Andreas Schneider [Mon, 4 Nov 2019 06:47:15 +0000 (07:47 +0100)]
gitlab-ci: Run 'samba' tests also with MIT Kerberos
This runs the tests of the ktest environment.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Nov 4 14:19:17 UTC 2019 on sn-devel-184
Andreas Schneider [Mon, 4 Nov 2019 07:40:34 +0000 (08:40 +0100)]
libcli:smb: Do not use gnutls_aead_cipher_encryptv2() with GnuTLS 3.6.10
The gnutls_aead_cipher_encryptv2() implementation was released with a
bug. This wont be fixed before 3.6.11.
See https://gitlab.com/gnutls/gnutls/merge_requests/1085
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andrew Bartlett [Tue, 15 Oct 2019 02:44:34 +0000 (15:44 +1300)]
CVE-2019-14847 dsdb: Correct behaviour of ranged_results when combined with dirsync
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Oct 31 23:29:15 UTC 2019 on sn-devel-184
Andrew Bartlett [Tue, 15 Oct 2019 03:28:46 +0000 (16:28 +1300)]
CVE-2019-14847 dsdb: Demonstrate the correct interaction of ranged_results style attributes and dirsync
Incremental results are provided by a flag on the dirsync control, not
by changing the attribute name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Thu, 31 Oct 2019 17:53:56 +0000 (06:53 +1300)]
s4-torture: Reduce flapping in SambaToolDrsTests.test_samba_tool_replicate_local
This test often flaps in Samba 4.9 (where more tests and DCs run in the environment)
with obj_1 being 3. This is quite OK, we just need to see some changes get
replicated, not 0 changes.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andreas Schneider [Mon, 28 Oct 2019 07:34:16 +0000 (08:34 +0100)]
docs-xml: Update krb5_ccache_type in pam_winbind.8
This is a copy from pam_winbind.conf.5
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14173
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 31 19:32:55 UTC 2019 on sn-devel-184
Andreas Schneider [Thu, 31 Oct 2019 16:10:59 +0000 (17:10 +0100)]
docs-xml: Improve krb5_ccache_type documentation
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
docs-xml/manpages/pam_winbind.conf.5.xml: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Thu Oct 31 02:18:12 UTC 2019 on sn-devel-184
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
docs-xml/manpages/pam_winbind.8.xml: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
docs-xml/Samba-Developers-Guide/unix-smb.xml: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
ctdb/utils/smnotify/smnotify.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
ctdb/utils/scsi_io/scsi_io.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
ctdb/server/ctdb_daemon.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/server/ctdb_client.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/server/ctdb_call.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/include/ctdb_private.h: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/ib/ibwrapper_test.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/ib/ibw_ctdb.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/doc/readonlyrecords.txt: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/doc/ctdb.1.xml: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/doc/ctdb-tunables.7.xml: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/doc/ctdb-statistics.7.xml: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/common/srvid.h: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
ctdb/client/client.h: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
buildtools/wafsamba/wscript: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:08 +0000 (02:41 +0200)]
buildtools/wafsamba/samba_install.py: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:10 +0000 (02:41 +0200)]
source4/scripting/bin/samba_upgradeprovision: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source4/rpc_server/lsa/lsa_lookup.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source4/libcli/libcli.h: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source4/libcli/clireadwrite.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source4/dsdb/schema/schema_description.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source3/winbindd/winbindd_util.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source3/utils/net_rpc.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source3/smbd/reply.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source3/registry/reg_parse.h: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source3/registry/reg_import.h: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source3/registry/reg_format.h: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source3/modules/vfs_virusfilter.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
source3/modules/vfs_recycle.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
python/samba/upgradehelpers.py: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
python/samba/netcmd/gpo.py: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
python/samba/dbchecker.py: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
librpc/ndr/ndr_compression.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
libgpo/gpo_filesync.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
lib/tdb/docs/tracing.txt: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
lib/replace/xattr.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
examples/VFS/skel_transparent.c: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Björn Jacke [Sat, 26 Oct 2019 00:41:09 +0000 (02:41 +0200)]
dynconfig/wscript: typo fixes
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Puran Chand [Mon, 21 Oct 2019 06:09:18 +0000 (11:39 +0530)]
s3:smbclient added ABI signature file
Signed-off-by: Puran Chand <pchand@vmware.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 30 22:18:15 UTC 2019 on sn-devel-184
Jeremy Allison [Fri, 18 Oct 2019 18:44:07 +0000 (11:44 -0700)]
s4: torture: Add additional smbc_readdirplus2() tests into readdirplus_seek().
Make sure we haven't broken anything :-).
Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 18 Oct 2019 18:29:19 +0000 (11:29 -0700)]
s4: torture Add a test for smbc_readdirplus2()
Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 18 Oct 2019 17:29:48 +0000 (10:29 -0700)]
s3: libsmb: Added new API smbc_readdirplus2()
Returns the same as smbc_readdirplus() but also
can return a struct stat if passed in by the caller.
struct stat is synthesized from the data
returned by the SMB server.
Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 18 Oct 2019 16:45:33 +0000 (09:45 -0700)]
s3: libsmb: Add missing ino field to internal struct smbc_dirplus_list.
This should have been added to struct libsmb_file_info, but
this is user-visible so I don't want to change this now. Adding
it to the containing struct allows us to synthesise a struct stat
to return from smbc_readdirplus2() to return all the info from
the server to callers.
Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 18 Oct 2019 17:48:55 +0000 (10:48 -0700)]
s3: libsmb: Move setting all struct stat fields into setup_stat().
That way we only have one place where a struct stat is synthesised
for libsmbclient callers.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 18 Oct 2019 16:34:02 +0000 (09:34 -0700)]
s3: libsmb: Move setting st->st_ino into setup_stat.
Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 18 Oct 2019 16:24:38 +0000 (09:24 -0700)]
s3: libsmb: Change generate_inode()/setup_stat() to modern coding standards.
Change setup_stat() to be void. It doesn't return anything. Export
so it can be used by upcoming smbc_readdirplus2() call.
Remove unused SMBCCTX *context parameters.
Remove unused talloc_stackframe().
Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Tue, 29 Oct 2019 19:11:49 +0000 (12:11 -0700)]
s3: utils: smbtree. Ensure we don't call cli_RNetShareEnum() on an SMB1 connection.
Last unprotected call of cli_RNetShareEnum(). Not a libsmbclient
bug here but might as well fix the last caller as part of the
fix for the bug.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14174
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Tue, 29 Oct 2019 19:11:01 +0000 (12:11 -0700)]
s3: libsmb: Ensure we don't call cli_RNetShareEnum() on an SMB1 connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14174
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Wed, 30 Oct 2019 14:05:13 +0000 (15:05 +0100)]
s3:smb2_server: add message mid to SMB2 request done log message
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 30 18:42:35 UTC 2019 on sn-devel-184
Ralph Boehme [Wed, 30 Oct 2019 13:23:20 +0000 (14:23 +0100)]
s3:smb2_server: modernize a debug statement
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 24 Oct 2019 15:15:18 +0000 (17:15 +0200)]
lib/adouble: pass filesize to ad_unpack()
ad_unpack() needs the filesize, not the capped IO size we're using in the caller
to read up to "size" bystem from the ._ AppleDouble file.
This fixes a regression introduced by
bdc257a1cbac7e8c73a084b618ba642476807483
for bug 13968.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
RN: vfs_fruit returns capped resource fork length
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 30 14:52:34 UTC 2019 on sn-devel-184
Ralph Boehme [Fri, 25 Oct 2019 13:21:32 +0000 (15:21 +0200)]
lib/adouble: drop ad_data reallocate logic
Simply set the buffer size to AD_XATTR_MAX_HDR_SIZE. When reading the
AppleDouble file, read up to AD_XATTR_MAX_HDR_SIZE from the file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 24 Oct 2019 15:26:08 +0000 (17:26 +0200)]
lib/adouble: README.Coding fix: multi-line if expression
Also remove a TAB.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 24 Oct 2019 15:17:28 +0000 (17:17 +0200)]
lib/adouble: fix a long line
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 25 Oct 2019 13:41:40 +0000 (15:41 +0200)]
torture: expand test "vfs.fruit.resource fork IO" to check size
Reveals a bug where the resource fork size is capped at 65454 bytes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Tue, 6 Aug 2019 14:32:32 +0000 (16:32 +0200)]
CVE-2019-14833 dsdb: send full password to check password script
utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.
Therefore we rename utf8_len to be clear what it does and does
not represent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue Oct 29 11:58:45 UTC 2019 on sn-devel-184
Andrew Bartlett [Wed, 18 Sep 2019 23:50:01 +0000 (11:50 +1200)]
CVE-2019-14833: Use utf8 characters in the unacceptable password
This shows that the "check password script" handling has a bug.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 6 Aug 2019 19:08:09 +0000 (12:08 -0700)]
CVE-2019-10218 - s3: libsmb: Protect SMB2 client code from evil server returned names.
Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071
Signed-off-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 5 Aug 2019 20:39:53 +0000 (13:39 -0700)]
CVE-2019-10218 - s3: libsmb: Protect SMB1 client code from evil server returned names.
Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071
Signed-off-by: Jeremy Allison <jra@samba.org>
Isaac Boukris [Fri, 13 Sep 2019 07:56:10 +0000 (10:56 +0300)]
libnet_join: add SPNs for additional-dns-hostnames entries
and set msDS-AdditionalDnsHostName to the specified list.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 25 10:43:08 UTC 2019 on sn-devel-184
Isaac Boukris [Tue, 17 Sep 2019 18:38:07 +0000 (21:38 +0300)]
docs-xml: add "additional dns hostnames" smb.conf option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Isaac Boukris [Wed, 18 Sep 2019 20:15:57 +0000 (23:15 +0300)]
libnet_join_set_machine_spn: simplify adding uniq spn to array
and do not skip adding a fully qualified spn to netbios-aliases
in case a short spn already existed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Isaac Boukris [Wed, 18 Sep 2019 18:29:47 +0000 (21:29 +0300)]
libnet_join_set_machine_spn: simplify memory handling
and avoid a possible memory leak when passing null to
add_string_to_array() as mem_ctx.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Isaac Boukris [Wed, 18 Sep 2019 17:00:34 +0000 (20:00 +0300)]
libnet_join_set_machine_spn: improve style and make a bit room for indentation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Isaac Boukris [Thu, 29 Aug 2019 21:22:15 +0000 (00:22 +0300)]
libnet_join: build dnsHostName from netbios name and lp_dnsdomain()
This make the join process much more reliable, and avoids "Constraint
violation" error when the fqdn returned from getaddrinfo has already
got assigned an SPN.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14116
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Stefan Metzmacher [Fri, 4 Oct 2019 12:57:40 +0000 (14:57 +0200)]
s4:dirsync: fix interaction of dirsync and extended_dn controls
Azure AD connect reports discovery errors:
reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
RN: Prevent azure ad connect from reporting discovery errors:
reference-value-not-ldap-conformant
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 24 11:06:58 UTC 2019 on sn-devel-184
Stefan Metzmacher [Tue, 22 Oct 2019 10:12:32 +0000 (12:12 +0200)]
s4:tests/dirsync: add tests for dirsync with extended_dn
This demonstrates a problems that the extended_dn returned
by the dirsync module always uses the SDDL format for GUID/SID
components.
Azure AD connect reports discovery errors:
reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Ralph Boehme [Sat, 4 May 2019 10:12:48 +0000 (12:12 +0200)]
s3: remove now unneeded call to cmdline_messaging_context()
This was only needed as dbwrap_open() had a bug where it asked for the ctdb
connection before initializing messaging. The previous commit fixed that so we
can now safely remove the calls to cmdline_messaging_context() from all tools
that don't use messaging.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13925
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 24 09:33:47 UTC 2019 on sn-devel-184
Ralph Boehme [Sat, 4 May 2019 10:12:04 +0000 (12:12 +0200)]
s3:dbwrap: initialize messaging before getting the ctdb connection
This is a better fix for bug #13465.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13925
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Tue, 22 Oct 2019 07:32:58 +0000 (09:32 +0200)]
waf: Symlink the compile database to the source dir for clangd
https://github.com/ycm-core/YouCompleteMe
https://github.com/abingham/emacs-ycmd
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 24 08:11:19 UTC 2019 on sn-devel-184
Andreas Schneider [Tue, 25 Sep 2018 16:13:26 +0000 (18:13 +0200)]
waf: Create clang compilation database
http://clang.llvm.org/docs/JSONCompilationDatabase.html
This can be used by ymcd or clangd.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Martin Schwenke [Wed, 14 Aug 2019 05:26:25 +0000 (15:26 +1000)]
ctdb-tests: Add vacuuming tests
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Oct 24 05:28:21 UTC 2019 on sn-devel-184
Martin Schwenke [Sat, 28 Sep 2019 22:27:33 +0000 (08:27 +1000)]
ctdb-tests: Add handling of process clean-up on a cluster node
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 12 Aug 2019 11:02:47 +0000 (21:02 +1000)]
ctdb-tests: Factor out function check_cattdb_num_records()
This can be use in multiple vacuuming tests.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 1 Aug 2019 05:33:52 +0000 (15:33 +1000)]
ctdb-tests: Add ctdb-db-test tool
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 27 Sep 2019 06:49:01 +0000 (16:49 +1000)]
ctdb-client: Factor out function client_db_tdb()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 30 Jul 2019 04:17:11 +0000 (14:17 +1000)]
ctdb-daemon: Implement DB_VACUUM control
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 15 Oct 2019 05:36:44 +0000 (16:36 +1100)]
ctdb-vacuum: Only schedule next vacuum event if vacuuuming is scheduled
At the moment vacuuming is always scheduled.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 30 Jul 2019 04:16:13 +0000 (14:16 +1000)]
ctdb-daemon: Factor out code to create vacuuming child
This changes the behaviour for some failures from exiting to simply
attempting to schedule the next run.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 4 Oct 2019 02:06:21 +0000 (12:06 +1000)]
ctdb-vacuum: Simplify recording of in-progress vacuuming child
There can only be one, so simplify the logic.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 30 Jul 2019 00:52:05 +0000 (10:52 +1000)]
ctdb-protocol: Add marshalling for control DB_VACUUM
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 30 Jul 2019 06:59:37 +0000 (16:59 +1000)]
ctdb-protocol: Add marshalling for struct ctdb_db_vacuum
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 30 Jul 2019 00:34:03 +0000 (10:34 +1000)]
ctdb-protocol: Add new control CTDB_CONTROL_DB_VACUUM
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Tue, 1 Oct 2019 05:05:10 +0000 (15:05 +1000)]
ctdb-vacuum: Avoid processing any more packets
All the vacuum operations if required have an event loop to ensure
completion of pending operations. Once all the steps are complete,
there is no reason to process any more packets.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Wed, 6 Jun 2018 13:47:13 +0000 (15:47 +0200)]
ctdb-daemon: Avoid memory leak when packet is deferred
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 16 Feb 2018 06:17:38 +0000 (17:17 +1100)]
ctdb-recoverd: No need for database detach handler
The only reason for recoverd attaching to databases was to migrate
records to the local node as part of vacuuming. Recovery daemon does
not take part in database vacuuming any more.
The actual database recovery is handled via the recovery_helper and
recovery daemon should not need to attach to the databases any more.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 16 Feb 2018 06:13:35 +0000 (17:13 +1100)]
ctdb-recoverd: Drop VACUUM_FETCH message handling
This is now implemented in the ctdb daemon using VACUMM_FETCH control.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 16 Feb 2018 06:01:21 +0000 (17:01 +1100)]
ctdb-vacuum: Replace VACUUM_FETCH message with control
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 16 Feb 2018 06:00:40 +0000 (17:00 +1100)]
ctdb-vacuum: Add processing of fetch queue
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 16 Feb 2018 04:30:13 +0000 (15:30 +1100)]
ctdb-daemon: Add implementation of VACUUM_FETCH control
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>