
- - - - -
f763b1e4 by Ralph Boehme at 2020-10-15T19:07:40+00:00
vfs_zfsacl: use handle based facl() call to query ZFS filesytem ACL
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14470
Pair-Programmed-With: Andrew Walker <awalker at ixsystems.com>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c10ae30c by Andrew Walker at 2020-10-15T19:07:40+00:00
vfs_zfsacl: Add new parameter to stop automatic addition of special entries
Prevent ZFS from automatically adding NFSv4 special entries (owner@, group@,
everyone@). ZFS will automatically add these these entries when calculating the
inherited ACL of new files if the ACL of the parent directory lacks an
inheriting special entry. This may result in user confusion and unexpected
change in permissions of files and directories as the inherited ACL is
generated. Blocking this behavior is achieved by setting an inheriting
everyone@ that grants no permissions and not adding the entry to the file's
Security Descriptor.
This change also updates behavior so that the fd-based syscall facl() is
used where possible.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14470
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a182f2e6 by Ralph Boehme at 2020-10-15T19:07:40+00:00
vfs_zfsacl: README.Coding fix
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14471
Pair-Programmed-With: Andrew Walker <awalker at ixsystems.com>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
13b4f913 by Ralph Boehme at 2020-10-15T19:07:40+00:00
vfs_zfsacl: use a helper variable in zfs_get_nt_acl_common()
No change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14471
Pair-Programmed-With: Andrew Walker <awalker at ixsystems.com>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c1a37b4f by Andrew Walker at 2020-10-15T19:07:40+00:00
vfs_zfsacl: only grant DELETE_CHILD if ACL tag is special
When ZFS aclmode is set to "passthrough" chmod(2)/fchmod(2) will result
in special entries being modified in a way such that delete, delete_child,
write_named_attr, write_attribute are stripped from the returned ACL entry,
and the kernel / ZFS treats this as having rights equivalent to the desired
POSIX mode. Historically, samba has added delete_child to the NFSv4 ACL, but
this is only really called for in the case of special entries in this
particular circumstance.
Alter circumstances in which delete_child is granted so that it only
is added to special entries. This preserves the intend post-chmod behavior,
but avoids unnecessarily increasing permissions in cases where it's not
intended. Further modification of this behavior may be required so that
we grant a general read or general write permissions set in case of
POSIX read / POSIX write on special entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14471
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2b8b0139 by Andrew Walker at 2020-10-15T20:27:34+00:00
vfs_zfsacl: add zfs configuration guidance to manpage
Provide minimal background information on recommended ZFS settings
for a samba share.
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct 15 20:27:34 UTC 2020 on sn-devel-184
- - - - -
e721dfc8 by Douglas Bagnall at 2020-10-16T04:45:39+00:00
fuzz: add fuzz_dcerpc_parse_binding
We parse a binding and do a few tricks with it, including turning it
into a tower and back.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2541f67c by Douglas Bagnall at 2020-10-16T04:45:40+00:00
fuzz: add fuzz_cli_credentials_parse_string
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2889baee by Björn Jacke at 2020-10-16T04:45:40+00:00
talloc: also use portable __has_attribute macro to check for "deprecated" attribute
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14526
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
de748864 by Björn Jacke at 2020-10-16T04:45:40+00:00
replace: also use portable __has_attribute macro to check for "deprecated" attribute
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14526
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c56c5c17 by Björn Jacke at 2020-10-16T04:45:40+00:00
tevent: also use portable __has_attribute macro to check for "deprecated" attribute
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14526
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b9b6abf1 by Gary Lockyer at 2020-10-16T04:45:40+00:00
CVE-2020-1472(ZeroLogon): rpc_server/netlogon: Fix confounder check
Add check for zero length confounder, to allow setting of passwords 512
bytes long. This does not need to be backported, as it is extremely
unlikely that anyone is using 512 byte passwords.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6f59a5fd by Gary Lockyer at 2020-10-16T04:45:40+00:00
CVE-2020-1472(ZeroLogon): Add zerologon test suite
Add a ZeroLogon test suite, to allow the ZeroLogon tests to be run against
the s3 and s4 netlogon servers.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
07c31634 by Gary Lockyer at 2020-10-16T04:45:40+00:00
CVE-2020-1472(ZeroLogon): torture: Move existing tests
Move the existing ZeroLogon tests into the ZeroLogon testsuite.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f47e3734 by Gary Lockyer at 2020-10-16T04:45:40+00:00
CVE-2020-1472(ZeroLogon): torture: ServerSetPassword2 all zero enc req
Check that a request that encrypts to all zeros, is rejected if the length
encrypts to itself.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e790f9d2 by Gary Lockyer at 2020-10-16T04:45:40+00:00
CVE-2020-1472(ZeroLogon): torture: ServerSetPassword2 all zero password
Check that a password buffer containing all zeros is rejected.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b2f4a556 by Gary Lockyer at 2020-10-16T04:45:40+00:00
CVE-2020-1472(ZeroLogon): torture: ServerSetPassword2 confounder
Test that a confounder that encrypts to itself is rejected
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
56297c70 by Gary Lockyer at 2020-10-16T04:45:40+00:00
CVE-2020-1472(ZeroLogon): torture: ServerSetPassword2 all zero password
Check that an all zero password is rejected, Note this test user ARC4
encryption so that it passes the self encryption test.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
61f216dc by Gary Lockyer at 2020-10-16T04:45:40+00:00
CVE-2020-1472(ZeroLogon): torture: ServerSetPassword2 max len password
Ensure that a maximum length password (512) is still accepted
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6bf1b988 by Gary Lockyer at 2020-10-16T06:09:05+00:00
CVE-2020-1472(ZeroLogon): torture: ServerSetPassword2 zero password
Ensure that a password of all zeros shorter than the maximum length is
rejected.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Oct 16 06:09:06 UTC 2020 on sn-devel-184
- - - - -
4c5a0cab by Volker Lendecke at 2020-10-16T17:10:34+00:00
test: Use the smb2-based deny2 test in clusteredmember_smb1
There is no reason to use the SMB1-based ntdeny2 test. It was just
an arbitrary test that depends on clustering to work.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c7a3e550 by Volker Lendecke at 2020-10-16T17:10:34+00:00
test: Lift clusteredmember_smb1 to use smb2
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
570c425d by Volker Lendecke at 2020-10-16T18:30:18+00:00
test: Get the clusteredmember environment out of its smb1 corner
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Oct 16 18:30:18 UTC 2020 on sn-devel-184
- - - - -
9b6e2393 by Björn Jacke at 2020-10-17T09:22:31+00:00
spoolss.idl: add some missing PROCESSOR_ARCHITECTURE defines
information from wine's winnt.h and MSDN
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
92123572 by Björn Jacke at 2020-10-17T09:22:31+00:00
spoolss.idl: add some missing processor defines
information from wine's winnt.h
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ca1a3014 by Björn Jacke at 2020-10-17T09:22:31+00:00
spoolss.idl: add spoolss architecture defines, that we require
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
62c514c2 by Björn Jacke at 2020-10-17T09:22:31+00:00
printing: move archi_table declarations into nt_printing.h
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
38391ccc by Björn Jacke at 2020-10-17T09:22:31+00:00
printing/spoolss: add ARM64 support
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
40a4dd28 by Björn Jacke at 2020-10-17T10:46:12+00:00
spoolss.idl: remove obviously bogous PROCESSOR_ARM 0 define
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Sat Oct 17 10:46:12 UTC 2020 on sn-devel-184
- - - - -
67c437bf by Andreas Schneider at 2020-10-19T21:14:21+00:00
s3:tests: Improve test_force_close_share test
This fixes the test with fast disks where 20MB transfers are done in
less than a second.
This also cleans up the code to have less sleeping time!
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Oct 19 21:14:21 UTC 2020 on sn-devel-184
- - - - -
930695b0 by Douglas Bagnall at 2020-10-20T02:26:40+00:00
fuzz_dcerpc_parse_binding: don't leak
Also, by not tallocing at all in the too-long case, we can short
circuit quicker.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Oct 20 02:26:40 UTC 2020 on sn-devel-184
- - - - -
a6ff80cd by Martin Schwenke at 2020-10-20T07:22:08+00:00
s3:ctdbd_conn: Fix the build on FreeBSD
Commit 6b9564c1084d8dc7319857fac984808571ef0eb9 broke the build on
FreeBSD:
[2321/3909] Compiling source3/smbd/process.c
../../source3/smbd/process.c:2797:10: error: use of undeclared identifier 'EREMOTEIO'
return EREMOTEIO;
^
../../source3/smbd/process.c:2833:14: error: use of undeclared identifier 'EREMOTEIO'
if (ret == EREMOTEIO) {
^
2 errors generated.
Use one of the POSIX error codes instead.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Tue Oct 20 07:22:08 UTC 2020 on sn-devel-184
- - - - -
e32846f0 by Alexander Bokovoy at 2020-10-20T08:50:13+00:00
smb.conf.5: add clarification how configuration changes reflected by Samba
Users of Linux distributions know to read smb.conf(5) manual page but
apparently not many of them read smbd(8) and winbindd(8) to understand
how changes to smb.conf file are reflected in the running processes.
Add a small section that makes it clear where to find relevant
information. Also correct the information in smbd, nmbd, and winbindd
manual pages.
The interval at which smbd does check for smb.conf changes was increased
from 60 seconds to 180 seconds in 1999 with commit 3db52feb1f3b.
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Isaac Boukris <iboukris at samba.org>
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Tue Oct 20 08:50:13 UTC 2020 on sn-devel-184
- - - - -
c15c40e0 by Bradley M. Kuhn at 2020-10-20T18:10:50+00:00
Update Samba's DCO license in compliance with CC-BY-SA 4.0
The text of "Samba's Developer Certificate of Origin" is copyrighted
and licensed CC-BY-SA. Add notice for compliance with CC-BY-SA 4.0.
Signed-off-by: Bradley M. Kuhn <bkuhn at sfconservancy.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Simo Sorce <idra at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Oct 20 18:10:50 UTC 2020 on sn-devel-184
- - - - -
5fa89897 by Bradley M. Kuhn at 2020-10-20T22:54:01+00:00
Rename Samba's DCO to Samba Developer's Declaration
In an effort to reduce any confusion about the differences
between the Samba DCO and the Linux DCO, and as a favor to the
Linux community, rename the Samba DCO to the Samba Developer's
Declaration.
Signed-off-by: Bradley M. Kuhn <bkuhn at sfconservancy.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Simo Sorce <idra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Oct 20 22:54:01 UTC 2020 on sn-devel-184
- - - - -
e246976b by Denis Karpelevich at 2020-10-21T01:17:05+00:00
s3:tests: Add tests for 'valid users'.
Extending testsuite for option 'valid/invalid users' from smb.conf.
Signed-off-by: Denis Karpelevich <dkarpele at redhat.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Oct 21 01:17:05 UTC 2020 on sn-devel-184
- - - - -
be51499f by Douglas Bagnall at 2020-10-21T02:28:38+00:00
fuzzing/README: link to wiki
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6d388da7 by Douglas Bagnall at 2020-10-21T02:28:38+00:00
fuzz/oss-fuzz/build-samba: note the calling site
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9dfeb81d by Douglas Bagnall at 2020-10-21T03:47:35+00:00
fuzz/oss-fuzz/build_samba: fetch fuzz seeds
There is a git repository at
https://gitlab.com/samba-team/samba-fuzz-seeds that contains the
seeds. When the master branch of that repository is updated, a CI job
runs that creates a zip file of all the seeds as an artifact. That zip
file is downloaded and unpacked by oss_fuzz/build_samba. The contents
of that zip are further zips that contain the seeds for each fuzzing
binary; these are placed next to the binaries in the manner that
oss-fuzz expects.
That is, beside 'fuzz_foo', we put 'fuzz_foo_seed_corpus.zip' which
contains a pile of fuzz_foo seeds.
There may be times when a new fuzz target does not have a seed corpus,
and times when a removed fuzz target leaves behind a seed corpus.
This is OK, so we don't insist on an exact match between the target
names and the zip names, only that there is some overlap.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Oct 21 03:47:35 UTC 2020 on sn-devel-184
- - - - -
6aa396b0 by Amitay Isaacs at 2020-10-21T05:52:28+00:00
ctdb-common: Avoid aliasing errors during code optimization
When compiling with GCC 10.x and -O3 optimization, the IP checksum
calculation code generates wrong checksum. The function uint16_checksum
gets inlined during optimization and ip4pkt->tcp data gets wrongly
aliased.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14537
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Wed Oct 21 05:52:28 UTC 2020 on sn-devel-184
- - - - -
80347deb by Stefan Metzmacher at 2020-10-21T07:25:37+00:00
python/tests: add DynamicTestCase setUpDynamicTestCases() infrastructure
This can be used in order to run a sepcific test (coded just once)
with an autogenerated set of arguments.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
Pair-Programmed-With: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
06d13440 by Stefan Metzmacher at 2020-10-21T07:25:37+00:00
s4:dsdb:tests: add AclVisibiltyTests
This tests a sorts of combinations in order to
demonstrate the visibility of objects depending on:
- with or without fDoListObject
- with or without explicit DENY ACEs
- A hierachy of objects with 4 levels from the base dn
- SEC_ADS_LIST (List Children)
- SEC_ADS_LIST_LIST_OBJECT (List Object)
- SEC_ADS_READ_PROP
- all possible scopes and basedns
This demonstrates that NO_SUCH_OBJECT doesn't depend purely
on the visibility of the base dn, it's still possible to
get children returned und an invisible base dn.
It also demonstrates the additional behavior with "List Object" mode.
See [MS-ADTS] 5.1.3.3.6 Checking Object Visibility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
d2dd7c2a by Stefan Metzmacher at 2020-10-21T07:25:37+00:00
s4:dsdb:acl_read: introduce aclread_check_object_visible() helper
In future this will do more than aclread_check_parent(),
if we implement fDoListObject and SEC_ADS_LIST_OBJECT handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c4a3028d by Stefan Metzmacher at 2020-10-21T07:25:37+00:00
s4:dsdb:acl_read: fully set up 'struct aclread_context' before the search base acl check
This makes further change much easier.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
faff8e6c by Stefan Metzmacher at 2020-10-21T07:25:37+00:00
s4:dsdb:acl_read: make use of aclread_check_object_visible() for the search base
We should only have one place to do access checks.
Use 'git show -w' to see the minimal diff.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
e1529bed by Stefan Metzmacher at 2020-10-21T07:25:37+00:00
s4:dsdb:acl_read: defer LDB_ERR_NO_SUCH_OBJECT
We may need to return child objects even if the base dn
is invisible.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ffc0bdc6 by Stefan Metzmacher at 2020-10-21T07:25:37+00:00
s4:dsdb:util: add dsdb_do_list_object() helper
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
7223f645 by Stefan Metzmacher at 2020-10-21T08:48:01+00:00
s4:dsdb:acl_read: Implement "List Object" mode feature
See [MS-ADTS] 5.1.3.3.6 Checking Object Visibility
I tried to avoid any possible overhead for the common cases:
- SEC_ADS_LIST (List Children) is already granted by default
- fDoListObject is off by default
Overhead is only added if the administrator turned on
the fDoListObject feature and removed SEC_ADS_LIST (List Children)
from a parent object.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14531
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Oct 21 08:48:02 UTC 2020 on sn-devel-184
- - - - -
ac20617c by Volker Lendecke at 2020-10-21T19:04:38+00:00
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b64949d5 by Volker Lendecke at 2020-10-21T19:04:38+00:00
libsmb: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
051967d9 by Volker Lendecke at 2020-10-21T19:04:38+00:00
smbd: Remove an unused anonymous struct definition
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c71d52b9 by Volker Lendecke at 2020-10-21T19:04:38+00:00
notifyd: Modernize DBG statements
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ad7e2cf6 by Volker Lendecke at 2020-10-21T19:04:38+00:00
smbd: Modernize DBG statements in notify_msg.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2ae42beb by Volker Lendecke at 2020-10-21T19:04:38+00:00
libcli: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f11ef354 by Volker Lendecke at 2020-10-21T19:04:38+00:00
smbcacls: Use ISDOT[DOT] instead of strequal
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1cca034c by Volker Lendecke at 2020-10-21T19:04:38+00:00
smbcacls: Use direct struct initialization
Use implicit NULL/false initialization
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8a61f0eb by Volker Lendecke at 2020-10-21T19:04:38+00:00
libsmb: Use "struct" in self-references
Don't go via the typedefs for next and prev pointers
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
41c78d18 by Volker Lendecke at 2020-10-21T19:04:38+00:00
libsmb: Use ZERO_STRUCTP
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7ce22e2f by Volker Lendecke at 2020-10-21T19:04:39+00:00
libsmb: Use a direct struct initialization to avoid a memset
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4ad0e4d2 by Volker Lendecke at 2020-10-21T19:04:39+00:00
libsmb: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f05020df by Volker Lendecke at 2020-10-21T19:04:39+00:00
includes: nt_printing.h does not need client.h
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d93e0f09 by Volker Lendecke at 2020-10-21T19:04:39+00:00
libsmb: Factor out cli_conn_have_dfs() from cli_resolve_path()
This also does the checks from cli_dfs_check_error(), which can be
removed in the next step.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d845e90e by Volker Lendecke at 2020-10-21T19:04:39+00:00
libsmb: Simplify cli_resolve_path()
The additional conditions in cli_dfs_check_error() were covered
earlier in cli_resolve_path() via cli_conn_have_dfs(). Without those
it's more obvious to directly call NT_STATUS_EQUAL here.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a01dfc29 by Volker Lendecke at 2020-10-21T20:27:57+00:00
lib: Add tevent_req_received() to messaging_filtered_read_recv()
Early talloc_free() for the msg_rec if it's not picked up
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Oct 21 20:27:57 UTC 2020 on sn-devel-184
- - - - -
d031391b by Andrew Bartlett at 2020-10-21T23:07:37+00:00
fuzzing: Fix the oss-fuzz coverage build
It was long thought that the issue here was that no seed corpus was
provided, but actually the issue is that to obtain coverage output
just as we already know for gcc gcov, you must provide fuzzing flags
to both the compile and link phase.
Thankfully clang as a linker does not mind the strange non-linker options
from $COVERAGE_FLAGS.
REF: https://stackoverflow.com/questions/56112019/clang-does-not-generate-profraw-file-when-linking-manually
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19495#c48
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Oct 21 23:07:37 UTC 2020 on sn-devel-184
- - - - -
3b2a9083 by Andrew Walker at 2020-10-21T23:08:43+00:00
lib:util:loadparm - fix leak in lpcfg_dump_a_parameter
This function calls talloc_strdup() for the parm_name passed into
it so that we can check whether it's a parametric entry. It's
allocated under the loadparm context passed into the function.
Primary consumer of this is "testparm" and so context short-lived in
typical use-case, but this is also exposed via pyparam and so the
loadparm context may be somewhat longer-lived depending on how it is
being used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14544
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
7b52c2db by Andrew Walker at 2020-10-22T00:30:38+00:00
s3:param:service - ensure registry shares loaded before home check
Registry shares should be loaded and checked prior to checking home
directories. This ensures that an explicitly defined service takes
priority over home directories (same behavior as non-registry shares).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14543
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Alison <jra at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct 22 00:30:38 UTC 2020 on sn-devel-184
- - - - -
04872508 by Andrew Bartlett at 2020-10-22T12:47:37+00:00
fuzzing: Improve robustness and documentation of the ldd-base library copy
This tries to make progress towards understanding why we sometime see errors like
Step #6: Error occured while running fuzz_reg_parse:
Step #6: /workspace/out/coverage/fuzz_reg_parse: error while loading shared libraries: libavahi-common.so.3: cannot open shared object file: No such file or directory
in the previously failing coverage builds.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
c03a2650 by Andrew Bartlett at 2020-10-22T14:10:04+00:00
oss-fuzz: standardise on RPATH for the static-ish binaries
This includes a revert of commit e60df214998afc145ca482cab184691b3ddc3bb2..
We strictly require RPATH, not the modern RUNPATH for the behaviour
we need in oss-fuzz, which is that not just the first line of dependencies
but the full set of libraries used by the program are looked for in the
'$ORIGIN/lib' directory.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Oct 22 14:10:04 UTC 2020 on sn-devel-184
- - - - -
1262b13f by Jeremy Allison at 2020-10-22T15:34:54+00:00
Add VFS-License-clarification.txt as discussed on the Team list.
Update WHATSNEW.txt with a copy for the next release.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Oct 22 15:34:54 UTC 2020 on sn-devel-184
- - - - -
4cd195aa by Amitay Isaacs at 2020-10-22T16:05:30+00:00
libndr: Avoid assigning duplicate versions to symbols
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14541
Symbols _ndr_push_error and _ndr_pull_error keep getting redefined as
they are included without wildcard in abi_match. Apparently on linux ld
does not complain about duplicate symbols, but on freebsd ld fails to
link with following error:
[ 918/3912] Linking bin/default/librpc/libndr.so
ld: error: duplicate symbol '_ndr_pull_error' in version script
ld: error: duplicate symbol '_ndr_push_error' in version script
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
76db7961 by Andreas Schneider at 2020-10-22T16:05:30+00:00
python: Create targetdir recursively
This fixes `make test` in a release tarball.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
3770f28c by Andreas Schneider at 2020-10-22T16:05:30+00:00
testprogs: Add remove_directory to common test functions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
e58ccdaa by Andreas Schneider at 2020-10-22T16:05:30+00:00
testprogs: Fix and improve demote-saveddb test
This fixes running `make test` in a release tarball!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
e4194355 by Andreas Schneider at 2020-10-22T16:05:30+00:00
testprogs: Fix and improve tombstones-expunge test
This fixes running `make test` in a release tarball!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
a9765084 by Andreas Schneider at 2020-10-22T16:05:30+00:00
testprogs: Fix and improve runtime-links test
This fixes running `make test` in a release tarball!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
d8fe4315 by Andreas Schneider at 2020-10-22T16:05:30+00:00
testprogs: Fix and improve dbcheck-links test
This fixes running `make test` in a release tarball!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
28720d66 by Andreas Schneider at 2020-10-22T16:05:31+00:00
testprogs: Fix and improve functionalprep test
This fixes running `make test` in a release tarball!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
32305d60 by Andreas Schneider at 2020-10-22T16:05:31+00:00
testprogs: Fix and improve dbcheck-oldrelease test
This fixes running `make test` in a release tarball!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
1432d225 by Andreas Schneider at 2020-10-22T17:28:39+00:00
testprogs: Fix and improve upgradeprovision-oldrelease test
This fixes running `make test` in a release tarball!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14542
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Oct 22 17:28:39 UTC 2020 on sn-devel-184
- - - - -
b5f80734 by Andrew Bartlett at 2020-10-22T23:08:31+00:00
oss-fuzz: update comment to reference RPATH for the static-ish binaries
We strictly require RPATH, so fix the comment to avoid mentioning
the modern RUNPATH which is almost but not entirely similar.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a57702db by Andrew Bartlett at 2020-10-22T23:08:31+00:00
oss-fuzz: Always run the check, even on the oss-fuzz platform
It is much harder to determine why we get messages like
Step #6: Error occured while running fuzz_reg_parse:
Step #6: /workspace/out/coverage/fuzz_reg_parse: error while loading shared libraries: libavahi-common.so.3: cannot open shared object file: No such file or directory
instead this detects the failure to use RPATH (which is
strictly required instead of the modern RUNPATH)
otherwise.
We do this by creating a new build_samba.sh after renaming
build_samba.sh to do_build.sh because this is what oss-fuzz
runs, meaning we don't need to coordinate a MR there as well.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
8f66ce0a by Andrew Bartlett at 2020-10-23T00:33:57+00:00
oss-fuzz: Add very verbose explaination for RPATH vs RUNPATH
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Fri Oct 23 00:33:57 UTC 2020 on sn-devel-184
- - - - -
895c729c by David Mulder at 2020-10-23T03:25:34+00:00
py3: Add is_ad_dc_built option to python glue
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
48c9b699 by Andrew Bartlett at 2020-10-23T03:25:35+00:00
.gitlab-ci.yml: Run the coverity submission job in parallel with the builds
This avoids a flapping test elsewhere delying the submission of the code to coverity
for checking.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
09479bf0 by Andrew Bartlett at 2020-10-23T03:25:35+00:00
.gitlab-ci.yml: Ensure we compile before we start the main parallel testing
This build can be as fast as 10mins if the ccache matches and there
are few tests. Therefore put it first as a sentinal.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
302098c3 by Douglas Bagnall at 2020-10-23T03:25:35+00:00
rpc: avoid undefined behaviour when parsing bindings
If the binding string ends with "[", we were setting options to an
empty string, then asking for 'options[strlen(options)-1]', which
UBSan dosn't like because the offset evaluates to (size_t)0xFFFFF...
causing pointer overflow.
I believe this is actually well defined in practice, but we don't want
to be in the habit of leaving sanitiser warnings in code parsing
untrusted strings.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1576421d by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
winbind.idl: rename wbint_TransID.type to wbint_TransID.type_hint
This makes it clear that it's a hint from the parent to the
child.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
58e9b622 by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
s3:passdb: use ID_TYPE_* instead of WBC_ID_TYPE_*
Currently these enums have the same values, but that will
change in future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
f5eec890 by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
test_idmap_tdb_common: correctly initialize the idmap domain with an init function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
95b0dac0 by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
winbindd/idmap: apply const to struct idmap_methods pointers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
7518a0ca by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
winbindd/idmap: apply const to struct nss_info_methods pointers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
7dbe5b48 by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
wb_queryuser: avoid idmap_child() and use idmap_child_handle() instead
This is the only aspect we need here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
5cc21a9d by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
wb_xids2sids: avoid idmap_child() and use idmap_child_handle() instead
This is the only aspect we need here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
1694de1a by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
wb_sids2xids: avoid idmap_child() and use idmap_child_handle() instead
This is the only aspect we need here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
21035436 by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
winbindd: add and use idmap_child_pid()
We should avoid calling idmap_child() as much as possible.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
cd9a9702 by Stefan Metzmacher at 2020-10-23T03:25:35+00:00
winbindd: add and use is_idmap_child()
We should avoid calling idmap_child() as much as possible.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
209e81a2 by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
winbindd: add generic wb_parent_idmap_setup_send/recv() helpers
This is more or less a copy of wb_xids2sids_init_dom_maps_send/recv,
but it's more generic and doesn't imply global state.
It also closes a initialization race by using a tevent_queue to
serialize the calls.
In the next commits we'll replace wb_xids2sids_init_dom_maps_send/recv.
We'll also use the new function in the wb_sids2xids code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
a8f57c94 by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
wb_xids2sids: make use of the new wb_parent_idmap_setup_send/recv() helpers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d42aaeba by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
wb_sids2xids: call wb_parent_idmap_setup_send/recv as the first step
This isn't really used yet, but it will in the next commits.
Also idmap_child_handle() will soon assert that
wb_parent_idmap_setup_send/recv() was called before it's used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
82fd0779 by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
wb_queryuser: explain why wb_parent_idmap_setup_send/recv is not needed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
b8c74b7b by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
winbindd: assert wb_parent_idmap_setup_send/recv() was called before idmap_child_handle()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
28e020c0 by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
winbindd: defer the setup_child() from init_idmap_child()
At startup we trigger a wb_parent_idmap_setup_send() and make
sure setup_child() is called just before wb_parent_idmap_setup_recv()
finished.
This makes sure our view of the idmap config in the parent matches
what we have in the child.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
79c1d3aa by Ralph Boehme at 2020-10-23T03:25:36+00:00
wb_sids2xids: split out wb_sids2xids_next_sids2unix()
Put the code that calls the per-domain idmap backend
in its own function.
This makes further reconstruction easier.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Ralph Boehme <slow at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
04956350 by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
wb_sids2xids: maintain struct wbint_TransIDArray all_ids as cache
Entries with domain_index == UINT32_MAX are valid cache entries.
In the following commits we'll fill in missing entries step by step
until all entries are marked as filled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
797b11f1 by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
wb_sids2xids: rename 'non_cached' to 'lookup_sids'
This array is used to pass to wb_lookupsids_send()
and that will be the only reason to have this in future.
For now it's used for all non cached sids, but that will
also change in the next commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
231c8d04 by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
wb_sids2xids: move more checks to wb_sids2xids_next_sids2unix()
For the first run this is a no-op, but it simplified the caller.
We'll call wb_sids2xids_next_sids2unix() in a few more places in future
and it's easier to have this all within wb_sids2xids_next_sids2unix()..
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
f6bb0ed2 by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
wb_sids2xids: inline wb_sids2xids_extract_for_domain_index() into wb_sids2xids_next_sids2unix()
Instead of re-creating the dom_ids element,
we just use a pre-allocated map_ids_in array.
This is a bit tricky as we need to use map_ids_out as a copy of
map_ids_in, because the _ids argument of dcerpc_wbint_Sids2UnixIDs_send()
in [in,out], which means that _ids->ids is changed between
dcerpc_wbint_Sids2UnixIDs_send() and dcerpc_wbint_Sids2UnixIDs_recv()!
If the domain doesn't need any mappings, we'll move to the next domain
early, for now this can't happend but it will in future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
cda61f59 by Stefan Metzmacher at 2020-10-23T03:25:36+00:00
wb_sids2xids: refactor wb_sids2xids_done() a bit
Here we don't change the logic.
It will make the following changes easier.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
19c8b6a8 by Stefan Metzmacher at 2020-10-23T03:25:37+00:00
wb_sids2xids: change 'i' to 'li' in wb_sids2xids_lookupsids_done()
With all the indexes we have into various array, this makes clear
'li' is the index into the state->lookup_sids array.
This makes the following changes easier to review.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
374acc2e by Stefan Metzmacher at 2020-10-23T03:25:37+00:00
wb_sids2xids: directly use state->all_ids to collect results
In order to translate the indexes from state->lookup_sids[]
for wb_lookupsids_send/recv() and state->map_ids.ids[]
for dcerpc_wbint_Sids2UnixIDs_send/recv() back to
state->all_ids.ids[] or state->sids[] we have state->tmp_idx[].
This simplifies wb_sids2xids_recv() a lot and make further
restructuring much easier.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
3f4626ea by Stefan Metzmacher at 2020-10-23T03:25:37+00:00
wb_sids2xids: fill cache as soon as possible
After adding entries to the cache we can mark them
as filled from the cache by setting its domain_index
to UINT32_MAX.
This will allow further changes to fill the results
into state->all_ids in steps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
c55f4f37 by Stefan Metzmacher at 2020-10-23T03:25:37+00:00
wb_sids2xids: build state->idmap_doms based on wb_parent_idmap_config
In future we'll try to avoid wb_lookupsids_send() and only call
it if needed.
The domain name passed should be only relevant to find the correct
idmap backend, and these should all be available in
wb_parent_idmap_config as it was created before the idmap child was forked.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
493f5d6b by Stefan Metzmacher at 2020-10-23T03:25:37+00:00
winbindd: allow idmap backends to mark entries with ID_[TYPE_WB_]REQUIRE_TYPE
This must only be used between winbindd parent and child!
It must not leak into outside world.
Some backends require ID_TYPE_UID or ID_TYPE_GID as type_hint,
while others may only need ID_TYPE_BOTH in order to validate that
the domain exists.
This will allow us to skip the wb_lookupsids_send/recv in the winbindd parent
in future and only do that on demand.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
54b4d2d3 by Stefan Metzmacher at 2020-10-23T04:47:26+00:00
wb_sids2xids: defer/skip wb_lookupsids* unless we get ID_TYPE_WB_REQUIRE_TYPE
We try to give a valid hint for predefined sids and
pass ID_TYPE_BOTH as a hint that the domain part of the sid is valid.
In most cases the idmap child/backend does not require a type_hint
as mappings already exist.
This is a speed up as we no longer need to contact a domain controller.
It's also possible to accept kerberos authentication without reaching
out to a domain controller at all (if the idmap backend doesn't need a
hint).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Oct 23 04:47:26 UTC 2020 on sn-devel-184
- - - - -
c4cbe061 by Ralph Boehme at 2020-10-23T07:56:32+00:00
vfs: make dirfsp arg to SMB_VFS_READLINKAT() const
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3df5f851 by Ralph Boehme at 2020-10-23T07:56:32+00:00
smbd: fix order of smb_fname flags and twrp args in unlink_internals()
As snapshots are read-only by design, this bug was likely not a real issue so
I'm not creating a BUG for this.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3caf53a0 by Ralph Boehme at 2020-10-23T07:56:32+00:00
smbd: fix order of smb_fname flags and twrp args in call_trans2findfirst()
Also not creating a BUG for this one as I've not seen any reports from the field
that this is causing issues.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ac45ce02 by Ralph Boehme at 2020-10-23T07:56:32+00:00
vfs_streams_xattr: only assert AT_FDCWD for streams
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
219a44ee by Ralph Boehme at 2020-10-23T07:56:32+00:00
vfs_streams_depot: only assert AT_FDCWD for streams
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5161edbd by Ralph Boehme at 2020-10-23T07:56:32+00:00
selftest: remove POSIX test from planned tests for ad_dc_ntvfs environ
Just don't run the tests instead of retrofitting them to the skiplist..
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0d6d53a9 by Ralph Boehme at 2020-10-23T07:56:32+00:00
vfs_default: allow dirfsps in the link VFS functions
The functions work just fine with real dirfsps.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
42b8a431 by Ralph Boehme at 2020-10-23T07:56:33+00:00
smbd: base POSIX semantics in call_trans2findfirst() on req->posix_pathnames
This will require a SMB1 client to enable SMB1 POSIX extensions, just sending
POSIX info-level requests without first enabling them won't cut it.
As discussed with Jeremy, SMB1 POSIX extensions is a global thing and the client
that wants to use it is expected to enable them explicitly before making use of
POSIX info-levels.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2e5e49e4 by Ralph Boehme at 2020-10-23T07:56:33+00:00
smbd: let directory entries inherit the smb_fname->flags from the directory
If the listed directory has SMB_FILENAME_POSIX_PATH set, this change causes the
smb_fname of directory entries to inherit the flag so subsequent operations on
the directory entry can correctly implement POSIX semantics.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
71a57596 by Ralph Boehme at 2020-10-23T07:56:33+00:00
smbd: base POSIX semantics of call_trans2findfirst() on SMB_FILENAME_POSIX_PATH flag
We really want to apply POSIX semantics in this place whenever the client has
enabled UNIX extensions, not only when using UNIX find info-levels.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
29e212dd by Ralph Boehme at 2020-10-23T07:56:33+00:00
smbd: use UCF_POSIX_PATHNAMES flag for path validation logic in filename_convert_internal()
This change means that if a client path is a symlink, we *always* only call
check_veto_path() for POSIX clients using a POSIX pathname, not just when a
POSIX info-level was used in an SMB request.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
df92b06f by Ralph Boehme at 2020-10-23T07:56:33+00:00
smbd: remove use of UCF_UNIX_NAME_LOOKUP
This is now handled by SMB_FILENAME_POSIX_PATH.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
537069b6 by Ralph Boehme at 2020-10-23T07:56:33+00:00
smbd: mark UCF_UNIX_NAME_LOOKUP as unused
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
63a4e883 by Ralph Boehme at 2020-10-23T09:19:12+00:00
smbd: split out POSIX info_levels from smbd_do_setfilepathinfo() into own function
smbd_do_setfilepathinfo() can be made fully handle based for all non-POSIX
infolevels with pathref fsps, but for a POSIX create we may not have a fsp if
the path points at a symlink.
Splitting the POSIX from the non-POSIX logic allows for cleaner handling of this
in the future with pathref fsps.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Oct 23 09:19:12 UTC 2020 on sn-devel-184
- - - - -
9bc9f8ce by Andreas Schneider at 2020-10-23T14:09:42+00:00
s3:script: Fix test_dfree_quota.sh
source3/script/tests/test_dfree_quota.sh: line 200: [: missing `]'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
8fa0d333 by Andreas Schneider at 2020-10-23T14:09:43+00:00
buildtools: Do not install binaries which are for selftest
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
2d89ddb0 by Andreas Schneider at 2020-10-23T14:09:43+00:00
unittests: Mark test binaries for selftest
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
6e25613a by Andreas Schneider at 2020-10-23T14:09:43+00:00
s3:modules: Do not install vfs modules only used for testing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
3b5b23ea by Andreas Schneider at 2020-10-23T15:32:08+00:00
examples:auth: Do not install example plugin
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14550
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Oct 23 15:32:08 UTC 2020 on sn-devel-184
- - - - -
7c8a7e8a by Stefan Metzmacher at 2020-10-23T16:02:37+00:00
librpc/dcesrv_core: move two rpcint_dispatch() copies into dcesrv_call_dispatch_local()
We only need this function once, so that we need to fix bugs only once...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14551
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
42e79cee by Stefan Metzmacher at 2020-10-23T16:02:37+00:00
librpc/dcesrv_core: make use of dcerpc_fault_to_nt_status() in dcesrv_call_dispatch_local()
The caller wants to get a useful NTSTATUS instead of a generic
NT_STATUS_NET_WRITE_FAULT.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14551
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
7bd321e7 by Stefan Metzmacher at 2020-10-23T16:02:37+00:00
librpc/dcesrv_core: assert that dcesrv_call_dispatch_local() never gets async.
This is just not supported for now...
We would need a dcesrv_call_dispatch_local_send/recv in order to
support async calls.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14551
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
d08a6b42 by Stefan Metzmacher at 2020-10-23T17:24:37+00:00
librpc/dcesrv_core: let dcesrv_call_dispatch_local() call context->iface->reply()
This is needed in order to get NDR_PRINT_FUNCTION_DEBUG(..., NDR_OUT) called.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14551
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
Autobuild-User(master): Samuel Cabrero <scabrero at samba.org>
Autobuild-Date(master): Fri Oct 23 17:24:37 UTC 2020 on sn-devel-184
- - - - -
6da16727 by Ralph Boehme at 2020-10-23T17:44:33+00:00
smb: rename NTCREATEX_OPTIONS_PRIVATE_DENY_DOS to NTCREATEX_FLAG_DENY_DOS
Just a shorter name, no change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c2f0fd40 by Ralph Boehme at 2020-10-23T17:44:33+00:00
smb: rename NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to NTCREATEX_FLAG_DENY_FCB
Just a shorter name, no change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4481259f by Ralph Boehme at 2020-10-23T17:44:34+00:00
smb: rename NTCREATEX_OPTIONS_PRIVATE_DELETE_ON_CLOSE to NTCREATEX_FLAG_DELETE_ON_CLOSE
Just a shorter name, no change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
45017205 by Ralph Boehme at 2020-10-23T17:44:34+00:00
smb: rename NTCREATEX_OPTIONS_PRIVATE_STREAM_BASEOPEN to NTCREATEX_FLAG_STREAM_BASEOPEN
Just a shorter name, no change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7d9b32c8 by Ralph Boehme at 2020-10-23T17:44:34+00:00
smb: update comments on the NTCREATEX_FLAG_* flags
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4b53e583 by Ralph Boehme at 2020-10-23T17:44:34+00:00
s3: add and use MS-FSCC Codes from 2.4 and 2.5
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f33b91a9 by Ralph Boehme at 2020-10-23T17:44:34+00:00
smbd: add and use SMB2_FILE_FULL_EA_INFORMATION
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0dad9a31 by Ralph Boehme at 2020-10-23T19:06:40+00:00
smbd: add and use SMB2_FILE_ALL_INFORMATION
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Oct 23 19:06:40 UTC 2020 on sn-devel-184
- - - - -
5bb796cb by Volker Lendecke at 2020-10-24T05:57:31+00:00
lib: Fix includes for messages.h
It references struct tevent_context
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
79b0829e by Volker Lendecke at 2020-10-24T05:57:31+00:00
notify: Remove an unused structure definition
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4dac4859 by Volker Lendecke at 2020-10-24T05:57:31+00:00
notifyd: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3e648e9d by Volker Lendecke at 2020-10-24T05:57:31+00:00
notifyd: Factor out notifyd_parse_entry() into its own file
The next step will be to factor out notifyd_parse_db() and and
notify_walk() for consumption outside of smbd. notifyd_parse_db()
needs access to the internal representation of notifyd's database, so
move it into a commonly usable file.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
49859ac1 by Volker Lendecke at 2020-10-24T05:57:31+00:00
notifyd: Factor out notify_walk() into its own file
To be used in smbtorture, avoid having to include almost all of smbd
just for this
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
741428ea by Volker Lendecke at 2020-10-24T05:57:31+00:00
notifyd: Add fcn_wait_send()/recv()
tevent_req based functions to listen for file change
notifications. Mainly right now for testing purposes, but it could be
used to also implement smbd's file change notify in a more tevent_req
based fashion than it is implemented now.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
609867ef by Volker Lendecke at 2020-10-24T05:57:31+00:00
test: Add a first unit test for notifyd
Use the notifyd "messaging" protocol to check if notifyd works at all
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bbc065da by Volker Lendecke at 2020-10-24T07:20:17+00:00
test: Check that notifyd messages actually change the database
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Oct 24 07:20:17 UTC 2020 on sn-devel-184
- - - - -
183d5d63 by Alexander Bokovoy at 2020-10-26T18:33:40+00:00
DNS Resolver: support both dnspython before and after 2.0.0
`dnspython` 2.0.0 has many changes and several deprecations like:
```
> dns.resolver.resolve() has been added, allowing control of whether
search lists are used. dns.resolver.query() is retained for backwards
compatibility, but deprecated. The default for search list behavior can
be set at in the resolver object with the use_search_by_default
parameter. The default is False.
> dns.resolver.resolve_address() has been added, allowing easy
address-to-name lookups.
```
The new class `DNSResolver`:
- provides the compatibility layer
- defaults the previous behavior (the search list configured in the
system's resolver configuration is used for relative names)
- defaults lifetime to 15sec (determines the number of seconds
to spend trying to get an answer to the question)
The compatibility shim was developed by Stanislav Levin for FreeIPA and
adopted for Samba by Alexander Bokovoy.
Signed-off-by: Stanislav Levin <slev at altlinux.org>
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
3e27dc48 by Alexander Bokovoy at 2020-10-26T19:58:17+00:00
daemons: report status to systemd even when running in foreground
When systemd launches samba services, the configuration we have in
systemd service files expects that the main process (/usr/sbin/*)
would use sd_notify() to report back its status. However, we only use
sd_notify() when running become_daemon().
As a result, samba/smbd/winbindd/nmbd processes never report back its
status and the status updates from other childs (smbd, winbindd, etc)
are not accepted as we now have implied NotifyAccess=main since commit
d1740fb3d5a72cb49e30b330bb0b01e7ef3e09cc
This leads to a timeout and killing samba process by systemd. Situation
is reproducible in Fedora 33, for example.
Make sure that we have required status updates for all daemons in case
we aren't runnning in interactive mode.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14552
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Oct 26 19:58:18 UTC 2020 on sn-devel-184
- - - - -
341adfdf by Mikhail Novosyolov at 2020-10-28T14:04:31+00:00
s3: fix running genmsg in pure git
xgettext wants pam_winbind.po to exist.
Without this running ./genmsg in cloned git fails.
Signed-off-by: Mikhail Novosyolov <m.novosyolov at rosalinux.ru>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
7958abe3 by Mikhail Novosyolov at 2020-10-28T14:04:31+00:00
s3: update paths in genmsg of pam_winbind
Signed-off-by: Mikhail Novosyolov <m.novosyolov at rosalinux.ru>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
c218ad1a by Mikhail Novosyolov at 2020-10-28T14:04:31+00:00
s3: update list of languages in genmsg of pam_winbind
Removed languages for which translations do not exist.
Signed-off-by: Mikhail Novosyolov <m.novosyolov at rosalinux.ru>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
c69d710f by Mikhail Novosyolov at 2020-10-28T14:04:31+00:00
s3: Rerun genmsg to update pam_winbind after 10 years
Previous run was in 2010 (10 years ago!), a lot of strings have changed.
Also removed all fuzzies because many strings do not exist any more in nterr.c
and then regenerated pos to restore strings that do exist.
I ran:
$ ./genmsg (with previous commits applied)
$ for i in *.po ; do mv -v $i ${i}.t && msgattrib --no-fuzzy -o $i ${i}.t && rm -fv ${i}.t ; done
$ ./genmsg
bjacke edited: don't remove old nterr.c translations, we should keep those
translatins and translate the mappings to the new strings coming from
nterr_gen.c, see b7b289f372535dc479a9c9b7ea80da4711edf4f8 for the related
change.
Signed-off-by: Mikhail Novosyolov <m.novosyolov at rosalinux.ru>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
d619a578 by Mikhail Novosyolov at 2020-10-28T15:31:05+00:00
s3: update Russian translation of pam_winbind
Signed-off-by: Mikhail Novosyolov <m.novosyolov at rosalinux.ru>
Reviewed-by: Björn Jacke <bjacke at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Wed Oct 28 15:31:05 UTC 2020 on sn-devel-184
- - - - -
5f92ec69 by Andreas Schneider at 2020-10-28T17:52:19+00:00
s4:torture: Pass buffer correctly to write()
../../source4/torture/basic/denytest.c: In function ‘torture_createx_specific.isra’:
../../source4/torture/basic/denytest.c:2372:9: error: ‘write’ reading 56 bytes from a region of size 8 [-Werror=stringop-overflow=]
2372 | res = write(data_file_fd, &cxd, cxd_len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14555
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Oct 28 17:52:19 UTC 2020 on sn-devel-184
- - - - -
cc490112 by Andrew Walker at 2020-10-29T03:31:56+00:00
s3:rpcclient fix NULL - deref caused by misuse of chgpasswd3
Passing wrong number of arguments to chgpasswd3 will cause rpcclient to crash.
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct 29 03:31:56 UTC 2020 on sn-devel-184
- - - - -
a380f19d by Volker Lendecke at 2020-10-29T10:25:37+00:00
CVE-2020-14323 winbind: Fix invalid lookupsids DoS
A lookupsids request without extra_data will lead to "state->domain==NULL",
which makes winbindd_lookupsids_recv trying to dereference it.
Reported by Bas Alberts of the GitHub Security Lab Team as GHSL-2020-134
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14436
Signed-off-by: Volker Lendecke <vl at samba.org>
- - - - -
40f23c24 by Volker Lendecke at 2020-10-29T10:25:37+00:00
CVE-2020-14323 torture4: Add a simple test for invalid lookup_sids winbind call
We can't add this test before the fix, add it to knownfail and have the fix
remove the knownfail entry again. As this crashes winbind, many tests after
this one will fail.
Reported by Bas Alberts of the GitHub Security Lab Team as GHSL-2020-134
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14436
Signed-off-by: Volker Lendecke <vl at samba.org>
- - - - -
6e143d9c by Jeremy Allison at 2020-10-29T10:25:37+00:00
s4: torture: Add smb2.notify.handle-permissions test.
Add knownfail entry.
CVE-2020-14318
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14434
Signed-off-by: Jeremy Allison <jra at samba.org>
- - - - -
3076566d by Jeremy Allison at 2020-10-29T11:47:35+00:00
s3: smbd: Ensure change notifies can't get set unless the directory handle is open for SEC_DIR_LIST.
Remove knownfail entry.
CVE-2020-14318
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14434
Signed-off-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Thu Oct 29 11:47:35 UTC 2020 on sn-devel-184
- - - - -
56879ec5 by Andreas Schneider at 2020-10-29T14:19:36+00:00
idl: Add SID_SAMBA_SMB3
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
905c2b97 by Andreas Schneider at 2020-10-29T14:19:36+00:00
s3:smbd: Add SMB3 connection information to session info
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
8bbe5c8c by Andreas Schneider at 2020-10-29T14:19:36+00:00
librpc: Add dcerpc helper dcerpc_is_transport_encrypted()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
5f1a73be by Andreas Schneider at 2020-10-29T14:19:36+00:00
s3:smbd: Use defines to set 'srv_smb_encrypt'
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
c6a21e18 by Andreas Schneider at 2020-10-29T14:19:36+00:00
s3:rpc_server: Allow to use RC4 for setting passwords
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
a9c532c6 by Andreas Schneider at 2020-10-29T14:19:36+00:00
s4:rpc_server: Allow to use RC4 for setting passwords
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
32d4c75d by Isaac Boukris at 2020-10-29T14:19:36+00:00
lib:crypto: Add py binding for set_relax/strict fips mode
Signed-off-by: Isaac Boukris <iboukris at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
7d54e4b4 by Andreas Schneider at 2020-10-29T14:19:36+00:00
s4:param: Add 'weak crypto' getter to pyparam
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
9a3ba502 by Andreas Schneider at 2020-10-29T14:19:37+00:00
python:tests: Add SAMR password change tests for fips
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
ebd68733 by Andreas Schneider at 2020-10-29T15:41:37+00:00
python:tests: Add SAMR password change tests for fips
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Oct 29 15:41:37 UTC 2020 on sn-devel-184
- - - - -
9214fcec by Jule Anger at 2020-10-29T18:54:24+00:00
tests: avoid returning an already used ID in randomXid()
The error 'uidNumber xxx is already being used.' in the samba tool tests
occurs when the random.randint functions returns the same value twice and
therefore a user or group with an already used gid or uid should be created.
Avoid this error by adding a list that stores the used IDs, so that the randomXid
function can check wheter a value is already used before returning it.
Signed-off-by: Jule Anger <ja at sernet.de>
Reviewed-by: Björn Baumbach <bb at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct 29 18:54:24 UTC 2020 on sn-devel-184
- - - - -
e8f31e5c by Björn Jacke at 2020-10-29T20:49:16+00:00
pam_winbind/ro.po: fix error from previous patch merge
fixes up d619a57804d200e351b509d67a8c76042cb9daa8
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14491
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Björn Baumbach <bbaumbach at samba.org>
Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Thu Oct 29 20:49:16 UTC 2020 on sn-devel-184
- - - - -
ee79d39a by Rowland Penny at 2020-10-30T17:11:02+00:00
idmap_nss.8.xml: update manpage as discussed on the samba mailing
list
Signed-off-by: Rowland Penny <rpenny at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Oct 30 17:11:02 UTC 2020 on sn-devel-184
- - - - -
9404f863 by Martin Schwenke at 2020-11-02T08:58:31+00:00
ctdb-daemon: Clean up socket bind/secure/listen
Obey the coding style, modernise debug macros, clean up whitespace.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
78c3b5b6 by Martin Schwenke at 2020-11-02T08:58:31+00:00
ctdb-daemon: Clean up call to bind socket
Variable res is only used once and ret is re-used many times. Drop
res, use ret, which doesn't need to be initialised. Modernise debug
macro.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
65ab8cb0 by Martin Schwenke at 2020-11-02T08:58:31+00:00
ctdb-daemon: Do not attempt to chown Unix domain socket in test mode
If run with UID wrapper and UID_WRAPPER_ROOT=1 then securing the
socket will fail.
Test mode means that local daemons are in use, so securing the socket
is not important.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
4bf01030 by Martin Schwenke at 2020-11-02T10:20:45+00:00
selftest: Drop dummy environment variables for CTDB daemons
This existed to avoid UID_WRAPPER_ROOT=1 causing ctdbd to fail to
chown the socket. The chown is no longer done in test mode so remove
this confusing hack.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Amitay Isaacs <amitay at samba.org>
Autobuild-Date(master): Mon Nov 2 10:20:45 UTC 2020 on sn-devel-184
- - - - -
08f8f665 by Sachin Prabhu at 2020-11-02T20:18:33+00:00
docs-xml/manpages: Add warning about write-behind translator for vfs_glusterfs
Add warning about data corruption with the write-behind translator.
The data corruption is highlighted by the smbtorture test smb2.rw.rw1.
More information about this data corruption issue is available in the
bz.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
2a49ccbc by Günther Deschner at 2020-11-02T21:40:33+00:00
s3-vfs_glusterfs: refuse connection when write-behind xlator is present
s3-vfs_glusterfs: refuse connection when write-behind xlator is present
Once the new glusterfs api is available we will programmtically disable
the translator, for now we just refuse the connection as there is
a potential for serious data damage.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Pair-Programmed-With: Sachin Prabhu <sprabhu at redhat.com>
Pair-Programmed-With: Anoop C S <anoopcs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Nov 2 21:40:33 UTC 2020 on sn-devel-184
- - - - -
6a9d22f4 by Douglas Bagnall at 2020-11-03T00:33:41+00:00
dsdb/mod/operational: correct comment arithmetic
E + F is not 1F! E + F is 1D!
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7d846cd1 by Jeremy Allison at 2020-11-03T01:56:59+00:00
s3: modules: vfs_glusterfs: Fix leak of char **lines onto mem_ctx on return.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Nov 3 01:56:59 UTC 2020 on sn-devel-184
- - - - -
1298280a by Andreas Schneider at 2020-11-03T15:25:37+00:00
auth:creds: Rename CRED_USE_KERBEROS values
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
1a92994a by Andreas Schneider at 2020-11-03T15:25:37+00:00
auth:creds:tests: Migrate test to a cmocka unit test
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
27480333 by Andreas Schneider at 2020-11-03T16:47:57+00:00
s3:vfs: Document the encryption_required flag in vfs.h
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Nov 3 16:47:57 UTC 2020 on sn-devel-184
- - - - -
0bc93500 by Björn Baumbach at 2020-11-03T22:55:37+00:00
samba-tool: add new "user unlock" command
Can be used to unlock a user when the badPwdCount has been reached.
Introduces SamDB error classes, as suggested by
Douglas Bagnall <douglas.bagnall at catalyst.net.nz> - thanks!
This helps to handle expected failures.
Tracebacks of really unexpected failures will not be hidden.
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
a1b02120 by Björn Baumbach at 2020-11-04T00:19:25+00:00
selftest: add test for new "samba-tool user unlock" command
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Wed Nov 4 00:19:25 UTC 2020 on sn-devel-184
- - - - -
eb0474d2 by Alexander Bokovoy at 2020-11-04T14:59:34+00:00
cli_credentials_parse_string: fix parsing of principals
When parsing a principal-like name, user name was left with full
principal instead of taking only the left part before '@' sign.
>>> from samba import credentials
>>> t = credentials.Credentials()
>>> t.parse_string('admin at realm.test', credentials.SPECIFIED)
>>> t.get_username()
'admin at realm.test'
The issue is that cli_credentials_set_username() does a talloc_strdup()
of the argument, so we need to change order of assignment to allow
talloc_strdup() to copy the right part of the string.
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
00f4262e by Alexander Bokovoy at 2020-11-04T14:59:34+00:00
cli_credentials: add a helper to parse user or group names
cli_credentials_parse_string() parses a string specified for -U option
in command line tools. It has a side-effect that '%' character is always
considered to be a separator after which a password is specified.
Active Directory does allow to create user or group objects with '%' in
the name. It means cli_credentials_parse_string() will not be able to
properly parse such name.
Introduce cli_credentials_parse_name() for the cases when a password is
not expected in the name and call to cli_credentials_parse_name() from
cli_credentials_parse_string().
Test cli_credentials_parse_name() with its intended use in lookup_name()
refactoring.
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
f9016912 by Alexander Bokovoy at 2020-11-04T16:23:40+00:00
lookup_name: allow lookup for own realm
When using a security tab in Windows Explorer, a lookup over a trusted
forest might come as realm\name instead of NetBIOS domain name:
--------------------------------------------------------------------
[2020/01/13 11:12:39.859134, 1, pid=33253, effective(1732401004, 1732401004), real(1732401004, 0), class=rpc_parse] ../../librpc/ndr/ndr.c:471(ndr_print_function_debug)
lsa_LookupNames3: struct lsa_LookupNames3
in: struct lsa_LookupNames3
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000000e-0000-0000-1c5e-a750e5810000
num_names : 0x00000001 (1)
names: ARRAY(1)
names: struct lsa_String
length : 0x001e (30)
size : 0x0020 (32)
string : *
string : 'ipa.test\admins'
sids : *
sids: struct lsa_TransSidArray3
count : 0x00000000 (0)
sids : NULL
level : LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 (6)
count : *
count : 0x00000000 (0)
lookup_options : LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
client_revision : LSA_CLIENT_REVISION_2 (2)
--------------------------------------------------------------------
Allow this lookup using realm to be done against primary domain when we
are a domain controller. This corresponds to FreeIPA use of Samba as a
DC. For normal domain members a realm-based lookup falls back to a
lookup over to its own domain controller with the help of winbindd.
Refactor user name parsing code to reuse cli_credentials_* API to be
consistent with other places. cli_credentials_parse_name() handles
both domain and realm-based user name variants.
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Wed Nov 4 16:23:40 UTC 2020 on sn-devel-184
- - - - -
0851afdf by Volker Lendecke at 2020-11-04T18:55:39+00:00
libsmb: Improve wording of a comment in cli_smb2_list
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
669414ef by Volker Lendecke at 2020-11-04T18:55:39+00:00
libsmb: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
af49efcd by Volker Lendecke at 2020-11-04T18:55:39+00:00
libreplace: Compare a pointer against NULL, not 0
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
40cec276 by Volker Lendecke at 2020-11-04T18:55:39+00:00
smbd: Align two integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7ea5c1f0 by Volker Lendecke at 2020-11-04T18:55:39+00:00
libsmb: Fix a signed/unsigned warning
"num_bytes" is uint32_t, "received" is uint16_t. The multiplication
seems to implicitly widen "received" to int, leading to a
signed/unsigned warning. This cast makes that warning go away.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
95e23517 by Volker Lendecke at 2020-11-04T18:55:40+00:00
torture: Show that recursive ls across dfs is broken
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f879c833 by Volker Lendecke at 2020-11-04T18:55:40+00:00
smbclient: Move variable declarations closer to their use
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fd430864 by Volker Lendecke at 2020-11-04T18:55:40+00:00
smbclient: Wrap a few long lines
Make the next patch simpler
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
623bc39b by Volker Lendecke at 2020-11-04T18:55:40+00:00
smbclient: Introduce struct do_list_helper_state
We'll pass more information to do_list_helper() soon
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
88666564 by Volker Lendecke at 2020-11-04T18:55:40+00:00
smbclient: Add "mask" to do_list_helper_state
To me this is simpler to understand than to rely on the cli_list
callback which goes through some function call layers. Also, this
gives more obvious control over what we pass in the next patch.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4cc4938a by Volker Lendecke at 2020-11-04T18:55:40+00:00
smbclient: Fix recursive "ls" across DFS links
This is an a bit subtle patch: The main trick is that the previous
code a DFS-style \\server\share\dir1\dir2 path ended up in the list of
directories to enumerate. This was then processed by do_list again,
passing it to cli_resolve_path. However, cli_resolve_path always
expects non-DFS style paths as input. This patch passes the original,
non-DFS path to do_list_helper(), so that it ends up without the DFS
style \\server\share prefix in the directory queue.
>From general failure it just fails on the SMB1-based environments,
like the other smbclient_s3 ones in knownfail.d/smb1-tests
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4ebe72b9 by Volker Lendecke at 2020-11-04T18:55:40+00:00
libsmb: Remove "mntpoint" argument from cli_list() callback
do_list()/do_list_helper() in source3/client/client.c was the only user of this
argument. And that use was wrong.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a7d39ed1 by Volker Lendecke at 2020-11-04T18:55:40+00:00
libsmb: Remove "mntpoint" argument from cli_list_trans() callback
This was unused in the callers, also do this for symmetry.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3e8ce497 by Volker Lendecke at 2020-11-04T20:17:47+00:00
libsmb: Remove cli_state->dfs_mountpoint
Not used anymore
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Nov 4 20:17:47 UTC 2020 on sn-devel-184
- - - - -
80ff5a37 by Bradley M. Kuhn at 2020-11-04T21:29:40+00:00
VFS-License-clarification: minor improvements aligning w/ GPLv3 text
The phrase "derived work" and word "derived" don't appear in GPLv3;
instead, GPLv3 uses the phrases "modified version" and "based on" to
implement the strong copyleft clause. Herein, align the VFS
statement with the phrases as they appear in the GPLv3 since Samba's
license is GPLv3-or-later.
Included are also a few other very minor wording changes as suggested
by legal counsel who is experienced with presenting these sorts of
licensing statements to company lawyers and suggests these changes
will comfort that constituency.
Finally, update both occurrences of the statement in the codebase in
two different files.
Signed-off-by: Bradley M. Kuhn <bkuhn at sfconservancy.org>
Reviewed-by: Jim McDonough <jmcd at samba.org>
Reviewed-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a51cda69 by Günther Deschner at 2020-11-04T22:53:49+00:00
s3-vfs_glusterfs: always disable write-behind translator
The "pass-through" option has now been merged upstream as of:
https://github.com/gluster/glusterfs/pull/1640
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Pair-Programmed-With: Anoop C S <anoopcs at samba.org>
Pair-Programmed-With: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Nov 4 22:53:49 UTC 2020 on sn-devel-184
- - - - -
04248f5e by Gary Lockyer at 2020-11-04T22:54:41+00:00
selftest: add mit kdc specific known fail
Add a MIT kerberos specific known fail, will be needed by subsequent
commits.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b14dca7c by Gary Lockyer at 2020-11-04T22:54:41+00:00
tests python krb5: Make PrincipalName_create a class method
Make PrincipalName_create a class method, so it can be used in helper
classes.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
41c8aa4b by Gary Lockyer at 2020-11-04T22:54:41+00:00
tests python krb5: Add canonicalize flag to ASN1
Add the canonicalize flag to KerberosFlags, so that it can be used in
python based canonicalization tests.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
005435dc by Gary Lockyer at 2020-11-04T22:54:41+00:00
tests python krb5: Add python kerberos canonicalization tests
Add python canonicalization tests, loosely based on the code in
source4/torture/krb5/kdc-canon-heimdal.c. The long term goal is to move
the integration level tests out of kdc-canon-heimdal, leaving it as a
heimdal library unit test.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8aebd486 by Andreas Schneider at 2020-11-05T00:17:54+00:00
bootstrap: Add Fedora 33
This removes Fedora 31 support.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Nov 5 00:17:55 UTC 2020 on sn-devel-184
- - - - -
49efe0ca by Alexander Bokovoy at 2020-11-05T06:30:31+00:00
Revert "cli_credentials_parse_string: fix parsing of principals"
This reverts commit eb0474d27bae4592b25ac6bf600da29c6a1cb9f8.
- - - - -
5d80b179 by Alexander Bokovoy at 2020-11-05T06:30:31+00:00
Revert "cli_credentials: add a helper to parse user or group names"
This reverts commit 00f4262ed0b22f6e333e5a29c5590b62c783905c.
- - - - -
ca07dc77 by Alexander Bokovoy at 2020-11-05T07:53:02+00:00
Revert "lookup_name: allow lookup for own realm"
This reverts commit f901691209867b32c2d7c5c9274eee196f541654.
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Thu Nov 5 07:53:03 UTC 2020 on sn-devel-184
- - - - -
c2fcd83e by Andrew Walker at 2020-11-06T04:58:31+00:00
s4:libnet:py_net - free event context in dealloc fn
Creation of a new Net() object initializes an event context under
a NULL talloc context and then creates a new talloc context as a
child of the event context. The deallocation function for the
net object only frees the child and not the parent. This leaks an
fd for the tevent context and associated memory.
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Nov 6 04:58:31 UTC 2020 on sn-devel-184
- - - - -
f0f8de9d by Isaac Boukris at 2020-11-06T10:02:35+00:00
Add smb2cli_session_get_encryption_cipher()
When 'session->smb2->should_encrypt' is true, the client MUST encrypt
all transport messages (see also MS-SMB2 3.2.4.1.8).
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
339bfcd6 by Isaac Boukris at 2020-11-06T10:02:35+00:00
Add dcerpc_transport_encrypted()
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
eba91f0d by Isaac Boukris at 2020-11-06T10:02:35+00:00
Add py binding for dcerpc_transport_encrypted
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
a77551be by Isaac Boukris at 2020-11-06T10:02:35+00:00
selftest: add a test for py dce transport_encrypted
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
c2644032 by Isaac Boukris at 2020-11-06T10:02:35+00:00
Add CreateTrustedDomainRelax wrapper for fips mode
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
baf4e293 by Isaac Boukris at 2020-11-06T10:02:35+00:00
Use the new CreateTrustedDomainRelax()
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
cfaad16f by Isaac Boukris at 2020-11-06T10:02:35+00:00
selftest: add a test for the CreateTrustedDomainRelax wrapper
Originally copied from 'source4/scripting/devel/createtrust'
(had to drop the TRUST_AUTH_TYPE_VERSION part though, as it
fails against samba DC).
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
60415352 by Isaac Boukris at 2020-11-06T11:25:02+00:00
Remove source4/scripting/devel/createtrust script
We now have the 'samba-tool domain trust' command.
Signed-off-by: Isaac Boukris <iboukris at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
Autobuild-Date(master): Fri Nov 6 11:25:02 UTC 2020 on sn-devel-184
- - - - -
7b479c31 by David Disseldorp at 2020-11-06T18:56:29+00:00
build: put quotes around '!vfs_snapper' module instructions
Otherwise the exclamation may get swallowed by shell, leading to further
confusion.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
710196f0 by David Disseldorp at 2020-11-06T20:19:22+00:00
doc: improve --with-shared-modules documentation
Remove statement about lack of support. Add description and example for
how to explicitly disable modules via a '!' prefix.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Nov 6 20:19:22 UTC 2020 on sn-devel-184
- - - - -
86eb6423 by Jeremy Allison at 2020-11-09T02:46:49+00:00
lib: talloc: Cleanup. Use consistent preprocessor logic macros.
Match other use of ALWAYS_REALLOC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14540
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6e0aab0b by Jeremy Allison at 2020-11-09T02:46:49+00:00
lib: talloc: Fix pool object accounting when doing talloc_realloc() in the ALWAYS_REALLOC compiled case.
tc_alloc_pool() or the fallback malloc can return NULL.
Wait until we know we are returning a valid pointer
before decrementing pool_hdr->object_count due to
reallocing out of the talloc_pool.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14540
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
30a8bea8 by Arran Cudbard-Bell at 2020-11-09T02:46:49+00:00
lib: talloc: Add more debugging text for existing memlimit + pool tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14540
Signed-off-by: Arran Cudbard-Bell <a.cudbardb at freeradius.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
4566ee91 by Jeremy Allison at 2020-11-09T02:46:50+00:00
lib: talloc: Fix memlimit on pool realloc.
We only have to do the memlimit check before any
real malloc or realloc. Allocations out of a
memory pool have already been counted in the
memory limit, so don't check in those cases.
This is an application-visible change (although
fixing a bug) so bump the ABI to 2.3.1 -> 2.3.2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14540
Signed-off-by: Jeremy Allison <jra at samba.org>
Signed-off-by: Arran Cudbard-Bell <a.cudbardb at freeradius.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a5052c73 by Arran Cudbard-Bell at 2020-11-09T02:46:50+00:00
lib: talloc: More tests for realloc when used with memlimited pools
This requires the previous patch.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14540
Signed-off-by: Arran Cudbard-Bell <a.cudbardb at freeradius.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5cb51343 by Gary Lockyer at 2020-11-09T02:46:50+00:00
selftest: add heimdal kdc specific known fail
Add a heimdal kerberos specific known fail, will be needed by subsequent
commits.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1e1d8b9c by Gary Lockyer at 2020-11-09T02:46:50+00:00
tests python krb5: Add python kerberos compatability tests
Add new python test to document the differences between the MIT and
Heimdal Kerberos implementations.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e5e17590 by Jeremy Allison at 2020-11-09T04:10:45+00:00
s3: spoolss: Make parameters in call to user_ok_token() match all other uses.
We already have p->session_info->unix_info->unix_name, we don't
need to go through a legacy call to uidtoname(p->session_info->unix_token->uid).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14568
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Nov 9 04:10:45 UTC 2020 on sn-devel-184
- - - - -
6c11e5f4 by Andreas Schneider at 2020-11-09T08:58:35+00:00
s3:rpc_server: Use gnutls_cipher_decrypt() in get_trustdom_auth_blob()
It doesn't matter for RC4, but just to be correct.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
c93ccebd by Andreas Schneider at 2020-11-09T08:58:35+00:00
s4:rpc_server: Use gnutls_cipher_decrypt() in get_trustdom_auth_blob()
It doesn't matter for RC4, but just to be correct.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
4425f2c1 by Andreas Schneider at 2020-11-09T08:58:35+00:00
s3:rpc_server: Allow to use RC4 for creating trusts
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
c75dd1ea by Andreas Schneider at 2020-11-09T08:58:35+00:00
s4:rpc_server: Allow to use RC4 for creating trusts
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
b8913401 by Andreas Schneider at 2020-11-09T10:22:51+00:00
sefltest: Enable the dcerpc.createtrustrelax test against ad_dc_fips
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Nov 9 10:22:51 UTC 2020 on sn-devel-184
- - - - -
be03ce7d by Anoop C S at 2020-11-09T13:30:06+00:00
manpages/vfs_glusterfs: Mention silent skipping of write-behind translator
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486
Signed-off-by: Anoop C S <anoopcs at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Mon Nov 9 13:30:06 UTC 2020 on sn-devel-184
- - - - -
96e2cf79 by Björn Jacke at 2020-11-10T06:53:42+00:00
replace/waf: fix libnsl checking on Solaris
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b9e8959c by Björn Jacke at 2020-11-10T06:53:42+00:00
waf/texpect: add required nsl dependency for Solaris
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
edb10125 by Björn Jacke at 2020-11-10T06:53:42+00:00
replace: define BOOL_DEFINED to fix header yp_prot header check on Solaris
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
104b3545 by Björn Jacke at 2020-11-10T06:53:42+00:00
heimdal_build: silence warning: macro redefined
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a223c5b5 by Björn Jacke at 2020-11-10T06:53:42+00:00
waf: use _POSIX_PTHREAD_SEMANTIC on Solaris
Solaris uses POSIX draft function calls by default for a number of functions,
unless you set _POSIX_PTHREAD_SEMANTIC
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
bbfd93f7 by Björn Jacke at 2020-11-10T06:53:42+00:00
debug: remove a cast, which makes the Solaris Studio compiler unhappy
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14526
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a4e90cfe by Björn Jacke at 2020-11-10T06:53:42+00:00
http_conn.c: fix "void function cannot return value" error
this made the studio compiler build break
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
cce4e801 by Björn Jacke at 2020-11-10T06:53:42+00:00
auth_generic: fix empty initializer compile warning
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6b855429 by Björn Jacke at 2020-11-10T06:53:43+00:00
talloc: fix studio compiler build
Solaris Studio compiler 12.4 is pedantic about prototypes in headers having
the external visibility declarations too. It throws errors like:
redeclaration must have the same or more restrictive linker scoping: ...
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
268fcfdd by Björn Jacke at 2020-11-10T06:53:43+00:00
talloc/pytalloc: fix studio compler build
Solaris Studio compiler 12.4 is pedantic about prototypes in headers having
the external visibility declarations too. It throws errors like:
redeclaration must have the same or more restrictive linker scoping: ...
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
3c1013ca by Björn Jacke at 2020-11-10T06:53:43+00:00
tdb: fix studio compiler build
Solaris Studio compiler 12.4 is pedantic about prototypes in headers having
the external visibility declarations too. It throws errors like:
redeclaration must have the same or more restrictive linker scoping: ...
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
aa8d6c77 by Björn Jacke at 2020-11-10T06:53:43+00:00
pidl: use unused attribute only if supported by feature macro
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
e4f33548 by Björn Jacke at 2020-11-10T06:53:43+00:00
torture/sharemode: fix empty initializer compile warning
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c862ad64 by Björn Jacke at 2020-11-10T06:53:43+00:00
ldb_kv_index: fix empty initializer compile warning
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
91831712 by Björn Jacke at 2020-11-10T06:53:43+00:00
ldb_key_value_test: studio compiler doesn't like empty struct definitions
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c305ab07 by Björn Jacke at 2020-11-10T06:53:43+00:00
ldb_parse_test: studio compiler doesn't like empty struct definitions
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
37b81f91 by Björn Jacke at 2020-11-10T06:53:43+00:00
util_net: fix a statement not reached warning
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c32eb006 by Björn Jacke at 2020-11-10T06:53:43+00:00
waf: check for pragma init/fini support for constructors/destructors
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f13e1ca5 by Björn Jacke at 2020-11-10T06:53:43+00:00
talloc: alternatively use prama init for constructors if supported
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
18fdfe8c by Björn Jacke at 2020-11-10T08:17:53+00:00
winbind: alternatively use prama fini for destructors if supported
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Nov 10 08:17:53 UTC 2020 on sn-devel-184
- - - - -
6598e00e by Jeremy Allison at 2020-11-10T19:49:33+00:00
lib: talloc: Remove the ALWAYS_REALLOC code paths.
This is now never set, and also never tested, and only makes
the talloc code more complicated.
Once this is gone we can start looking at the memlimit
stuff.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
- - - - -
5ac44b83 by Volker Lendecke at 2020-11-10T19:49:33+00:00
lib: Move generate_unique_u64_state into generate_unique_u64()
Make clear that generate_unique_u64() is the only function referencing
it.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a342cf2c by Volker Lendecke at 2020-11-10T19:49:33+00:00
locking: Remove an unused anonymous struct reference
This was used in share_mode_do_locked()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
be381fd4 by Volker Lendecke at 2020-11-10T19:49:33+00:00
smbd: Use ISDOT[DOT] in can_delete_directory_fsp()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1af086d2 by Volker Lendecke at 2020-11-10T19:49:33+00:00
lib: Fix a signed/unsigned warning
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
30c917c2 by Volker Lendecke at 2020-11-10T19:49:33+00:00
lib: Fix a theoretical out-of-bounds write
This routine looked fishy: We do cap_vals[num_cap_vals++] = XXX based
on #ifdefs and capabilities. Then later on we did a check that we did
not overwrite the stack. The change I did is to just count the number
of num_cap_vals++, right now it's 5. I know it is in different switch
branches, but with the #ifdefs it's a bit clumsy to read the exact
number of actual num_cap_vals++ that can happen in one run. On debian
buster, cap_val_t is an int, so this is not really wasting too much.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
76043ccb by Volker Lendecke at 2020-11-10T19:49:33+00:00
lib: Slightly optimize smb_fname_str_dbg()
Don't leak "fname"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fc88f2e0 by Volker Lendecke at 2020-11-10T19:49:33+00:00
vfs_error_inject: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
daa9d98c by Volker Lendecke at 2020-11-10T19:49:33+00:00
auth: Align an integer type
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
401c5132 by Volker Lendecke at 2020-11-10T19:49:33+00:00
passdb: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4da7de80 by Volker Lendecke at 2020-11-10T19:49:33+00:00
smbd: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
15e9e294 by Volker Lendecke at 2020-11-10T19:49:34+00:00
smbd: Give locking/share_mode_lock.c its own header file
To me this is then easier to figure out what is defined there, and
where it's exactly used.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
13217e6e by Volker Lendecke at 2020-11-10T19:49:34+00:00
smbd: Move share_mode_cleanup_disonnected() to scavenger.c
Reduce the complexity of share_mode_lock.c, scavenger.c is the only
user of this routine.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2fe1e601 by Volker Lendecke at 2020-11-10T19:49:34+00:00
smbd: Move "struct share_mode_lock" to share_mode_lock.h
share_mode_lock.c is where it's created
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
84dba041 by Volker Lendecke at 2020-11-10T19:49:34+00:00
locking: Make share_mode_watch_send() take "share_mode_lock"
This makes clear that this can only be done under a lock
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3f54fcaf by Volker Lendecke at 2020-11-10T19:49:34+00:00
smbd: Move setting d->modified=true to reset_share_mode_entry()
This function is only called from
vfs_default_durable_reconnect(). It is really the lower-level routine
that triggers the write of the locking.tdb record.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a01cb7fa by Volker Lendecke at 2020-11-10T19:49:34+00:00
locking: Add share_mode_changed_write_time() accessor function
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
60f24079 by Volker Lendecke at 2020-11-10T19:49:34+00:00
smbd: Use share_mode_changed_write_time() in durable_disconnect()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ec387d04 by Volker Lendecke at 2020-11-10T19:49:34+00:00
smbd: Use share_mode_changed_write_time() in smbd/close.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
701da78c by Volker Lendecke at 2020-11-10T19:49:34+00:00
locking: Add share_mode_filename() accessor function
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d2662dff by Volker Lendecke at 2020-11-10T19:49:34+00:00
smbstatus: Use share_mode_filename()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
53059dc6 by Volker Lendecke at 2020-11-10T19:49:34+00:00
smbd: Use share_mode_filename() in scavenger.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3d33eee5 by Volker Lendecke at 2020-11-10T19:49:34+00:00
smbd: Avoid share_mode_lock dereference in scavenger
Pass "struct file_id" to callees without accessing share_mode_lock
internals
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5aab299d by Volker Lendecke at 2020-11-10T19:49:34+00:00
locking: Add share_mode_servicepath() accessor function
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ee41ec8a by Volker Lendecke at 2020-11-10T19:49:35+00:00
smbd: Use share_mode_servicepath() in scavenger.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2337c1e3 by Volker Lendecke at 2020-11-10T19:49:35+00:00
net_tdb: Slightly restructure net_tdb_locking()
Remove the net_tdb_locking_fetch() subroutine. All of net_tdb_locking() is
still very simple, and net_tdb_locking_fetch() did the fetch as such plus
parsing the hex key. With this restructuring it was possible to avoid a direct
reference to lck->data->id.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
affce737 by Volker Lendecke at 2020-11-10T19:49:35+00:00
net_tdb: Use share_mode_servicepath()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ce64b3ca by Volker Lendecke at 2020-11-10T19:49:35+00:00
net_tdb: Use share_mode_filename()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5c3a18e5 by Volker Lendecke at 2020-11-10T19:49:35+00:00
locking: Add share_mode_data_dump() accessor function
This is a special case for net tdb dump. The alternative would be to
change the net tdb dump behaviour.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f6abe33d by Volker Lendecke at 2020-11-10T19:49:35+00:00
net_tdb: Use share_mode_data_dump()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
271a369f by Volker Lendecke at 2020-11-10T19:49:35+00:00
smbd: Don't set share_mode_lock modified in grant_new_fsp_lease()
A new lease never triggers a retry. Setting d->modified to true just
triggered the watchers needlessly.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d220bae5 by Volker Lendecke at 2020-11-10T19:49:35+00:00
smbd: Remove a variable used just once
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4b6f4ee4 by Volker Lendecke at 2020-11-10T19:49:35+00:00
smbd: Avoid references to share_mode_data->id
When calling open_mode_check() we know the file id. We can pass it to
the lower levels without dereferencing struct share_mode_lock.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
df2ffaaa by Volker Lendecke at 2020-11-10T19:49:35+00:00
locking: move share_mode_flags_[gs]et to share_mode_lock.c
These routines parse and marshall the uint16 summary flag in
share_mode_data. open_file_ntcreate() and open_directory() are the
only real users of this. The user in oplock.c is just the lazy reset
of the "read lease exists somewhere" after asynchronously breaking
read oplocks after a write request.
This moves handling the flags into locking/ to consolidate data
structure handling of "share_mode_data" there.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d762ab55 by Volker Lendecke at 2020-11-10T21:12:48+00:00
locking: hide share_mode_lock definition
This makes "struct share_mode_lock" an opaque data structure opened up
only to the code in locking/. This makes it much safer to modify the
data structure with defined accessor functions in share_mode_lock.c.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Nov 10 21:12:48 UTC 2020 on sn-devel-184
- - - - -
d7f731ed by Andrew Bartlett at 2020-11-11T01:15:39+00:00
selftest: Send enterprise principals tagged as such
This test passed against Samba but failed against Windows when
an enterprise principal (user at domain.com@REALM) was encoded as
NT_PRINCIPAL.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
579a3c64 by Andrew Bartlett at 2020-11-11T01:15:39+00:00
selftest: Fix flipped machine and user constants
This naturally does not change the test, but reduces developer
confusion.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d85e71f4 by Andrew Bartlett at 2020-11-11T01:15:39+00:00
selftest: Make as_canonicalization_tests.py easier to run outside "make test"
This takes the realm from the LDAP base DN and so avoids one
easy mistake to make. So far the NT4 domain name is not
auto-detected, so much be read from the smb.conf.
By using .guess() the smb.conf is read for the unspecified
parts (eg workstation for an NTLM login to the LDAP server if
the target server is an IP address).
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
d79218db by Andrew Bartlett at 2020-11-11T01:15:39+00:00
samdb: Add samdb.domain_netbios_name()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
2693f12f by Andrew Bartlett at 2020-11-11T01:15:39+00:00
selftest: Make as_canonicalization_tests.py auto-detect the NT4 domain name
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
ab8c0a18 by Andrew Bartlett at 2020-11-11T01:15:39+00:00
selftest: Fix formatting of failure (traceback and options swapped in format string)
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
fc77ece0 by Andrew Bartlett at 2020-11-11T01:15:39+00:00
selftest: Add in encrypted-pa-data from RFC 6806
This comes from Windows 2019 which supports FAST.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
f214a3ba by Andrew Bartlett at 2020-11-11T02:38:46+00:00
selftest: Windows 2019 implements the RemoveDollar behaviour for Enterprise principals
This is documented in MS-KILE.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Wed Nov 11 02:38:46 UTC 2020 on sn-devel-184
- - - - -
31c70376 by Alexander Bokovoy at 2020-11-11T10:59:01+00:00
lookup_name: allow lookup names prefixed with DNS forest root for FreeIPA DC
In FreeIPA deployment with active Global Catalog service, when a two-way
trust to Active Directory forest is established, Windows systems can
look up FreeIPA users and groups. When using a security tab in Windows
Explorer on AD side, a lookup over a trusted forest might come as
realm\name instead of NetBIOS domain name:
--------------------------------------------------------------------
[2020/01/13 11:12:39.859134, 1, pid=33253, effective(1732401004, 1732401004), real(1732401004, 0), class=rpc_parse] ../../librpc/ndr/ndr.c:471(ndr_print_function_debug)
lsa_LookupNames3: struct lsa_LookupNames3
in: struct lsa_LookupNames3
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 0000000e-0000-0000-1c5e-a750e5810000
num_names : 0x00000001 (1)
names: ARRAY(1)
names: struct lsa_String
length : 0x001e (30)
size : 0x0020 (32)
string : *
string : 'ipa.test\admins'
sids : *
sids: struct lsa_TransSidArray3
count : 0x00000000 (0)
sids : NULL
level : LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 (6)
count : *
count : 0x00000000 (0)
lookup_options : LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
client_revision : LSA_CLIENT_REVISION_2 (2)
--------------------------------------------------------------------
If we are running as a DC and PASSDB supports returning domain info
(pdb_get_domain_info() returns a valid structure), check domain of the
name in lookup_name() against DNS forest name and allow the request to
be done against the primary domain. This corresponds to FreeIPA's use of
Samba as a DC. For normal domain members a realm-based lookup falls back
to a lookup over to its own domain controller with the help of winbindd.
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Wed Nov 11 10:59:01 UTC 2020 on sn-devel-184
- - - - -
457b49c6 by Jeremy Allison at 2020-11-11T15:02:27+00:00
s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function.
file_lines_parse() plays horrible tricks with
the passed-in talloc pointers and the hierarcy
which makes freeing hard to get right.
As we know mem_ctx is freed by the caller, after
calling file_lines_parse don't free on exit and let the caller
handle it. This violates good Samba coding practice
but we know we're not leaking here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Wed Nov 11 15:02:27 UTC 2020 on sn-devel-184
- - - - -
40079975 by Stefan Metzmacher at 2020-11-11T21:14:32+00:00
testprogs/blackbox: make sure subunit.sh always terminates DETAILS with '\n]\n'
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b3ffc61e by Stefan Metzmacher at 2020-11-11T21:14:32+00:00
SambaToolCmdTest: let assertCmdSuccess() escape ']\n' lines
This gives a much higher chance to see the actual problem
without having them filtered by various 'filter-subunit' invocations.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
3f556d97 by Stefan Metzmacher at 2020-11-11T21:14:32+00:00
selftest/subunithelper: only let ']\n' lines to terminate
It should not be enough that a line ends with ']\n' is accident,
subunit DETAILS are terminated with '\n]\n'!
This gives a much higher chance to see the actual problem
without having them filtered by various 'filter-subunit' invocations.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
dcd5a64c by Stefan Metzmacher at 2020-11-11T22:43:46+00:00
selftest/subunithelper: also output as much of unterminated DETAILS
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Wed Nov 11 22:43:46 UTC 2020 on sn-devel-184
- - - - -
2a8b6726 by Alexander Bokovoy at 2020-11-12T13:49:34+00:00
auth_sam: use pdb_get_domain_info to look up DNS forest information
When Samba is used as a part of FreeIPA domain controller, Windows
clients for a trusted AD forest may try to authenticate (perform logon
operation) as a REALM\name user account.
Fix auth_sam plugins to accept DNS forest name if we are running on a DC
with PASSDB module providing domain information (e.g. pdb_get_domain_info()
returning non-NULL structure). Right now, only FreeIPA or Samba AD DC
PASSDB backends return this information but Samba AD DC configuration is
explicitly ignored by the two auth_sam (strict and netlogon3) modules.
Detailed logs below:
[2020/11/11 09:23:53.281296, 1, pid=42677, effective(65534, 65534), real(65534, 0), class=rpc_parse] ../../librpc/ndr/ndr.c:482(ndr_print_function_debug)
netr_LogonSamLogonWithFlags: struct netr_LogonSamLogonWithFlags
in: struct netr_LogonSamLogonWithFlags
server_name : *
server_name : '\\master.ipa.test'
computer_name : *
computer_name : 'AD1'
credential : *
credential: struct netr_Authenticator
cred: struct netr_Credential
data : 529f4b087c5f6546
timestamp : Wed Nov 11 09:23:55 AM 2020 UTC
return_authenticator : *
return_authenticator: struct netr_Authenticator
cred: struct netr_Credential
data : 204f28f622010000
timestamp : Fri May 2 06:37:50 AM 1986 UTC
logon_level : NetlogonNetworkTransitiveInformation (6)
logon : *
logon : union netr_LogonLevel(case 6)
network : *
network: struct netr_NetworkInfo
identity_info: struct netr_IdentityInfo
domain_name: struct lsa_String
length : 0x0010 (16)
size : 0x01fe (510)
string : *
string : 'IPA.TEST'
parameter_control : 0x00002ae0 (10976)
0: MSV1_0_CLEARTEXT_PASSWORD_ALLOWED
0: MSV1_0_UPDATE_LOGON_STATISTICS
0: MSV1_0_RETURN_USER_PARAMETERS
0: MSV1_0_DONT_TRY_GUEST_ACCOUNT
1: MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
1: MSV1_0_RETURN_PASSWORD_EXPIRY
1: MSV1_0_USE_CLIENT_CHALLENGE
0: MSV1_0_TRY_GUEST_ACCOUNT_ONLY
1: MSV1_0_RETURN_PROFILE_PATH
0: MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY
1: MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT
0: MSV1_0_DISABLE_PERSONAL_FALLBACK
1: MSV1_0_ALLOW_FORCE_GUEST
0: MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED
0: MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY
0: MSV1_0_ALLOW_MSVCHAPV2
0: MSV1_0_S4U2SELF
0: MSV1_0_CHECK_LOGONHOURS_FOR_S4U
0: MSV1_0_SUBAUTHENTICATION_DLL_EX
logon_id : 0x0000000000884ef2 (8933106)
account_name: struct lsa_String
length : 0x000e (14)
size : 0x000e (14)
string : *
string : 'idmuser'
workstation: struct lsa_String
length : 0x0000 (0)
size : 0x0000 (0)
string : *
string : ''
challenge : 417207867bd33c74
nt: struct netr_ChallengeResponse
length : 0x00c0 (192)
size : 0x00c0 (192)
data : *
data: ARRAY(192)
[0000] A5 24 62 6E 31 DF 69 66 9E DC 54 D6 63 4C D6 2F .$bn1.if ..T.cL./
[0010] 01 01 00 00 00 00 00 00 50 37 D7 60 0C B8 D6 01 ........ P7.`....
[0020] 15 1B 38 4F 47 95 4D 62 00 00 00 00 02 00 0E 00 ..8OG.Mb ........
[0030] 57 00 49 00 4E 00 32 00 30 00 31 00 36 00 01 00 W.I.N.2. 0.1.6...
[0040] 06 00 41 00 44 00 31 00 04 00 18 00 77 00 69 00 ..A.D.1. ....w.i.
[0050] 6E 00 32 00 30 00 31 00 36 00 2E 00 74 00 65 00 n.2.0.1. 6...t.e.
[0060] 73 00 74 00 03 00 20 00 61 00 64 00 31 00 2E 00 s.t... . a.d.1...
[0070] 77 00 69 00 6E 00 32 00 30 00 31 00 36 00 2E 00 w.i.n.2. 0.1.6...
[0080] 74 00 65 00 73 00 74 00 05 00 18 00 77 00 69 00 t.e.s.t. ....w.i.
[0090] 6E 00 32 00 30 00 31 00 36 00 2E 00 74 00 65 00 n.2.0.1. 6...t.e.
[00A0] 73 00 74 00 07 00 08 00 50 37 D7 60 0C B8 D6 01 s.t..... P7.`....
[00B0] 06 00 04 00 02 00 00 00 00 00 00 00 00 00 00 00 ........ ........
lm: struct netr_ChallengeResponse
length : 0x0018 (24)
size : 0x0018 (24)
data : *
data : 000000000000000000000000000000000000000000000000
validation_level : 0x0006 (6)
flags : *
flags : 0x00000000 (0)
0: NETLOGON_SAMLOGON_FLAG_PASS_TO_FOREST_ROOT
0: NETLOGON_SAMLOGON_FLAG_PASS_CROSS_FOREST_HOP
0: NETLOGON_SAMLOGON_FLAG_RODC_TO_OTHER_DOMAIN
0: NETLOGON_SAMLOGON_FLAG_RODC_NTLM_REQUEST
In such case checks for a workgroup name will not match the DNS forest
name used in the username specification:
[2020/11/11 09:23:53.283055, 3, pid=42677, effective(65534, 65534), real(65534, 0), class=auth] ../../source3/auth/auth.c:200(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user [IPA.TEST]\[idmuser]@[] with the new password interface
[2020/11/11 09:23:53.283073, 3, pid=42677, effective(65534, 65534), real(65534, 0), class=auth] ../../source3/auth/auth.c:203(auth_check_ntlm_password)
check_ntlm_password: mapped user is: [IPA.TEST]\[idmuser]@[]
[2020/11/11 09:23:53.283082, 10, pid=42677, effective(65534, 65534), real(65534, 0), class=auth] ../../source3/auth/auth.c:213(auth_check_ntlm_password)
check_ntlm_password: auth_context challenge created by fixed
[2020/11/11 09:23:53.283091, 10, pid=42677, effective(65534, 65534), real(65534, 0), class=auth] ../../source3/auth/auth.c:216(auth_check_ntlm_password)
challenge is:
[2020/11/11 09:23:53.283099, 5, pid=42677, effective(65534, 65534), real(65534, 0)] ../../lib/util/util.c:678(dump_data)
[0000] 41 72 07 86 7B D3 3C 74 Ar..{.<t
[2020/11/11 09:23:53.283113, 10, pid=42677, effective(65534, 65534), real(65534, 0), class=auth] ../../source3/auth/auth_sam.c:209(auth_sam_netlogon3_auth)
auth_sam_netlogon3_auth: Check auth for: [IPA.TEST]\[idmuser]
[2020/11/11 09:23:53.283123, 5, pid=42677, effective(65534, 65534), real(65534, 0), class=auth] ../../source3/auth/auth_sam.c:234(auth_sam_netlogon3_auth)
auth_sam_netlogon3_auth: IPA.TEST is not our domain name (DC for IPA)
[2020/11/11 09:23:53.283131, 10, pid=42677, effective(65534, 65534), real(65534, 0), class=auth] ../../source3/auth/auth.c:249(auth_check_ntlm_password)
auth_check_ntlm_password: sam_netlogon3 had nothing to say
and overall authentication attempt will fail: auth_winbind will complain
that this domain is not a trusted one and refuse operating on it:
[2020/11/11 09:23:53.283784, 10, pid=42663, effective(0, 0), real(0, 0), class=winbind] ../../source3/winbindd/winbindd.c:742(process_request_send)
process_request_send: process_request: Handling async request smbd(42677):PAM_AUTH_CRAP
[2020/11/11 09:23:53.283796, 3, pid=42663, effective(0, 0), real(0, 0), class=winbind] ../../source3/winbindd/winbindd_pam_auth_crap.c:110(winbindd_pam_auth_crap_send)
[42677]: pam auth crap domain: [IPA.TEST] user: idmuser
[2020/11/11 09:23:53.283810, 3, pid=42663, effective(0, 0), real(0, 0), class=winbind] ../../source3/winbindd/winbindd_pam.c:409(find_auth_domain)
Authentication for domain [IPA.TEST] refused as it is not a trusted domain
[2020/11/11 09:23:53.283825, 10, pid=42663, effective(0, 0), real(0, 0), class=winbind] ../../source3/winbindd/winbindd.c:810(process_request_done)
process_request_done: [smbd(42677):PAM_AUTH_CRAP]: NT_STATUS_NO_SUCH_USER
[2020/11/11 09:23:53.283844, 10, pid=42663, effective(0, 0), real(0, 0), class=winbind] ../../source3/winbindd/winbindd.c:855(process_request_written)
process_request_written: [smbd(42677):PAM_AUTH_CRAP]: delivered response to client
Signed-off-by: Alexander Bokovoy <ab at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
8036bf97 by Andreas Schneider at 2020-11-12T15:13:47+00:00
s3:smbd: Fix possible null pointer dereference in token_contains_name()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14572
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Alexander Bokovoy <ab at samba.org>
Autobuild-Date(master): Thu Nov 12 15:13:47 UTC 2020 on sn-devel-184
- - - - -
e9e06a11 by Anoop C S at 2020-11-12T17:23:19+00:00
vfs_shadow_copy2: Preserve all open flags assuming ROFS
Instead of replacing open flags with just O_RDONLY, filter out all those
flags unrelated to a Read Only File System
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14573
Signed-off-by: Anoop C S <anoopcs at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Nov 12 17:23:19 UTC 2020 on sn-devel-184
- - - - -
532c941f by Gary Lockyer at 2020-11-12T21:30:32+00:00
tests python krb5: Add constants module
Extract the constants used in the tests into a separate module.
To reduce code duplication
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
97b830cb by Gary Lockyer at 2020-11-12T21:30:32+00:00
tests python krb5: Refactor canonicalization test constants
Modify tests to use the constants defined in rfc4120_constants.py
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
82a413f4 by Gary Lockyer at 2020-11-12T21:30:32+00:00
tests python krb5: Refactor compatability test constants
Modify tests to use the constants defined in rfc4120_constants.py
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1bab87c5 by Gary Lockyer at 2020-11-12T21:30:32+00:00
tests python krb5: raw_testcase permit RC4 salts
MIT kerberos returns a salt when ARCFOUR_HMAC_MD5, this commit removes
the check that a salt is not returned. A test for the difference
between MIT and Heimdal will be added in the subsequent commits.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
a00a1c97 by Gary Lockyer at 2020-11-12T21:30:32+00:00
tests python krb5: Convert kdc-heimdal to python
Implement the tests in source4/torture/krb5/kdc-heimdal.c in python.
The following tests were not re-implemented as they are client side
tests for the "Orpheus Lyre" attack:
TORTURE_KRB5_TEST_CHANGE_SERVER_OUT
TORTURE_KRB5_TEST_CHANGE_SERVER_IN
TORTURE_KRB5_TEST_CHANGE_SERVER_BOTH
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d492355f by Gary Lockyer at 2020-11-12T21:30:32+00:00
tests python krb5: refactor compatability tests
Refactor to aid the adding of tests for the inclusion of a salt when
ARCFOUR_HMAC_MD5 encryption selected
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
2ba6d596 by Gary Lockyer at 2020-11-12T22:54:22+00:00
tests python krb5: add arcfour salt tests
MIT kerberos returns a salt when ARCFOUR_HMAC_MD5 encryption selected,
Heimdal does not.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Nov 12 22:54:22 UTC 2020 on sn-devel-184
- - - - -
61f6672d by Jeremy Allison at 2020-11-13T16:22:32+00:00
lib: create a wrapper for file_lines_parse().
Make the internal function file_lines_parse_internal().
Currently file_lines_parse() just wraps file_lines_parse_internal(),
but this allows me to change file_lines_parse() to take
a const char * to make it safe for callers (no talloc tricks).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
ae4dd2ab by Jeremy Allison at 2020-11-13T16:22:32+00:00
lib: Fix file_lines_parse() to do what people expect. Much safer to use.
Take an incoming const char * pointer and return an allocated
array that must be freed. Don't expose the internal optimization
of file_lines_parse_internal() breaking the passed in string
into lines.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
- - - - -
a8ec8304 by Günther Deschner at 2020-11-13T17:47:33+00:00
s4-torture: test file_line_parse as well
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Fri Nov 13 17:47:33 UTC 2020 on sn-devel-184
- - - - -
26ba04a4 by Jeremy Allison at 2020-11-16T09:47:38+00:00
libcli: smb2: Never print length if smb2_signing_key_valid() fails for crypto blob.
Blob could be NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14210
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Nov 16 09:47:38 UTC 2020 on sn-devel-184
- - - - -
2cff5990 by Volker Lendecke at 2020-11-16T19:53:44+00:00
pylibsmb: Add a compatible python-level wrapper
Right now this is empty, but it is the basis for moving complexity out
or pylibsmb.c into python code.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
13aecb22 by Volker Lendecke at 2020-11-16T19:53:44+00:00
pylibsmb: Move deltree to python code
This is much shorter. There's also another aspect: I'm working on
improving cli_list() to not collect all files before starting to call
the callback function. This means that the cli_list cb will be called
from within tevent_loop_once(). In pylibsmb.c's deltree code this
would create a nested event loop. By moving the deltree code into the
python world this nested event loop is avoided. Now the python code
will first collect everything and then start to delete, avoiding the
nesting. A future development should make listing directories a
generator or something like that.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5ee42dd0 by Volker Lendecke at 2020-11-16T19:53:44+00:00
pylibsmb: Merge unlink_file() into its only caller
Now that delete_tree is in python code, align py_smb_unlink() with the
other functions.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d33cec8d by Volker Lendecke at 2020-11-16T19:53:44+00:00
pylibsmb: Merge remove_dir() into its only caller
Now that delete_tree is in python code, align py_smb_rmdir() with the
other functions.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
25628907 by Volker Lendecke at 2020-11-16T19:53:44+00:00
pylibsmb: Export a few SMB constants
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c6fef155 by Volker Lendecke at 2020-11-16T19:53:44+00:00
torture3: cli_query_security_descriptor() does smb2 as well
Remove a direct caller
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
207ca061 by Volker Lendecke at 2020-11-16T19:53:45+00:00
libsmb: Make cli_query_security_descriptor() async
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
edf26b29 by Volker Lendecke at 2020-11-16T19:53:45+00:00
libsmb: Remove unused sync cli_smb2_query_security_descriptor()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
57f8e7eb by Volker Lendecke at 2020-11-16T19:53:45+00:00
pylibsmb: Add get_sd()
getacl() on a fnum, available asynchronously
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
472c16d5 by Volker Lendecke at 2020-11-16T19:53:45+00:00
pylibsmb: Move get_acl() to python
The previous code was not available in threaded environments
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c6894378 by Volker Lendecke at 2020-11-16T19:53:45+00:00
torture3: cli_set_security_descriptor() does smb2 as well
Remove a direct caller
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e617cb5f by Volker Lendecke at 2020-11-16T19:53:45+00:00
libsmb: Make cli_set_security_descriptor() async
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
97fca81a by Volker Lendecke at 2020-11-16T19:53:45+00:00
libsmb: Remove unused sync cli_smb2_set_security_descriptor()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3b81cc90 by Volker Lendecke at 2020-11-16T19:53:45+00:00
pylibsmb: Add set_sd()
setacl() on a fnum, available asynchronously
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
42be033b by Volker Lendecke at 2020-11-16T19:53:45+00:00
pylibsmb: Move set_acl() to python
The previous code was not available in threaded environments
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2ea885f9 by Volker Lendecke at 2020-11-16T19:53:45+00:00
libsmb: Make get_fnum_from_path() async
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1ce7c596 by Volker Lendecke at 2020-11-16T19:53:46+00:00
libsmb: Make cli_smb2_rename async
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
db1fa239 by Volker Lendecke at 2020-11-16T19:53:46+00:00
libsmb: Make cli_rename_send()/_recv() a proper tevent_req engine
This will make it more obvious to add SMB2 soon
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1fdcfdcf by Volker Lendecke at 2020-11-16T19:53:46+00:00
libsmb: Make cli_rename_send()/recv() smb2-capable
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7bd040f6 by Volker Lendecke at 2020-11-16T21:18:16+00:00
libsmb: Remove unused sync cli_smb2_rename()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Nov 16 21:18:16 UTC 2020 on sn-devel-184
- - - - -
6ac16232 by SATOH Fumiyasu at 2020-11-16T22:43:34+00:00
autobuild: Encode text/plain into base64 to wrap long-lines
MIMEText(text, 'plain', 'utf-8') encodes the text into
base64 and adds 'Content-Transfer-Encoding: base64' header.
Signed-off-by: SATOH Fumiyasu <fumiyas at osstech.co.jp>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Nov 16 22:43:35 UTC 2020 on sn-devel-184
- - - - -
41b2beef by Samuel Cabrero at 2020-11-17T18:50:04+00:00
bootstrap: Add OpenSUSE 15.2
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Autobuild-User(master): Samuel Cabrero <scabrero at samba.org>
Autobuild-Date(master): Tue Nov 17 18:50:05 UTC 2020 on sn-devel-184
- - - - -
1d12806d by Rowland Penny at 2020-11-19T00:36:58+00:00
uptodateness.py: remove what appears to be debugging lines
They do nothing except confuse users.
Signed-off-by: Rowland Penny <rpenny at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall at samba.org>
Autobuild-Date(master): Thu Nov 19 00:36:58 UTC 2020 on sn-devel-184
- - - - -
d1269ef9 by Volker Lendecke at 2020-11-19T02:48:40+00:00
libsmb: Make cli_smb2_list() asynchronous
Return directory entries as soon as possible via
cli_smb2_list_recv(). This returns just one entry per call to
cli_smb2_list_recv() right out of the buffer without assembling
potentially thousands of entries in a big array. You must call
cli_smb2_recv() until an error (except NT_STATUS_RETRY) happens. This
reduces our latency for smbclient's "dir" command significantly for
large directories. In the future I hope I can do the same thing also for
SMBC_readdir_ctx() to improve all users of our published libsmbclient.
Initial attempts of this routine issued fresh smb2_query_directory
requests asynchronously while the receivers of the entries did their
processing, for example showing them in smbclient's "dir"
command. However, this breaks because for example the "showacls"
smbclient option needs to do synchronous smb requests to do their job,
which we can't do while async requests are pending. Thus I came up
with a semi-synchronous approach to issue additional
smb2_query_directory requests from within cli_smb2_list_recv() and
return NT_STATUS_RETRY. This means that we will call back our caller
via the tevent_req_notify function when a fresh entry is available.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1f11b7b4 by Volker Lendecke at 2020-11-19T02:48:40+00:00
libsmb: Convert cli_list_recv() to single-recv
This converts the higher-level cli_list_recv() to the new
cli_smb2_list_recv() calling convention to just issue one entry per
recv() call in preparation of using the async cli_smb2_list_send() in
cli_list_send().
For SMB1 this will be a performance degradation, as we have to make
copies out of the arrays that cli_trans_recv() returns, but soon this
will become a performance improvement for the SMB2 directory
listing. And as hopefully most deployments these days are SMB2, I
think we can live with the SMB1 client directory listing
degradation. Also, we can also convert the lowerlevel SMB1 directory
listing routines in case someone actually sees problems from this
here.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8101c183 by Volker Lendecke at 2020-11-19T02:48:40+00:00
libsmb: Prepare cli_list_send()/recv() for single-issue subreqs
This prepares cli_list_recv() for the lowerlevel NT_STATUS_RETRY that
will come in once cli_list_send() uses cli_smb2_list_send() as well.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9dde2dc9 by Volker Lendecke at 2020-11-19T02:48:40+00:00
libsmb: Use async cli_smb2_list_send() in cli_list_send()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6baceb4d by Volker Lendecke at 2020-11-19T02:48:40+00:00
pylibsmb: Remove SMB2 special case for cli_list()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
47b773ad by Volker Lendecke at 2020-11-19T02:48:40+00:00
libsmb: Remove unused sync cli_smb2_list()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a4e3092b by Volker Lendecke at 2020-11-19T02:48:40+00:00
pylibsmb: Remove unused py_cli_state->is_smb1
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8bc77a0f by Volker Lendecke at 2020-11-19T04:12:11+00:00
pylibsmb: Multi-threaded use is now possible with SMB2
No non-async callees are used anymore
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Nov 19 04:12:11 UTC 2020 on sn-devel-184
- - - - -
3b694328 by Ralph Boehme at 2020-11-19T20:00:38+00:00
selftest: remove selftest/knownfail.d/samba3.smbtorture_s3
This hunk was inadvertently included in 5161edbdb28.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4dbb8fda by Ralph Boehme at 2020-11-19T20:00:38+00:00
docs-xml: add "smbd force process locks"
Avoid a parametric option in a hot codepath.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5604afef by Ralph Boehme at 2020-11-19T20:00:38+00:00
torture: avoid OPLOCK-CANCEL flapping on busy gitlab CI
I saw this test fail a few times on gitlab CI with
NT_STATUS_SHARING_VIOLATION:
Running OPLOCK-CANCEL
cli_unlink failed: NT_STATUS_SHARING_VIOLATION
TEST OPLOCK-CANCEL FAILED!
The only possible explanation I could come up for
this flapping test is that the fnum1 filehandle in cli1 is still not closed when
cli2 tries to open the file deletion 5 seconds after cli1 is thrown away. As
fnum1 doesn't have FILE_SHARE_DELELE the open-for-delete fails with a
SHARING_VIOLATION.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ed88f591 by Ralph Boehme at 2020-11-19T20:00:38+00:00
smbd: use SMB2_INFO_SPECIAL in call_trans2qfilepathinfo()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7f0008a9 by Ralph Boehme at 2020-11-19T20:00:38+00:00
smbd: replace calls to check_access() with smbd_check_access_rights()
check_access() is a 1:1 wrapper arounf smbd_check_access_rights().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
458c24fc by Ralph Boehme at 2020-11-19T20:00:38+00:00
smbd: avoid a smb_fname copy in call_trans2qfilepathinfo()
No point in making a copy here.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c4d82a6b by Ralph Boehme at 2020-11-19T21:24:23+00:00
smbd: avoid a smb_fname copy in call_trans2setfilepathinfo()
There's no point in doing a copy here, we can just point smb_fname at
fsp->fsp_name.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Nov 19 21:24:23 UTC 2020 on sn-devel-184
- - - - -
b948b99c by Volker Lendecke at 2020-11-19T22:56:40+00:00
build: fcvt() and fcvtl() are not used
No need to check for them in the configure phase
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7aaefd6f by Volker Lendecke at 2020-11-19T22:56:40+00:00
lib: Remove unused security_descriptor_append()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
47d93b02 by Volker Lendecke at 2020-11-19T22:56:40+00:00
lib: g_lock.h references "struct server_id", add #include
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
74576743 by Volker Lendecke at 2020-11-19T22:56:40+00:00
libsmb: Make cli_nt_pipes_close() static
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fec5a569 by Volker Lendecke at 2020-11-19T22:56:40+00:00
tests: Factor out prep_creds()
3 times the same code can be put together
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d680d392 by Volker Lendecke at 2020-11-19T22:56:40+00:00
pylibsmb: Add rename()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0f67dd54 by Volker Lendecke at 2020-11-19T22:56:41+00:00
tests: SMB2 rename fails to check del-on-close on dst dir
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
382a5c4e by Volker Lendecke at 2020-11-20T00:20:06+00:00
smbd: Fix failure to check dstdir for delete on close
In smb2_setinfo.c the call to smbd_do_setfilepathinfo() to perform the
rename takes place while holding a share mode lock. The function
check_parent_access() called below tries to query the destination
directory's locking.tdb entry to check whether the delete on close
flag is set on the destination directory. This fails because the
file to be renamed already has the share mode entry locked, we can't
lock two share mode entries simultaneously.
Convert the check to use fetch_share_mode_unlocked(). This might
introduce races, but this whole check is racy anyway. It does not
really matter whether we do the check for delete_on_close under a lock
or not, fetch_share_mode_unlocked() retrieves a consistent status of
the locking.tdb entry at some point in time as well.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Nov 20 00:20:06 UTC 2020 on sn-devel-184
- - - - -
39536286 by Andreas Schneider at 2020-11-21T00:11:02+00:00
testprogs: Fix MIT KRB5 export keytab with > 1.18
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Böhme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Nov 21 00:11:02 UTC 2020 on sn-devel-184
- - - - -
53c39a26 by Jeremy Allison at 2020-11-22T01:22:36+00:00
s3: smbd: Fix misleading comment I added for commit 382a5c4e7ec08ec9291453ffad9541ab36aca274
smbd: Fix failure to check dstdir for delete on close
We're preventing ourselves from holding two locks here,
not protecting from waiting for a lock someone else
holds.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sun Nov 22 01:22:36 UTC 2020 on sn-devel-184
- - - - -
15609cb9 by Andrew Bartlett at 2020-11-26T06:52:40+00:00
samba-tool domain backup: Confirm the sidForRestore we will put into the backup is free
Otherwise the administrator might only find there is a problem once they
attempt to restore the domain!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14575
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
- - - - -
17a72ab5 by Andreas Schneider at 2020-11-26T06:52:41+00:00
s3:smbd: Fix a possible null pointer deref in oplock code
Found by cppcheck.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
7fa75b69 by Andreas Schneider at 2020-11-26T06:52:41+00:00
s3:winbind: Check return code of set_blocking()
Found by covscan.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8d5d968d by Andreas Schneider at 2020-11-26T06:52:41+00:00
libcli:smb: Check return code of set_blocking
Found by covscan.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
c79b3e2e by Andreas Schneider at 2020-11-26T06:52:41+00:00
s3:smbd: Check return code of set_blocking()
Found by covscan.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
5ef3b6de by Andreas Schneider at 2020-11-26T06:52:41+00:00
s3:lib: Check return code of set_blocking()
Found by covscan.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6718b5e6 by Stefan Metzmacher at 2020-11-26T06:52:41+00:00
waf: upgrade to 2.0.21
This commit message was wrong:
commit 5fc3a71d0f54b176d3cb2e399718d0468507e797
Author: David Mulder <dmulder at suse.com>
Date: Mon Aug 24 13:12:46 2020 -0600
waf: upgrade to 2.0.20
This contain an important change:
"Fix gccdeps.scan() returning nodes that no longer exist on disk."
https://gitlab.com/ita1024/waf/-/merge_requests/2293
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
The fix was in in waf master, but not included in 2.0.20,
but it's now included in 2.0.21.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
f226bea5 by Andrew Bartlett at 2020-11-26T06:52:41+00:00
torture: Do not call destroy_dlz() on uninitialised memory
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14579
Reviewed-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
d49e96bc by Andrew Bartlett at 2020-11-26T06:52:41+00:00
Do not create an empty DB when accessing a sam.ldb
Samba already does this for samba-tool and doing this should make
our errors more sensible, particularly in BIND9 if not provisioned
with the correct --dns-backend=DLZ_BIND9
The old error was like:
named[62954]: samba_dlz: Unable to get basedn for
/var/lib/samba/private/dns/sam.ldb
- NULL Base DN invalid for a base search.
The new error will be like (in this case from the torture test):
Failed to connect to Failed to connect to
ldb:///home/abartlet/samba/st/chgdcpass/bind-dns/dns/sam.ldb:
Unable to open tdb '/home/abartlet/samba/st/chgdcpass/bind-dns/dns/sam.ldb':
No such file or directory: Operations error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14579
Reviewed-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
9ec69895 by Heiko Baumann at 2020-11-26T06:52:41+00:00
Remove password from samba-tool proctitle
This fix makes sure the password is removed from the proctitle
of samba-tool so it cannot be exposed by e.g. ps(1).
- Moved code to python/samba/getopt.py as suggested by David Mulder
- Except ModuleNotFoundError when trying to load setproctitle module
- Improved code to keep option separator (space or equal sign) while
removing password from proctitle.
Signed-off-by: Heiko Baumann <heibau at gmail.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: David Mulder <dmulder at suse.com>
- - - - -
a31891c7 by David Mulder at 2020-11-26T06:52:41+00:00
Test password removal via python proctitle
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
53274d11 by Andrew Bartlett at 2020-11-26T08:16:04+00:00
samba_upgradedns: Do not print confusing logs about missing .zone files
samba_upgradedns prints confusing logs about upgrading zone files
and automatically creating DNS zones when the zone already exists.
We need to move the logging to later when we know we what we are
using the parsed information for.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14580
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Nov 26 08:16:04 UTC 2020 on sn-devel-184
- - - - -
6123bd25 by Andreas Schneider at 2020-11-26T09:44:41+00:00
s3:libsmb: Fix clang warnings that fnum might be used uninitialized
Found by covscan.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
12b9e440 by Andreas Schneider at 2020-11-26T09:44:42+00:00
winexe: Fix a possible null pointer derference
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
35e97715 by Andreas Schneider at 2020-11-26T09:44:42+00:00
s3:spoolssd: Fix creating binding string for error message
Found by covscan.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
b20da08d by Andreas Schneider at 2020-11-26T09:44:42+00:00
s3:lsasd: Fix creating binding string for error message
Found by covscan.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6d021d64 by Andreas Schneider at 2020-11-26T09:44:42+00:00
s3:mdssd: Fix creating binding string for error message
Found by covscan.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1a864749 by Andreas Schneider at 2020-11-26T11:07:09+00:00
s3:libsmb: Return early if dir is NULL
This makes sure we do not dereference a NULL poineter.
Found by covscan.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Thu Nov 26 11:07:09 UTC 2020 on sn-devel-184
- - - - -
8ad82ae6 by Andrew Bartlett at 2020-11-26T21:15:40+00:00
samba-tool: Give better error information when the 'domain backup restore' fails with a duplicate SID
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14575
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Thu Nov 26 21:15:40 UTC 2020 on sn-devel-184
- - - - -
4142bde7 by Ralph Boehme at 2020-11-27T10:07:18+00:00
s4: rename source4/smbd/ to source4/samba/
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Nov 27 10:07:18 UTC 2020 on sn-devel-184
- - - - -
5c27740a by Andreas Schneider at 2020-11-27T13:48:19+00:00
docs-xml: Add a section about weak crypto in testparm manpage
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14583
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Nov 27 13:48:20 UTC 2020 on sn-devel-184
- - - - -
369c1d53 by Günther Deschner at 2020-11-27T17:15:07+00:00
vfs_glusterfs: print exact cmdline for disabling write-behind translator
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14486
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Anoop C S <anoopcs at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Fri Nov 27 17:15:07 UTC 2020 on sn-devel-184
- - - - -
7f7e2b0e by Gary Lockyer at 2020-11-30T05:21:42+00:00
tests python krb5: Extra canonicalization tests
Add tests that set the server name to the client name for the machine
account in the kerberos AS_REQ. This replicates the TEST_AS_REQ_SELF
test phase in source4/torture/krb5/kdc-canon-heimdal.c.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Nov 30 05:21:42 UTC 2020 on sn-devel-184
- - - - -
a613ebc0 by Volker Lendecke at 2020-11-30T22:24:37+00:00
dsgetdcname: Fix talloc hierarchy
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ccb7d444 by Volker Lendecke at 2020-11-30T22:24:37+00:00
loadparm: Simplify lp_get_async_dns_timeout()
Use MAX, and per README.Coding we don't need the intermediate
variable. This can be inspected in the debugger directly.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5c81a5a0 by Volker Lendecke at 2020-11-30T22:24:37+00:00
docs: Fix "async dns timeout" manpage entry
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a41112fc by Volker Lendecke at 2020-11-30T22:24:37+00:00
libcli: Align a few integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f53117e0 by Volker Lendecke at 2020-11-30T22:24:37+00:00
librpc: Fix a talloc_stackframe() leak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fd124648 by Volker Lendecke at 2020-11-30T22:24:37+00:00
librpc: Make ep_register a bit easier to understand
I found the pointer dereference a bit confusing
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
38a0724f by Volker Lendecke at 2020-11-30T22:24:37+00:00
librpc: talloc_stackframe() panics on failure
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fce49f4a by Volker Lendecke at 2020-11-30T22:24:37+00:00
libcli: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5a0baf49 by Volker Lendecke at 2020-11-30T22:24:37+00:00
winbind: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f85adfb2 by Volker Lendecke at 2020-11-30T22:24:37+00:00
libsmb: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7fc62fd1 by Volker Lendecke at 2020-11-30T22:24:38+00:00
libsmb: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e098610d by Volker Lendecke at 2020-11-30T22:24:38+00:00
test: smbtorture3's OPLOCK5 test only available with kernel oplocks
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d1be9eee by Volker Lendecke at 2020-11-30T22:24:38+00:00
samldb: Align two integer types
ARRAY_SIZE is size_t
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d82cd10f by Volker Lendecke at 2020-11-30T22:24:38+00:00
libsmb: Move a variable closer to its use in internal_resolve_name()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f0311358 by Volker Lendecke at 2020-11-30T22:24:38+00:00
libsmb: Slightly beautify internal_resolve_name()
We have "goto done;" at the end of every if-branch, we don't need
else.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7bd51217 by Volker Lendecke at 2020-11-30T22:24:38+00:00
torture: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
05f7558b by Volker Lendecke at 2020-11-30T22:24:38+00:00
lib: Change make_file_id_from_itime() prototype
SMB_STRUCT_STAT is defined in includes.h. This way including file_id.h
is possible without including includes.h
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cff22bcc by Volker Lendecke at 2020-11-30T22:24:38+00:00
wbinfo: Align some integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
efb3c742 by Volker Lendecke at 2020-11-30T22:24:38+00:00
smbd: Fix the 32-bit build on FreeBSD
log->rec_index is not size_t, it's uint64_t
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b09f0bb4 by Volker Lendecke at 2020-11-30T23:48:02+00:00
test: Fix the FreeBSD build
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Nov 30 23:48:02 UTC 2020 on sn-devel-184
- - - - -
4f5a7f11 by Noel Power at 2020-12-01T19:06:44+00:00
s3/script/tests: Fix 'Unrecognized option(s) passed to mkpath()' error
'keep_root' is an unrecognised option for make_path/mkpath
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a250f733 by Noel Power at 2020-12-01T19:06:44+00:00
selftest: Add a new tarmode shares
samba3.blackbox.smbclient_tar & samba3.blackbox.smbclient_tar
need separate shares with own xattr tdb(s)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6cb0a00f by Noel Power at 2020-12-01T19:06:44+00:00
s3/script/test: Use different testdir for samba3.blackbox.smbclient_tarmode
The other tarmode torture test samba3.blackbox.smbclient_tar now uses a share
'tarmode' which uses the same source path as samba3.blackbox.smbclient_tarmode
Avoid conflicting paths and use a new subdir (of the test share) called
'smbclient_tarmode'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
be8dca68 by Noel Power at 2020-12-01T19:06:44+00:00
s3/script/tests: Use tarmode share for samba3.blackbox.smbclient_tar*
After this change both samba3.blackbox.smbclient_tar &
samba3.blackbox.smbclient_tarmode now use the same dedicated share
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fec1f8fa by Noel Power at 2020-12-01T19:06:44+00:00
s3/script: Use smbclient deltree to clean up smbclient_tarmode subdir
Replace rm -rf of local dir (that is hosted remotely)
with smbclient deltree
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4bb3bffa by Noel Power at 2020-12-01T19:06:44+00:00
s3/script/tests: Fix samba3.blackbox.smbclient_tarmode cleanup
Make sure samba3.blackbox.smbclient_tarmode removes data files
not just before running the test but also after
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6f246658 by Noel Power at 2020-12-01T19:06:44+00:00
selftest: make samba3.blackbox.smbclient_tar runnable (even manually)
samba3.blackbox.smbclient_tar is marked as flapping so it
seems we have missed that it has stopped working. The local path
passed to script/tests/test_smbclient_tarmode.pl must point to a
valid share
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
99ffa4a9 by Noel Power at 2020-12-01T19:06:44+00:00
s3/script/tests: Remove make_path (for remote dir)
LOCALPATH is actually the local path to the share, we should
not need to create the share path (it should already exist)
Note: When we remove the tree located at LOCALPATH we keep the root
so the share path should always be there
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
363bfa4e by Noel Power at 2020-12-01T19:06:44+00:00
s3/script/tests: Make smb_client 'die' behaviour configurable
smb_client behaviour is to die if there is an error. This is
a little heavy handed and make it impossible for example to
use smb_client to run a command that might fail (where such
a failure isn't really an error) E.G. Calling deltree and
the directory doesn't exist
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6c7dc495 by Noel Power at 2020-12-01T19:06:45+00:00
s3/script/tests: call smbclient deltree to remove remote files
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
16ffa17e by Jeremy Allison at 2020-12-01T19:06:45+00:00
s3/script/tests: Ensure all remote test files are removed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
20e0ce50 by Volker Lendecke at 2020-12-01T19:06:45+00:00
clitar: Use do_list()'s recursion in clitar.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Aurelien Aptel <aaptel at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
- - - - -
89e2d68b by Noel Power at 2020-12-01T19:06:45+00:00
selftest: Remove samba3.blackbox.smbclient_tar from flapping tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14581
Signed-off-by: Noel Power <noel.power at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a8457ac3 by Ralph Boehme at 2020-12-01T19:06:45+00:00
vfs_zfsacl: reformatting
No change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14587
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
936f74da by Ralph Boehme at 2020-12-01T20:29:34+00:00
vfs_zfsacl: add missing inherited flag on hidden "magic" everyone@ ACE
This was an omission in the fixes for bug 14470.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14587
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Dec 1 20:29:34 UTC 2020 on sn-devel-184
- - - - -
8a0a7359 by Jeremy Allison at 2020-12-04T20:54:06+00:00
s3: smbd: Quiet log messages from usershares for an unknown share.
No need to log missing shares/sharenames at debug level zero.
Keep the debug level zero for all other usershare problems.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14590
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Rowland penny <rpenny at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Dec 4 20:54:06 UTC 2020 on sn-devel-184
- - - - -
441fdc12 by Volker Lendecke at 2020-12-04T21:08:38+00:00
lib: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3bf9973d by Volker Lendecke at 2020-12-04T21:08:38+00:00
clitar: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
18146c62 by Volker Lendecke at 2020-12-04T21:08:38+00:00
spoolssd: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7d04b5a7 by Volker Lendecke at 2020-12-04T21:08:38+00:00
smbd: Align integer types
full_path_tos() return ssize_t
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a8d2654d by Volker Lendecke at 2020-12-04T21:08:38+00:00
build: Fix kernel oplock test
In a pure docker environment with overlayfs F_GETLEASE works on /tmp,
but F_SETLEASE does not. This test now correctly detects that.
The effect is that the samba-fileserver environment would run fine in
a shared gitlab runner, at the price of not testing kernel oplocks. We
could move the kernel oplock tests to another environment that for
other reasons can't run on shared gitlab runners.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2c7e8e3f by Volker Lendecke at 2020-12-04T21:08:38+00:00
smbd: Simplify share_mode_memcache_fetch()
Take a struct file_id instead of a locking.tdb key,
share_mode_memcache_store() also operates on the implicit fid in
struct share_mode_data.
To do this, parse_share_modes() also needs to take file_id.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b712bd81 by Volker Lendecke at 2020-12-04T21:08:38+00:00
smbd: Simplify open_mode_check()
The call to share_mode_have_entries() was put in before
fresh_share_mode_lock() initialized d->flags to be completely
permissive. With that correct initialization the call to
share_conflict() a few lines down will also make open_mode_check()
pass for any share_access/access_mask.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0f40c4ab by Volker Lendecke at 2020-12-04T21:08:38+00:00
smbd: Remove unused share_mode_have_entries()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
05f9e8f9 by Volker Lendecke at 2020-12-04T21:08:39+00:00
smbd: Simplify share_mode_lock_destructor()
Rely on the truth in the database whether we found share modes or
not, share_mode_data_store() has that information for free.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7677c40f by Volker Lendecke at 2020-12-04T21:08:39+00:00
smbd: Remove a comment that was not helpful for me
Also avoid an "else" branch
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1ba4672e by Volker Lendecke at 2020-12-04T21:08:39+00:00
smbd: Simplify share_mode_entry_do()
Rely on the truth in locking.tdb wrt existence of share entries
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bbd94522 by Volker Lendecke at 2020-12-04T22:32:38+00:00
smbd: Remove "have_share_modes" from "struct share_mode_data"
Nobody in share_mode_lock.c looked at that value anymore, so we don't
need to manually maintain it.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Dec 4 22:32:38 UTC 2020 on sn-devel-184
- - - - -
ed212593 by Stefan Metzmacher at 2020-12-05T22:35:04+00:00
WHATSNEW.txt: fix version to 4.14
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Sat Dec 5 22:35:04 UTC 2020 on sn-devel-184
- - - - -
ab2c712c by Ralph Boehme at 2020-12-07T17:54:10+00:00
loadparm: setup debug subsystem setting max_log_size from config
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
29cd139a by Ralph Boehme at 2020-12-07T17:54:10+00:00
debug: pass struct debug_class *config to reopen_one_log()
Pass a pointer to the struct instead of all struct members individually. No
change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b7ee3614 by Ralph Boehme at 2020-12-07T17:54:10+00:00
debug: pass struct debug_class *config to do_one_check_log_size()
Pass a pointer to the struct instead of all struct members individually. No
change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3651a51e by Ralph Boehme at 2020-12-07T17:54:10+00:00
debug: detect logrotation by checking inode number
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
68f71f22 by Ralph Boehme at 2020-12-07T17:54:10+00:00
s4: add samba server tevent trace helper stuff
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
516c2a04 by Ralph Boehme at 2020-12-07T17:54:10+00:00
s4: install tevent tracing hooks to trigger logfile rotation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9f71e617 by Ralph Boehme at 2020-12-07T17:54:10+00:00
s4: replace low-level SIGUP handler with a tevent handler
Replace the low-level signal handler for SIGHUP with a nice tevent signal
handler. The low-level handler sig_hup() installed by setup_signals() remains
being used during early startup before a tevent context is available.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
19413e76 by Ralph Boehme at 2020-12-07T17:54:10+00:00
s4: call reopen_logs_internal() in the SIGHUP handler of the prefork process model
With debug_schedule_reopen_logs() the actual reopen only takes place at some
point in the future when a DEBUG message is processed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
82b64e93 by Ralph Boehme at 2020-12-07T17:54:10+00:00
s4/samba: call force_check_log_size() in prefork_reload_after_fork()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
- - - - -
6fa5fb8e by Ralph Boehme at 2020-12-07T17:54:10+00:00
s4/samba: call force_check_log_size() in standard_accept_connection()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
058f96f4 by Ralph Boehme at 2020-12-07T18:54:29+00:00
s4/samba: call force_check_log_size() in standard_new_task()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14248
RN: samba process does not honor max log size
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Dec 7 18:54:29 UTC 2020 on sn-devel-184
- - - - -
1b2e6764 by Stefan Metzmacher at 2020-12-07T19:02:33+00:00
s3/wscript: remove unused check for F_NOTIFY
There're no references to F_NOTIFY nor HAVE_KERNEL_CHANGE_NOTIFY in the
code, so the configure check is not needed at all.
We only use the inotify or fam abstractions.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6d4ce53e by Stefan Metzmacher at 2020-12-07T19:02:33+00:00
s3/wscript: only check for F_SETLEASE being available at compile time
F_GETLEASE/F_SETLEASE are available (at least) since Linux 2.4.0 from
2002.
We also should not have the configure check depend on the filesystem
we find at build time. It's very common that the build-environment is
much more restricted than the runtime-environment will be.
As a history we had this check on Samba 3.6:
AC_CACHE_CHECK([for Linux kernel oplocks],samba_cv_HAVE_KERNEL_OPLOCKS_LINUX,[
AC_TRY_RUN([
#include <sys/types.h>
#include <fcntl.h>
#ifndef F_GETLEASE
#define F_GETLEASE 1025
#endif
main() {
int fd = open("/dev/null", O_RDONLY);
return fcntl(fd, F_GETLEASE, 0) == -1;
}
],
samba_cv_HAVE_KERNEL_OPLOCKS_LINUX=yes,samba_cv_HAVE_KERNEL_OPLOCKS_LINUX=no,samba_cv_HAVE_KERNEL_OPLOCKS_LINUX=cross)])
if test x"$samba_cv_HAVE_KERNEL_OPLOCKS_LINUX" = x"yes"; then
AC_DEFINE(HAVE_KERNEL_OPLOCKS_LINUX,1,[Whether to use linux kernel oplocks])
fi
which didn't depend on the filesystem.
Then we got a broken check introduced in Samba 4.0 (a copy of the
F_NOTIFY check):
# Check for Linux kernel oplocks
conf.CHECK_CODE('''
#include <sys/types.h>
#include <fcntl.h>
#include <signal.h>
#ifndef F_NOTIFY
#define F_NOTIFY 1026
#endif
main() {
exit(fcntl(open("/tmp", O_RDONLY), F_NOTIFY, 0) == -1 ? 1 : 0);
}''', 'HAVE_KERNEL_OPLOCKS_LINUX', addmain=False, execute=True,
msg="Checking for Linux kernel oplocks")
this got "fixed" in Samba 4.7 (and backports to 4.6, 4.5 and 4.4) into
# Check for Linux kernel oplocks
conf.CHECK_CODE('''
#include <sys/types.h>
#include <fcntl.h>
#include <signal.h>
#ifndef F_GETLEASE
#define F_GETLEASE 1025
#endif
main() {
exit(fcntl(open("/tmp", O_RDONLY), F_GETLEASE, 0) == -1 ? 1 : 0);
}''', 'HAVE_KERNEL_OPLOCKS_LINUX', addmain=False, execute=True,
msg="Checking for Linux kernel oplocks")
Lately it became dependend on the filesystem in the build-environment:
# Check for Linux kernel oplocks
conf.CHECK_CODE('''
#include <sys/types.h>
#include <fcntl.h>
#include <signal.h>
#ifndef F_GETLEASE
#define F_GETLEASE 1025
#endif
main() {
const char *fname="/tmp/oplock-test.txt";
int fd = open(fname, O_RDWR|O_CREAT, 0644);
int ret = fcntl(fd, F_SETLEASE, F_WRLCK);
unlink(fname);
return (ret == -1) ? 1 : 0;
}''', 'HAVE_KERNEL_OPLOCKS_LINUX', addmain=False, execute=True,
msg="Checking for Linux kernel oplocks")
Now we just check for F_SETLEASE being available in linux/fcntl.h.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
30c1c153 by Stefan Metzmacher at 2020-12-07T19:02:33+00:00
s3:smbd: remove unused fallback defines in oplock_linux.c
F_GETLEASE/F_SETLEASE/F_SETSIG were all included in the kernel
and glibc in 2002, there's no need to have fallbacks 18 years later.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
14768d0d by Stefan Metzmacher at 2020-12-07T20:07:18+00:00
s4:torture:smb2: remove unused fallback defines in oplock.c
F_SETLEASE/F_SETSIG were all included in the kernel
and glibc in 2002, there's no need to have fallbacks 18 years later.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Dec 7 20:07:18 UTC 2020 on sn-devel-184
- - - - -
c8d3547c by Douglas Bagnall at 2020-12-09T16:00:39+00:00
samba-tool domain: move timestamp functions to common
Other tools use identical functions, and they too can use common.py
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
2c48e90f by Douglas Bagnall at 2020-12-09T16:00:39+00:00
samba-tool pso uses common timestamp functions
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
816dee1a by Douglas Bagnall at 2020-12-09T16:00:39+00:00
samba-tool drs: move attr_default to common
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
e253c45c by Douglas Bagnall at 2020-12-09T16:00:39+00:00
samba-tool gpo: use common attr_default
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
a8d1a6c5 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
python: remove unused provision.check_install()
Unused for at last 10 years.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
02c3a66c by Douglas Bagnall at 2020-12-09T16:00:39+00:00
drs_utils: remove unused sendRemoveDsServer()
The only caller of this was `samba-tool domain demote` which stopped
using it in 2015 with commit f121173cbf46fe64746d73adf40015c43d5c55fc.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
9938a9f7 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
selftest/subunit: python file modernisation
Python idioms for iterating over a line and closing it have improved,
and we should keep up.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
3afd5942 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: fix documentation for err_duplicate_values
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
fa035037 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: fix documentation for err_base64_userParameters
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
c7b39f1c by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: fix documentation and typo for err_utf_userParameters
pseudo, not psudo.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
9fabe3aa by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: fix documentation for err_doubled_userParameters
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
081d12de by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: add docstring for err_odd_userParameters
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
71311740 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: don't try to stringify values list twice
dump_attr_values already turns it into a comma separated list.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
99cdb219 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: drop py2 support from dump_attr_values()
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
0aec5b93 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: improve some duplicate doc strings
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
17fb6355 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: remove unused fix_incorrect_deleted_objects flag
This was introduced in db15993401f927fd2fcea1687c4155dce2272aa8
but not actually referenced then or since.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
c28a3dd6 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: fix doc for do_rename()
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
f1be8813 by Douglas Bagnall at 2020-12-09T16:00:39+00:00
dbcheck: fix doc for err_normalise_mismatch*
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
cc9ff79d by Douglas Bagnall at 2020-12-09T17:04:23+00:00
dbcheck: err_normalise-mismatch_replace: no msg if no error
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Wed Dec 9 17:04:23 UTC 2020 on sn-devel-184
- - - - -
6f137484 by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Test gpo Sudoers list command
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b402c764 by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Add a gpo command for listing Sudoers Group Policies
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
b0ccebd3 by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Test gpo Sudoers add command
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5f9d2456 by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Add a gpo command for adding Sudoers Group Policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f67a3644 by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Test gpo Sudoers remove command
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f509550f by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Add a gpo command for removing Sudoers Group Policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
5b49e0ac by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Test gpo Security set command
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
eea46a38 by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Add a gpo command for setting Security Group Policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
aba8ece1 by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Test gpo Security list
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
111f07fd by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Add a gpo command for listing Security Group Policies
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
f74dea08 by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Test gpo smb.conf list command
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
fff3e0eb by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Add a gpo command for listing smb.conf Group Policies
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
2705d39b by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Test gpo smb.conf set command
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
ef5ea147 by David Mulder at 2020-12-09T17:38:28+00:00
samba-tool: Add a gpo command for setting smb.conf Group Policy
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
- - - - -
4fa938e7 by David Mulder at 2020-12-09T18:42:29+00:00
WHATSNEW: samba-tool gpo manage command
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): David Mulder <dmulder at samba.org>
Autobuild-Date(master): Wed Dec 9 18:42:29 UTC 2020 on sn-devel-184
- - - - -
aec02dc9 by Volker Lendecke at 2020-12-11T18:29:32+00:00
lib: Make dnsquery.h #ifdef align to our conventions
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f25248fe by Volker Lendecke at 2020-12-11T18:29:32+00:00
libcli: Add required #includes to libcli/dns/dns.h
Also, make it safe against being included twice
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
18128188 by Volker Lendecke at 2020-12-11T18:29:32+00:00
libcli: Add required #includes to dnsquery.h
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
60b96580 by Volker Lendecke at 2020-12-11T18:29:32+00:00
build: Wrap a long line
There will be one more .c file
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
31d85404 by Volker Lendecke at 2020-12-11T18:29:32+00:00
libcli: Add ads_dns_query_srv_send()/recv()
This issues the "query" for SRV records site-aware and siteless. If
there are SRV records returned without IP addresses, it will issue A
and AAAA requests, waiting up to async_dns_timeout seconds. If that
timeout is reached, ads_dns_query_srv_recv() returns whatever is
around.
Superdebug added by Jeremy <jra at samba.org> :-)
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b9f91571 by Volker Lendecke at 2020-12-11T18:29:32+00:00
libsmb: Use ads_dns_query_srv() in resolve_ads()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d92a85fb by Volker Lendecke at 2020-12-11T18:29:32+00:00
libsmb: No need to call dns_lookup_list_async() in resolve_ads()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9d7c048e by Volker Lendecke at 2020-12-11T18:29:32+00:00
libsmb: Use ads_dns_query_srv() in discover_dc_dns()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7614cce0 by Volker Lendecke at 2020-12-11T18:29:32+00:00
libsmb: No need to call dns_lookup_list_async() in discover_dc_dns()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
61f71f34 by Volker Lendecke at 2020-12-11T18:29:32+00:00
net: Add "sitename" support to "net lookup ldap"
This will be used in a test later
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ef8740ce by Volker Lendecke at 2020-12-11T18:29:32+00:00
net: Use ads_dns_query_srv() in net_lookup_ldap()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b324e2e1 by Volker Lendecke at 2020-12-11T18:29:32+00:00
net: Use dns_rr_srv->ss_s in "net lookup ldap"
ads_dns_query_srv() always fills it
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9fa3ce29 by Volker Lendecke at 2020-12-11T18:29:32+00:00
test: test site-aware DC lookup via "net lookup ldap"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d327f664 by Volker Lendecke at 2020-12-11T18:29:32+00:00
libsmb: Remove unused dns_lookup_list_async()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
49256925 by Volker Lendecke at 2020-12-11T19:30:16+00:00
libsmb: Remove unused ads_dns_query_* routines
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Dec 11 19:30:16 UTC 2020 on sn-devel-184
- - - - -
1c59f49a by Martin Schwenke at 2020-12-15T11:02:34+00:00
bootstrap: Cope with case changes in CentOS 8 repo names
RN: Be more flexible with repository names in CentOS 8 test environments
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14594
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
6601b3ac by Martin Schwenke at 2020-12-15T12:03:58+00:00
bootstrap: Update distro list in README.md
Update examples to make them valid.
Signed-off-by: Martin Schwenke <martin at meltin.net>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Tue Dec 15 12:03:58 UTC 2020 on sn-devel-184
- - - - -
25a94fa4 by Douglas Bagnall at 2020-12-15T14:32:43+00:00
dbcheck: make rIDSetReferences attr check case-insensitve
Yes, it looks inefficient, but that's because it is just trying to fit
in. Very soon we will fix it it properly.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
6b4ff458 by Douglas Bagnall at 2020-12-15T14:32:43+00:00
dbcheck: check_object() caches of lower case attr names
The construct `'name' in map(str.lower, attrs)` is doubly inefficient,
because not only is it running the lower() function too often, it is
searching linearly in a temporary iterator for membership.
So we make a set, and use that.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
b21287c2 by Douglas Bagnall at 2020-12-15T14:32:43+00:00
dbcheck: do not add duplicate attrs for checking
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
43530f08 by Douglas Bagnall at 2020-12-15T14:32:43+00:00
dbcheck: add a helper function for attr tracking
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
206a028e by Douglas Bagnall at 2020-12-15T14:32:43+00:00
dbcheck: split out attr calculations from check_object()
check_object is too long!
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
0dd736ff by Douglas Bagnall at 2020-12-15T14:32:43+00:00
dbcheck: better disambiguate 'attrs'
We had too many things called 'attrs'; now we have just one, but we
don't want it to look like it is *the* one.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
22447a51 by Douglas Bagnall at 2020-12-15T14:32:43+00:00
dbcheck: reduce useless use of str(attrname)
it's already a string!
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
83371443 by Douglas Bagnall at 2020-12-15T14:32:43+00:00
dbcheck: check_object/userparams: use variable for clarity
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
9bf9b998 by Douglas Bagnall at 2020-12-15T14:32:43+00:00
dbcheck: clarify check_object userparams
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Noel Power <npower at samba.org>
- - - - -
7a077f15 by Andrew Walker at 2020-12-15T15:32:18+00:00
s3:smbd:trans2.c - add twrp to tmp smb_fname in smbd_do_qfsinfo
Preserve VSS-related timestamp in temporary smb_filename before
calling vfs_stat_fn() in smbd_do_qfsinfo. Otherwise, we can fail
here on smb2_getinfo requests if file does not exist outside of
shadow copy path.
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Noel Power <npower at samba.org>
Autobuild-User(master): Noel Power <npower at samba.org>
Autobuild-Date(master): Tue Dec 15 15:32:18 UTC 2020 on sn-devel-184
- - - - -
436903af by Ralph Boehme at 2020-12-16T09:08:30+00:00
CI: add samba-no-opath
Add a job that builds with O_PATH undefined.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
703c1898 by Ralph Boehme at 2020-12-16T09:08:30+00:00
CI: skip kernel-oplocks tests on older kernels
The kernel of the gitlab shared runners container host has a bug in the
interaction between kernel oplocks and O_PATH opens which was fixed by
387e3746d01c34457d6a73688acd90428725070b in 5.3.1:
<https://kernel.googlesource.com/pub/scm/linux/kernel/git/jlayton/linux/+/refs/tags/locks-v5.3-1%5E%21/>
Don't actually start the OPLOCK5 test is kernel oplocks are not available,
instead of relying on the #ifdef HAVE_KERNEL_OPLOCKS_LINUX magic in torture.c.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bf7ab878 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs: add "is_pathref" to struct files_struct
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c6c65d1f by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs: add "is_fsa" flag to struct files_struct
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
28f43fda by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: add fd_handle.[c|h]
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
50ce9809 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fsp_set_fd()
No change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9db3ff25 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fsp_get_io_fd() when accessing a file or it's associated metadata
In all places where we access or modify a file or it's associated metadata, we
use fsp_get_io_fd() to fetch the low-level fd from the fsp. This ensures we
don't accidentally use a pathref fsp where the fd would be opened as root on
systems lacking O_PATH.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f5632b43 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fsp_get_pathref_fd() as part of DEBUG and syslog messages
Nothing really dangerous is done with the fds here, so we can safely use
fsp_get_pathref_fd() in these cases.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0208ca69 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fsp_get_pathref_fd() when close()ing fds
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bc908ea3 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fsp_get_pathref_fd() for *at related directory handles
Obviously correct to use fsp_get_pathref_fd() here.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5648662b by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fsp_get_pathref_fd() for "internal" xattr functions
We're using xattr data storage for internal reasons in these places, so in all
places it's safe to use a possibly root opened fd.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
450d7f13 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fsp_get_pathref_fd() for fstat() calls
If we can access the path to a file, by default we have FILE_READ_ATTRIBUTES
from the containing directory. See the section: "Algorithm to Check Access to an
Existing File" in MS-FSA.pdf.
So it's also safe to use a root opened pathref fd, as the root open is done on
the final component after a chdir() to the parent directory was done while still
impersonating the use. Qed.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
61628ade by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fsp_get_pathref_fd() for logical fd comparisons
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0d9afd7a by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fh_[get|set]_pos() and fh_[get|set]_position_information()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
059dee95 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fh_[get|set]_gen_id()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
da786ccd by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fh_[get|set]_private_options()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fdb91631 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fh_[get|set]_refcount()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
140df321 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use fd_handle_create()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dd8fe0cf by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: remove redundant initialisation of the fsp fd
This is already set to -1 by fd_handle_create().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b56f554f by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs: make struct fd_handle private
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c39940d8 by Ralph Boehme at 2020-12-16T09:08:30+00:00
s3/lib: add proc fds infrastructure
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1d35fc7f by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_error_inject: ignore path_ref_fd's
This avoids failing opens triggered by filename_convert() ->
openat_pathref_fsp().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1f94c3ee by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs: add struct connection_struct flag "have_proc_fds"
Allows the VFS layer to tell the higher layers if fds opened by the openat() VFS
implementation are visible objects inside a /proc/PID/fd/FD filesystem.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2af46c7f by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs: add fsp flag "have_proc_fds"
This flag is used by the VFS layer to tell the FSA layer that it is allowed to
reopen an fsp by using an exisiting pathref fd with /proc/PID/fd/FD to open a
full fd.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
11e2a856 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_default: fix indentation
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6d16e580 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_default: initialize conn->have_proc_fds
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3105e53f by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_default: support pathref fd's in vfswrap_fgetxattr()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0f353bca by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_default: support pathref fd's in vfswrap_flistxattr()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a46f987c by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_default: support pathref fd's in vfswrap_fremovexattr()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9b3c80f8 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_default: support pathref fd's in vfswrap_fsetxattr()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
011252c6 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_fruit: skip Netatalk locking checks for path-ref fd's
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b2e6d7b0 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_posixacl: support pathref fd's in posixacl_sys_acl_get_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c9889c19 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_posixacl: support pathref fd's in posixacl_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
879d8a3b by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd/posix_acls: support pathref fd's in posix_sys_acl_blob_get_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cf3c48cb by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_default: implement pathref opens in vfswrap_openat()
If the system supports O_PATH we use that, otherwise we fallback to root opens.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fd882574 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_ceph: implement pathref opens in cephwrap_openat()
Ceph supports O_PATH since v0.93 from 2015:
https://ceph.io/geen-categorie/v0-93-hammer-release-candidate-released/
This seems to be old enough so we can hopefully use this without a runtime
version check.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7d1e6e83 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_glusterfs: implement pathref opens with become_root() fallback
Until glusterfs supports O_PATH, fallback to become_root().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a14db893 by Ralph Boehme at 2020-12-16T09:08:30+00:00
s3: add full_path_from_dirfsp_atname()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f8980821 by Ralph Boehme at 2020-12-16T09:08:30+00:00
vfs_shadow_copy2: deal with real dirfsps in shadow_copy2_openat()
Prepare shadow_copy2_openat() for real dirfsps flying by.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
eb6bbb4f by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: check for pathref fd's in vfs_set_blocking()
Don't try to set pathref fd's to non-blocking, they're not used with IO.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
abb7ab2c by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: already set fsp fd in non_widelink_open()
A subsequent commit will add a consumer of the fd to non_widelink_open() (by
calling SMB_VFS_FSTAT()), so we need to set the fd already here. And it makes
more sense anyway. :)
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a272ca54 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: catch O_PATH opens of symlinks in in non_widelink_open()
Calling openat() with O_PATH|O_NOFOLLOW will open a handle on the symlink
itself. That would be a nice feature if it would be supported on more platforms,
but being a Linux only thing, we have to preserve the behaviour of failing to
open a handle on symlinks.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
abc00b95 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: pass a dirfsp to fd_open() and rename it to fd_openat()
For now no change in behaviour as all callers still pass conn->cwd_fsp. This
just prepared fd_openat() to deal with real dirfsp's pass by callers later on
when adding calls to fd_openat(dirfspm ...) in the directory enumeration loop.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
99f60a74 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: pass dirfsp down to non_widelink_open() and process_symlink_open()
Callers still all pass conn->cwd_fsp so no change in behaviour yet.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d680e9aa by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: remove unused cwdfsp from non_widelink_open()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ade0af78 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use orig_fsp_name as variable name in non_widelink_open()
No change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
65c4f615 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: simplify setting and resetting fsp->fsp_name in non_widelink_open()
Instead of setting and resetting the name to the relative name every time we
call into the VFS, just set it once and reset it at the end and when recursing
via process_symlink_open().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
12d75a83 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: deal with real dirfsps in non_widelink_open()
If we get a real dirfsp, skip the parent-directory logic. Just pass the dirfsp
to SMB_VFS_OPENAT() which by now supports real dirfsps.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
241dd9d9 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: pass private_flags to open_file()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
204c7b24 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: maps NT_STATUS_STOPPED_ON_SYMLINK to NT_STATUS_OBJECT_PATH_NOT_FOUND in open_file()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b6dfcae0 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: convert non_widelink_open() and process_symlink_open() to return NTSTATUS
non_widelink_open() now also returns NT_STATUS_STOPPED_ON_SYMLINK in case an
attempt was made to either
1. open a symlink from a POSIX client, or
2. open a symlink from a Windows client but any of the symlink behaviour
configuring options "follow symlink", "wide links" or "allow insecure wide
links" prevents access to the symlink target
Caller open_file() has already been updated to map NT_STATUS_STOPPED_ON_SYMLINK
to NT_STATUS_NT_STATUS_OBJECT_PATH_NOT_FOUND.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2b45b9a0 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: always fstat in non_widelink_open()
This way we can avoid stating twice: once here and possibly a second time in
the caller open_file().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c1c2dd6c by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: remove SMB_VFS_FSTAT() from open_file()
This is now done in non_widelink_open().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7626bba6 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: add openat_pathref_fsp()
open_pathref_fsp() opens an "embedded" fsp inside smb_fname as
smb_fname->fsp. We call such an fsp a "pathref" fsp.
On system that support O_PATH the low level openat() is done with O_PATH. On
systems that lack support for O_PATH, we impersonate the root user as a
fallback.
Setting "is_pathref" in the fsp_flags before calling fd_openat() is what
triggers the special low-level behaviour inside the VFS.
The use of pathref fsps allows updating all callers of path based VFS functions
like
dos_mode(smb_fname)
-> SMB_VFS_GET_DOS_ATTRIBUTES(smb_fname)
-> SMB_VFS_GETXATTR(smb_fname)
to use the handle based VFS function like
fdos_mode(smb_fname->fsp)
-> SMB_VFS_FGET_DOS_ATTRIBUTES(fsp)
-> SMB_VFS_FGETXATTR(fsp)
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d764c183 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: add smb_fname_fsp_unlink()
Remove the link between an smb_fname and it's embedded smb_fname->fsp.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
994f8890 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: add move_smb_fname_fsp_link()
Function to move fsps from one smb_fname to another.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d5edf302 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: maintain correct destructor order in fsp_free()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b2685e28 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: use move_smb_fname_fsp_link() in fsp_set_smb_fname()
This ensures that fsp->fsp_name->fsp is again set to the fsp and also preserves
the link fsp->fsp_name->fsp_link.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cff6dff5 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: README.Coding fixes in file_find_dif()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
05633454 by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: reduce indentation in file_find_dif()
No change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
24dd647c by Ralph Boehme at 2020-12-16T09:08:30+00:00
smbd: ignore non FSA fsps in file_find_dif()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
927c297b by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: add need_fsa arg and logic to file_find_di_(first|next)
All callers except rename_open_files() can ignore non FSA fsps.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4d29ab04 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use common exit in filename_convert_internal()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9a5a1fe1 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use open_pathref_fsp() in filename_convert_internal()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
67a73548 by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/libadouble: use openat_pathref_fsp() in ad_convert_xattr()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
be4a4b51 by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/libadouble: use openat_pathref_fsp() in ad_convert_finderinfo()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e70c6187 by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/libadouble: use openat_pathref_fsp() in ad_unconvert_open_ad()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
349c5737 by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/libadouble: use openat_pathref_fsp() in ad_unconvert_get_streams()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e4bb359a by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/libadouble: use openat_pathref_fsp() in ad_collect_one_stream()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
368b8158 by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/libadouble: use openat_pathref_fsp() in ad_open_rsrc()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e8a49d0e by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/libadouble: use openat_pathref_fsp() in readdir_attr_meta_finderi_stream()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cbe25e17 by Ralph Boehme at 2020-12-16T09:08:31+00:00
printing: use openat_pathref_fsp() in file_version_is_newer()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ef5e913b by Ralph Boehme at 2020-12-16T09:08:31+00:00
printing: use openat_pathref_fsp() in file_version_is_newer()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a74f0af1 by Ralph Boehme at 2020-12-16T09:08:31+00:00
printing: use openat_pathref_fsp() in get_correct_cversion()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e5adfe64 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use openat_pathref_fsp() in get_file_handle_for_metadata()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0bdaba47 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use openat_pathref_fsp() in open_streams_for_delete()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
14b0cc6b by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use openat_pathref_fsp() in reply_search()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
36b03af0 by Ralph Boehme at 2020-12-16T09:08:31+00:00
printing: use openat_pathref_fsp() in driver_unlink_internals()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
492ca581 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use openat_pathref_fsp() rename_internals()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9bdac4f8 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use openat_pathref_fsp() in copy_file()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
aedaa97e by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: un-const smb_fname in get_posix_fsp()
Avoids making a copy of smb_fname which allows using smb_fname->fsp if there is
one.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
83ecda17 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use openat_pathref_fsp() in call_trans2findfirst()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
Also drop pathref fsp from filename_convert() in call_trans2findfirst(), because
the call to filename_convert() is on the path from the client including the
search mask.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
924e7a70 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: unconst smb_fname arg of all setfileinfo worker functions
This allows avoiding making copies of the smb_fname when it needs to be passed
to a function that takes a non-const smb_fname.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bf4b1b9b by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: avoid a smb_fname copy in smb_set_file_size()
Now that we get a non-const smb_fname we can use that for the call to
SMB_VFS_CREATE_FILE().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e6650c47 by Ralph Boehme at 2020-12-16T09:08:31+00:00
net: use openat_pathref_fsp() in net_vfs_get_ntacl()
Ensures we have a pathref handle in the smb_fname we pass to
SMB_VFS_CREATE_FILE().
As the create_disposition is FILE_OPEN we just return the error if
openat_pathref_fsp() fails
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dab50f39 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: prevent non-POSIX stat-opens of symlinks in open_file()
Also adjust the test that checks for this.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
94dea7a2 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: call open_pathref_fsp() in unlink_internals() in wildcard matching loop
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
945bdc7c by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: we DO NEED the low level fd
In order to make everything handle based, we will need the basefile handle when
eg the client requests setting any of the filemetadata that is common across all
streams, eg the file's timestamps.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c21890d1 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: replace a stat() with an fstat() in create_file_unixpath()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d00d09fd by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: reuse smb_fname->fsp in create_file_default()
This is the big bang for the internal pathref fsps: up to this point the pathref
fsps were lingering around unused inside smb_fname->fsp.
With this change, the internal fsp will be the one that is going to be returned
from SMB_VFS_CREATE_FILE() if the client requested access mask matches the
criteria in open_file():
uint32_t need_fd_mask =
FILE_READ_DATA |
FILE_WRITE_DATA |
FILE_APPEND_DATA |
FILE_EXECUTE |
WRITE_DAC_ACCESS |
WRITE_OWNER_ACCESS |
SEC_FLAG_SYSTEM_SECURITY |
READ_CONTROL_ACCESS;
As long as the client doesn't request any of the access rights listed above, we
reuse the smb_fname->fsp, otherwise we close the smb_fname->fsp and call
fd_open() to open a new fsp.
In the future we can remove the four non-IO related access rights from the list:
WRITE_DAC_ACCESS |
WRITE_OWNER_ACCESS |
SEC_FLAG_SYSTEM_SECURITY |
READ_CONTROL_ACCESS
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4bcb3d7a by Ralph Boehme at 2020-12-16T09:08:31+00:00
vfs_xattr_tdb: don't leak the fd into the caller
This is subtle: generally fsp_set_fd(fd) is called in the caller of
SMB_VFS_OPENAT() in non_widelink_open().
fsp_set_fd() has a check that asserts certain combindations of the existing
fsp->fh->fd and the new fd. Both being valid fds is not allowed.
Therefor inside the VFS we must reset fsp->fh->fd if we've set it.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
37003ec7 by Ralph Boehme at 2020-12-16T09:08:31+00:00
vfs_fruit: disable fd reopening optimisations for the two special macOS streams
I couldn't figure out why the reopen fails a few vfs.fruit tests, so for now
disable the optimisations. It only affects the two special Mac streams, so it's
not *that* bad, but definitely something we would want to improve on in the near
future.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5770cdd7 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: optimisation using pathref fd to open real fd if possible
This is an optimisation that avoids going through the expensive
non_widelink_open() logic a second time. It depends on a usable /proc/%d/fd/%d
filesystem and this is checked and set as "can_reopen" flag by the VFS in the
openat() function in the fsp.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
626b4e57 by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/torture: add torture_conn_set_sockopt() wrapper
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0ccd24b4 by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/torture: add POSIX-LS-WILDCARD test
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c8a2530b by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/torture: add POSIX-LS-SINGLE test
Note that uses SMB2 for the "Windows client" (aka non-POSIX) connection as SMB1
directory listing code translates a directory listing with a search mask that
matches an existing file to a CREATE which won't cut it for our test as we're
targetting the directory listing code.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
562ae8eb by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/torture: add POSIX-READLINK test
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a63a3972 by Ralph Boehme at 2020-12-16T09:08:31+00:00
s3/torture: add POSIX-STAT test
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9d075d80 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: add vfs_stat()
Deals with POSIX paths and either calls lstat() for POSIX or stat().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
37e6783f by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use vfs_stat() in dptr_ReadDirName()
This is subtle: we inherit the smb_fname flags from the directory to its
directory entries while listing a directory. This means if were listing a
directory in POSIX context, we now treat all entries as POSIX paths and
correctly call lstat() on the entries instead of stat().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
985c1be5 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use vfs_stat() in more places
This replaces the code in a bunch of places where we choose between stat() and
lstat() based on req->posix_pathname. The new code inside vfs_stat() is based on
checking the smb_fname flag SMB_FILENAME_POSIX_PATH.
req->posix_pathname is inherited from the global POSIX pathnames state and the
smb_fname flags is also inherited from that indirectly via the UCF flags.
Tl;dr: no change in behaviour. :)
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dba8593c by Ralph Boehme at 2020-12-16T09:08:31+00:00
vfs: Add dirfsp arg to SMB_VFS_READDIR()
This allows for optimisations in VFS module: by passing the dirfsp as an
additional arg, the function can check fsp->fsp_name->flags which may include eg
SMB_FILENAME_POSIX_PATH to trigger POSIX pathname processing.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dd368479 by Ralph Boehme at 2020-12-16T09:08:31+00:00
vfs_default: simplify vfswrap_readdir()
No change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
36d72d8a by Ralph Boehme at 2020-12-16T09:08:31+00:00
vfs_default: return stat info for symlinks in POSIX context
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
86edc662 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use get_dosmode in smbd_dirptr_8_3_mode_fn()
Caller currently always passes true, but this will change soonish with a change
to smbd_dirptr_get_entry().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c98d1113 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: call open_pathref_fsp() in smbd_dirptr_get_entry()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8e3798dd by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: factor out smbd_check_access_rights_sd() from smbd_check_access_rights()
No change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2aac9100 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: add smbd_check_access_rights_fsp()
Handle based version of smbd_check_access_rights().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
435c0f88 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: adjust allocation size check across handles in smbd_do_qfilepathinfo()
Check all open files if either we don't have an fsp or if the fsp is not a full
FSA fsp, ie not one which was created by SMB_VFS_CREATE_FILE() but by
openat_pathref_fsp().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1bc943dd by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: check for valid FSA fsp in smb_query_posix_acl()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9535af36 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: check for valid FSA fsp in smb_set_posix_acl()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3da8af16 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: unconst fsp arg of check_access_fsp()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
192897b4 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: deal with non FSA fsps in check_access_fsp()
For fsps coming out of openat_pathref_fsp() and not SMB_VFS_CREATE_FILE(),
fsp->access_mask will be 0 and we check the requested rights against the
permissions of the object opened by the fsp.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3d8237a8 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: check for non FSA fsps in smb_file_rename_information()
If the fsp is a non FSA fsp created by openat_pathref_fsp(), we can't pass it to
rename_internals_fsp(). We have to go via rename_internals() which internally
uses SMB_VFS_CREATE_FILE() to open an fsp which ensure we go through the lease
checking code.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d9e9f063 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use SMB_VFS_CREATE_FILE() in call_trans2mkdir()
Use SMB_VFS_CREATE_FILE() instead of the create_directory() in order to have a
fsp that we can pass to set_ea().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2bcb268b by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use pathref fsp in call_trans2qfilepathinfo()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a716c556 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use pathref fsp in call_trans2setfilepathinfo()
This means we're now passing a valid fsp to all setinfo functions. The only
special case being when dealing with a symlink in POSIX context.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
5bec9621 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use check_access_fsp() in set_ea()
We now always have a fsp.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cc0e740a by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: in reply_setatr() pass pathref fsp to smb_set_file_time()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
752bc388 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: always use check_access_fsp() in smb_set_file_basic_info()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ef9afe38 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: always use check_access_fsp() in smb_set_info_standard()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
4ac20da4 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fsp in smb_set_file_time()
Ensure we have a valid fsp whos name we pass to file_ntimes(). Remember,
file_ntimes() by default ends up calling SMB_VFS_GET_DOS_ATTRIBUTES() under the
hood in order to get/set the creation date.
As any fsp->fsp_name contains a backpointer to the fsp ie
fsp->fsp_name->fsp == fsp
passing set_fsp->fsp_name to file_ntimes() allows replacing the path based
SMB_VFS_GET_DOS_ATTRIBUTES() with SMB_VFS_FGET_DOS_ATTRIBUTES() under the hoods.
Also use the base_fsp->fsp_name for the base name in case of setting the
timestamps on a stream.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
da93d88e by Ralph Boehme at 2020-12-16T09:08:31+00:00
vfs_gpfs: fix bogus compiler warning
The next commit adds the first call inside Samba to the VFS function
SMB_VFS_FGET_DOS_ATTRIBUTES() and therefor also to
vfs_gpfs_fget_dos_attributes(). No idea why gcc is generating this warning:
[4127/4716] Compiling source3/modules/vfs_aio_fork.c
../../source3/modules/vfs_gpfs.c: In function ‘vfs_gpfs_fget_dos_attributes’:
../../source3/modules/vfs_gpfs.c:1728:2: error: ‘file_id’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
1728 | update_stat_ex_file_id(&fsp->fsp_name->st, file_id);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated due to -Wfatal-errors.
cc1: all warnings being treated as errors
This change fixes the error.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ccd3352b by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: add fdos_mode()
Note that this continues using the braindead dual path/handle based API mistake,
but only in order to reuse the util functions and because this is an
intermediate step to support transitioning to an all handle based flow.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
06906b1d by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in smbd_dirptr_lanman2_mode_fn()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
180e0a7d by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in smbd_dirptr_8_3_mode_fn()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
54b4321f by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in file_set_sparse()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c83516f3 by Ralph Boehme at 2020-12-16T09:08:31+00:00
vfstest: use filename_convert() in cmd_utime()
Ensures we have a pathref fsp when calling SMB_VFS_NTIMES().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ea2def33 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: un-const smb_fname_dst_in arg of rename_internals_fsp()
A subsequent commit is going to modify smb_fname_dst_in.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8e9887c2 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: drop pathref from smb_fname_dst_in in rename_internals_fsp()
The pathref is not needed anymore below this point and it conflicts with the
code that checks for open handles on the destination just below.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
147c3f2e by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in set_create_timespec_ea()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bde16030 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in vfs_default_durable_reconnect()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a649ebed by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in mark_file_modified()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ec9afe04 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in reply_ntcreate_and_X()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f432bc56 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in call_nt_transact_create()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7386dc73 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in copy_internals()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6e512835 by Ralph Boehme at 2020-12-16T09:08:31+00:00
smbd: use fdos_mode() in check_base_file_access()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
93357758 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in open_file_ntcreate()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8bdf3f30 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in reply_getatr()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
594bfdea by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in reply_open()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b3e5feb9 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in reply_open_and_X()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7d0c60ff by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in can_rename()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
988a838a by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in do_unlink()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8dbac0d5 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: call rename_open_files() a bit earlier in rename_internals_fsp()
This prepares for using handle based SMB_VFS_FSTAT() and fdos_mode() a few lines
below. As some VFS modules will use the fsp->fsp_name we have to make sure to
rename it first.
Fwiw, notify_rename() is moved as well as it needs to original name in
fsp->fsp_name.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f19b01a1 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use SMB_VFS_FSTAT() in rename_internals_fsp()
While at it, use the open handle on the renamed file to call fstat() instead of
stat().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
58e103a7 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: README.Coding fixes in rename_internals_fsp()
No change in behaviour.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
812e59c6 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in rename_internals_fsp()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
96a88265 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in copy_file()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0977f137 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in reply_getattrE()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
608085af by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in setup_close_full_information()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
05b31b47 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in smbd_smb2_create_after_exec()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ccb68c56 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in call_trans2open()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
72d19c89 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in smbd_do_qfilepathinfo()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
24d75b92 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: pass fsp to smb_set_file_dosmode()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8eb56168 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in smb_set_file_dosmode()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
62d82326 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in smb_set_file_disposition_info()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e7a90fd7 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in dos_mode_at_vfs_get_dosmode_done()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2a1bb232 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in tsmsm_set_dos_attributes()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
22d9c31a by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use fdos_mode() in tsmsm_fset_dos_attributes()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2317583b by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: RIP dos_mode()
.--. .-, .-..-.__
.'(`.-` \_.-'-./` |\_( "\__
__.>\ '; _;---,._| / __/`'--)
/.--. : |/' _.--.<| / | |
_..-' `\ /' /` /_/ _/_/
>_.-``-. `Y /' _;---.`|/))))
'` .-''. \|: .' __, .-'"`
.'--._ `-: \/: /' '.\ _|_
/.'`\ :; /' `- `-|-`
-` | | |
:.; : | .-'~^~`-.
|: | .' _ _ `.
|:. | | |_) | |_) |
:. : | | | \ | | |
: ; | | |
: ; | | |
: ; | | dos_mode()|
.:| . : ; | |
-."-/\\\/:::. `\."-._'."-"_\\-| |///."-
" -."-.\\"-."//.-".`-."_\\-.".-\\`=.........=`//-".
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0f5a28d6 by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: use SMB_VFS_FGET_DOS_ATTRIBUTES() in open_file_ntcreate()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d466ba6d by Ralph Boehme at 2020-12-16T09:08:32+00:00
vfs: add and use fget_ea_dos_attribute()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
04b4dc86 by Ralph Boehme at 2020-12-16T09:08:32+00:00
vfs: RIP SMB_VFS_GET_DOS_ATTRIBUTES()
(\ _ /)
( \ O / )
(// \\)
X
/ \
/___\
_____/ \\_____
| + ||
| ||
| SMB_VFS_GET_ ||
| DOS_ATTRIBUTES() ||
| ||
| ||
| ||
| _ ___ _ ||
| | \ | | \ ||
| | | | | | ||
| |_/ | |_/ ||
| | \ | | ||
| | \ | | ||
| | \. _|_. | . ||
| ||
* * | * ** * ** |** **
\)),.,\(/.,(//,,..,,\||(,,.,\\,.((//
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3db25c1c by Ralph Boehme at 2020-12-16T09:08:32+00:00
smbd: remove unused get_ea_dos_attribute()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a55a2bfb by Ralph Boehme at 2020-12-16T09:08:32+00:00
vfs: SMB_VFS_GET_COMPRESSION() -> SMB_VFS_FGET_COMPRESSION()
Now that handle based fdos_mode() is used everywhere we can be sure that we're
also always getting a handle in SMB_VFS_GET_COMPRESSION() so we can now safely
remove the path parameter. :)
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0049a34b by Jeremy Allison at 2020-12-16T09:08:32+00:00
smbd: smb_info_set_ea() can only get fsp==NULL in POSIX mode accessing a symlink.
Ensure this is the case and force-return NT_STATUS_ACCESS_DENIED here.
Remove any race condition if anyone modifies the symlink whilst the
operation is in process.
This now allows us to require a valid fsp for operations on EAs.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
898c537a by Jeremy Allison at 2020-12-16T09:08:32+00:00
smbd: set_ea() must have an fsp, so remove uses of the smb_fname parameter.
Next we can remove it.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
874c5fcf by Jeremy Allison at 2020-12-16T10:15:11+00:00
smbd: Remove the smb_fname parameter from set_ea().
We know we must have a valid fsp.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Dec 16 10:15:11 UTC 2020 on sn-devel-184
- - - - -
df73a766 by Stefan Metzmacher at 2020-12-16T12:50:37+00:00
wafsamba: move clang_compilation_database usage behind an --enable-clangdb option
Writing bin/default/compile_commands.json doubles the total time used
for a noop build. That price should only be paid if someone wants to
use it actually.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
3e61d1ff by Stefan Metzmacher at 2020-12-16T12:50:37+00:00
autobuild.py: use --enable-clangdb for the "samba-ctdb" task
The key is that we only enable it for just one task.
I plan to restructure the autobuild tasks, but 'samba-ctdb'
will stay the way it works currently.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
93c576da by Andreas Schneider at 2020-12-16T13:56:49+00:00
auth:creds: Add cli_credentials_dump()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Noel Power <noel.power at suse.com>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Dec 16 13:56:49 UTC 2020 on sn-devel-184
- - - - -
d74c9dcf by Gary Lockyer at 2020-12-16T23:48:05+00:00
tests python krb5: Add Authorization data ad-type constants
Add constants for the Authorization Data Type values.
RFC 4120 7.5.4. Authorization Data Types
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
0f232ed4 by Gary Lockyer at 2020-12-16T23:48:05+00:00
tests python krb5: add test base class
Add a base class for the KDC tests to reduce the amount of code
duplication in the tests.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
1ed461a1 by Gary Lockyer at 2020-12-16T23:48:05+00:00
tests python krb5: initial TGS tests
Initial tests on the KDC TGS
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8004cf7a by Gary Lockyer at 2020-12-17T00:54:51+00:00
pep8 tidy up config
Enable the following warnings:
E126: continuation line over-indented for hanging indent
E131: continuation line unaligned for hanging indent
E203: whitespace before ':'
E221: multiple spaces before operator
E501: line too long
E722: do not use bare 'except'
These were originally chosen so that as much of the existing samba code
passed. With the intention of integrating PEP8 checking into build
process. But the PEP8 output does not integrate into the known fail
mechanism, so this approach was abandoned.
setup.cfg is the default PEP8 config file having these exceptions
enabled means that new code can be added with those issues. Also tools
like pyls (python language server) use setup.cfg.
Disable the following warnings:
E402: module level import not at top of file
Samba has a significant amount of code setting
sys.path.insert(0, "bin/python")
W503: Line break before binary operator
We need to have a preference, and PEP8 expresses a weak preference
for disabling 503
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Dec 17 00:54:51 UTC 2020 on sn-devel-184
- - - - -
577d4f1a by Björn Baumbach at 2020-12-17T13:59:37+00:00
docs:smbdotconf: fix a typo in oldpasswordallowedperiod.xml
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
98119189 by Björn Baumbach at 2020-12-17T13:59:37+00:00
blackbox/test_samba-tool_ntacl.sh: script requires two arguments
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f40da74e by Björn Baumbach at 2020-12-17T13:59:37+00:00
s3:libsmb: set min smb protocol when enforcing smb1 on connect
Otherwise the connect fails if the configured client min protocol is
higher than NT1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14105
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
76121ae7 by Björn Baumbach at 2020-12-17T13:59:38+00:00
s3:libsmb: set correct min and max smb protocol when smb2 is enforced on connect
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14105
Pair-programmed-with: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
560e4b1b by Stefan Metzmacher at 2020-12-17T13:59:38+00:00
libcli/smb: add smbXcli_conn_send_queue()
This is useful in order to test async requests
tevent_queue_wait_send/recv() can be used to block
the queue between requests or wait for the queue to be flushed.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
084c2240 by Stefan Metzmacher at 2020-12-17T13:59:38+00:00
s3:pylibsmb: PyErr_NTSTATUS_IS_ERR_RAISE => PyErr_NTSTATUS_NOT_OK_RAISE
We want to raise an exception for everything that's not NT_STATUS_OK.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fde65c2f by Stefan Metzmacher at 2020-12-17T13:59:38+00:00
s3:pylibsmb: add echo() support
In tests it's sometimes to have a no-op in order to check the
transport is still alive.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3ffb8175 by Stefan Metzmacher at 2020-12-17T13:59:38+00:00
s3:pylibsmb: add notify() support
The operation is a bit different from others,
as results are returned in an async fashion.
It returns a request handle.
notify_req = conn.notify(fnum=fnum,
buffer_size=0xffff,
completion_filter=libsmb.FILE_NOTIFY_CHANGE_ALL,
recursive=True)
# ... do other operations on conn.*() ...
changes = notify_req.get_changes(wait=False)
# changes is likely to be None if no result arrived yet
# ... do other operations on conn.*() ...
changes = notify_req.get_changes(wait=True)
# changes is a list of change dictionaries
# each containing "name" (a string) and
# "action" (an integer, e.g. libsmb.NOTIFY_ACTION_REMOVED)
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
752a8f87 by Stefan Metzmacher at 2020-12-17T13:59:38+00:00
s3:pylibsmb: remove unused SECINFO_DEFAULT_FLAGS
commit 42be033b0b0c02413a74f984c8622b5baed2689a removed the last
reference.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0ccdce67 by Stefan Metzmacher at 2020-12-17T13:59:38+00:00
libsmb_samba_internal: don't send SECINFO_[UN]PROTECTED_{S,D}ACL by default
We want to get the default behavior.
It's also pointless to set PROTECTED and UNPROTECTED at the same time..
These are defined in MS-DTYP 2.4.7 SECURITY_INFORMATION with a brief
description, but they aren't referenced in anywhere in MS-DTYP itself,
nor in MS-FSA are any other document.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
18dd953d by Stefan Metzmacher at 2020-12-17T13:59:38+00:00
libsmb_samba_internal: calculate the access_mask for {g,s}et_acl() based on the secinfo flags
SEC_FLAG_MAXIMUM_ALLOWED will never result in SEC_FLAG_SYSTEM_SECURITY
being granted. As SECINFO_SACL is part of the default secinfo value
(SECINFO_DEFAULT_FLAGS), {g,s}et_acl() will always return
NT_STATUS_ACCESS_DENIED by default.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b082cf32 by Stefan Metzmacher at 2020-12-17T13:59:38+00:00
python/ntacls.py: let SMBHelper.get_acl() use the default values of self.smb_conn.get_acl()
Now that self.smb_conn.get_acl() has sane default values for secinfo and
access_mask we can remove any additional logic in SMBHelper.
The resulting values are the same.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f4e578aa by Björn Baumbach at 2020-12-17T13:59:38+00:00
python/ntacls.py: add SMBHelper.set_acl() helper function
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
0133c17c by Björn Baumbach at 2020-12-17T13:59:38+00:00
python/tests: add tests for smb notify and the dependency to the TRAVERSE privilege
The easiest way to run this against Windows was to use a domain
controller and configure an enforce group policy and grant the
"Bypass Traverse Checking" only to the "BUILTIN\Administrators" group.
(Note that "LOCAL SERVICE" and "NETWORK SERVICE" are always added in
the local security policy.
The test runs like this:
SMB_CONF_PATH=/dev/null \
SERVER=172.31.9.188 \
TARGET_HOSTNAME=w2012r2-188.w2012r2-l6.base \
USERNAME=administrator \
PASSWORD=A1b2C3d4 \
NOTIFY_SHARE=torture \
USERNAME_UNPRIV=ldaptestuser \
PASSWORD_UNPRIV=a1B2c3D4 \
python/samba/tests/smb-notify.py -v -f SMBNotifyTests
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3e9f0e97 by Björn Baumbach at 2020-12-17T13:59:38+00:00
selftest: add option to pass args to tests to planpythontestsuite()
The logic is basically a copy from planoldpythontestsuite().
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bcfce0ec by Björn Baumbach at 2020-12-17T13:59:38+00:00
selftest: add tests for smb notify, using the a special share
That share will get the "honor change notify privilege = yes" option
once it's implemented. For now it's marked as knownfail.
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6c95e467 by Björn Baumbach at 2020-12-17T15:01:53+00:00
smbd/notify: add option "honor change notify privilege"
This option can be used to make use of the change notify privilege.
By default notify results are not checked against the file system
permissions.
If "honor change notify privilege" is enabled, a user will only
receive notify results, if he has change notify privilege or sufficient
file system permissions. If a user has the change notify privilege, he
will receive all requested notify results, even if the user does not
have the permissions on the file system.
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bb at sernet.de>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Dec 17 15:01:53 UTC 2020 on sn-devel-184
- - - - -
cbe1485f by Jeremy Allison at 2020-12-17T18:56:28+00:00
smbd: Fix debugs in file_new() and fsp_new().
Allows grep ' files structure ' in the log
to count up and down the number of files allocated.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8559af63 by Jeremy Allison at 2020-12-17T18:56:28+00:00
smbd: dup_file_fsp() for old DOS style opens also needs to copy the new flags.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e7f1588e by Jeremy Allison at 2020-12-17T18:56:28+00:00
smbd: If an smb_filename already has a pathref fsp don't overwrite it..
That leaks fsps.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
12dd02d8 by Jeremy Allison at 2020-12-17T18:56:28+00:00
smbd: On error exit in create_file_unixpath(), we can't call close_file() on uncompleted opens.
We can't call directly into close_file(), as that cannot deal
with regular file and directory opens where fsp->fsp_flags.is_fsa
hasn't been set to true (uncompleted opens).
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
59b0fae2 by Jeremy Allison at 2020-12-17T18:56:28+00:00
smbd: Move closing a print file out of close_normal_file() (it isn't a normal file) and into close_file().
Streamlines closing print files and allows close_normal_file()
to restrict itself to is_fsa fsps.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7c5476ba by Ralph Boehme at 2020-12-17T18:56:28+00:00
smbd: mark fsp as valid FSA fsp after Durable Handle reconnect succeeded
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
de806498 by Jeremy Allison at 2020-12-17T18:56:28+00:00
smbd: Ensure close_directory() and close_normal_file() only deal with is_fsa files.
This must be the case, so assert it.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
ebf37cfc by Ralph Boehme at 2020-12-17T18:56:28+00:00
smbd: remove fd_close() from open_directory()
fd_close() was accidentally added twice by
d00d09fdcf73a5839ae4f82cf8e953bb761bfbfb. If it would have been removed by
5770cdd7635a018817418f58bd37268aedebd6a9 that adds the reopen_from_procfd()
optimisation, all would be fine. But fd_close() still being called before
reopen_from_procfd() means we're closing the pathref fd prevening the
optimisation.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8d0ea8ba by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs: add acl type arg to SMB_VFS_SYS_ACL_SET_FD()
No change in behaviour, the new arg is not yet used in any module.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
467dbdbd by Ralph Boehme at 2020-12-17T18:56:28+00:00
posixacl_xattr: add support for SMB_ACL_TYPE_DEFAULT in posixacl_xattr_acl_set_fd()
No need to handle pathref fsps here, as that is taken care of by
SMB_VFS_FSETXATTR().
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3363cddc by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_aixacl: use passed in ACL type in aixacl_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6c30d49f by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_aixacl2: use ACL type in aixjfs2_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a866027e by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_fake_acls: add support for SMB_ACL_TYPE_DEFAULT in fake_acls_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ba07df5e by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_gpfs: add support for SMB_ACL_TYPE_DEFAULT in gpfsacl_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
bf369327 by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_posixacl: support SMB_ACL_TYPE_DEFAULT in posixacl_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7d9a9993 by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_solarisacl: add support for SMB_ACL_TYPE_DEFAULT in solarisacl_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9303683e by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_tru64acl: add support for SMB_ACL_TYPE_DEFAULT to tru64acl_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fc6ee68c by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_vxfs: add support for SMB_ACL_TYPE_DEFAULT in vxfs_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f4c2f867 by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_aixacl: handle pathref fsps in aixacl_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ee0a6d22 by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_aixacl2: handle pathref fsps in aixjfs2_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1f4426b4 by Ralph Boehme at 2020-12-17T18:56:28+00:00
vfs_default: add support for SMB_ACL_TYPE_DEFAULT and pathref fsps in vfswrap_sys_acl_set_fd()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8d323aeb by Ralph Boehme at 2020-12-17T18:56:29+00:00
posix_acls: use SMB_VFS_SYS_ACL_SET_FD() in set_canon_ace_list()
SMB_VFS_SYS_ACL_SET_FD() can now safely be used to set default ACLs on
directories.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
33cbe40c by Ralph Boehme at 2020-12-17T18:56:29+00:00
posix_acls: use SMB_VFS_SYS_ACL_SET_FD() in set_unix_posix_default_acl()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1af5892a by Ralph Boehme at 2020-12-17T18:56:29+00:00
pysmbd: use SMB_VFS_SYS_ACL_SET_FD() in set_sys_acl_conn()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b54158fb by Ralph Boehme at 2020-12-17T18:56:29+00:00
smbd: move mode logic out of vfswrap_mkdirat() to the caller mkdir_internal()
This is the correct place where this code should be. It also means opaque VFS
modules that implement their own mkdirat() like glusterfs now use this logic.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3dee234e by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_default: remove assert from vfswrap_mkdirat()
vfswrap_mkdirat() deals with real dirfsps just fine now.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9bafb894 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_unityed_media: support real dirfsps in um_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2d57908f by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_syncops: support real dirfsps in syncops_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
875fd6ee by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_media_harmony: support real dirfsps in mh_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dc4c9528 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_xattr_tdb: support real dirfsps in xattr_tdb_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6c79c2f2 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_extd_audit: support real dirfsps in audit_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cb3d8b20 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_audit: support real dirfsps in audit_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
640629b2 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_glusterfs: support real dirfsps in vfs_gluster_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
71a61486 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_linux_xfs_sgid: support real dirfsps in linux_xfs_sgid_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c3fb27d9 by Ralph Boehme at 2020-12-17T18:56:29+00:00
smbd: check for absolute paths in full_path_from_dirfsp_atname()
If the "atname" is an absolute path we can ignore the dirfsp and just return a
copy of the atname.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a6f35e89 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_shadow_copy2: support real dirfsps in shadow_copy2_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cf07a5cd by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_full_audit: support real dirfsps in smb_full_audit_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
62179373 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_time_audit: support real dirfsps in smb_time_audit_mkdirat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
405d1164 by Ralph Boehme at 2020-12-17T18:56:29+00:00
smbd: open a pathref fsp on the parent directory
Prepares for calling SMB_VFS_MKDIRAT() below with a real dirfsp/atname. As
parent_dir_fname now has a pathref fsp in parent_dir_fname->fsp, make sure to
talloc_free() the parent_dir_fname before leaving the function, so the pathref
fsp is closed right there and not left around until the talloc tos is
destroyed (parent_dir_fname is a child of talloc-tos).
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
83ffeac7 by Ralph Boehme at 2020-12-17T18:56:29+00:00
smbd: pass fsp to mkdir_internal()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
43b5e97a by Ralph Boehme at 2020-12-17T18:56:29+00:00
smbd: after creating a directory, open the fsp as pathref fsp
After the directory has been created by SMB_VFS_MKDIRAT(), open the fsp on the
new directory as pathref fsp so we can use handle based VFS functions.
open_directory() will reopen the fsp as a full fsp, but that doesn't really hurt
thanks to the reopen_from_procfd() optimisation.
Note that smb_dname == fsp->fsp_name.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
74b90806 by Ralph Boehme at 2020-12-17T18:56:29+00:00
smbd: use a real dirfsp/atname in mkdir_internal() with SMB_VFS_MKDIRAT()
Now that all VFS modules support real dirfsps in SMB_VFS_MKDIRAT(), pass the
pathref fsp from the parent directory and the basename of the new directory.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
24a46b9d by Ralph Boehme at 2020-12-17T18:56:29+00:00
smbd: use pathref fsp in change_dir_owner_to_parent()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6efe41c4 by Ralph Boehme at 2020-12-17T18:56:29+00:00
posix_acls: use pathref fsp in copy_access_posix_acl()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
92b14995 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs: RIP SMB_VFS_SYS_ACL_SET_FILE()
.--. .-, .-..-.__
.'(`.-` \_.-'-./` |\_( "\__
__.>\ '; _;---,._| / __/`'--)
/.--. : |/' _.--.<| / | |
_..-' `\ /' /` /_/ _/_/
>_.-``-. `Y /' _;---.`|/))))
'` .-''. \|: .' __, .-'"`
.'--._ `-: \/: /' '.\ _|_
/.'`\ :; /' `- `-|-`
-` | | |
:.; : | .-'~^~`-.
|: | .' _ _ `.
|:. | | |_) | |_) |
:. : | | | \ | | |
: ; | | |
: ; | | SMB_VFS |
: ; | | SYS_ACL |
: ; | | SET_FILE |
.jgs. : ; | |
-."-/\\\/:::. `\."-._'."-"_\\-| |///."-
" -."-.\\"-."//.-".`-."_\\-.".-\\`=.........=`//-".
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d860785f by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_acl_xattr: reformatting
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
498831cf by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_acl_common: add and use a function exit label
No change in behaviour. A subsequent commit will add more function exit cleanup
logic after the done label.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e6b0797c by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_acl_common: add an fsp extension when setting ACL
This allows the module checking for the fsp extension variable setting_nt_acl
and will be used in the module functions for .sys_acl_set_fd_fn (so
sys_acl_set_fd_xattr() and sys_acl_set_fd_tdb()).
This depends on the previous code changes, so
won't be back ported. But for reference the
bug id is below.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14592
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
25ec2881 by Ralph Boehme at 2020-12-17T18:56:29+00:00
vfs_acl_xattr: avoid removing the ACL xattr
...when called as part of setting a new NT ACL.
This depends on the previous code changes, so
won't be back ported. But for reference the
bug id is below.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14592
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
a77de71c by Ralph Boehme at 2020-12-17T20:04:22+00:00
vfs_acl_tdb: avoid deleting the NT ACL from the tdb
...when called as part of setting a new NT ACL. This implements the same logic
added to vfs_acl_xattr in the previous commit, to make sure both modules behave
identically.
This depends on the previous code changes, so
won't be back ported. But for reference the
bug id is below.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14592
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Dec 17 20:04:22 UTC 2020 on sn-devel-184
- - - - -
6b5041c0 by Jeremy Allison at 2020-12-18T16:27:38+00:00
smbd: close_file() should never see an internal dirfsp.
Assert this is the case.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Dec 18 16:27:38 UTC 2020 on sn-devel-184
- - - - -
440802c2 by David Mulder at 2020-12-19T07:00:36+00:00
gpo: Add gp_xml_ext parser for group policy
This adds an extension parser for parsing xml
files in the sysvol.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
932af62e by David Mulder at 2020-12-19T07:00:36+00:00
gpo: Test Group Policy VGP Sudo Rights
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9b44f7a7 by David Mulder at 2020-12-19T08:11:50+00:00
gpo: Apply Group Policy Sudo Rights from VGP
This adds a Group Policy extension which applies
Sudo rights set by Vintela Group Policy in the
SYSVOL.
Signed-off-by: David Mulder <dmulder at suse.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Dec 19 08:11:50 UTC 2020 on sn-devel-184
- - - - -
18d68e85 by Björn Jacke at 2020-12-19T18:20:30+00:00
dns_update.c: handle DNS_QTYPE_ALL
we have code to handle this, we should not refuse the request
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14576
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Sat Dec 19 18:20:30 UTC 2020 on sn-devel-184
- - - - -
d8ed73b7 by Gary Lockyer at 2020-12-21T20:18:35+00:00
tests python krb5: Add key usage constants
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
03676a4a by Gary Lockyer at 2020-12-21T20:18:35+00:00
tests python krb5: use key usage constants
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
- - - - -
c00d5375 by Gary Lockyer at 2020-12-21T21:29:28+00:00
tests python krb5: PEP8 cleanups
Fix all the PEP8 warnings in samba/tests/krb5. With the exception of
rfc4120_pyasn1.py, which is generated from rfc4120.asn1.
As these tests are new, it makes sense to ensure that they conform to
PEP8. And set an aspirational goal for the rest of our python code.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Gary Lockyer <gary at samba.org>
Autobuild-Date(master): Mon Dec 21 21:29:28 UTC 2020 on sn-devel-184
- - - - -
f30e100b by Björn Jacke at 2020-12-23T12:45:35+00:00
tests: also test v6 for async dns test by using dig
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
98caa173 by Björn Jacke at 2020-12-23T12:45:35+00:00
tests: also test net ads dns (un)register with IPv6
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13706
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
985042d3 by Björn Jacke at 2020-12-23T12:45:35+00:00
dnsupdates: clean up all RRSets and not only type A
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13706
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14244
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
- - - - -
8fcde591 by Björn Jacke at 2020-12-23T13:52:41+00:00
net: remove obsolete net ads dns gethostbyname command
net ads dns gethostbyname is doing the same as nslookup / host / dig and it's
quite limited and only supports A records. We should just drop it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13706
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Wed Dec 23 13:52:41 UTC 2020 on sn-devel-184
- - - - -
542ae105 by Archana at 2020-12-30T10:21:08+00:00
vfs_gpfs:Logging filename for smbd_gpfs_set_times_path()
Signed-off-by: ArchanaChidirala <archana.chidirala.chidirala at ibm.com>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Dec 30 10:21:08 UTC 2020 on sn-devel-184
- - - - -
54963d24 by Stefan Metzmacher at 2021-01-01T11:56:23+00:00
Happy New Year 2021!
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Jan 1 11:56:23 UTC 2021 on sn-devel-184
- - - - -
3e96c95d by Dimitry Andric at 2021-01-04T10:50:07+00:00
lib: Avoid declaring zero-length VLAs in various messaging functions
In messaging_rec_create(), messaging_recv_cb() and
messaging_dispatch_rec(), variable length arrays of file descriptors are
declared using an incoming num_fds parameter.
However, there are several scenarios where num_fds can be zero, and
declaring a zero-length VLA is undefined behavior. This can lead to
segmentation faults and/or other crashes when compiling with recent
versions of clang at high optimization levels.
To avoid ever using zero as the length for these declarations, use
MAX(1, length) instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14605
Signed-off-by: Dimitry Andric <dimitry at andric.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Mon Jan 4 10:50:07 UTC 2021 on sn-devel-184
- - - - -
2f6cea06 by Karolin Seeger at 2021-01-04T11:45:30+00:00
script/release.sh: Use new GPG key.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
aabd5812 by Björn Jacke at 2021-01-04T12:51:49+00:00
WHATSNEW: printing changes
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Karolin Seeger <kseeger at samba.org>
Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Mon Jan 4 12:51:49 UTC 2021 on sn-devel-184
- - - - -
1f06d91c by Yvan Masson at 2021-01-04T16:23:03+00:00
Fix small typo in manpage
Signed-off-by: Yvan Masson <yvan at masson-informatique.fr>
Reviewed-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Jan 4 16:23:03 UTC 2021 on sn-devel-184
- - - - -
31943cc9 by Andrew Walker at 2021-01-05T21:30:08+00:00
s3:utils - explicitly free cmdline_messaging_context
Some command line utilities do not free their messaging context
which results in extra entries being left in the msg.lock directory.
Signed-off-by: Andrew Walker <awalker at ixsystems.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jan 5 21:30:08 UTC 2021 on sn-devel-184
- - - - -
bf7b1658 by Andreas Schneider at 2021-01-06T22:51:35+00:00
lib:util: Add directory_create_or_exists_recursive()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14601
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
38c989fa by Andreas Schneider at 2021-01-06T23:59:58+00:00
s3:lib: Create the cache path of user gencache recursively
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14601
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan 6 23:59:58 UTC 2021 on sn-devel-184
- - - - -
2f21d1b0 by Arne Kreddig at 2021-01-07T19:25:38+00:00
vfs_virusfilter: Allocate separate memory for config char*
Instead of using only the pointer to the configuration char* from the
global configuration, vfs_virusfilter now allocates its own memory and
copies the char* from the global configuration.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14606
Signed-off-by: Arne Kreddig <arne at kreddig.net>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Jan 7 19:25:38 UTC 2021 on sn-devel-184
- - - - -
04077435 by Volker Lendecke at 2021-01-08T20:31:33+00:00
auth: Reformat a comment
Will fix a typo next
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fbe6c6cd by Volker Lendecke at 2021-01-08T20:31:33+00:00
auth: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
768917f6 by Volker Lendecke at 2021-01-08T20:31:33+00:00
dsdb: Fix comment wording
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
dad4410c by Volker Lendecke at 2021-01-08T20:31:33+00:00
dsdb: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c8d9ce3f by Volker Lendecke at 2021-01-08T20:31:33+00:00
lib: Add "hex_byte()" to replace.h
This is required in quite a few places, and replace.h has things like
ZERO_STRUCT already, so this is not completely outplaced.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ad081bf2 by Volker Lendecke at 2021-01-08T20:31:33+00:00
tdb: Use hex_byte() in read_data()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
fd056127 by Volker Lendecke at 2021-01-08T20:31:33+00:00
tdb: Use hex_byte() in parse_hex()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
b6a57c49 by Volker Lendecke at 2021-01-08T20:31:33+00:00
ldb: Use hex_byte() in ldb_binary_decode()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2ba7fe10 by Volker Lendecke at 2021-01-08T20:31:33+00:00
lib: Use hex_byte() in rfc1738_unescape()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
41e1b340 by Volker Lendecke at 2021-01-08T20:31:33+00:00
lib: Use hex_byte() in ucs2hex_pull()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6aa672a4 by Volker Lendecke at 2021-01-08T20:31:33+00:00
ctdb: Use hex_byte() in hex_to_data()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d0eaa143 by Volker Lendecke at 2021-01-08T20:31:33+00:00
libsmb: Use hex_byte() in urldecode_talloc()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d82acf76 by Volker Lendecke at 2021-01-08T20:31:33+00:00
lib: give global_contexts.c its own header file
It's a bit shocking how many references we have to global
contexts. Make this a bit more obvious.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
de9b7312 by Volker Lendecke at 2021-01-08T20:31:33+00:00
librpc: Fix an error path memleak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e7a6dba2 by Volker Lendecke at 2021-01-08T20:31:33+00:00
lib: Make pfh_daemon_config take a const default config
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
7ed99ad1 by Volker Lendecke at 2021-01-08T20:31:33+00:00
rpc_server: Make default prefork configs const
Move 24 bytes from modifyable data to .text segment
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ef7afeb3 by Volker Lendecke at 2021-01-08T20:31:33+00:00
lib: Fix error path memleaks in prefork_create_pool()
A few return statements missed the "TALLOC_FREE(pfp);"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
56737df4 by Volker Lendecke at 2021-01-08T20:31:33+00:00
lib: Initialize pointers in server_prefork.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8323c834 by Volker Lendecke at 2021-01-08T20:31:33+00:00
passdb: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
21853468 by Volker Lendecke at 2021-01-08T20:31:33+00:00
s3: Remove "developer.c" module
This can't have been built since commit f9acf770e9c12 from 2011 when
smb_register_charset was removed.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f9b2559c by Stefan Metzmacher at 2021-01-08T20:31:33+00:00
s4:torture/fruit: avoid sleep(10000000); if write_stream() fails
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8f057333 by Stefan Metzmacher at 2021-01-08T20:31:33+00:00
s3:smbd: add vfs_fake_fd_close() helper
When we used vfs_fake_fd() we should use vfs_fake_fd_close()
in order to have things symetric.
This makes code easier to understand and may allow us to change
vfs_fake_fd() internally if required.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
719c83b4 by Stefan Metzmacher at 2021-01-08T20:31:33+00:00
vfs_fruit: make use of vfs_fake_fd_close()
When we used vfs_fake_fd() we should use vfs_fake_fd_close()
in order to have things symetric.
That may allows us to change vfs_fake_fd() internally if required.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
40e70cbd by Stefan Metzmacher at 2021-01-08T20:31:33+00:00
vfs_streams_xattr: make use of vfs_fake_fd_close()
When we used vfs_fake_fd() we should use vfs_fake_fd_close()
in order to have things symetric.
That may allows us to change vfs_fake_fd() internally if required.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
36eb30fd by Ralph Boehme at 2021-01-08T20:31:33+00:00
vfs_fruit: use "fake_fd" instead of "created"
Both have basically the same semantics.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c5da0842 by Ralph Boehme at 2021-01-08T20:31:33+00:00
vfs_fruit: check fake_fd in fruit_pread_meta_stream()
Don't call into the next VFS backend if we know we still have a fake-fd. Just
return -1 and the caller has the logic to handle this, which results in
returning a AFP_AfpInfo blob initialized with some defaults.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
564b62a6 by Ralph Boehme at 2021-01-08T21:38:18+00:00
vfs_fruit: fix close for fake_fd
If the next backend doesn't use kernel fd's should not
pass a fake_fd to the next backend.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14596
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jan 8 21:38:18 UTC 2021 on sn-devel-184
- - - - -
4aa3ff57 by Volker Lendecke at 2021-01-11T13:19:32+00:00
lib: Move sockaddr_storage_to_samba_sockaddr() to lib/
This can be useful outside of source3/libsmb/namequery.c as Samba
moves towards samba_sockaddr.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
2e5d246b by Volker Lendecke at 2021-01-11T13:19:32+00:00
lib: Add samba_sockaddr_[gs]et_port()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
276b9bc2 by Volker Lendecke at 2021-01-11T13:19:32+00:00
rpc_server: Factor out dcesrv_open_ncacn_ip_tcp_sockets()
The main change is to return an allocated array of file descriptors in
dcesrv_open_ncacn_ip_tcp_sockets() instead of filling a preallocated
array of pf_listen_fd structures.
Signed-off-by: Volker Lendecke <vl at samba.org>
- - - - -
666fc24a by Volker Lendecke at 2021-01-11T13:19:32+00:00
rpc_server: Use dcesrv_open_ncacn_ip_tcp_sockets() in dcesrv_setup_ncacn_ip_tcp_sockets()
Avoid duplication of logic with "lp_interfaces_only()"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
a00e3e8a by Volker Lendecke at 2021-01-11T13:19:32+00:00
rpc_server: Lift logic to fill in pf_listen_fd one level
dcesrv_create_ncacn_ip_tcp_sockets() now returns a struct of fd's
instead of filling a preallocated array: Its only function beyond
dcesrv_open_ncacn_ip_tcp_sockets() is thus gone.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
9c9b0fd6 by Volker Lendecke at 2021-01-11T13:19:32+00:00
rpc_server: Lift ph_listen_fd logic one level
Push filling in struct pf_listen_fd into the daemons using
dcesrv_create_endpoint_sockets().
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
ca967485 by Volker Lendecke at 2021-01-11T13:19:32+00:00
rpc_server: Add dcesrv_create_endpoint_list_fd_listen_fds()
This encapsulates the loop in the three standalone rpc daemons walking
the endpoints in a dcesrv_context.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
79a73b44 by Volker Lendecke at 2021-01-11T13:19:32+00:00
rpc_servers: Fix crash with many interfaces
Previously, the lowlevel routines wrote into the pf_listen_fd arrays
without checking its size.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
912196f4 by Volker Lendecke at 2021-01-11T13:19:32+00:00
rpc_servers: Remove unused variables
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
08da3439 by Volker Lendecke at 2021-01-11T14:25:04+00:00
librpc: Use GUID_buf_string in dcerpc_binding_string()
Avoid a (small) memleak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Jan 11 14:25:04 UTC 2021 on sn-devel-184
- - - - -
847465b3 by Ralph Boehme at 2021-01-11T20:25:32+00:00
smbd: move S_ISDIR check up a bit in openat_pathref_fsp()
This relies on the caller having stat()ed smb_fname instead of relying on
fd_openat() fstat()ing fsp->fsp_name. Otherwise no change in behaviour..
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Anoop C S <anoopcs at samba.org>
- - - - -
9a3cdb68 by Ralph Boehme at 2021-01-11T20:25:32+00:00
smbd: pass O_DIRECTORY to fd_openat() for directories
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Anoop C S <anoopcs at samba.org>
- - - - -
b31405e3 by Ralph Boehme at 2021-01-11T21:34:52+00:00
vfs_glusterfs: support read dirfsps in vfs_gluster_openat()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Anoop C S <anoopcs at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Mon Jan 11 21:34:52 UTC 2021 on sn-devel-184
- - - - -
9c16c212 by Volker Lendecke at 2021-01-12T00:10:30+00:00
smbd: Slightly simplify smbd_smb2_create_send()
If we return unconditionally, "else" is not needed
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8f08390c by Volker Lendecke at 2021-01-12T00:10:30+00:00
lib: Move ucs2_align() to 'charset' subsystem
Fix a circular dependency: util_str_common.c depends on 'charset',
which depends on util_str_common.c. Fix that.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8c02ebdb by Volker Lendecke at 2021-01-12T00:10:30+00:00
lib: Simplify "weird" charset code
Don't depend on DEBUG. This is a pure developer module, the developer
should be able to figure out what's going on after this has abort()ed..
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
3d0e55b6 by Volker Lendecke at 2021-01-12T00:10:30+00:00
build: Move weird.c and charset_macosxfs.c to ICONV_WRAPPER
iconv.c directly references them, it does not make sense to have it
without them.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
49ab5431 by Volker Lendecke at 2021-01-12T00:10:30+00:00
lib: Avoid all_string_sub() in smb_panic()
smb_panic() should be available everywhere. Avoid a dependency on
all_string_sub(), this pulls in a lot of other dependencies. The only
change is that this uses "strstr" instead of "strstr_m", but having
non-ascii panic actions strings can be called rare.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ae78cf0d by Volker Lendecke at 2021-01-12T00:10:30+00:00
build: Make smb_panic() available as a subsystem of its own
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
8b5eda75 by Volker Lendecke at 2021-01-12T00:10:30+00:00
lib: Move utf16_len[_n]() to lib/util/charset/
util_unistr.c references it, avoid broken dependencies
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
6b73ffb6 by Volker Lendecke at 2021-01-12T00:10:30+00:00
auth4: Use global_sid_System
dom_sid_dup() is much simpler than dom_sid_parse_talloc()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
e60c4357 by Volker Lendecke at 2021-01-12T00:10:30+00:00
auth4: Use global_sid_Anonymous
dom_sid_dup() is much simpler than dom_sid_parse_talloc()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
83d85833 by Volker Lendecke at 2021-01-12T00:10:30+00:00
rpc_server: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f9f7aafa by Volker Lendecke at 2021-01-12T00:10:30+00:00
rpc_server: Move a variable closer to its use
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
93d387fb by Volker Lendecke at 2021-01-12T00:10:30+00:00
rpc_server: Avoid a pointless ZERO_STRUCTP
We've done talloc_zero() 4 lines above.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ca0104d4 by Volker Lendecke at 2021-01-12T00:10:30+00:00
rpc_server: Fix an error path memleak
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
457afe05 by Volker Lendecke at 2021-01-12T00:10:30+00:00
epmapper3: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
eecd5e87 by Volker Lendecke at 2021-01-12T00:10:30+00:00
epmapper3: Fix a DEBUG message
This is not function dcesrv_interface_register()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d51b4ac5 by Volker Lendecke at 2021-01-12T00:10:30+00:00
rpc_client: Error from rpc_pipe_open_ncalrpc() for path overflow
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
2745f6ec by Volker Lendecke at 2021-01-12T00:10:30+00:00
rpc_client: Fix an error path memleak in rpc_pipe_open_ncalrpc()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
ad5aabf8 by Volker Lendecke at 2021-01-12T00:10:30+00:00
rpc_client: Use common "goto fail" for all error cases
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1b054aa0 by Volker Lendecke at 2021-01-12T00:10:30+00:00
rpc_client: Simplify rpc_pipe_open_ncalrpc()
Consolidate close(fd)
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cc01ba1b by Volker Lendecke at 2021-01-12T00:10:30+00:00
librpc: Align a few integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
922b8d18 by Volker Lendecke at 2021-01-12T00:10:30+00:00
librpc: gen_ndr/dcerpc.h references DATA_BLOB
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
cb1bcba2 by Volker Lendecke at 2021-01-12T00:10:30+00:00
lib: lib/param/param.h references TALLOC_CTX
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
9de2c2c1 by Volker Lendecke at 2021-01-12T00:10:30+00:00
lib: Remove using talloc_stack from lib/util/charset/
'charset' should be as standalone as possible, and for this one use
talloc_stackframe() is not really necessary.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1701041d by Volker Lendecke at 2021-01-12T00:10:30+00:00
lib: Avoid "includes.h" in lib/util/charset/
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
1c2460a8 by Volker Lendecke at 2021-01-12T01:19:26+00:00
lib: Fix 'charset' dependencies
With this, 'charset' could be a SAMBA_LIBRARY without any undefined symbols
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jan 12 01:19:26 UTC 2021 on sn-devel-184
- - - - -
07700d0f by Karolin Seeger at 2021-01-12T09:06:29+00:00
python/wscript: python3-asn1 -> python3-pyasn1
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
- - - - -
649cfefb by Karolin Seeger at 2021-01-12T09:06:29+00:00
WHATSNEW: Add new parameters.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
- - - - -
081afc49 by Karolin Seeger at 2021-01-12T10:12:02+00:00
WHATSNEW: Change order.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Tue Jan 12 10:12:02 UTC 2021 on sn-devel-184
- - - - -
ab770017 by Jeremy Allison at 2021-01-13T17:02:34+00:00
s3: smbd: Factor out setting up case parameters for a share to a function - conn_setup_case_options().
Will allow it to be reused in the msdfs temporary share code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14612
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Anoop C S <anoopcs at samba.org>
- - - - -
39ce7332 by Jeremy Allison at 2021-01-13T18:14:31+00:00
s3: smbd: Add call to conn_setup_case_options() to create_conn_struct_as_root().
Ensures temporary DFS share doesn't leave the case parameters set
as zero (i.e.:
conn->case sensitive = 0
conn->share_case_preserve = 0
and default case is lower
which can cause problems doing a DFS_GET_REFERRALS request).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14612
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Anoop C S <anoopcs at samba.org>
Autobuild-User(master): Anoop C S <anoopcs at samba.org>
Autobuild-Date(master): Wed Jan 13 18:14:31 UTC 2021 on sn-devel-184
- - - - -
33806a9e by Andreas Schneider at 2021-01-13T20:28:34+00:00
s3:utils: Remove unused header and deps from destroy_netlogon_creds_cli
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
c6ce7f2d by Andreas Schneider at 2021-01-13T20:28:34+00:00
s3:utils: Fix header and deps of mvxattr
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
e0ef27f0 by Andreas Schneider at 2021-01-13T20:28:34+00:00
s3:utils: Remove unused popt_common.h header from net_rpc_shell.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
e8eecc8a by Andreas Schneider at 2021-01-13T20:28:34+00:00
s3:utils: Remove unused popt_common.h header from net_vfs.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
0f482794 by Andreas Schneider at 2021-01-13T20:28:34+00:00
s3:utils: Remove unused popt_common.h header from log2pcaphex.c
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
999cbc47 by Andreas Schneider at 2021-01-13T20:28:34+00:00
s3:waf: Do not link smbspool against popt_samba3
This isn't used at all.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
ce3a3c7e by Andreas Schneider at 2021-01-13T20:28:34+00:00
s3:waf: Do not link tevent_glib_glue_test against popt_samba3
This isn't used at all.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
be18d600 by Andreas Schneider at 2021-01-13T20:28:34+00:00
s3:libsmb: Pass cli_credentials to get_ipc_connect()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
78c4043a by Andreas Schneider at 2021-01-13T20:28:34+00:00
s3:libsmb: Pass cli_credentials to get_ipc_connect_master_ip()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
181afa9f by Andreas Schneider at 2021-01-13T21:32:52+00:00
s3:libsmb: Use cli_credentials directly
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Jan 13 21:32:52 UTC 2021 on sn-devel-184
- - - - -
4e624478 by Gary Lockyer at 2021-01-13T23:52:38+00:00
s4 auth ntlm: Fix integer overflow in authsam_password_check_and_record
Fix a ubsan detected integer overflow.
../../source4/auth/ntlm/auth_sam.c:445:56: runtime error:
signed integer overflow: 60 * 600000000
cannot be represented in type 'int'
In practice this meant that the default for the smb.conf parameter
"old password allowed period" was approximately 16 seconds, rather than
the intended 60 minutes. Similarly the value used would be 22.5 times
less than the value specified in smd.conf.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan 13 23:52:38 UTC 2021 on sn-devel-184
- - - - -
3fdfb79a by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: rearrange move_smb_fname_fsp_link a bit
We only modify smb_fname_src on success.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
932c27e2 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: let fsp_smb_fname_link() set both sides of the link
We also need to be sure both sides were not linked before.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
1ab038b7 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: let fsp_set_smb_fname() always link fsp to fsp->fsp_name->fsp
This was only done if fsp->fsp_name already existed, but not the first time.
This also makes sure we modify fsp->fsp_name and fsp->name_hash only on success.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
347edf7e by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: split out a fsp_attach_smb_fname() helper function
It's useful to watch this using: git show --histogram
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
cff29e58 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: let openat_pathref_fsp() allocate fsp->fsp_name directly on fsp
Otherwise we'll always keep the current talloc_stackframe arround.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
c2e7256b by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: let openat_pathref_fsp() make use of fsp_attach_smb_fname()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
30134630 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: let open_pathref_base_fsp() make use of smb_fname_fsp_unlink()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
d6949f0f by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: let open_directory() also use fd_open_atomic() as reopen_from_procfd() fallback
Calling fd_open_atomic() without O_CREAT is the same as calling
fd_openat() directly, so we can also use it to open an existing
directory.
In the next step we'll move the reopen_from_procfd() fallback logic to
a single helper function.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
38ae1599 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: don't pass an unused smb_fname to reopen_from_procfd()
Both callers pass in a helper variable that points to
fsp->fsp_name and it was only used for a debug message,
so we can simply use fsp_str_dgb() instead.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
8d79764a by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: introduce a reopen_from_fsp() helper function
In future we may move the reopen logic to the VFS,
but for now we just keep it in one place.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9b1dc2a4 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: make sure openat_pathref_fsp() calls fd_close(fsp->base_fsp);
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
e1a10b58 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: let call_trans2findfirst() use file_free() instead of fsp_free()
This makes sure we call vfs_remove_all_fsp_extensions() before
fsp_free() is called from within file_free(). And allows us to
make 'fsp_free()' static in the next commits.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
eae7ce8a by Ralph Boehme at 2021-01-14T11:30:38+00:00
s3:smbd: turn assignment into assert check in call_trans2findfirst()
The pathref fsp link destructor will set smb_dname->fsp to NULL. Turning this
into an assert to give a hint at readers of the code trying to understand the
mechanics.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
bcac1dab by Ralph Boehme at 2021-01-14T11:30:38+00:00
s3:smbd: close pathref fsp in call_trans2findfirst()
Before freeing the fsp we have to close the handle.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
81b6931b by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: let vfs_default_durable_reconnect() use file_free()
We should always go through file_free(), which calls fsp_free() at the end.
Most things in file_free() may not apply to all
vfs_default_durable_reconnect() cases, but we want fsp_free() to become
static to files.c
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
7dc9a84b by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: make fsp_free() static, it should only ever be called by file_free()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
22bebaf8 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: split out create_internal_fsp() from create_internal_dirfsp()
That will be useful in other places as well.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
87b4a8f3 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: fix the error cleanup in create_file_unixpath()
We always need to cleanup the base_fsp!
Signed-off-by: Stefan Metzmacher <metze at samba.org>
- - - - -
42c60703 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: remove duplicate assignment of base_fsp in create_file_unixpath()
This has already been set a few lines above. The duplicate was the result of
restructuring create_file_unixpath() a few months ago, allocating fsp in
create_file_unixpath() instead of in the callees open_file_ntcreate() or
open_directory() respectively.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
928382f2 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: add fsp_set_base_fsp() helper
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
930b6bb3 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: make use of fsp_set_base_fsp() when changing fsp->base_fsp
This allows us to add some more logic for bi-directional linking between
base and stream fsp in the next commits.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
20187c6f by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: make sure a SHUTDOWN_CLOSE applies to a stream fsp before its base fsp
Before we had open_pathref_fsp() we had the stream fsp before the base
fsp in the linked list we traverse for SHUTDOWN_CLOSE.
Now the order has changed. I could have used some DLIST_PROMOTE()
hacks, but that's still fragile.
Now we reference both fsp's via ->base_fsp and ->stream_fsp.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
9c277b27 by Stefan Metzmacher at 2021-01-14T11:30:38+00:00
s3:smbd: allow close_file() with a non-fsa fsp for {SHUTDOWN,ERROR}_CLOSE
Such an fsp was typically created via create_internal_fsp() and
opened via fd_openat() without going through SMB_VFS_CREATE_FILE(),
so they should be closed via fd_close().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
da052dde by Stefan Metzmacher at 2021-01-14T12:40:56+00:00
s3:smbd: simplify the error handling in create_file_unixpath()
We can just call close_file(req, fsp, ERROR_CLOSE), as it handles
non-fsa fsp's and base_fsp's just fine.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Jan 14 12:40:56 UTC 2021 on sn-devel-184
- - - - -
5ef25729 by Volker Lendecke at 2021-01-14T13:29:35+00:00
tdb: Fix CID 1471761 String not null terminated
This is a false positive (in is length 3 initialized to 0), but this
patch does not hurt
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
8d5fb1ad by Volker Lendecke at 2021-01-14T13:29:35+00:00
vfs_fruit: Fix CID 1471760 Dereference null return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
acca9ec4 by Volker Lendecke at 2021-01-14T13:29:35+00:00
vfs_fruit: Fix CID 1471764 Dereference null return value
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
dcc8f37a by Volker Lendecke at 2021-01-14T13:29:35+00:00
rpc_server: Simplify find_policy_by_hnd_internal()
Best viewed with "git show -b". Use the typical pattern of an early
error return.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
8488b16f by Volker Lendecke at 2021-01-14T13:29:35+00:00
rpc_server: Use make_base_pipes_struct() in dcesrv_ncacn_accept_step2()
make_server_pipes_struct() is just a simple wrapper.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
562e4865 by Volker Lendecke at 2021-01-14T13:29:35+00:00
rpc_server: Use make_base_pipes_struct() in make_internal_rpc_pipe_socketpair()
make_server_pipes_struct() is just a simple wrapper.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
a21867bc by Volker Lendecke at 2021-01-14T13:29:35+00:00
rpc_server: Remove unused make_server_pipes_struct()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
51f5631b by Volker Lendecke at 2021-01-14T13:29:35+00:00
tsocket: Fix a few typos
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
33f7aac8 by Volker Lendecke at 2021-01-14T13:29:35+00:00
rpc_server: Make dcerpc_ncacn_accept() take tsocket_address **
dcerpc_ncacn_accept() talloc_move's the addresses away from the
caller's talloc hierarchy. Don't leave pointers around in the caller.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
834f9e15 by Volker Lendecke at 2021-01-14T13:29:35+00:00
lib: Fix typos
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
cc9ade9b by Volker Lendecke at 2021-01-14T13:29:35+00:00
lib: Initialize variables in prefork_listen_accept_handler()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
50dada72 by Volker Lendecke at 2021-01-14T13:29:35+00:00
rpc_server: Direct pointer initialization in dcesrv_ncacn_np_accept_done()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
6482bee2 by Volker Lendecke at 2021-01-14T13:29:35+00:00
rpc_server: Move setting ip-based socket options
All ncacn_ip_tcp listener sockets are created via
dcesrv_create_ncacn_ip_tcp_socket(). Moving setting the socket options
out of dcesrv_setup_ncacn_ip_tcp_socket() to remove a special case for
TCP from the dcesrv_setup_* family of routines.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
94f48f34 by Volker Lendecke at 2021-01-14T13:29:35+00:00
rpc_server: Add dcesrv_setup_ncacn_listener()
This is supposed to replace the protocol-specific dcerpc_setup_*
functions. They are all very similar except the way to create the
socket file descriptor. By handing out the anonymous structure
"listen_state" for an error path the listener tevent_fd structs can be
cancelled individually or handed over to other talloc parents.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
8004fb4a by Volker Lendecke at 2021-01-14T13:29:35+00:00
rpc_server: Use dcesrv_setup_ncacn_listener() in dcesrv_setup_endpoint_sockets()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
- - - - -
9bb5b326 by Volker Lendecke at 2021-01-14T14:35:58+00:00
rpc_server: Remove protocol-specific dcerpc_setup_ routines
These are all just stream sockets, being taken care of by
dcesrv_setup_ncacn_listener()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Samuel Cabrero <scabrero at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Jan 14 14:35:58 UTC 2021 on sn-devel-184
- - - - -
6c421f52 by Ralph Boehme at 2021-01-14T16:05:10+00:00
s3/rpc_server: add deps of rpc_mdssvc_module
This allows removing allow_undefined_symbols=True.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Thu Jan 14 16:05:10 UTC 2021 on sn-devel-184
- - - - -
9eef705e by Ralph Boehme at 2021-01-14T17:55:33+00:00
pysmbd: call vfs_stat() in set_sys_acl_conn()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
c77140fd by Ralph Boehme at 2021-01-14T17:55:33+00:00
libadouble: call vfs_stat() in ad_convert_xattr()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
93f4cb97 by Ralph Boehme at 2021-01-14T17:55:33+00:00
libadouble: call vfs_stat() in ad_convert_finderinfo()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
f84bc4b0 by Ralph Boehme at 2021-01-14T17:55:33+00:00
libadouble: assert valid stat in ad_unconvert_get_streams()
All callers already stat the path, just add a check that asserts this.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
21c76654 by Ralph Boehme at 2021-01-14T17:55:33+00:00
printing: call vfs_stat() in driver_unlink_internals()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
d1726b8e by Ralph Boehme at 2021-01-14T17:55:33+00:00
smbd: call vfs_stat() in mkdir_internal()
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
965c6d89 by Ralph Boehme at 2021-01-14T17:55:33+00:00
smbd: inherit st_ex_mode to basename from stream name in create_file_unixpath()
This ensures smb_fname_base knows if it's a file or directory.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
- - - - -
63e6653b by Ralph Boehme at 2021-01-14T19:00:05+00:00
vfs: The New VFS
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Jan 14 19:00:05 UTC 2021 on sn-devel-184
- - - - -
fdcdfcee by Stefan Metzmacher at 2021-01-15T07:26:29+00:00
libcli/smb: Change some checks to SMB_ASSERTS
If we end up here, it's definitely a programming error in the basic
parsing layer of the SMB2 packet.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
0abb5ca6 by Jeremy Allison at 2021-01-15T07:26:29+00:00
libcli/smb: Allow smb2cli_validate_negotiate_info_done() to ignore NT_STATUS_INVALID_PARAMETER.
This can be returned from NetApp Ontap 7.3.7 SMB server
implementations. Now we have ensured smb2_signing_check_pdu()
cannot return NT_STATUS_INVALID_PARAMETER on a signing error
it's safe to check this error code here. Windows 10
clients ignore this error from the NetApp.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
- - - - -
508ed5b4 by Stefan Metzmacher at 2021-01-15T07:26:29+00:00
libcli/smb: split out smb2cli_ioctl_parse_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607
Pair-Programmed-With: Volker Lendecke <vl at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Volker Lendecke <vl at samba.org>
- - - - -
3db56602 by Stefan Metzmacher at 2021-01-15T07:26:29+00:00
s4:torture/smb2: add samba3.smb2.ioctl.bug14607
FSCTL_SMBTORTURE_IOCTL_RESPONSE_BODY_PADDING8 will be used
to trigger an SMB2 IOCTL response with extra padding.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
39c0d2b6 by Stefan Metzmacher at 2021-01-15T07:26:29+00:00
smbd: implement FSCTL_SMBTORTURE_IOCTL_RESPONSE_BODY_PADDING8 as reproducer for bug 14607
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
4c6c71e1 by Stefan Metzmacher at 2021-01-15T08:36:34+00:00
libcli/smb: allow unexpected padding in SMB2 IOCTL responses
A NetApp Ontap 7.3.7 SMB server add 8 padding bytes to an
offset that's already 8 byte aligned.
RN: Work around special SMB2 IOCTL response behavior of NetApp Ontap 7.3.7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607
Pair-Programmed-With: Volker Lendecke <vl at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Jan 15 08:36:34 UTC 2021 on sn-devel-184
- - - - -
97089ab7 by Björn Baumbach at 2021-01-15T15:24:37+00:00
doc/samba-tool: describe command parameters for "group listmembers" command
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
ac621a06 by Björn Baumbach at 2021-01-15T15:24:37+00:00
doc/samba-tool: describe command parameters for "user list" command
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
7dad13cc by Björn Baumbach at 2021-01-15T15:24:37+00:00
samba-tool: Optionally hide disabled/expired accounts in "user list"
--hide-expired Do not list expired user accounts
--hide-disabled Do not list disabled user accounts
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Volker Lendecke <vl at samba.org>
- - - - -
e84f8bdf by Björn Baumbach at 2021-01-15T16:34:11+00:00
samba-tool: Optionally hide disabled/expired accounts in "group listmembers"
--hide-expired Do not list expired group members
--hide-disabled Do not list disabled group members
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Fri Jan 15 16:34:11 UTC 2021 on sn-devel-184
- - - - -
8291c13f by Jeremy Allison at 2021-01-15T20:56:28+00:00
s3: VFS: ceph: Fix cephwrap_mkdirat() to cope with real directory fsps.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
30d98575 by Jeremy Allison at 2021-01-15T20:56:28+00:00
s3: VFS: ceph: Fix cephwrap_mknodat() to cope with real directory fsps.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
163a6802 by Jeremy Allison at 2021-01-15T20:56:28+00:00
s3: VFS: glusterfs: Fix missing END_PROFILE() in mkdirat() return.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme &