Andrew Bartlett [Thu, 22 Mar 2018 00:15:34 +0000 (13:15 +1300)]
selftest: Align cleanup of tmpkpasswdscript with scripts that use it
Some scripts removed it without creating it and the others created it
and did not remove it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andreas Schneider [Wed, 21 Mar 2018 19:25:09 +0000 (20:25 +0100)]
s3:lib: Fix probably a copy&paste error in namemap_cache_set_sid2name()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13350
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 23 01:59:08 CET 2018 on sn-devel-144
Ralph Boehme [Thu, 22 Mar 2018 07:03:58 +0000 (08:03 +0100)]
s3: smbd: always set vuid in check_user_ok()
A SMB session reauth will have invalidated conn->vuid via
conn_clear_vuid_caches().
Ensure conn->vuid always has the vuid of the current user in
check_user_ok().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13351
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Mar 22 18:26:04 CET 2018 on sn-devel-144
Jamie McClymont [Thu, 25 Jan 2018 04:23:06 +0000 (17:23 +1300)]
selftest: consistently produce high-res UTC time
Currently some subunit reporters throughout the codebase provide low-res time,
meaning timestamps jump back and forth in the subunit file. Also, some subunit
reporters produce UTC timestamps while others produce local time. UTC was chosen
as the standard for this commit since all of the timestamps end with a Z (= Zulu
= UTC).
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Mar 22 13:26:44 CET 2018 on sn-devel-144
Jamie McClymont [Wed, 10 Jan 2018 00:28:13 +0000 (13:28 +1300)]
s4:selftest: explicitly set NSS/RESOLV_WAPPER_* in wait_for_start
These variables were previously set directly on the selftest process
for the purpose of making this ldbsearch call, allowing them to leak
into other environments.
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jamie McClymont [Mon, 29 Jan 2018 05:59:34 +0000 (18:59 +1300)]
selftest: Clear environment before provision
Currently, if an environment is being provisioned after a test which used
ad_member_rfc2307, the provisioning process has all of the following in its
environment:
{
'DC_NETBIOSNAME' => 'LOCALDC',
'DC_PASSWORD' => 'locDCpass1',
'DC_SERVER_IP' => '127.0.0.21',
'DC_SERVER_IPV6' => 'fd00:0000:0000:0000:0000:0000:5357:5f15',
'DC_SERVER' => 'localdc',
'DC_USERNAME' => 'Administrator',
'DOMAIN' => 'SAMBADOMAIN',
'LOCAL_PATH' => '/.../st/ad_member_rfc2307/share',
'LOCK_DIR' => '/.../st/ad_member_rfc2307/lockdir',
'NETBIOSNAME' => 'RFC2307MEMBER',
'NMBD_SOCKET_DIR' => '/.../st/ad_member_rfc2307/nmbd',
'NSS_WRAPPER_GROUP' => '/.../st/ad_member_rfc2307/private/group',
'NSS_WRAPPER_HOSTNAME' => 'rfc2307member.samba.example.com',
'NSS_WRAPPER_HOSTS' => '/.../st/hosts',
'NSS_WRAPPER_MODULE_FN_PREFIX' => 'winbind',
'NSS_WRAPPER_MODULE_SO_PATH' => '/.../bin/default/nsswitch/libnss-wrapper-winbind.so',
'NSS_WRAPPER_PASSWD' => '/.../st/ad_member_rfc2307/private/passwd',
'PASSWORD' => 'loCalMemberPass',
'REALM' => 'SAMBA.EXAMPLE.COM',
'RESOLV_WRAPPER_HOSTS' => '/.../st/dns_host_file',
'SELFTEST_WINBINDD_SOCKET_DIR' => '/.../st/ad_member_rfc2307/winbindd',
'SERVER_IP' => '127.0.0.34',
'SERVER_IPV6' => 'fd00:0000:0000:0000:0000:0000:5357:5f22',
'SERVER' => 'RFC2307MEMBER',
'USERID' => '55668',
'USERNAME' => 'jamiemcclymont',
}
Unsurprisingly, some of these can cause issues for the provisioning process, if
a reduced subset of tests is being run which causes the provision to encounter
never-before-seen pairs of adjacent environments.
For example, a run with only
TESTS='--include-env=vampire_dc --include-env=ad_member_rfc2307'
would fail to start up the vampire_dc with:
Could not find machine account in secrets database:
Failed to fetch machine account password from secrets.ldb:
Could not find entry to match filter:
'(&(flatname=SAMBADOMAIN)(objectclass=primaryDomain))' base: 'cn=Primary Domains': No such object: dsdb_search at ../source4/dsdb/common/util.c:4641
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Sun, 4 Mar 2018 09:57:22 +0000 (22:57 +1300)]
s3-libnet: move rpc_join label into HAVE_ADS block with only caller
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Sun, 4 Mar 2018 09:31:00 +0000 (22:31 +1300)]
libsmb: Use the same #ifdef for is_our_primary_domain() as the only caller
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Sat, 3 Mar 2018 10:39:24 +0000 (23:39 +1300)]
travis-ci: Use Gold linker for faster builds
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Sat, 3 Mar 2018 08:24:47 +0000 (21:24 +1300)]
travis-ci: Only un-shallow for PIDL
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Fri, 21 Jul 2017 07:54:36 +0000 (19:54 +1200)]
autobuild: Move defaulttasks to one-per-line
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Sun, 4 Mar 2018 10:51:13 +0000 (11:51 +0100)]
tdb: Fix a "increases alignment" warning
Many of those warnings are difficult to fix, but this one was easy :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 22 07:21:44 CET 2018 on sn-devel-144
Volker Lendecke [Sun, 4 Mar 2018 10:48:47 +0000 (11:48 +0100)]
tdb: Align a few integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 4 Mar 2018 10:26:37 +0000 (11:26 +0100)]
tdb: Harden allocating the tdb recovery area
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 4 Mar 2018 10:09:10 +0000 (11:09 +0100)]
tdb: Make sure the hash size fits
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 4 Mar 2018 09:46:09 +0000 (10:46 +0100)]
Harden tdb_check_used_record against overflow
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 4 Mar 2018 09:21:09 +0000 (10:21 +0100)]
tdb: Handle TDB_NEXT_LOCK_ERR in tdb_traverse_internal
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 4 Mar 2018 09:07:29 +0000 (10:07 +0100)]
tdb: Harden tdb_rec_read
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 4 Mar 2018 09:07:09 +0000 (10:07 +0100)]
tdbdump: Avoid an int cast
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 21 Mar 2018 19:56:12 +0000 (12:56 -0700)]
s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Jeremy Allison [Wed, 21 Mar 2018 19:52:49 +0000 (12:52 -0700)]
s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Jeremy Allison [Wed, 21 Mar 2018 19:40:50 +0000 (12:40 -0700)]
lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Jeremy Allison [Wed, 21 Mar 2018 19:01:05 +0000 (12:01 -0700)]
s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it.
Will allow easier smb2-specific debugging.
https://bugzilla.samba.org/show_bug.cgi?id=13347
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Andreas Schneider [Wed, 21 Mar 2018 10:26:55 +0000 (11:26 +0100)]
lib:param: Fix the size type in lp_do_parameter_parametric()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 22 01:54:08 CET 2018 on sn-devel-144
Andreas Schneider [Wed, 21 Mar 2018 10:24:45 +0000 (11:24 +0100)]
s3:lib: Fix size types in tldap_find_first_star()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 21 Mar 2018 10:19:44 +0000 (11:19 +0100)]
s3:lib: Fix size types in ms_fnmatch()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 17:01:45 +0000 (18:01 +0100)]
s3:printing: Fix size check in get_file_version()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 21 Mar 2018 07:24:06 +0000 (08:24 +0100)]
talloc: version 2.1.12
* Fix documentation typo
* Fix compilation with -Wstrict-overflow=2
* Use a library destructor instead of atexit() if available
(bug #7587)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Mar 21 18:39:33 CET 2018 on sn-devel-144
Stefan Metzmacher [Tue, 20 Mar 2018 15:48:33 +0000 (16:48 +0100)]
talloc: use a library destructor instead of atexit() if available
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7587
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Wed, 21 Mar 2018 10:55:45 +0000 (11:55 +0100)]
talloc: Fix size type and checks in _vasprintf_tc
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Mon, 19 Mar 2018 22:46:41 +0000 (15:46 -0700)]
s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13319
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Björn Baumbach [Tue, 20 Mar 2018 11:15:22 +0000 (12:15 +0100)]
samba-tool visualize: fix python2.6 incompatibility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13337
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Mar 21 09:25:51 CET 2018 on sn-devel-144
Douglas Bagnall [Fri, 9 Mar 2018 03:13:01 +0000 (16:13 +1300)]
samba-tool ldapcmp: remove duplicate takes_optiongroups attribute
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Mon, 12 Mar 2018 01:45:48 +0000 (14:45 +1300)]
samba_dnsupdate: Introduce automatic site coverage
This uses the underlying function in kcc_utils.py which already has
tests.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Garming Sam [Mon, 19 Mar 2018 03:50:36 +0000 (16:50 +1300)]
tests/samba_dnsupdate: Add a trivial test of automatic site coverage
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Garming Sam [Wed, 14 Mar 2018 03:53:13 +0000 (16:53 +1300)]
tests/kcc_util: Add unit tests for automatic site coverage
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Garming Sam [Wed, 14 Mar 2018 03:52:58 +0000 (16:52 +1300)]
kcc_utils: Use lower name in automatic sites covered
This allows easier testing, as well as some consistency in the DNS
record creation.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Garming Sam [Tue, 13 Mar 2018 01:41:23 +0000 (14:41 +1300)]
kcc_utils: Prevent multiple sites attached to a sitelink covering a site
This avoids trivial duplicates in a similar manner as mentioned in:
https://blogs.technet.microsoft.com/askds/2011/04/29/sites-sites-everywhere/
It prefers the largest sites then the earliest alphabetically, so that
only a single site ever covers an uncovered site (within a site link).
Note that this isn't applicable over multiple site links (like Windows
presumably) and is only a simple mechanism to avoid excessive
registering. DCs within the site will also still register for each.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Garming Sam [Tue, 13 Mar 2018 01:11:14 +0000 (14:11 +1300)]
kcc_utils: Keep a count of the DCs in each site
This is useful for ranking which sites are preferable within the same
site link.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Garming Sam [Tue, 13 Mar 2018 00:04:12 +0000 (13:04 +1300)]
kcc_utils: Add a routine for automatic site coverage
This allows double-coverage if two links exist with the same cost.
Administrators should only connect an DC-less site via a single site
link.
This also allows unnecessary coverage by all sites in the adjoining site
link (to be resolved in the later patches).
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Garming Sam [Mon, 12 Mar 2018 01:44:58 +0000 (14:44 +1300)]
join.py: Add missing NTSTATUSError import
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andreas Schneider [Thu, 7 Dec 2017 18:46:21 +0000 (19:46 +0100)]
s3:registry: Fix size types and length calculations
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 21 04:25:39 CET 2018 on sn-devel-144
Andreas Schneider [Thu, 7 Dec 2017 17:44:59 +0000 (18:44 +0100)]
s3:vfs_preopen: Change to a do-while loop and fix the check
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 17:24:18 +0000 (18:24 +0100)]
s3:locking: Fix integer overflow check in posix_lock_in_range()
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 14:24:59 +0000 (15:24 +0100)]
s3:nmbd: Fix possible integer overflow
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:32:36 +0000 (17:32 +0100)]
s4:dsdb: Fix integer operations
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 14:54:13 +0000 (15:54 +0100)]
lib:socket: Return early if we have only one interface
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Fri, 8 Dec 2017 09:03:00 +0000 (10:03 +0100)]
ldb: Fix size types in ldb_ldif functions
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 18:21:38 +0000 (19:21 +0100)]
s3:rpcclient: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 17:50:20 +0000 (18:50 +0100)]
s3:rpc_server: Fix size types in spoolss
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 17:48:45 +0000 (18:48 +0100)]
s3:passdb: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 19:07:08 +0000 (20:07 +0100)]
s3:modules: Fix size type in getdate
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 18:47:50 +0000 (19:47 +0100)]
s3:nmbd: Fix size type in nmbd_browsesync.c
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 18:47:04 +0000 (19:47 +0100)]
s3:utils: Fix size type in log2pcaphex
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 17:42:44 +0000 (18:42 +0100)]
s3:rpc_server: Fix size types in srvsvc
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 17:39:07 +0000 (18:39 +0100)]
s3:vfs_nettalk: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 17:27:41 +0000 (18:27 +0100)]
s3:winbindd: Fix size types in idmap_tdb_common
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:58:38 +0000 (17:58 +0100)]
s3:printing: Fix size type in printing_db
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:57:05 +0000 (17:57 +0100)]
s3:avahi: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 17:47:18 +0000 (18:47 +0100)]
s3:client: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:55:34 +0000 (17:55 +0100)]
s4:client: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:54:12 +0000 (17:54 +0100)]
s4:torture: Fix size types in nss tests
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:52:39 +0000 (17:52 +0100)]
s3:libsmb: Fix size types in nmblib
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:50:33 +0000 (17:50 +0100)]
s3:torture: Fix size types in spoolss test
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:49:00 +0000 (17:49 +0100)]
s4:torture: Fix size types in qfileinfo test
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:47:15 +0000 (17:47 +0100)]
s4:torture: Fix size types in qsinfo test
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:48:00 +0000 (17:48 +0100)]
s4:rpc_server: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:45:45 +0000 (17:45 +0100)]
s4:utils: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:03:37 +0000 (17:03 +0100)]
s3:param: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:01:39 +0000 (17:01 +0100)]
libcli:smb: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:43:58 +0000 (17:43 +0100)]
s4:cldap_server: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:43:08 +0000 (17:43 +0100)]
s4:ldap_server: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:42:02 +0000 (17:42 +0100)]
s4:rpc_server: Fix size types in dcerpc dnsserver
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:40:00 +0000 (17:40 +0100)]
s4:dns_server: Fix size types
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:38:21 +0000 (17:38 +0100)]
s3:libads: Fix size types in kerberos functions
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 16:35:11 +0000 (17:35 +0100)]
s4:ntvfs: Fix size type in pvfs functions
This fixes compilation with -Wstrict-overflow=2
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 7 Dec 2017 19:26:40 +0000 (20:26 +0100)]
heimdal: Fix size types
This fixes compilation with -Wstrict-overflow=2
Upstream pull request:
https://github.com/heimdal/heimdal/pull/354
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Swen Schillig [Tue, 6 Mar 2018 09:35:32 +0000 (10:35 +0100)]
s3: Fix possible mem leak
The call to full_path_tos() might allocate memory which needs to be free'd
once processign is done.
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Thu, 15 Mar 2018 16:46:39 +0000 (16:46 +0000)]
lib:replace: Fix linking when libtirpc-devel overwrites system headers
Some systems (like SUSE currently) install the new tirpc headers by
overwritting the existing system location used by gcc. This patch will
detect if the headers in the system location belong to tirpc or not.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13341
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Mar 20 16:07:05 CET 2018 on sn-devel-144
Stefan Metzmacher [Thu, 25 Jan 2018 10:23:12 +0000 (11:23 +0100)]
pdb_samba_dsdb: make use of dom_sid_is_valid_account_domain()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Mar 20 01:29:40 CET 2018 on sn-devel-144
Stefan Metzmacher [Thu, 25 Jan 2018 10:23:12 +0000 (11:23 +0100)]
s4:rpc_server/lsa: make use of dom_sid_is_valid_account_domain()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 25 Jan 2018 08:50:17 +0000 (09:50 +0100)]
libcli/security: add dom_sid_is_valid_account_domain()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 3 Feb 2011 01:23:21 +0000 (02:23 +0100)]
s3:libsmb/samlogon_cache: zero session keys before storing the info3 structure
The samlogon_cache is only used to get group memberships of the account
without asking the dc.
But for authentication we always ask the dc.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 17:40:58 +0000 (18:40 +0100)]
s4:kdc: make sure we expand group memberships of the local domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 17:40:58 +0000 (18:40 +0100)]
s4:kdc: pass krbtgt and server to samba_kdc_update_pac_blob()
This will be used for SID expanding and filtering.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 10:44:21 +0000 (11:44 +0100)]
s4:kdc: remember is_krbtgt, is_rodc and is_trust samba_kdc_entry
This can later be used for sid filtering and similar things.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 2 Feb 2018 11:37:51 +0000 (12:37 +0100)]
s4:auth_winbind: make sure we expand group memberships of the local domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Tue, 9 Jan 2018 08:23:26 +0000 (09:23 +0100)]
s4:auth_winbind: only call authsam_logon_success_accounting() for local users
There's no need to do a crack_name_to_nt4_name(), as the authentication
already provides the nt4 domain and account names.
This should only happen on an RODC, that we use the winbind auth module
for local users. So we should make sure we only try to reset
the badPwdCount for users of our own domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 22:12:36 +0000 (23:12 +0100)]
s4:auth: add authsam_update_user_info_dc() that implements SID expanding for the local domain
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Fri, 2 Feb 2018 03:08:47 +0000 (04:08 +0100)]
s4:auth: split out a authsam_domain_group_filter() function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 16:46:55 +0000 (17:46 +0100)]
s4:selftest: run samba4.blackbox.trust_token against fl2003dc and fl2008r2dc
This fails currently as we don't expand groups on the trust boundary.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 16:46:55 +0000 (17:46 +0100)]
testprogs/blackbox: add test_trust_token.sh
This demonstrates, which SID we expect in a token of
an user of a trusted domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 16:05:49 +0000 (17:05 +0100)]
selftest/Samba4: create add ${TRUST_DOMSID}-513 to a local group
This will allow testing expanding groups on the trust boundary.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 16:04:00 +0000 (17:04 +0100)]
samba-tool: allow sid strings for 'group {add,remove}members'
This makes it possible to add foreign SIDS as group members.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 13:56:27 +0000 (14:56 +0100)]
selftest: generate a ramdon domain sid during provision and export as SAMSID/[TRUST_]DOMSID
This will be useful for future tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Mon, 26 Feb 2018 13:19:39 +0000 (14:19 +0100)]
selftest/Samba4: use DOMAIN/REALM from the dcvars instead of using hardcoded values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 28 Feb 2018 09:48:59 +0000 (10:48 +0100)]
dsdb:repl_meta_data: improve error message in get_parsed_dns()
We may have a dn in '<SID=...>' form and ldb_dn_get_linearized()
just gives in empty string.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Wed, 31 Jan 2018 17:00:24 +0000 (18:00 +0100)]
dsdb:extended_dn_store: add support for FPO (foreignSecurityPrincipal) enabled attributes
This implements the handling for FPO-enabled attributes, see
[MS-ADTS] 3.1.1.5.2.3 Special Classes and Attributes:
FPO-enabled attributes: member, msDS-MembersForAzRole,
msDS-NeverRevealGroup, msDS-NonMembers, msDS-RevealOnDemandGroup,
msDS-ServiceAccount.
Note there's no msDS-ServiceAccount in any schema (only
msDS-HostServiceAccount and that's not an FPO-enabled attribute
at least not in W2008R2)
msDS-NonMembers always generates NOT_SUPPORTED against W2008R2.
See also [MS-SAMR] 3.1.1.8.9 member.
We now create foreignSeurityPrincipal objects on the fly (as needed).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Sat, 24 Feb 2018 23:10:12 +0000 (00:10 +0100)]
tests/dsdb.py: test creation of foreignSecurityPrincipal via 'attr: <SID=...>'
[MS-ADTS] 3.1.1.5.2.3 Special Classes and Attributes claims:
FPO-enabled attributes:
member, msDS-MembersForAzRole, msDS-NeverRevealGroup,
msDS-NonMembers, msDS-RevealOnDemandGroup, msDS-ServiceAccount.
'msDS-NonMembers' always generates NOT_SUPPORTED.
'msDS-ServiceAccount' is not defined in any schema
(only msDS-HostServiceAccount).
'msDS-HostServiceAccount' is not an FPO-enabled attribute
and behaves as the 'manager' attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 22 Feb 2018 21:51:46 +0000 (22:51 +0100)]
dsdb:samldb: require as_system or provision control to create foreignSecurityPrincipal objects
Windows rejects creating foreignSecurityPrincipal objects directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13300
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
git.samba.org / kai / samba-autobuild / .git / log