Stefan Metzmacher [Tue, 11 Aug 2015 22:59:58 +0000 (00:59 +0200)]
lib/crypto: optimize aes_gcm_128
- We avoid variables in order to do a lazy cleanup
in aes_ccm_128_digest() via ZERO_STRUCTP(ctx)
- We use the optimized aes_block_{xor,rshift}() functions
- Align AES_BLOCK_SIZE arrays to 8 bytes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 11 Aug 2015 22:59:58 +0000 (00:59 +0200)]
lib/crypto: optimize aes_ccm_128
- We avoid variables in order to do a lazy cleanup
in aes_ccm_128_digest() via ZERO_STRUCTP(ctx)
- We use the optimized aes_block_xor() function
- We reuse A_i instead of rebuilding it everything completely.
- Align AES_BLOCK_SIZE arrays to 8 bytes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 11 Aug 2015 22:59:58 +0000 (00:59 +0200)]
lib/crypto: optimize aes_cmac_128
- We avoid variables in order to do a lazy cleanup
in aes_cmac_128_final() via ZERO_STRUCTP(ctx)
- We avoid unused memcpy() calls
- We use the optimized aes_block_{xor,lshift}() functions
- Align AES_BLOCK_SIZE arrays to 8 bytes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 11 Aug 2015 22:59:58 +0000 (00:59 +0200)]
lib/crypto: add optimized helper functions aes_block_{xor,lshift,rshift}()
These are typical operations on an AES_BLOCK used by different modes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 14 Aug 2015 11:13:21 +0000 (13:13 +0200)]
lib/crypto: add aes_ccm_128 tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 27 Aug 2015 11:44:56 +0000 (13:44 +0200)]
lib/crypto: verify 0 updates in aes_gcm_128 tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 14 Aug 2015 11:12:13 +0000 (13:12 +0200)]
lib/crypto: run all aes_gcm_128 testcases
We should not skip the first one.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 11 Aug 2015 14:31:25 +0000 (16:31 +0200)]
lib/crypto: add aes_cmac_128 chunked tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 12 Aug 2015 10:09:24 +0000 (12:09 +0200)]
s3:vfs_smb_traffic_analyzer: remove samba_ prefix from AES_* function calls
This should be an implementation detail in lib/crypto/aes.h.
In future we may add support for other implementations.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 26 Aug 2015 08:52:44 +0000 (10:52 +0200)]
lib: Make sid_linearize take a uint8_t
We marshall into a binary buffer, uint8_t better reflects that.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 27 00:40:58 CEST 2015 on sn-devel-104
Volker Lendecke [Mon, 24 Aug 2015 14:50:44 +0000 (16:50 +0200)]
lib: Remove unused sid_blob_parse
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 24 Aug 2015 14:46:12 +0000 (16:46 +0200)]
lib: Convert callers of sid_blob_parse to sid_parse
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 24 Aug 2015 10:33:28 +0000 (12:33 +0200)]
lib: Make sid_parse take a uint8_t
sid_parse takes a binary blob, uint8_t reflects this a bit
better than char * does
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Tue, 25 Aug 2015 03:26:42 +0000 (20:26 -0700)]
Prevent a crash in Python modules that try to authenticate by ensuring we reject cases where credendials fields are not intialized.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 25 21:45:18 CEST 2015 on sn-devel-104
Roel van Meer [Tue, 4 Aug 2015 14:50:43 +0000 (16:50 +0200)]
s3-util: Compare the maximum allowed length of a NetBIOS name
This fixes a problem where is_myname() returns true if one of our names
is a substring of the specified name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11427
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Mon, 3 Aug 2015 01:50:08 +0000 (13:50 +1200)]
selftest: Add assertion that we actually fix the replPropertyMetaData sort order
This ensures that the dbcheck rule fixes the sort order (and only fixes the sort order).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug 25 02:45:58 CEST 2015 on sn-devel-104
Andrew Bartlett [Sun, 2 Aug 2015 23:25:02 +0000 (11:25 +1200)]
selftest: Add in steps to re-create this database
This may assist if this needs to be changed again
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 2 Aug 2015 23:24:10 +0000 (11:24 +1200)]
Update release-4-1-0rc3 to include data using schema modifications
This allows us to know that the previous patches are correct.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Mon, 25 May 2015 16:17:55 +0000 (09:17 -0700)]
ldb: create a cache of known wellknown objects instead of continously searching in the db
Profiling on dbcheck have shown that we spend 10% of the time looking
for wellknown objects.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973
Change-Id: I13ed58e8062d1b7b6179d17b0e7e56f943572c6c
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 27 Jul 2015 03:11:56 +0000 (15:11 +1200)]
dbcheck: Use set() operations to make dbcheck more efficient
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 27 Jul 2015 03:44:56 +0000 (15:44 +1200)]
dbcheck: Try to avoid duplicate searches
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 28 Jul 2015 04:11:54 +0000 (16:11 +1200)]
dbcheck: Add additional tests for the attributeID list
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 23 Jul 2015 04:01:14 +0000 (16:01 +1200)]
dbcheck: Add explict tests for unknown and unsorted attributeID values
Unknown attributeID values would cause an exception previously, and
unsorted attributes cause a failure to replicate with Samba 4.2.
In commit
61b978872fe86906611f64430b2608f5e7ea7ad8 we started
to sort these values correctly, but previous versions of Samba
did not sort them correctly (we sorted high-bit-set values as
negative), and then after
9c9df40220234cba973e84b4985d90da1334a1d1
we stoped accepting these.
To ensure we are allowed to make this unusual change to the
replPropertyMetaData, a new OID is allocated and checked
for in repl_meta_data.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 30 Jul 2015 02:28:48 +0000 (14:28 +1200)]
pidl: Assert that python arrays will not overflow the C array
We do not write network services in Python, so this is not a security issue, but would cause
a crash or other odd behaviour if the length was changed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11430
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 28 Jul 2015 02:29:25 +0000 (14:29 +1200)]
pydsdb: Allow the full range of uint32_t values for attributeID
The high bit may be set in these integers, so we need an unsigned int to store it in
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11429
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 30 Jul 2015 02:29:54 +0000 (14:29 +1200)]
python/tests: Add tests for integer overflow handling
This also documents an issue with our python bindings and lists, as changes to integers in a list
of integers are not preserved
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11429
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 26 Jul 2015 22:57:43 +0000 (10:57 +1200)]
pidl: Change PIDL to correctly use and validate python integer types
In particular, it is critical that we use unsigned integers of
sufficient size in python for unsigned C integers, and it is
critical that we check for overflow at both the python and C
level.
Otherwise, we may both represent and sort these incorrectly,
in particular when sorting attributeID values from DRSUAPI
which are represented as an signed enum in C and a uint32_t in IDL,
but which often has the high bit set (in schema extensions).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11429
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 29 Jul 2015 03:25:09 +0000 (15:25 +1200)]
python: Use an unsigned integer for buf_size, not -1
This will fail once our python bindings correctly check value ranges
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11429
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 3 Aug 2015 01:33:40 +0000 (13:33 +1200)]
dnsserver: Remove incorrect and not required include of ldb_private.h
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 21 Aug 2015 09:25:33 +0000 (11:25 +0200)]
winbind: Remove "have_idmap_config" from winbindd_domain
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Aug 24 19:19:31 CEST 2015 on sn-devel-104
Volker Lendecke [Wed, 19 Aug 2015 11:48:17 +0000 (13:48 +0200)]
winbind: Do not look for the domain in wb_gid2sid
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Wed, 19 Aug 2015 11:48:17 +0000 (13:48 +0200)]
winbind: Do not look for the domain in wb_uid2sid
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Wed, 19 Aug 2015 11:44:02 +0000 (13:44 +0200)]
idmap: Remove dom_name from wbint_Gid2Sid
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Wed, 19 Aug 2015 11:44:02 +0000 (13:44 +0200)]
idmap: Remove dom_name from wbint_Uid2Sid
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Wed, 19 Aug 2015 11:34:58 +0000 (13:34 +0200)]
idmap: Remove "domname" from idmap_gid_to_sid
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Wed, 19 Aug 2015 11:34:58 +0000 (13:34 +0200)]
idmap: Remove "domname" from idmap_uid_to_sid
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Tue, 18 Aug 2015 15:34:29 +0000 (17:34 +0200)]
idmap: Remove "domname" from idmap_backends_unixid_to_sid
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Tue, 18 Aug 2015 15:30:27 +0000 (17:30 +0200)]
idmap: Use a range search in idmap_backends_unixid_to_sid
This obsoletes the domain name in the xid2sid calls
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Wed, 19 Aug 2015 15:00:46 +0000 (17:00 +0200)]
idmap: Initialize all idmap domains at startup
So far we have initialized idmap domains on demand indexed by name.
For sid2xid this works okay, because we could do lookupsids before
and thus get the name. For xid2sid this is more problematic. We
have to rely on enumtrustdoms to work completely, and we have to
look at the list of winbind domains in the parent to get the domain
name. Relying on domain->have_idmap_config is not particularly nice.
This patch re-works initialization of idmap domains by scanning all
parametric parameters, scanning for :backend configuration settings.
This way we get a complete list of :range definitions. This means
we can rely on the idmap domain array to be complete. This in turn
means we can live without the domain name to find a domain, we can
do a range search by uid or gid.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Tue, 18 Aug 2015 14:58:02 +0000 (16:58 +0200)]
idmap: Move idmap_init() under the static vars
Just moving code, idmap_init will need to reference the variables
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Volker Lendecke [Tue, 18 Aug 2015 11:18:33 +0000 (13:18 +0200)]
loadparm3: Add lp_wi_scan_global_parametrics()
This routine takes a regex and goes through all parametric parameters
in [global], matching the regex. It can easily be extended to also
look at shares, but right now it will only be used to list all idmap
config domain names.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Andreas Schneider [Fri, 21 Aug 2015 09:06:07 +0000 (11:06 +0200)]
uwrap: Bump version to 1.1.1
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Aug 21 17:48:45 CEST 2015 on sn-devel-104
Andreas Schneider [Fri, 21 Aug 2015 09:05:24 +0000 (11:05 +0200)]
uwrap: Removed double newline
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Fri, 21 Aug 2015 09:04:49 +0000 (11:04 +0200)]
uwrap: Fix build if getres(uid|gid) are not available.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andreas Schneider [Wed, 19 Aug 2015 14:19:30 +0000 (16:19 +0200)]
s3-auth: Fix a memory leak in make_server_info_info3()
We call make_server_info(NULL) and it is possible that we do not free
it, because server_info is not allocated on the memory context we pass
to the function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Wed, 19 Aug 2015 14:24:08 +0000 (16:24 +0200)]
s3-auth: Pass nt_username to check_account()
We set nt_username above but do not use it in this function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Wed, 19 Aug 2015 14:11:47 +0000 (16:11 +0200)]
s3-auth: Fix 'map to guest = Bad Uid' support
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Volker Lendecke [Mon, 17 Aug 2015 19:12:56 +0000 (21:12 +0200)]
param: Use talloc_pooled_object
Reduce memory fragmentation a bit and obsolete NULL checks
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 21 14:45:58 CEST 2015 on sn-devel-104
Volker Lendecke [Mon, 17 Aug 2015 19:07:37 +0000 (21:07 +0200)]
param: Simplify set_param_opt()
"not_added" is not a very good boolean flag concept... An early
return serves the same purpose just as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 17 Aug 2015 15:15:27 +0000 (17:15 +0200)]
lib: Remove unused parmlist code
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Robin Hack [Fri, 21 Aug 2015 01:54:03 +0000 (13:54 +1200)]
vfs_scannedonly: Remove vfs_scannedonly from samba source tree.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11459
Signed-off-by: Robin Hack <hack.robin@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 21 07:17:35 CEST 2015 on sn-devel-104
Stefan Metzmacher [Thu, 13 Aug 2015 08:32:46 +0000 (10:32 +0200)]
script/autobuild.py: make sure --nonshared-binary=smbtorture,smbd/smbd keeps working
- It's very useful to have a static smbtorture binary that can be copied arround.
- It's sometimes also useful to have a static smbd binary in order avoid
runtime overhead via do_lookup_x() (in ld*.so), note that
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Aug 20 19:10:19 CEST 2015 on sn-devel-104
Stefan Metzmacher [Thu, 13 Aug 2015 15:38:43 +0000 (17:38 +0200)]
script/autobuild.py: test some --with-{static,shared}-modules combinations
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 14 Aug 2015 06:40:37 +0000 (08:40 +0200)]
script/autobuild.py: use -Wmissing-prototypes and --picky-developer for samba-libs*
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 15:34:42 +0000 (17:34 +0200)]
script/autobuild.py: split out a samba_libs_configure variable
The avoids too long lines.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 12:22:45 +0000 (14:22 +0200)]
s3:wscript: make --with-{static,shared}-modules options more flexible
'!module' disables a non-required module for a static/shared build.
'!DEFAULT' disables all modules defaulting to a static/shared build.
'!FORCED' disables all (non-required) modules forced to a static/shared build.
'ALL' switches the default for all non forced modules from static to shared
or from shared to static.
The most specific specification wins
e.g.
--with-static-modules='!FORCED,!DEFAULT' --with-shared-modules='!FORCED,!DEFAULT' will only
build modules which are required for the compilation. Might be useful
if someone only wants to use client utils.
--with-static-modules=ALL will build all modules statically linked.
--with-static-modules='!DEFAULT,ALL' --with-shared-modules='!DEFAULT,ALL'
might be useful for testing, it reverses the default build for all modules
which can be build shared or static.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 16:57:19 +0000 (18:57 +0200)]
s3:wscript: simplify ABI matching for pdb_*_init()
The init functions of all static modules should be ignored.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 16:16:20 +0000 (18:16 +0200)]
s3:winbindd/idmap_*: make function prototypes available via static_decl_idmap;
This allows the static build of the modules.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 16:16:20 +0000 (18:16 +0200)]
s3:modules/perfcount_*: make function prototypes available via static_decl_perfcount;
This allows the static build of the modules.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 16:16:20 +0000 (18:16 +0200)]
s3:modules/vfs_*: make function prototypes available via static_decl_vfs;
This allows the static build of the modules.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 16:16:20 +0000 (18:16 +0200)]
examples/VFS: make function prototypes available via static_decl_vfs;
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 16:16:20 +0000 (18:16 +0200)]
examples/pdb: fix and validate pdb_test_init() prototype via static_decl_pdb;
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 16:15:36 +0000 (18:15 +0200)]
s4:ntvfs/posix: fix forward declaration of struct pvfs_state
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 16:15:03 +0000 (18:15 +0200)]
s3:wscript: remove leftover from vfs_notify_fam
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 18:07:59 +0000 (20:07 +0200)]
s3:idmap: we need to allow undefined symbols in idmap_tdb
When idmap_tdb is build as shared module we need to allow undefined symbols
which callback into winbindd code.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 13 Aug 2015 13:04:14 +0000 (15:04 +0200)]
s3:wscript: fix the build without any idmap module
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 12 Aug 2015 16:32:54 +0000 (18:32 +0200)]
smbd: Remove an unnecessary else branch
"goto out;" is sufficient before
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 20 15:52:20 CEST 2015 on sn-devel-104
Volker Lendecke [Wed, 12 Aug 2015 15:48:41 +0000 (17:48 +0200)]
vfs: Add some {}
The "mode = " from a very casual view looked as if it was part of the
if-condition
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Fri, 14 Aug 2015 09:40:51 +0000 (11:40 +0200)]
lib: Use dom_sid_equal where appropriate
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 16 Aug 2015 11:19:15 +0000 (13:19 +0200)]
ctdb: Use talloc_report_str in ctdb
This fixes CID
1125620 Insecure temporary file
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Mon, 17 Aug 2015 09:55:26 +0000 (11:55 +0200)]
lib: Add the pointer itself to talloc_report_str
A ctdb test found this discrepancy to talloc_report_full :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 16 Aug 2015 11:03:13 +0000 (13:03 +0200)]
gensec: Fix CID 242642 Unchecked return value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Tue, 18 Aug 2015 18:57:27 +0000 (20:57 +0200)]
replace: Fix bug 11455
Don't call rep_strtoull recursively
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11455
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 19 11:22:38 CEST 2015 on sn-devel-104
Volker Lendecke [Wed, 19 Aug 2015 05:35:32 +0000 (07:35 +0200)]
ctdb: Fix some clang uninitialized errors
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 19 Aug 2015 05:33:48 +0000 (07:33 +0200)]
ctdb: Fix the build on FreeBSD 10.1
We get sockaddr_in directly in parse_ipv4
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 12 Aug 2015 07:24:42 +0000 (09:24 +0200)]
s4:torture/rpc: fix ndr_security.h include in fsrvp.c
We should not include ndr_security.c
This allows ./configure --nonshared-binary=smbtorture again.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Aug 17 20:53:10 CEST 2015 on sn-devel-104
Stefan Metzmacher [Sat, 15 Aug 2015 08:59:45 +0000 (10:59 +0200)]
release-scripts/build-manpages-nogit: run make realdistclean at the end
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 17 Aug 2015 06:56:43 +0000 (08:56 +0200)]
s3:smb2_negprot: prefer AES128_CCM if the client supports it
Callgrind showed that we use 28,165,720,719 cpu cycles to send
a 100MB file to a client using aes-ccm.
With aes-gcm this is raises up to 723,094,413,831 cpu cycles.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 17 Aug 2015 06:56:43 +0000 (08:56 +0200)]
libcli/smb: prefer AES128_CCM
Callgrind showed that we use 28,165,720,719 cpu cycles to send
a 100MB file to a client using aes-ccm.
With aes-gcm this is raises up to 723,094,413,831 cpu cycles.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andrew Bartlett [Mon, 17 Aug 2015 04:03:10 +0000 (16:03 +1200)]
Revert "ldb-samba: Implement transitive extended matching"
This reverts commit
2a22ba34cd6f28950246b54c6577c922c61f4fdb.
selftest/knownfail entries are added to ensure 'make test' continues to pass
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10493
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 17 Aug 2015 04:09:35 +0000 (16:09 +1200)]
Revert "dsdb: Only parse SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL as a DN"
This reverts commit
1a012d591bca727b5cabacf6455d2009afb16bd7.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10493
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 14 Aug 2015 10:54:00 +0000 (12:54 +0200)]
s3:lib: fix some corner cases of open_socket_out_cleanup()
In case of timeouts we retry the async_connect_send() and forgot
to remember it, this results in an abort() in async_connect_cleanup()
as the fd is already closed when calling fcntl(F_SETFL).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andreas Schneider [Fri, 14 Aug 2015 08:59:05 +0000 (10:59 +0200)]
waf: Check for Linux has 32-bit credential calls
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 14 18:04:53 CEST 2015 on sn-devel-104
Volker Lendecke [Mon, 10 Aug 2015 10:02:34 +0000 (12:02 +0200)]
libcli: Use iov_buflen in smb2_signing.c
This gives us overflow protection.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Aug 14 13:56:49 CEST 2015 on sn-devel-104
Andrew Bartlett [Fri, 14 Aug 2015 04:43:41 +0000 (16:43 +1200)]
python:samba/upgrade.py Fix format string syntax in error condition
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11436
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Aug 14 10:52:39 CEST 2015 on sn-devel-104
Volker Lendecke [Wed, 12 Aug 2015 07:18:28 +0000 (09:18 +0200)]
lib: Remove some unused code
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Volker Lendecke [Wed, 12 Aug 2015 07:14:35 +0000 (09:14 +0200)]
lib: Remove some unused code
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Volker Lendecke [Wed, 12 Aug 2015 06:58:31 +0000 (08:58 +0200)]
smbd: Use a struct initializer
Saves a few bytes of .text
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Volker Lendecke [Wed, 12 Aug 2015 06:55:56 +0000 (08:55 +0200)]
smbd: Remove a confusing comment
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Volker Lendecke [Tue, 11 Aug 2015 12:20:07 +0000 (14:20 +0200)]
nfs4acls: Remove type_name param from smbacl4_get_vfs_params
It is kindof unexpected that we get params for something else but
"nfs4:"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 13 17:45:31 CEST 2015 on sn-devel-104
Volker Lendecke [Tue, 11 Aug 2015 12:16:04 +0000 (14:16 +0200)]
nfs4acls: Fix a small memleak
We don't need the nt_ace_list beyond this function, make_sec_acl makes
a copy and make_sec_desc makes another one
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Aug 2015 12:13:43 +0000 (14:13 +0200)]
nfs4acls: Introduce a helper variable
... triggered by removing a "==false" condition
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Aug 2015 11:37:42 +0000 (13:37 +0200)]
nfs4acls: Remove a few unnecessary casts
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Aug 2015 11:36:45 +0000 (13:36 +0200)]
nfs4acls: Use talloc_realloc()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Aug 2015 11:34:35 +0000 (13:34 +0200)]
nfs4acls: Use talloc_zero_array()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Aug 2015 11:33:40 +0000 (13:33 +0200)]
nfs4acls: Use talloc_zero()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 12 Aug 2015 05:31:01 +0000 (07:31 +0200)]
nfs4acls: Use talloc_zero()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Aug 2015 11:12:46 +0000 (13:12 +0200)]
nfs4acls: Remove get_validated_aceint
With the anonymous struct SMB4ACE_T we can rely on the compiler
to warn us
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Aug 2015 11:12:46 +0000 (13:12 +0200)]
nfs4acls: Remove get_validated_aclint
With the anonymous struct SMB4ACL_T we can rely on the compiler
to warn us
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Tue, 11 Aug 2015 11:04:05 +0000 (13:04 +0200)]
nfs4acls: Remove the SMB_ACE4_INT_T typedef
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
git.samba.org / samba.git / log