pidl/ndr/python: avoid memory errors in getsetters

This:

   $ python3 -c'from samba.dcerpc import lsa; x = lsa.EnumAccounts(); x.in_handle'

should not raise a MemoryError, which is very unfriendly given that
'x.in_handle' is just named, not called, as far as the user is
concerned. Returning None is the proper thing.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Aug  6 18:17:11 UTC 2019 on sn-devel-184

s4/messaging/py: don't DECREF borrowed references

This made Message.deregister() a decref machine, with talloc crashes
and segfaults available thus:

    from samba import messaging
    m = messaging.Messaging()
    for i in range(20):
        m.deregister(m)

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>

ldb_dn: free dn components on explode failure

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>

s3:smbd: Fix sync dosmode fallback in async dosmode codepath

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14070
RN: Fix sync dosmode fallback in async dosmode codepath

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Aug  6 15:40:18 UTC 2019 on sn-devel-184

s3:smbd: Incomplete conversion of former parametric options

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14069
RN: Incomplete conversion of former parametric options

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

ctdb: fix compilation on systems with glibc robust mutexes

On older systems like SLES 11 without POSIX robust mutexes, but with glib robust
mutexes where all the functions are available but have a "_np" suffix,
compilation fails in:

ctdb/tests/src/test_mutex_raw.c.239.o: In function `worker':
/root/samba-4.10.6/bin/default/../../ctdb/tests/src/test_mutex_raw.c:129: undefined reference to `pthread_mutex_consistent'
ctdb/tests/src/test_mutex_raw.c.239.o: In function `main':
/root/samba-4.10.6/bin/default/../../ctdb/tests/src/test_mutex_raw.c:285: undefined reference to `pthread_mutex_consistent'
/root/samba-4.10.6/bin/default/../../ctdb/tests/src/test_mutex_raw.c:332: undefined reference to `pthread_mutexattr_setrobust'
/root/samba-4.10.6/bin/default/../../ctdb/tests/src/test_mutex_raw.c:363: undefined reference to `pthread_mutex_consistent'
collect2: ld returned 1 exit status

This could be fixed by using libreplace system/threads.h instead of pthreads.h
directly, but as there has been a desire to keep test_mutex_raw.c standalone and
compilable without other external depenencies then libc and libpthread, make the
tool developer build only. This should get the average user over the cliff.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14038
RN: Fix compiling ctdb on older systems lacking POSIX robust mutexes

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

s3: smbd: fix a comment in fd_close()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3: smbd: inline dptr_close_internal()

There's now only one caller left.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3: smbd: simplify dptr_CloseDir()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3: smbd: remove redundant smb_dname arg from dptr_create()

Now that dptr_create() is handle based, we can simply used the fsp name.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3: smbd: Remove call to dptr_closecnum() on connection shutdown.

Now all client enumerations use fsp file handles we will
aleady close them in file_close_conn() above.

The only user of dptr_closecnum() is for the strange old OS/2
semantics, so I can't get rid of it until SMB1 is removed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_close().

No longer used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_close() from dptr_closecnum().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_close() from reply_findclose().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_close() from call_trans2findnext().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_close() from call_trans2findfirst().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_close() from reply_fclose().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_close() from reply_search().

Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_fsp(). No longer used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Replace dptr_fsp() with dptr_fetch_lanman2_fsp() in reply_findclose().

Now we have no users of dptr_fsp() left.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_fetch_lanman2() - unused.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Convert call_trans2findnext() to use dptr_fetch_lanman2_fsp().

dptr_fetch_lanman2() is now no longer used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add dptr_fetch_lanman2_fsp() - to replace dptr_fetch_lanman2().

Not yet used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove dptr_fetch() - replace internals with dptr_fetch_fsp().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Replace dptr_fetch() with dptr_fetch_fsp() in reply_search().

We now no longer use dptr_fetch().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Replace dptr_fetch() with dptr_fetch_fsp() in reply_fclose().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add dptr_fetch_fsp() for SMB1 code. We will use this to replace dptr_fetch().

Not yet used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove now unused dptr_activecnum().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: All directory enumeration is now via file handles - remove unneeded code in idle connections.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Remove now unused dptr_closepath().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Now we properly open file handles for directory enumerations, we don't need this code in SMB1rmdir.

The share mode exclusion will prevent deletion of open directory
enumeration handles.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Now we are always using fsp handle-based client searches, simplify smb_Dir_destructor().

We know we always have a dir_hnd->dir and dir_hnd->fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Now we're using OpenDir_fsp() all the time, make sure we don't leak file handles.

We must always set dir_hnd->fsp, even in the fallback to
SMB_VFS_OPENDIR() case. Remember if we had to fall back
and fix the destructor to close the additional file
descriptor if we did.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Now we always use handle for directory enumeration, we can delete the fallback code.

The code inside open_dir_safely() is root safe
and can replace the deleted open_dir_with_privilege()
fallback code.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Convert SMB1 reply_search() to use handle-based directory enumeration.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Convert SMB1 call_trans2findfirst() to use handle-based directory enumeration.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Prepare for SMB1 directory handle opens in call_trans2findnext()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Prepare for SMB1 directory handle opens in call_trans2findfirst()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Prepare for SMB1 directory handle opens in reply_findclose()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Prepare for SMB1 directory handle opens in reply_fclose()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Prepare for SMB1 directory handle opens in reply_search()

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Prepare for SMB1 directory handle opens in dptr_closecnum().

Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Change dptr_closecnum() to use dptr_close() instead of dptr_close_internal().

This will allow us to close any outstanding handles on
an SMB1 connection as later commits move us to using directory
handles instead of pathname directory opens.

This is inefficient, as it means walking the list twice,
but this will only be called with active dptrs in the
OS/2 -1 case, in the connection shutdown case the
directory handles will already have been closed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Make dptr_close() safe to call with an fsp handle stored in dptr->dir_hnd.

SMB1 doesn't currently do this, but subsequent changes will add handle based
calls to SMB1 so dptr_close() has to be able to cleanly remove any back pointers.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add dptr_fsp() to return any stored files_struct pointer.

Will allow [find/search]_next() calls to find and close any associated
fsp. This function is temporary and will eventually go away once I
modify dptr_fetch() to return an fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Move the strange OS/2 directory key == -1 close semantics to the caller.

This will allow us to change dptr_closecnum() to close outstanding fsp
handles for SMB1 later.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: dptr_close() can only be called from SMB1 code.

SMB_ASSERT this is the case.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

doc: improve vfs objects parameter description

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue Aug  6 13:40:21 UTC 2019 on sn-devel-184

wafsamba: change --picky-developer into --disable-warnings-as-errors

By default we're using -Werror now if --enable-developer is
specified.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Aug  6 07:50:14 UTC 2019 on sn-devel-184

script/autobuild.py: remove explicit --picky-developer"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

ldb: skip indexes on full_search

Use iterate_range kv op to skip the index section of the database when
running a full search. Quick local testing showed 18% improved throughput
on a full search with no results on a 50k database. With more results,
improvement is smaller but still noticeable.

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug  2 02:29:42 UTC 2019 on sn-devel-184

tests/dcerpc/raw_protocol: Add more tests for DCERPC_AUTH_LEVEL_PACKET

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Aug  1 16:59:02 UTC 2019 on sn-devel-184

tests/dcerpc/raw_protocol: split test_spnego_integrity_request into 2 parts

This can be a generic test that can be used for more auth_levels.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

tests/dcerpc/raw_protocol: split test_spnego_connect_request() into 2 parts

This can be a generic test that can be used for more auth_levels.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

smbd: Fix use-after-free from exit_server_common()

We need to keep the smbXsrv_connection structures around until all
pending requests have had their chance to clean up behind them. If you
look at srv_send_smb(), it's exactly prepared already to just drop
anything on the floor when the transport has been declared dead:

if (!NT_STATUS_IS_OK(xconn->transport.status)) {
/*
 * we're not supposed to do any io
 */
return true;
}

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14064

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug  1 15:39:13 UTC 2019 on sn-devel-184

s3:torture: Fix the FreeBSD build

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

libcli/smb: send SMB2_NETNAME_NEGOTIATE_CONTEXT_ID

Note: Unlike the current documentation, the utf16 string
is not null-terminated, that matches Windows Server 1903
as a client.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14055
RN: Add the target server name of SMB 3.1.1 connections
as a hint to load balancers or servers with "multi-tenancy"
support.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>

libcli/smb: add new COMPRESSION and NETNAME negotiate context ids

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14055

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>

vfs:glusterfs_fuse: build only if we have setmntent()

FreeBSD and other platforms that don't have setmntent() and friends can
not compile this module. This patch lets changes the build to only
compile this module if the setmntent() function is found.

This is the a follow-up fix to the actual fix for bug #13972.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13972

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Aug  1 09:49:04 UTC 2019 on sn-devel-184

tests/ldap: Use TLDAP to check the extended DN return

Tests commit 9f6b87d3f6cc9930d75c1f8d38ad4f5a37da34ab

To run: make test TESTS="samba3.smbtorture_s3.plain.TLDAP"

Reverting the above commit makes this test fail:

'GUID format in control (no hyphens) doesn't match output
tldap_search with extended dn (no val) failed: LDAP error 0 (TLDAP_SUCCESS),
TEST TLDAP FAILED!'

This behaviour couldn't be tested via LDB libraries because they never
deal with the underlying DN string.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug  1 06:20:28 UTC 2019 on sn-devel-184

tests/tldap: Actually check the paging return code

The test never worked correctly because the code was overlooked. It was
also the case that the connection was never authenticated, and so an
LDAP BIND call has now been added.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029

tldap: Paged searches fail when they get to the end

The normal case hit the goto label, and should have just returned.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029

tldap: Make memcpy of no controls safe

Static analyzers sometimes complain about this case.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029

dsdb: Quiet CID 1452117 1452119 1452114 (STRAY_SEMICOLON)

Try to make clear what is being done here, we are trying to count the partitions so that
we can then walk them in reverse.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

CID 1452121: dsdb/mod/partition: protect whole function with NULL check

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 31 04:08:48 UTC 2019 on sn-devel-184

CID 1452109: dsdb/util: do not check for NULL after deref

This is all strictly unnecessary, as ret is always != LDB_SUCCESS when
res is NULL, but we want to make peace between clang and converity.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/drs_no_dns: Check dbcheck and ldapcmp pass

When joining a DC without DNS partitions, make sure that the alternate
flow of creating them afterwards results in a database with everything
that is necessary.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051
RN: Allow a DC join without DNS partitions, to add them later

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests: Add samba_upgradedns to the list of possible cmds

This will be used to test the replication scenario with no DNS partitions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

netcmd: Allow drs replicate --local to create partitions

Currently, neither the offline (--local) or online (normal replica sync)
methods allow partition creation post-join. This overrides the Python
default to not create the DB, which allows TDB + MDB to work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

smbd: Fix retry for kernel-oplocked files

This now removed comment describes the bug correctly:
/*
 * As this timer event is owned by req, it will
 * disappear if req it talloc_freed.
 */

In smb1, "req" disappears once the reply_whatever routine is done. Thus
the timer goes away and we never look at "req" again.

This change moves the valid data (xconn and mid) to
deferred_open_record, and changes the talloc hierarchy such that the
timer is now a child of open_rec, which is a child of the deferred
message.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 31 00:12:34 UTC 2019 on sn-devel-184

smbd: Always open files with O_NONBLOCK

It's perfectly possible that someone else takes a kernel oplock and
makes us block, independent of our own kernel oplock setting.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

torture3: Add oplock5 kernel-oplock test

Show that the current smb1 server does not properly retry a nonblocking
open of a kernel-oplocked file

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14060
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb-scripts: Simplify 01.reclock.script

The "init" event is only run once so don't bother caching the
configured value of the recovery lock.  Add some extra error checking.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Jul 26 04:52:04 UTC 2019 on sn-devel-184

ctdb-scripts: Drop monitoring of recovery lock

The fcntl helper now does a more meaningful check.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Add some 01.reclock.script init event tests

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Fix 01.reclock.script tests for non-default lock

These tests currently do not do what is expected.  They test the
default case.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Add tests for cluster mutex lost handling

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-mutex: Add support for exiting if the lock file disappears

If the lock file is inaccessible or the inode number changes then the
lock is lost, so exit.  This allows the recovery daemon to trigger an
election.  The ensuing recovery will re-take the lock.

By default the lock file is checked every 60 seconds.  A lot can
happen in 60 seconds but being more aggressive and accessing the lock
too often could result in a performance issue for the cluster
filesystem.

An new optional 2nd argument is added, which is the lock file re-check
time in seconds.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-mutex: Add an intermediate asynchronous computation for waiting

This will allow more conditions to be waited on via additional
sub-requests.  At the moment this just completes when the parent wait
completes.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-mutex: Change parent checking to use an asynchronous computation

Put the checking for the process being immediately re-parented into
the computation too.  This will be very rare and doing it
consistently makes testing saner.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-mutex: Exit immediately if the lock isn't taken

There is no need to wait until the parent kills the helper.  The
parent will get the initial response, indicating contention or
similar, and will then get a separate event indicating that the pipe
is gone.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Add test to confirm need for cluster mutex lock file rechecking

Remove the lock and a second locker can take the it.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Add cluster mutex tests

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-mutex: Drop dependency on ctdb_set_helper

This makes the code more explicit and makes testing easier due to less
dependencies.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-mutex: Drop unneeded assignment

clang warns:

  ctdb/server/ctdb_mutex_fcntl_helper.c:61:3: warning: Value stored to 'fd' is never read

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-mutex: Update to use modern debug macro

One of these had a missing space, so this implicitly fixes it.  It
also drops the need to unnecessarily include common.h, which comes
with some dependency baggage.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Set LANG=C for consistency of command output

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-recoverd: Periodically log recovery master of incomplete cluster

Only do this if the recovery lock is unset.  Log every minute for the
first 10 minutes, then every 10 minutes, then every hour.

This is useful for determining whether a split brain occurred.  It is
particularly useful if logging failed or was throttled at startup, so
there is no evidence of the split brain when it began.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-recoverd: Log the master at the end of elections

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Add tests for empty values in config file

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-common: Fix empty value handling in conf

In tini, allow_empty_value=false causes the parser to ignore the lines
without '=' sign, but lines with nothing after '=' sign are allowed and
cause empty string ("") to be passed as a value.

This is counter-intuitive, so conf requires special handling for empty
values (which are treated as invalid).

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

ctdb-tests: Use required_error instead of required_result

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

s3:rpc_server: Only dump passwords in developer builds

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 26 03:05:01 UTC 2019 on sn-devel-184

netlogon: Fix potential use of uninitialized variable

The _netr_NetrEnumerateTrustedDomains()->dcerpc_lsa_open_policy2() error
path checks the policy handle and closes it if non-empty. The policy
handle may be uninitialized in this code-path - fix this.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:rpc_server: Use a stackframe for temporary memory

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:utils: Use a stackframe for temporary memory

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:rpcclient: Use a stackframe for temporary memory

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:lib: Use the passed mem_ctx instead of talloc_tos()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

lib:crypto: Don't build RC4 if we have GnuTLS >= 3.4.7

We have a GnuTLS DCEPRC backupkey implementation for the server and the
test. However this is only working with GnuTLS >= 3.4.7. So we need to
keep this around till we can require at least GnuTLS in a newer version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

lib:crypto: Remove arcfour.h from crypto.h

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>