Andrew Bartlett [Wed, 13 Oct 2021 19:11:49 +0000 (08:11 +1300)]
.gitlab-ci.yml: Restore building most of our jobs
We are changing the primary build jobs to use "when"
not "only". These a similar and related GitLab syntax
tools to control when jobs are run.
With 'when' now in use it must be specified on all jobs
that inherit from each other via:
.extends .shared_template
"only" can be left however for the pages and coverity as
these use:
.extends .shared_runner_build_image
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14861
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joseph Sutton [Mon, 11 Oct 2021 02:37:48 +0000 (15:37 +1300)]
.gitlab-ci: Increase build timeout
While the build will not take > 1hr, uploading the artifacts
needed to pass the build objects to the next stage can take
some time due to the distance between the runners and the
private CI server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14861
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct 13 12:00:03 UTC 2021 on sn-devel-184
Andrew Bartlett [Mon, 11 Oct 2021 18:55:54 +0000 (07:55 +1300)]
.gitlab-ci.yml: Honour AUTOBUILD_SKIP_SAMBA_O3 in GitLab CI
GitLab CI resources are expensive and often rationed so
provide a way to test other things without testing an -O3
build also, as this will save 9 jobs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14861
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Alex Richardson [Wed, 8 Sep 2021 13:42:57 +0000 (14:42 +0100)]
Fix detection of rpc/xdr.h on macOS
We need to include rpc/types.h first to include this header.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 13 02:33:05 UTC 2021 on sn-devel-184
Alex Richardson [Wed, 8 Sep 2021 13:42:25 +0000 (14:42 +0100)]
vfs_preopen.c: Fix -Wformat error on macOS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Alex Richardson [Wed, 8 Sep 2021 12:29:54 +0000 (13:29 +0100)]
source3/smbd/statcache.c: Fix -Wformat build error on macOS
The format string uses PRIx64, so we should be using uint64_t and not
uintmax_t.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Alex Richardson [Wed, 8 Sep 2021 12:27:41 +0000 (13:27 +0100)]
sec_ctx.c: Fix -Wunused-function warning on macOS
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Alex Richardson [Wed, 8 Sep 2021 12:25:04 +0000 (13:25 +0100)]
source3/printing/queue_process.c: fix build on macOS
On macOS environ is defined to (*_NSGetEnviron()) in lib/replace/replace.h
and otherwise the `extern char **environ` can be found there.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Alex Richardson [Wed, 8 Sep 2021 11:57:03 +0000 (12:57 +0100)]
audit_logging.c: fix compilation on macOS
On macOS tv_usec is an int so failus the build with -Werror,-Wformat.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Alex Richardson [Wed, 8 Sep 2021 11:52:57 +0000 (12:52 +0100)]
charset_macosxfs.c: fix compilation on macOS
The DEBUG macro was missing and the CFStringGetBytes() was triggering a
-Werror,-Wpointer-sign build failure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14862
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Martin Schwenke [Tue, 12 Oct 2021 01:27:51 +0000 (12:27 +1100)]
ctdb-tests: Drop unused function ctdb_get_all_public_addresses()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Oct 12 23:24:18 UTC 2021 on sn-devel-184
Ralph Boehme [Fri, 8 Oct 2021 03:58:37 +0000 (05:58 +0200)]
ctdb-tests: add a comment to the generated public_addresses file used by eventscript UNIT tests
test stub code has been updated to handle this, so now let's put it
to work.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14826
RN: Correctly ignore comments in CTDB public addresses file
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Martin Schwenke [Tue, 12 Oct 2021 01:19:27 +0000 (12:19 +1100)]
ctdb-tests: Fix typo in ctdb stub comment matching
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14826
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Wed, 8 Sep 2021 14:53:12 +0000 (16:53 +0200)]
ctdb-scripts: filter out comments in public_addresses file
Note that order of sed expressions matters: the expression to delete
comment lines must come first as the second expression would transform
# comment
to
comment
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14826
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Jeremy Allison [Mon, 11 Oct 2021 19:26:57 +0000 (12:26 -0700)]
s3: VFS: zfsacl: Ensure we use a pathref fd, not an io fd, for getting/setting ZFS ACLs.
Don't use path-based calls.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14685
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 12 18:14:27 UTC 2021 on sn-devel-184
Andreas Schneider [Wed, 6 Oct 2021 12:02:10 +0000 (14:02 +0200)]
docs-xml: Use /var/tmp for spooling in smb.conf.5
This is a world writeable directory which exists on Linux distributions by
default already.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Oct 12 17:24:01 UTC 2021 on sn-devel-184
Andreas Schneider [Wed, 6 Oct 2021 12:01:42 +0000 (14:01 +0200)]
docs-xml: Remove trailing spaces in smb.conf.5.xml
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Pavel Filipenský [Fri, 8 Oct 2021 11:16:05 +0000 (13:16 +0200)]
docs-xml: Update winbindd(8) manpage
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14852
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 12 09:30:02 UTC 2021 on sn-devel-184
Pavel Filipenský [Thu, 7 Oct 2021 10:08:22 +0000 (12:08 +0200)]
s3:winbindd: Fix winbindd child logfile name handling
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14852
Handling of logfile name for main and child winbindd must ensure:
1) Log directory is selected in this order:
* -l option of winbindd
* "log file" parameter in smb.conf
* compile time value '/usr/local/samba/var'
2) Log filename pattern
* parent process uses log.winbindd
* child uses log.wb-<name>
3) Log reopen works for both parent and child (i.e. log filename is not changed)
* kill -HUP <pid>
* smbcontrol <pid> reload-config
This commit removes 3 calls of is_default_dyn_LOGFILEBASE() to make sure that:
- 1st removal: child uses log.wb-<name> after the fork
- 2nd removal: child after HUP signal, does not switch to log.winbindd
- 3rd removal: child after smbcontrol reload-config, does not switch to
log.winbindd
Interesting commits:
bfa1b2a8 1484b7f3 3b015a4c d1f7a371
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Thu, 7 Oct 2021 21:11:25 +0000 (14:11 -0700)]
s3: smbd: Ensure when we change security context we delete any $cwd cache.
This will ensure we *always* call into the VFS_SMB_CHDIR backends
on security context switch. The $cwd was an optimization that
was only looking at the raw filesystem path. We could delete it
completely but that is a patch for another day.
Remove knownfail on regression test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14682
RN: vfs_shadow_copy2: core dump in make_relative_path
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct 8 21:28:04 UTC 2021 on sn-devel-184
Jeremy Allison [Thu, 7 Oct 2021 21:08:48 +0000 (14:08 -0700)]
s3: selftest: Add regression test to show the $cwd cache is misbehaving when we connect as a different user on a share.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14682
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Fri, 9 Jul 2021 09:28:22 +0000 (11:28 +0200)]
vfs: add and use a few SMB_VFS_ODX defines
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 8 20:21:21 UTC 2021 on sn-devel-184
Ralph Boehme [Tue, 22 Jun 2021 16:58:21 +0000 (18:58 +0200)]
lib: add sys_block_align[_truncate]()
This implements MS-FSA algorithms BlockAlign() and BlockAlignTruncate().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 22 Jun 2021 18:13:02 +0000 (20:13 +0200)]
vfs: Add flags and xferlen args to SMB_VFS_OFFLOAD_READ_RECV
We missed these values which follow from MS-FSCC 2.3.80 “FSCTL_OFFLOAD_READ
Reply”:
Flags (4 bytes):
A 32-bit unsigned integer that indicates which flags were returned for this
operation. Possible values for the flags follow. All unused bits are reserved
for future use, SHOULD be set to 0, and MUST be ignored.
OFFLOAD_READ_FLAG_ALL_ZERO_BEYOND_CURRENT_RANGE (0x00000001)
=> The data beyond the current range is logically equivalent to zero.
TransferLength (8 bytes):
A 64-bit unsigned integer that contains the amount, in bytes, of data that the
Token logically represents. This value indicates a contiguous region of the
file from the beginning of the requested offset in the FileOffset field in the
FSCTL_OFFLOAD_READ_INPUT data element (section 2.3.79). This value can be
smaller than the CopyLength field specified in the FSCTL_OFFLOAD_READ_INPUT
data element, which indicates that less data was logically
represented (logically read) with the Token than was requested. The value of
this field MUST be greater than 0x0000000000000000 and MUST be aligned to a
logical sector boundary on the volume.
As we currently only implement COPY_CHUNK over the OFFLOAD VFS interface, the
VFS COPY_CHUNK backend in vfs_default just sets both values to 0 and they are
unused in the SMB frontend.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 18 Jun 2021 14:32:53 +0000 (16:32 +0200)]
idl: declare token array of storage_offload_token as in-line
This ensures the order of the struct element is the same as in the IDL
definition. For an conformant array using the [sizeis(n)] syntax the sizeis
member is stored as first element in the marshall buffer.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 7 Oct 2021 09:22:59 +0000 (11:22 +0200)]
rpc_server3: Remove pipes_struct->private_data
netlogon3 was the only user
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 7 Oct 2021 09:22:20 +0000 (11:22 +0200)]
rpc_server3: Use dcesrv_iface_state in netlogon3
Align with the source4/rpc_server/netlogon
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 7 Oct 2021 08:07:48 +0000 (10:07 +0200)]
netlogon: Move netlogon_server_pipe_state to netlogon.idl
Make this available as a shared structure for both source3 and source4
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 4 Oct 2021 08:25:14 +0000 (10:25 +0200)]
rpc_server3: Remove an outdated comment
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 4 Oct 2021 08:19:24 +0000 (10:19 +0200)]
rpc_server3: Remove "pipes_struct->opnum"
Also available via dce_call->pkt.u.request.opnum
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 4 Oct 2021 08:07:09 +0000 (10:07 +0200)]
rpc_server3: Remove "pipes_struct->call_id"
Unused.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 08:33:50 +0000 (10:33 +0200)]
libcli: Simplify get_sec_mask_str()
Use talloc_asprintf_addbuf()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 08:47:48 +0000 (10:47 +0200)]
dsdb: Simplify schema_attribute_description() & friends
Use talloc_asprintf_addbuf()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 08:13:52 +0000 (10:13 +0200)]
winbind: Simplify winbindd_sids_to_xids_recv()
Use talloc_asprintf_addbuf(), fix an realloc error path memleak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 08:10:21 +0000 (10:10 +0200)]
winbind: Simplify winbindd_getusersids_recv()
Use talloc_asprintf_addbuf(), fix an realloc error path memleak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 08:09:45 +0000 (10:09 +0200)]
winbind: Simplify winbindd_getsidaliases_recv()
Use talloc_asprintf_addbuf(), fix an realloc error path memleak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 08:01:07 +0000 (10:01 +0200)]
lib: Use talloc_asprintf_addbuf() in utok_string()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 07:54:46 +0000 (09:54 +0200)]
librpc: Use talloc_asprintf_addbuf() in dcerpc_binding_string()
Saves quite a few lines
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 07:53:57 +0000 (09:53 +0200)]
lib: Add talloc_asprintf_addbuf()
Simplifies building up a string step by step, see next commit
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 08:09:27 +0000 (10:09 +0200)]
winbind: Align an integer type
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 09:10:57 +0000 (11:10 +0200)]
rpc_server3: Remove unused fields from struct dcerpc_ncacn_conn
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 07:20:44 +0000 (09:20 +0200)]
libcli: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 Oct 2021 07:16:32 +0000 (09:16 +0200)]
libcli: Avoid an includes.h
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 30 Sep 2021 07:27:10 +0000 (09:27 +0200)]
idmap_script: Save a few lines with str_list_add_printf()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 5 Oct 2021 19:44:53 +0000 (21:44 +0200)]
lib: Fix a typo in a DEBUG fn prefix by using DBG_
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 5 Oct 2021 19:40:45 +0000 (21:40 +0200)]
lib: Simplify set_privileges with a struct initialization
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 5 Oct 2021 19:31:41 +0000 (21:31 +0200)]
lib: Avoid a cast in a DBG statement
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 25 Sep 2021 06:23:03 +0000 (08:23 +0200)]
libcli: Simplify security_session_user_level()
Use sid_compose(), use struct dom_sid on the stack.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 25 Sep 2021 06:20:18 +0000 (08:20 +0200)]
libcli: Introduce a helper variable in security_session_user_level()
Makes it easier to read for me
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 25 Sep 2021 05:58:47 +0000 (07:58 +0200)]
libcli: Remove unused security_token_has_sid_string()
This should have been removed in
ef990008f22, I just was not aware
it's there...
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 28 Sep 2021 09:28:01 +0000 (11:28 +0200)]
samba: Save a line with TALLOC_FREE
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 25 Sep 2021 06:25:14 +0000 (08:25 +0200)]
smbd: Avoid ZERO_STRUCT() with a struct init
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 4 Oct 2021 08:10:42 +0000 (10:10 +0200)]
lsa_server3: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 8 Oct 2021 09:38:30 +0000 (11:38 +0200)]
rpc_server3: Avoid a literal number available as a constant
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 8 Oct 2021 09:34:23 +0000 (11:34 +0200)]
smbd: Make SID_SAMBA_SMB3 a static SID
No need to parse it
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Tue, 28 Sep 2021 22:35:54 +0000 (11:35 +1300)]
Release ldb 2.50 for the future samba 4.16 series
This avoids master having an older or identical LDB version
to Samba 4.15.x while it gains additional changes that may
not all be backported.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 5 19:57:51 UTC 2021 on sn-devel-184
Andrew Bartlett [Tue, 28 Sep 2021 22:27:41 +0000 (11:27 +1300)]
Release ldb 2.4.1
* Corrected python behaviour for 'in' for LDAP attributes
contained as part of ldb.Message (bug 14845)
* Fix memory handling in ldb.msg_diff (bug 14836)
* Corrected python docstrings
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14836
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14848
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Thu, 16 Sep 2021 04:09:24 +0000 (16:09 +1200)]
selftest: Use self.assertRaisesLdbError() in user_account_control.py test
This changes most of the simple pattern with self.samdb.modify()
to use the wrapper. Some other calls still need to be converted, while
the complex decision tree tests should remain as-is for now.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Oct 4 21:55:43 UTC 2021 on sn-devel-184
Andrew Bartlett [Mon, 13 Sep 2021 09:48:13 +0000 (21:48 +1200)]
selftest: Move self.assertRaisesLdbError() to samba.tests.TestCase
This is easier to reason with regarding which cases should work
and which cases should fail, avoiding issues where more success
than expected would be OK because a self.fail() was missed in a
try: block.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 1 Oct 2021 07:16:21 +0000 (09:16 +0200)]
lib:fuzzing: Fix quoting of --fuzz-target-ldflags
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Oct 4 11:36:06 UTC 2021 on sn-devel-184
Andreas Schneider [Fri, 1 Oct 2021 08:46:09 +0000 (10:46 +0200)]
s3:utils: Fix format error
regedit_hexedit.c:166:39: error: format ‘%X’ expects argument of type ‘unsigned
int’, but argument 3 has type ‘size_t’ {aka ‘long unsigned int’}
166 | wprintw(buf->win, "%08X ", off);
| ~~~^ ~~~
| | |
| | size_t {aka long unsigned int}
| unsigned int
| %08lX
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Jeremy Allison [Thu, 30 Sep 2021 03:49:48 +0000 (20:49 -0700)]
s4: process_prefork: Make prefork_restart() use an asynchronous timer event instead of calling sleep(X).
This should prevent any long pauses in the calling process, as we get a callback
for the restart after X seconds. To make the code flow more understandable,
always go through a timer event even if the wait time is zero. This
has the same effect as an immediate event as it will call the callback
function as soon as we go back into the event loop.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 2 01:38:43 UTC 2021 on sn-devel-184
Andrew Bartlett [Mon, 5 Jul 2021 03:57:09 +0000 (15:57 +1200)]
samldb: Address birthday paradox adding an RODC
It is possible that the randomly chosen RODC number will be one
that is already in use. The samldb_krbtgtnumber_available()
function was meant to prevent that, but due to a typo did not.
There is no other race here as the whole thing is inside a transaction,
and we have duplicate protection on samAccountName, so the failure
looked like this:
...
Adding CN=krbtgt_TESTRODCDRS5320202,CN=Users,DC=samba,DC=example,DC=com
UNEXPECTED(error): samba4.drs.repl_rodc.python(ad_dc_ntvfs).repl_rodc.DrsRodcTestCase.test_msDSRevealedUsers_admin(ad_dc_ntvfs)
REASON: Exception: Exception: Traceback (most recent call last):
File "/m/abartlet/aMASTER/
b1635147/samba-def-build/source4/torture/drs/python/repl_rodc.py", line 111, in setUp
self._create_rodc(self.rodc_ctx)
File "/m/abartlet/aMASTER/
b1635147/samba-def-build/source4/torture/drs/python/repl_rodc.py", line 693, in _create_rodc
ctx.join_add_objects()
File "bin/python/samba/join.py", line 641, in join_add_objects
ctx.add_krbtgt_account()
File "bin/python/samba/join.py", line 429, in add_krbtgt_account
ctx.samdb.add(rec, ["rodc_join:1:1"])
_ldb.LdbError: (68, "LDAP error 68 LDAP_ENTRY_ALREADY_EXISTS - <
00002071: samldb: samAccountName krbtgt_4405 already in use!> <>")
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14854
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 1 20:50:37 UTC 2021 on sn-devel-184
Andrew Bartlett [Wed, 22 Sep 2021 23:14:35 +0000 (11:14 +1200)]
.gitlab-ci: Allow a 1 hour to build Samba
I have seen cases where the job is pushed to the private runners
(which do not have the ccache) where this takes over 45mins, and
a typical job can be 35 mins so this is too tight.
Triggering the timeout causes a rebuild from scratch, which is
done twice automatically, and is financially costly (we pay
per VM start) and a waste of CPU/energy/etc.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14844
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 1 19:43:16 UTC 2021 on sn-devel-184
Andrew Bartlett [Wed, 22 Sep 2021 23:06:13 +0000 (11:06 +1200)]
.gitlab-ci: Ignore errors from missing source files in code coverage
This could happen when code coverage is collected from multiple distributions.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Thu, 16 Sep 2021 17:03:59 +0000 (20:03 +0300)]
selftest: test tsocket_address_inet_from_hostport_strings
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep 28 10:34:12 UTC 2021 on sn-devel-184
Uri Simchoni [Thu, 16 Sep 2021 17:03:02 +0000 (20:03 +0300)]
selftest: add more tests for test_address_inet_from_strings
Test the case of NULL address as input
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Uri Simchoni [Thu, 16 Sep 2021 07:11:46 +0000 (10:11 +0300)]
WHATSNEW: document dns forwarder change
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthew Grant [Fri, 17 Sep 2021 22:05:24 +0000 (10:05 +1200)]
libcli/dns.c: dns forwarder port test changes
Test harness for the dns fowarder setting in smb.conf. Adds IPv6
forwarder as second target DNS forwarder, listening on port 54.
Signed-off-by: Matthew Grant <grantma@mattgrant.net.nz>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthew Grant [Fri, 17 Sep 2021 22:02:11 +0000 (10:02 +1200)]
libcli/dns: smb.conf dns forwarder port support
Call new tsocket_address_inet_from_hostport_strings() instead of
tsocket_address_inet_from_strings() to implement setting a port to query
for a DNS forwarder.
Signed-off-by: Matthew Grant <grantma@mattgrant.net.nz>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthew Grant [Sun, 19 Sep 2021 05:41:42 +0000 (17:41 +1200)]
lib/tsocket: new function to parse host port strs.
tsocket_address_inet_from_hostport_strings() on top of
tsocket_address_inet_from_strings(), implementing the ability to parse a
port number appended to an IPv6 or IPv4 address. IPv6 addresses can also
optionally have square brackets around them, but these are needed to
specify the port number as colon is used to delimit port from the IP
address in the string.
Note that this code just recognises and parses the strings with port
given, or just IPv6 with square brackets. The rest of the parsing is
passed on to tsocket_address_inet_from strings(), and errors from there
passed back up the stack.
Signed-off-by: Matthew Grant <grantma@mattgrant.net.nz>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Matthew Grant [Fri, 17 Sep 2021 21:57:26 +0000 (09:57 +1200)]
libcli/dns: dns forwarder port doc changes
Documentation changes specifying how list entries for dns forwarder
are to be specified with ability to add trailing target port number.
Signed-off-by: Matthew Grant <grantma@mattgrant.net.nz>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sat, 25 Sep 2021 02:39:59 +0000 (14:39 +1200)]
pyldb: Make ldb.Message containment testing consistent with indexing
Previously, containment testing using the 'in' operator was handled by
performing an equality comparison between the chosen object and each of
the message's keys in turn. This behaviour was prone to errors due to
not considering differences in case between otherwise equal elements, as
the indexing operations do.
Containment testing should now be more consistent with the indexing
operations and with the get() method of ldb.Message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sat, 25 Sep 2021 01:48:57 +0000 (13:48 +1200)]
pyldb: Add tests for ldb.Message containment testing
These tests verify that the 'in' operator on ldb.Message is consistent
with indexing and the get() method. This means that the 'dn' element
should always be present, lookups should be case-insensitive, and use of
an invalid type should result in a TypeError.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sat, 25 Sep 2021 01:39:56 +0000 (13:39 +1200)]
pyldb: Raise TypeError for an invalid ldb.Message index
Previously, a TypeError was raised and subsequently overridden by a
KeyError.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sat, 25 Sep 2021 01:22:05 +0000 (13:22 +1200)]
pyldb: Add test for an invalid ldb.Message index type
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sat, 25 Sep 2021 07:18:39 +0000 (19:18 +1200)]
s4/torture/drs/python: Fix attribute existence check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 24 Sep 2021 23:16:09 +0000 (11:16 +1200)]
pyldb: Fix deleting an ldb.Control critical flag
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 24 Sep 2021 23:13:02 +0000 (11:13 +1200)]
pytest:segfault: Add test for deleting an ldb.Control critical flag
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 24 Sep 2021 23:12:16 +0000 (11:12 +1200)]
pyldb: Fix deleting an ldb.Message dn
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 24 Sep 2021 22:56:25 +0000 (10:56 +1200)]
pytest:segfault: Add test for deleting an ldb.Message dn
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14845
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Mon, 20 Sep 2021 14:49:53 +0000 (16:49 +0200)]
mdssvc: Use ndr_policy_handle_empty()
is_zero_policy_handle() was a duplicate.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 25 00:46:23 UTC 2021 on sn-devel-184
Volker Lendecke [Mon, 20 Sep 2021 14:42:08 +0000 (16:42 +0200)]
rpc_server: Simplify dcesrv_handle_lookup()
Reduce indentation with a "break;" from the loop, best reviewed with
git show -b
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 20 Sep 2021 14:36:15 +0000 (16:36 +0200)]
rpc_server: Move a type check in dcesrv_handle_lookup()
This check is independent of whether we found a handle or not, we can
do it before walking the handle list.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 21 Sep 2021 12:35:17 +0000 (14:35 +0200)]
libcli: Remove unused security_token_is_sid_string()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Joseph Sutton [Mon, 20 Sep 2021 03:10:35 +0000 (15:10 +1200)]
tests/krb5: Add classes for testing invalid checksums
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Sep 23 19:28:44 UTC 2021 on sn-devel-184
Joseph Sutton [Mon, 20 Sep 2021 03:06:18 +0000 (15:06 +1200)]
tests/krb5: Add method to determine if principal is krbtgt
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 20 Sep 2021 02:10:07 +0000 (14:10 +1200)]
tests/krb5: Verify checksums of tickets obtained from the KDC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 21 Sep 2021 01:54:47 +0000 (13:54 +1200)]
tests/krb5: Add get_rodc_krbtgt_creds() to RawKerberosTest
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 20 Sep 2021 02:05:58 +0000 (14:05 +1200)]
tests/krb5: Simplify account creation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 21 Sep 2021 23:41:45 +0000 (11:41 +1200)]
tests/krb5: Provide ticket enc-part key to tgs_req()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 20 Sep 2021 02:08:16 +0000 (14:08 +1200)]
tests/krb5: Fix checking for presence of authorization data
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 20 Sep 2021 01:58:09 +0000 (13:58 +1200)]
tests/krb5: Add method to get DC credentials
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 20 Sep 2021 01:59:24 +0000 (13:59 +1200)]
tests/krb5: Allow tgs_req() to check the returned ticket enc-part
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 20 Sep 2021 01:54:39 +0000 (13:54 +1200)]
tests/krb5: Set key version number for all accounts created with create_account()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 21 Sep 2021 05:11:28 +0000 (17:11 +1200)]
tests/krb5: Correctly check PA-SUPPORTED-ENCTYPES
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 21 Sep 2021 05:10:49 +0000 (17:10 +1200)]
tests/krb5: Get supported enctypes for credentials from database
Look up the account's msDS-SupportedEncryptionTypes attribute to get the
encryption types that it supports. Move the fallback to RC4 to when the
ticket decryption key is obtained.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 21 Sep 2021 09:01:46 +0000 (21:01 +1200)]
tests/krb5: Add methods to convert between enctypes and bitfields
These methods are useful for converting a collection of encryption types
into msDS-SupportedEncryptionTypes bit flags, and vice versa.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 21 Sep 2021 05:01:12 +0000 (17:01 +1200)]
tests/krb5: Make get_default_enctypes() return a set of enctype constants
This is often more convenient than a bitfield.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 21 Sep 2021 01:33:16 +0000 (13:33 +1200)]
tests/krb5: Simplify adding authdata to ticket by using modified_ticket()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>