Andreas Schneider [Wed, 24 Jul 2019 14:24:18 +0000 (16:24 +0200)]
s4_torture: Use GnuTLS RC4 in test_ChangePasswordUser2
This uses STR_ASCII as string encodings.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 25 Jul 2019 04:52:41 +0000 (16:52 +1200)]
s4:torture: Use init_samr_CryptPassword in test_ChangePasswordUser2_ntstatus
This allows the use of GnuTLS for the RC4 crypto operation
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Thu, 25 Jul 2019 04:46:06 +0000 (16:46 +1200)]
s4:torture: Use init_samr_CryptPassword in test_ChangePasswordUser2
This allows the use of GnuTLS for the RC4 crypto operation
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Wed, 24 Jul 2019 14:49:53 +0000 (16:49 +0200)]
s4:torture: Use GnuTLS RC4 in test_OemChangePasswordUser2
This uses STR_ASCII for password encoding!
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 24 Jul 2019 13:59:19 +0000 (15:59 +0200)]
s4:torture: Use init_samr_CryptPassword in test_SetUserPass_level_ex
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 24 Jul 2019 13:58:38 +0000 (15:58 +0200)]
s4:torture: Use init_samr_CryptPassword in test_SetUserPass_25
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 24 Jul 2019 13:58:06 +0000 (15:58 +0200)]
s4:torture: Use init_samr_CryptPassword in test_SetUserPassEx
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 24 Jul 2019 13:57:25 +0000 (15:57 +0200)]
s4:torture: Use init_samr_CryptPassword in test_SetUserPass_23
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 24 Jul 2019 13:56:08 +0000 (15:56 +0200)]
s4:torture: Use init_samr_CryptPassword in test_SetUserPass
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 21 Feb 2019 09:21:39 +0000 (10:21 +0100)]
s4:torture: Use init_samr_CryptPassword(Ex) in samba3rpc test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 20 Feb 2019 14:52:49 +0000 (15:52 +0100)]
s4:torture: Use GnuTLS RC4 for RAP SAM test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 19 Feb 2019 16:40:29 +0000 (17:40 +0100)]
s4:rpc_server: Use GnuTLS RC4 for samr password
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 25 Jul 2019 00:50:57 +0000 (12:50 +1200)]
s4:rpc_server: Use samba_gnutls_arcfour_confounded_md5() in samr_set_password_ex()
This allows the use of GnuTLS for the underlying RC4 crypto operations.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Thu, 17 Jan 2019 11:40:21 +0000 (12:40 +0100)]
s3:utils: Use GnuTLS RC4 in ntlm_auth
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 15 May 2019 12:04:31 +0000 (14:04 +0200)]
s3:rpc_server: Use GnuTLS RC4 to decrypt samr password buffers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 16 Jan 2019 16:40:13 +0000 (17:40 +0100)]
s3:rpc_server: Use GnuTLS RC4 in samr password check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 16 Jan 2019 11:41:32 +0000 (12:41 +0100)]
s3:rpc_client: Use init_samr_CryptPassword in cli_samr rpc_client
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 15 Jan 2019 17:14:17 +0000 (18:14 +0100)]
s3:libsmb: Use GnuTLS RC4 in clirap
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 6 Dec 2018 17:11:14 +0000 (18:11 +0100)]
auth:ntlmssp: Use GnuTLS RC4 for ntlmssp signing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 9 Nov 2018 11:29:55 +0000 (12:29 +0100)]
auth:ntlmssp: Use GnuTLS RC4 in ntlmssp client
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 8 Jul 2019 16:21:18 +0000 (18:21 +0200)]
libcli:auth: Use samba_gnutls_arcfour_confounded_md5() in decode_wkssvc_join_password_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 8 Jul 2019 16:03:00 +0000 (18:03 +0200)]
libcli:auth: Use samba_gnutls_arcfour_confounded_md5() in encode_wkssvc_join_password_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 8 Jul 2019 15:36:58 +0000 (17:36 +0200)]
libcli:auth: Add test for (encode|decode)_wkssvc_join_password_buffer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 29 May 2019 13:50:45 +0000 (15:50 +0200)]
libcli:auth: Return WERROR for encode_wkssvc_join_password_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 25 Jul 2019 03:15:46 +0000 (15:15 +1200)]
s4:libnet: Use GnuTLS RC4 in libnet_ChangePassword_samr()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 1 Feb 2019 12:38:21 +0000 (13:38 +0100)]
s4:libnet: Use GnuTLS RC4 in libnet_SetPassword_samr_handle_23()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 1 Feb 2019 12:38:21 +0000 (13:38 +0100)]
s4:libnet: Use GnuTLS RC4 in libnet_SetPassword_samr_handle_24()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 9 Jul 2019 11:11:54 +0000 (13:11 +0200)]
s4:libnet: Use encode_rc4_passwd_buffer() in libnet_SetPassword_samr_handle_25()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 9 Jul 2019 11:01:49 +0000 (13:01 +0200)]
s4:libnet: Use encode_rc4_passwd_buffer() in libnet_SetPassword_samr_handle_26()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 24 Jul 2019 09:44:51 +0000 (11:44 +0200)]
s3:rpc_client: Use encode_rc4_passwd_buffer() in init_samr_CryptPasswordEx()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 9 Jul 2019 11:06:49 +0000 (13:06 +0200)]
libcli:auth: Add test for encode_rc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 9 Jul 2019 11:01:10 +0000 (13:01 +0200)]
libcli:auth: Add encode_rc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 9 Jul 2019 10:53:31 +0000 (12:53 +0200)]
libcli:auth: Pass samr_CryptPasswordEx to decode_rc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 5 Jul 2019 08:12:43 +0000 (10:12 +0200)]
libcli:auth: Rename encode_or_decode_arc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 5 Jul 2019 08:09:32 +0000 (10:09 +0200)]
libcli:auth: Use samba_gnutls_arcfour_confounded_md5() for rc4 passwd buffer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 16 Jan 2019 12:15:08 +0000 (13:15 +0100)]
s3:rpc_client: Use GnuTLS RC4 in init_samr_CryptPassword()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 4 Jul 2019 14:22:48 +0000 (16:22 +0200)]
s3:rpc_client: Use samba_gnutls_arcfour_confounded_md5 in init_samr_CryptPasswordEx
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 5 Jul 2019 07:39:02 +0000 (09:39 +0200)]
libcli:auth: Add test for decoding an RC4 password buffer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 29 May 2019 12:57:52 +0000 (14:57 +0200)]
libcli:auth: Return NTSTATUS for encode_or_decode_arc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 29 May 2019 15:16:26 +0000 (17:16 +0200)]
s3:rpc_client: Return NTSTATUS for init_samr_CryptPasswordEx()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 29 May 2019 14:22:11 +0000 (16:22 +0200)]
s3:rpc_client: Return NTSTATUS for init_samr_CryptPassword()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 18 Jul 2019 11:33:54 +0000 (13:33 +0200)]
lib:crypto: Document samba_gnutls_arcfour_confounded_md5()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 18 Jul 2019 11:27:57 +0000 (13:27 +0200)]
lib:crypto: Document gnutls_error_to_werror()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 18 Jul 2019 07:03:51 +0000 (09:03 +0200)]
lib:crypto: Document gnutls_error_to_ntstatus()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Tue, 9 Jul 2019 16:07:09 +0000 (16:07 +0000)]
s3/lib: clang: Fix 'access to field results in a deref of a null pointer'
Fixes:
source3/lib/ctdbd_conn.c:1953:6: warning: Access to field 'operation' results in a dereference of a null pointer (loaded from variable 'hdr') <--[clang]
if (hdr->operation != CTDB_REPLY_CALL) {
^~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Wed Jul 24 22:50:27 UTC 2019 on sn-devel-184
Noel Power [Tue, 9 Jul 2019 16:05:37 +0000 (16:05 +0000)]
s3/lib: clang: Fix 'function call argument is an uninitialized value'
Fixes:
source3/lib/ctdbd_conn.c:1066:3: warning: 3rd function call argument is an uninitialized value <--[clang]
DEBUG(0,("ctdbd_control failed: %s, %d\n", strerror(ret),
^
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Tue, 9 Jul 2019 16:02:47 +0000 (16:02 +0000)]
s3/lib: clang: Fix 'Acces to field results in a deref of a null pointer'
Fixes:
source3/lib/ctdbd_conn.c:415:6: warning: Access to field 'operation' results in a dereference of a null pointer (loaded from variable 'hdr') <--[clang]
if (hdr->operation == CTDB_REQ_MESSAGE) {
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Tue, 9 Jul 2019 15:06:30 +0000 (15:06 +0000)]
lib/addns: clang: Fix 'Assigned value is garbage or undefined'
Fixes:
lib/addns/dnsquery.c:222:10: warning: Assigned value is garbage or undefined <--[clang]
*numdcs = num_srvs; /* size_t->int */
^
1 warning generated.
Also fixes the out param being modified even on failure
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Tue, 9 Jul 2019 14:50:24 +0000 (14:50 +0000)]
lib/addns: clang: Fix 'Value stored to 'err' is never read'
Fixes:
/home/samba/samba/lib/addns/dnsmarshall.c:406:2: warning: Value stored to 'err' is never read <--[clang]
err = ERROR_DNS_NO_MEMORY;
^ ~~~~~~~~~~~~~~~~~~~
/home/samba/samba/lib/addns/dnsmarshall.c:447:3: warning: Value stored to 'err' is never read <--[clang]
err = buf->error;
^ ~~~~~~~~~~
2 warnings generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Tue, 9 Jul 2019 14:45:52 +0000 (14:45 +0000)]
libcls/nbt: clang: Fix 'initialization value is never read'
Fixes:
libcli/nbt/nbtsocket.c:65:27: warning: Value stored to 'req' during its initialization is never read <--[clang]
struct nbt_name_request *req = nbtsock->send_queue;
^~~ ~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Tue, 9 Jul 2019 14:42:46 +0000 (14:42 +0000)]
s3/lib/dbwrap: clang: Fix 'Access to field results in a deref of a null'
Fixes:
source3/lib/dbwrap/dbwrap_ctdb.c:530:39: warning: Access to field 'm_write' results in a dereference of a null pointer (loaded from field 'transaction') <--[clang]
if (pull_newest_from_marshall_buffer(ctx->transaction->m_write, key,
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Tue, 9 Jul 2019 14:13:13 +0000 (14:13 +0000)]
s3/lib/dwrap: clang: Fix 'Value stored to 'ret' is never read'
Fixes:
source3/lib/dbwrap/dbwrap_ctdb.c:95:2: warning: Value stored to 'ret' is never read <--[clang]
ret = ctdbd_init_connection(mem_ctx,
^ ~~~~~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Tue, 9 Jul 2019 14:08:49 +0000 (14:08 +0000)]
lib/adnss: clang: Fix The left operand of '!=' is a garbage value
Fixes:
lib/addns/dnssock.c:143:3: warning: The left operand of '!=' is a garbage value <--[clang]
TALLOC_FREE(conn);
^
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Tue, 9 Jul 2019 14:04:34 +0000 (14:04 +0000)]
libcli/smb: clang: Fix Value stored to 'next_offset' is never read
Fixes:
ibcli/smb/smb2_negotiate_context.c:117:3: warning: Value stored to 'next_offset' is never read <--[clang]
next_offset += next_pad;
^ ~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Wed, 24 Jul 2019 03:43:46 +0000 (15:43 +1200)]
s4/dsdb/replmd: use incoming_dn_should_be_renamed() 2/2
In replmd_replicated_handle_rename().
The helper function was introduced two commits ago and consists of
a large common stretch of this and the function modified in the previous
commit.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 24 11:21:50 UTC 2019 on sn-devel-184
Douglas Bagnall [Wed, 24 Jul 2019 03:21:10 +0000 (15:21 +1200)]
s4/dsdb/replmd: use incoming_dn_should_be_renamed() 1/2
In replmd_op_possible_conflict_callback().
The helper function was introduced in the previous commit and consists
of a large common stretch of this and replmd_replicated_handle_rename().
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 24 Jul 2019 03:16:36 +0000 (15:16 +1200)]
s4/dsdb/replmd: add a helper for common calculations
We currently do exactly this work, in exactly these words (ignoring
formatting) in two different places. The next two commits will make
those places use this helper function. We do this over three commits
so that we can more easily compare the next two and be sure they are
doing the same thing.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 24 Apr 2019 09:30:07 +0000 (21:30 +1200)]
s4/dsdb/replmd: replicated_handle_rename free temp_ctx
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 16:55:58 +0000 (09:55 -0700)]
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.
Fixes SearchDir(). No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 24 08:57:05 UTC 2019 on sn-devel-184
Jeremy Allison [Wed, 17 Jul 2019 16:53:40 +0000 (09:53 -0700)]
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.
Fixes TellDir(). No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 16:52:41 +0000 (09:52 -0700)]
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.
Fixes RewindDir(). No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 16:51:07 +0000 (09:51 -0700)]
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.
Fixes ReadDirName(). No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 16:47:31 +0000 (09:47 -0700)]
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.
Fixes OpenDir_fsp(). No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 16:44:56 +0000 (09:44 -0700)]
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.
Fixes OpenDir_internal(). No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 16:42:45 +0000 (09:42 -0700)]
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.
Fixes DirCacheAdd(). No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 16:40:04 +0000 (09:40 -0700)]
s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.
Fixes smb_Dir_destructor(). No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 16:31:46 +0000 (09:31 -0700)]
s3: smbd: Use a separate simple destructor for the OpenDir() codepath.
This will help greatly in understanding the code changes later.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 16:11:25 +0000 (09:11 -0700)]
s3: smbd: Move the setting of the destructor of struct smb_Dir * up two levels.
Previously, open_dir_safely() called OpenDir_internal() which
set the destructor.
Move setting the destructor into the callers of open_dir_safely()
as this will allow us to have different destructors for handle-based
calls.
The reason this is important is that I have a follow up patchset
that depends on this which makes all client directory enumerations
handle-based, calling OpenDir_fsp() only, and so the destructor there
will take care of the fsp back pointer.
Trying to keep a common destructor for handle-based and non-handle
based calls broke my brain when trying to separate the handle-based
calls from the non-handle based ones in my later patchset.
NB. The change in OpenDir_fsp() isn't a logic change as instead
of doing an early return from a function that sets the destructor,
we now fallthrough to setting the destructor then return, which
is identical.
Eventually the whole codepath using the fallback for non-handle
opens inside dptr_create() will go away and this simplifies the
code immensely. Some short term pain for long-term gain :-).
Added doxygen documentation as requested.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 17 Jul 2019 15:56:49 +0000 (08:56 -0700)]
s3: smbd: OpenDir() is merely a wrapper around open_dir_safely().
Preparatory work.
Separate these out internal to source3/smbd/dir.c so I can
give the internal and external uses separate destructor functions
to allow all client requested directory enumeration to move to handle
based functions.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Tim Beale [Wed, 24 Jul 2019 02:17:06 +0000 (14:17 +1200)]
netcmd: Better error message for backup with no RID pool
Add a better error message (and what to do about it) if the user tries
to back up a DC that hasn't initialized its RID pool yet.
Seems to be a fairly common problem hit by users.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14048
RN: Added more informative error message if the 'samba-tool domain
backup' command fails due to no RID pool being present on the DC.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 24 07:07:01 UTC 2019 on sn-devel-184
Aaron Haslett [Mon, 15 Jul 2019 01:32:41 +0000 (13:32 +1200)]
partition: reversing partition unlocking
Unlock partition databases in the reverse order from which they were
acquired. This is separated from the previous commit for future
bisecting purposes, since the last commit was made to fix specific CI
failures, while this one is a speculative fix made based on code
inspection.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Aaron Haslett [Thu, 11 Jul 2019 05:12:06 +0000 (17:12 +1200)]
partition: correcting lock ordering
A schema reading bug was traced to a lock ordering issue in partition.c.
This patch fixes the problem by:
1. Releasing locks/transactions in the order they were acquired.
2. Always lock/start_trans on metadata.tdb first, before any other
databases, and release it last, after all others. This is so that we are
never exposed to MDB's lock semantics, which we don't support.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Fri, 5 Jul 2019 11:34:25 +0000 (11:34 +0000)]
s4/source4/common: clang: Fix 'Dereference of undefined pointer value'
Fixes:
source4/dsdb/common/util.c:3131:6: warning: Dereference of undefined pointer value <--[clang]
if (res->count < 1) {
^
/source4/dsdb/common/util.c:3207:6: warning: Dereference of undefined pointer value <--[clang]
if (res->count < 1) {
^~~~~~~~~~
source4/dsdb/common/util.c:4004:39: warning: Dereference of undefined pointer value <--[clang]
(*wkguid_dn) = talloc_steal(mem_ctx, res->msgs[0]->dn);
^
source4/dsdb/common/util.c:4191:35: warning: Dereference of undefined pointer value <--[clang]
ouv_value = ldb_msg_find_ldb_val(r->msgs[0], "replUpToDateVector");
source4/dsdb/common/util.c:5757:13: warning: 1st function call argument is an uninitialized value <--[clang]
same_nc = (ldb_dn_compare(source_nc, target_nc) == 0);
^
This fix also fixes the associated 'Access to field 'xyx' results in a
dereference of a null pointer' warnings that also will happen when this
is fixed
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Wed Jul 24 05:49:14 UTC 2019 on sn-devel-184
Noel Power [Fri, 5 Jul 2019 11:16:45 +0000 (11:16 +0000)]
s4/dsdb/common: clang: Fix 'Value stored to 'cps_stdin' is never read'
Fixes:
source4/dsdb/common/util.c:2125:4: warning: Value stored to 'cps_stdin' is never read <--[clang]
cps_stdin = -1;
^ ~~
source4/dsdb/common/util.c:2132:3: warning: Value stored to 'cps_stdin' is never read <--[clang]
cps_stdin = -1;
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Fri, 5 Jul 2019 11:07:07 +0000 (11:07 +0000)]
s4/dsdb/common: clang: Fix 'Access results in a deref of a null pointer'
Fixes:
source4/dsdb/common/util.c:2000:6: warning: Access to field 'count' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
if (res->count != 1) {
^~~
source4/dsdb/common/util.c:3281:28: warning: Access to field 'msgs' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
el = ldb_msg_find_element(res->msgs[0], attr);
^~~
source4/dsdb/common/util.c:3568:6: warning: Access to field 'count' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
if (res->count != 1 || ret != LDB_SUCCESS) {
^~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Fri, 5 Jul 2019 11:04:10 +0000 (11:04 +0000)]
s4/dsdb/common: clang: Fix 'The left operand of '&' is a garbage value'
Fixes:
source4/dsdb/common/util.c:1964:18: warning: The left operand of '&' is a garbage value <--[clang]
return (options & DS_NTDSDSA_OPT_IS_GC) != 0;
~~~~~~~ ^
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Fri, 5 Jul 2019 10:42:54 +0000 (10:42 +0000)]
s4/dsdb/common: clang: Fix 'function call argument is an uninitialized value'
Fixes:
source4/dsdb/common/util.c:1804:8: warning: 3rd function call argument is an uninitialized value <--[clang]
ret = samdb_reference_dn(ldb, mem_ctx, server_ref_dn, "rIDSetReferences", dn);
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Fri, 5 Jul 2019 10:41:19 +0000 (10:41 +0000)]
s4/auth/kerberos: clang: Fix Value stored to 'code' is never read
Fixes:
source4/auth/kerberos/kerberos_util.c:645:3: warning: Value stored to 'code' is never read <--[clang]
code = 0;
^ ~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Fri, 5 Jul 2019 10:24:53 +0000 (10:24 +0000)]
s4/auth/kerberos: clang: Fix 'value stored to 'ret' is never read '
Fixes:
source4/auth/kerberos/kerberos_pac.c:116:2: warning: Value stored to 'ret' is never read <--[clang]
ret = smb_krb5_make_pac_checksum(mem_ctx,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Tim Beale [Tue, 23 Jul 2019 23:00:01 +0000 (11:00 +1200)]
join: Use a specific attribute order for the DsAddEntry nTDSDSA object
Joining a Windows domain can throw an error if the HasMasterNCs
attribute occurs before msDS-HasMasterNCs. This patch changes the
attribute order so that msDS-HasMasterNCs is always first.
Previously on python2, the dictionary hash order was arbitrary but
constant. By luck, msDS-HasMasterNCs was always before HasMasterNCs, so
we never noticed any problem. With python3, the dictionary hash order
now changes everytime you run the command, so the order is
unpredictable.
To enforce a order, we can change to use an OrderedDict, which will
return the keys in the order they're added.
I've asked Microsoft to clarify the protocol requirement here WRT
attribute order. However, in the meantime we may as well fix the problem
for users.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14046
RN: When trying to join a Windows domain (with functional level 2008R2)
as an AD domain controller, the 'samba-tool domain join' command could
throw a python exception: 'RuntimeError ("DsAddEntry failed")'. When
this problem occurred, you would also see the message "DsAddEntry failed
with status WERR_ACCESS_DENIED info (8363, 'WERR_DS_NO_CROSSREF_FOR_NC')"
in the command output. This issue has now been resolved. Note that this
problem would only occur on Samba v4.10 when using the Python3 packages.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 24 04:18:21 UTC 2019 on sn-devel-184
Tim Beale [Wed, 19 Jun 2019 21:20:09 +0000 (09:20 +1200)]
traffic_replay: Avoid DB full scans in LDAP searches
When generating LDAP search traffic, a full DB scan can be very costly.
Avoiding full-scan LDAP searches means that we can run traffic_replay
against a 100K user DB and get some sane results.
Because the traffic_learner doesn't record the LDAP search filter at all,
the traffic_replay LDAP searches default to being full scans.
Doing full scans meant that the LDAP search was usually the first packet
type to exceed the max latency and fail the test. It could also skew
results for the other packet types by creating big demands on memory/CPU/
DB-lock-time.
It's hard to know for sure exactly what real-world LDAP searches will
look like, but let's assume full scan searches will be fairly rare.
In traffic-model files we've collected previously, some of the
attributes are fairly unique (e.g. pKIExtendedKeyUsage), and as there
are some LDAP queries specified in MS specs (such as MS-GPOL and
MS-WCCE), it allows us to infer what the search filter might be.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Thu, 18 Jul 2019 03:29:26 +0000 (15:29 +1200)]
traffic replay test: Populate total_converations and instance_id
Ensure that the total_conversations and instance_id attributes are
assigned a value in the replay contexts passed to test cases.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Thu, 18 Jul 2019 01:39:20 +0000 (13:39 +1200)]
traffic replay: Store the instance id in the replay context
Store the traffic runner instance id in the replay context. Will be
used in subsequent commits.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Thu, 13 Jun 2019 04:18:27 +0000 (16:18 +1200)]
traffic_replay: Make use of SCOPE_BASE explicit
i.e. avoid hard-coded numbers.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Thu, 13 Jun 2019 04:04:46 +0000 (16:04 +1200)]
traffic_replay: Store total conversations on the replay context
This is useful info to know, and will be used in subsequent commits.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 18 Jul 2019 18:16:33 +0000 (11:16 -0700)]
nfs4_acls: Use fsp stat buffer in smb_fget_nt_acl_nfs4
Instead of having a local buffer for the stat data, update the one kept
in the fsp. With this change the local stat buffer and the helper
function smbacl4_fGetFileOwner are no longer needed and can be removed.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Tue Jul 23 19:45:05 UTC 2019 on sn-devel-184
Christof Schmitt [Thu, 18 Jul 2019 17:59:14 +0000 (10:59 -0700)]
WHATSNEW: Document change of default for nfs4:acedup parameter
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Thu, 18 Jul 2019 17:22:28 +0000 (10:22 -0700)]
docs: Update vfs_gpfs manpage for the new default of nfs4:acedup
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Thu, 18 Jul 2019 17:13:48 +0000 (10:13 -0700)]
nfs4_acls: Change default of nfs4:acedup to "merge"
All tutorials i could find that configure Samba with NFSv4 ACLs set this
parameter to "merge". As this seems to be the main usecase, make this
setting the default.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Wed, 17 Jul 2019 17:46:45 +0000 (10:46 -0700)]
docs: Update manpages for deprecated nfs4:acedup settings
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Wed, 17 Jul 2019 17:51:18 +0000 (10:51 -0700)]
nfs4_acls: Mark nfs4:acedup ignore and reject as deprecated
The default setting for nfs4:acedup is "dontcare". The only
recommendation i could find is setting this to "merge". The setting of
"ignore" is dangerous as it would silently drop ACEs. "reject" also
seems less useful as it would disallow setting of ACLs that can easily
be stored.
Report "ignore" and "reject" as deprecated. Maybe these can be removed
in the future to simplify the code.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Wed, 19 Jun 2019 20:56:57 +0000 (13:56 -0700)]
docs: Update nfs4:mode example for vfs_zfs
nfs4:mode special has been deprecated. Switch the example to "simple" to
avoid the deprecated setting in the example.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Thu, 18 Jul 2019 19:06:06 +0000 (12:06 -0700)]
nfs4_acls: Update copyright header
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Wed, 19 Jun 2019 20:53:54 +0000 (13:53 -0700)]
nfs4_acls: Add warning for deprecated setting nfs4:mode special
The documentation states this has been deprecated for years. Add logging
a warning when this is set. Maybe this can be removed in the future.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Tue, 9 Jul 2019 21:41:01 +0000 (14:41 -0700)]
nfs4_acls: Use C99 initializer instead of ZERO_STRUCTP for params struct
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Wed, 19 Jun 2019 20:42:19 +0000 (13:42 -0700)]
nfs4_acls: Change type of smbacl4_substitute_simple to void
The function always returned true and the return code was never checked,
so simply change to void.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Wed, 19 Jun 2019 18:14:20 +0000 (11:14 -0700)]
nfs4_acls: Remove unused SMB_ACLTYPE_ defines
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Tue, 9 Jul 2019 20:39:55 +0000 (13:39 -0700)]
vfs_gpfs: Implement special case for denying owner access to ACL
In GPFS, it is not possible to deny ACL or attribute access through a
SPECIAL_OWNER entry. The best that can be done is mapping this to a
named user entry, as this one can at least be stored in an ACL. The same
cannot be done for inheriting SPECIAL_OWNER entries, as these represent
CREATOR OWNER entries, and the limitation of not being able to deny
owner access to ACL or attributes remains.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Tue, 9 Jul 2019 20:08:35 +0000 (13:08 -0700)]
vfs_gpfs: Move mapping from generic NFSv ACL to GPFS ACL to separate function
This is not functional change. It cleans up the code a bit and makes
expanding this codepath in a later patch easier.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Christof Schmitt [Wed, 10 Jul 2019 18:06:19 +0000 (11:06 -0700)]
docs: Remove gpfs:merge_writeappend from vfs_gpfs manpage
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>