Douglas Bagnall [Mon, 7 Mar 2016 21:23:09 +0000 (10:23 +1300)]
configure: set HAVE___ATTRIBUTE__ for heimdal
Without this, heimdal ends up defining __attribute__ away, causing
gcc-6 compile errors with -Werror=return-type because it can't tell
when functions have __attribute__((noreturn)).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar 9 13:52:26 CET 2016 on sn-devel-144
Douglas Bagnall [Wed, 2 Mar 2016 04:15:50 +0000 (17:15 +1300)]
torture_ldap_sort: avoid segfault
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Douglas Bagnall [Tue, 8 Mar 2016 01:43:40 +0000 (14:43 +1300)]
ldb sort: allow sorting on attributes not returned in search
The attribute is added to the search request, then peeled off again
before the sort module passes the results on.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Douglas Bagnall [Tue, 8 Mar 2016 22:25:36 +0000 (11:25 +1300)]
Add python server sort tests
The tests are repeated twice: once properly with complex Unicode
strings, and again in a simplified ASCII subset. We only expect Samba
to pass the simplified version. The hard tests are aspirational and
show what Active Directory does.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Douglas Bagnall [Fri, 29 Jan 2016 04:47:45 +0000 (17:47 +1300)]
ldb_controls: add base64 option to VLV
The Samba control syntax limits the range of valid search terms for
VLV's gt_eq mode. To get around that, we allow base64 encoded strings
using the syntax 'base64>=Zm9vCg==' rather than '>=foo'.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Douglas Bagnall [Sun, 10 Jan 2016 22:36:07 +0000 (11:36 +1300)]
asn1: make readContextSimple() add a NUL byte
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Douglas Bagnall [Tue, 26 Jan 2016 00:33:15 +0000 (13:33 +1300)]
ldb controls: use uint8_t* for contextID binary blob
It is never a readable string.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Garming Sam [Fri, 4 Mar 2016 01:46:46 +0000 (14:46 +1300)]
ldap VLV: correct ASN1 parsing of VLV requests
As with the encoding, the ASN1_CONTEXT tag isn't followed by an
ASN1_SEQUENCE, though you wouldn't think that from reading the
specification.
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 29 Dec 2015 23:07:35 +0000 (12:07 +1300)]
ASN1: use a talloc context in read_contextSimple
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Garming Sam [Wed, 16 Dec 2015 21:33:54 +0000 (10:33 +1300)]
ldap: fix search control rule identifiers ASN.1 type
Wireshark and Windows both expect matching rule identifiers to be
given the ContextSimple type identifier instead of the Octet String.
As far as we can tell this is not formally specified anywhere.
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 23 Dec 2015 04:34:15 +0000 (17:34 +1300)]
vlv: better syntax for parsing greater than or equal strings
This makes the gt_eq case different from the indexed case in the eyes
of sscanf().
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Douglas Bagnall [Tue, 22 Dec 2015 04:10:14 +0000 (17:10 +1300)]
ldap VLV: memdup, not strdup VLV context_id
The context ID is not a text string, it is an opaque binary field.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Garming Sam [Tue, 22 Dec 2015 04:07:38 +0000 (17:07 +1300)]
ldap VLV: use correct ASN.1 encoding for requests
The search reference points (either an integer index or a string
for comparison) are supposed to use ASN1_CONTEXT or ASN1_CONTEXT_SIMPLE
(respectively) ASN.1 types. We were using these types, but we also put
extra ones in too, which nobody else likes.
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 22 Dec 2015 03:34:53 +0000 (16:34 +1300)]
ldb controls: better error string for VLV control
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Garming Sam [Tue, 26 Jan 2016 00:07:48 +0000 (13:07 +1300)]
ldb controls: base64 encode VLV response context strings
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 26 Jan 2016 00:34:58 +0000 (13:34 +1300)]
ldb paged_results: quieten a warning.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Fri, 15 Jan 2016 01:52:12 +0000 (14:52 +1300)]
dsdb: Introduce LDB_SYNTAX_SAMBA_OCTET_STRING
The sort order for this function is more expected than the sort order for
ldb_comparsion_binary()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Douglas Bagnall [Fri, 19 Feb 2016 02:39:38 +0000 (15:39 +1300)]
util/tests: add test for BINARY_ARRAY_SEARCH_V macro
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Douglas Bagnall [Fri, 29 Jan 2016 04:53:20 +0000 (17:53 +1300)]
util/binsearch: macro for greater than or equal search
Sometimes you want to find the place where an item would be in a
sorted list, whether or not it is actually there.
The BINARY_ARRAY_SEARCH_GTE macro takes an extra 'next' pointer
argument over the other binsearch macros. This will end up pointing to
the next element in the case where there is not an exact match, or
NULL when there is. That is, searching the list
{ 2, 3, 4, 4, 9}
with a standard integer compare should give the following results:
search term *result *next
1 - 2
3 3 -
4 4 [1] -
7 - 9
9 9 -
10 - - [2]
Notes
[1] There are two fours, but you will always get the first one.
[2] The both NULL case means the search term is beyond the last list
item.
You can safely use the same pointer for both 'result' and 'next', if
you don't care to distinguish between the 'greater-than' and 'equals'
cases.
There is a torture test for this.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Garming Sam [Mon, 22 Feb 2016 21:59:15 +0000 (10:59 +1300)]
tests: Allow alternative error code for backupkey test
It appears that incorrect decryption triggers a different error code,
causing a test which fails every now and again, as sometimes the invalid
data will parse as a SID, and so pass one of the checks.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 9 Mar 2016 01:08:41 +0000 (14:08 +1300)]
selftest: Avoid sorting issues on Ubuntu 10.04 vs 14.04
The unimportant lines starting with # sorted differently between these
two platforms.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 8 Mar 2016 00:46:16 +0000 (13:46 +1300)]
pytalloc: Correct description of pytalloc_Get{Base,}ObjectType behaviour
Thanks to Jelmer for spotting the static variable that causes this odd behaviour
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 8 05:14:15 CET 2016 on sn-devel-144
Andrew Bartlett [Tue, 23 Feb 2016 01:57:04 +0000 (14:57 +1300)]
dbcheck: Check for and remove duplicate values in attributes
This can happen with three DCs and custom schema, but we test
it by just forcing the values directly into the backing tdb.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 1 Mar 2016 19:54:42 +0000 (08:54 +1300)]
selftest: Allow 4 hours for the test to run (ouch!)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 1 Mar 2016 02:17:44 +0000 (15:17 +1300)]
pysmb: Use pytalloc_BaseObject_PyType_Ready()
This changes pysmb to use talloc.BaseObject() just like the PIDL output
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 1 Mar 2016 02:08:26 +0000 (15:08 +1300)]
pysmb: Do not use pytalloc_Object directly
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 1 Mar 2016 01:53:00 +0000 (14:53 +1300)]
pysmb: Rework py_smb_new() to use pytalloc_steal()
This avoids casting to pytalloc_Object directly
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 1 Mar 2016 02:05:28 +0000 (15:05 +1300)]
pysmb: Use pytalloc_get_mem_ctx()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 1 Mar 2016 01:55:59 +0000 (14:55 +1300)]
pysmb: Use pytalloc_get_ptr()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 20:33:48 +0000 (09:33 +1300)]
pyregistry: Use pytalloc_BaseObject_PyType_Ready()
This changes pyregistry to use talloc.BaseObject() just like the PIDL output
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 20:32:56 +0000 (09:32 +1300)]
pyauth: Use pytalloc_BaseObject_PyType_Ready()
This changes pyauth to use talloc.BaseObject() just like the PIDL output
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 20:32:06 +0000 (09:32 +1300)]
pygensec: Use pytalloc_BaseObject_PyType_Ready()
This changes pygensec to use talloc.BaseObject() just like the PIDL output
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 1 Mar 2016 01:19:33 +0000 (14:19 +1300)]
pygensec: Use pytalloc_steal() in gensec_start_{client,server}()
This is better than casting to get to the pytalloc_Object structure directly
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 20:31:00 +0000 (09:31 +1300)]
pyparam: Use pytalloc_BaseObject_PyType_Ready()
This changes pyparam to use talloc.BaseObject() just like the PIDL output
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 20:30:03 +0000 (09:30 +1300)]
py_passdb: Use pytalloc_BaseObject_PyType_Ready()
This changes py_passdb to use talloc.BaseObject() just like the PIDL output
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 20:27:11 +0000 (09:27 +1300)]
pycredentials: Use pytalloc_BaseObject_PyType_Ready()
This changes pycredentials to use talloc.BaseObject() just like the PIDL output
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 20:26:29 +0000 (09:26 +1300)]
pytalloc: Add pytalloc_BaseObject_PyType_Ready() wrapper
This avoids the need for the caller to set tp_base and tp_basicsize and
so removes those as possible errors.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 03:27:31 +0000 (16:27 +1300)]
pyparam: Do not use pytalloc_Object directly
This type should not be used directly, it should have been made private
to pytalloc. This then allows removal of the (PyCFunction) cast
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 03:27:12 +0000 (16:27 +1300)]
pypassdb: Do not use pytalloc_Object directly
This type should not be used directly, it should have been made private
to pytalloc. This then allows removal of the (PyCFunction) cast
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 29 Feb 2016 03:26:08 +0000 (16:26 +1300)]
pycredentials: Remove PyCredentialCacheContainerObject
We can call pytalloc_reference() and avoid having this in the header file
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 22 Feb 2016 01:10:23 +0000 (14:10 +1300)]
pycredentials: Do not use pytalloc_Object directly
This type should not be used directly, it should have been made private
to pytalloc
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Dec 2015 06:49:54 +0000 (19:49 +1300)]
selftest: dbcheck should not be marked flapping
The primary cause of the flapping was due to the objectclass
sort routine being non-deterministic.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 23 Dec 2015 20:43:36 +0000 (09:43 +1300)]
dbcheck: Avoid spurious warnings in dbcheck due to objectclass sorting
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11433
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Dec 2015 06:48:38 +0000 (19:48 +1300)]
dbcheck: Fix incorrect/duplicate attrid in replPropertMetaData
If custom schema is used in a replicated DC environment, these are created as soon as
an attribute is modified on more than one DC. We have to remove these.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11443
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 23 Dec 2015 00:16:57 +0000 (13:16 +1300)]
selftest: Update release-4-1-0rc3 with more test records
CN=ops_run_anything2,OU=SUDOers,DC=release-4-1-0rc3,DC=samba,DC=corp
This will be modified during the dbcheck to show that new
versions of Samba will reset the attid correctly
CN=ops_run_anything3,OU=SUDOers,DC=release-4-1-0rc3,DC=samba,DC=corp
This will not be modified, and shows how a 4.1 DC without
replication would record custom schema objects.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Dec 2015 06:39:31 +0000 (19:39 +1300)]
rpc_server/drsuapi: Block replication of incorrect/duplicate attrid in replPropertMetaData
If custom schema is used in a replicated DC environment, these are created as soon as
an attribute is modified on more than one DC. We have to prevent replication
as otherwise we will corrupt the client replica state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11443
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 22 Dec 2015 06:33:39 +0000 (19:33 +1300)]
repl_meta_data: Correctly use msDS-IntId for custom schema, not the prefixMap value
We must, when dealing with custom schema, respect the msDC-IntId value recorded
in the schema. If we do not, then we will create multiple replPropertyMetaData
records for the one attribute. This may cause confusion during replication.
This fixes the issue by always calling dsdb_attribute_get_attid() to obtain
the correct local (32 bit integer) attribute ID
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11443
Andrew Bartlett [Thu, 25 Feb 2016 00:57:37 +0000 (13:57 +1300)]
pidl: Use a tmp_ctx helper variable
This is so we free the ndr_push_struct_blob() return value after
we make it into a string
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Thu, 25 Feb 2016 00:57:00 +0000 (13:57 +1300)]
pidl: Use the $mem_ctx helper variable
This is already set to pytalloc_get_mem_ctx(py_obj)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 16 Feb 2016 01:06:28 +0000 (14:06 +1300)]
pidl: Fix our python reference handling
The new talloc.BaseObject allow us to hold a talloc context per
python object (there may be many referring to the same C object)
and the talloc context that the actual object pointer is under.
Another advantage is that talloc.BaseObject(), has less of
an ABI surface.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 7 Mar 2016 22:18:56 +0000 (11:18 +1300)]
pyrpc: Clarify failure mode after pytalloc_reference_ex() improvements
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 16 Feb 2016 03:15:53 +0000 (16:15 +1300)]
talloc: Bump version number
The removal of the macros and replacement with proper functions
is a API, but not ABI break. Only code that incorrectly
used the structure either in function signatures or
to access the members directly will need to be modified
before being built against this version of talloc.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 22 Feb 2016 01:02:28 +0000 (14:02 +1300)]
pytalloc: Add new BaseObject
This new object not only avoids the ABI issues of talloc.Object
it stores one more pointer, being the start of the array, and
so can be used to fix the PIDL bindings/talloc refcount issue.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Stefan Metzmacher [Mon, 22 Feb 2016 07:47:07 +0000 (08:47 +0100)]
pytalloc: add a _pytalloc_get_type() helper function and generate PyExc_TypeError on mismatch
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 22 Feb 2016 01:29:15 +0000 (14:29 +1300)]
talloc: add _pytalloc_get_ptr/_pytalloc_get_mem_ctx helper functions
This allows us to check which type is involved, and dereference
that type correctly
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 22 Feb 2016 22:04:51 +0000 (11:04 +1300)]
talloc: Improve testsuite by avoiding path issues
We now rely on waf to tell us where the helper binary is.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 7 Mar 2016 22:16:27 +0000 (11:16 +1300)]
pyrpc: Add warning about abuse of py_return_ndr_struct()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 16 Feb 2016 02:15:44 +0000 (15:15 +1300)]
pydsdb: Fix returning of ldb.MessageElement.
This object is not based on pytalloc_Object and so this causes
a segfault (later a failure) when the struct definitions diverge.
We must also not reuse the incoming ldb_message_element as a talloc
context and overwrite the values, instead we should create a new
object and return that.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 7 Mar 2016 21:39:24 +0000 (10:39 +1300)]
pyldb: Add warning about pyldb_MessageElement_AsMessageElement()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Uri Simchoni [Thu, 3 Mar 2016 07:18:58 +0000 (09:18 +0200)]
libnet: make Kerberos domain join site-aware
When joining a domain using Kerberos authentication, create a
configuration file for the Kerberos libs to prefer on-site
domain controllers, without relying on the winbindd Kerberos
locator, which many not be operational at this stage.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11769
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 8 01:30:35 CET 2016 on sn-devel-144
Uri Simchoni [Thu, 3 Mar 2016 07:18:57 +0000 (09:18 +0200)]
dsgetdcname: fix flag check
Fix the check for zero requseted flags.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11769
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Thu, 3 Mar 2016 07:18:44 +0000 (09:18 +0200)]
dsgetdcname: return an IP address on rediscovery
When dsgetdcname return its result based on discovery
process (instead of retrieving cached value), always
return the found server's IP address in dc_address field,
rather than its netbios name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11769
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 10 Feb 2016 08:02:12 +0000 (09:02 +0100)]
idmap_autorid: Protect against corrupt databases
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 6 Mar 2016 15:39:58 +0000 (16:39 +0100)]
idmap_autorid: Fix a use-after-free
Parsing the domain_range_index references data.dptr
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Fri, 4 Mar 2016 22:16:13 +0000 (14:16 -0800)]
s3: smbd: Change open_streams_for_delete() to take a struct smb_filename *.
Prepare for changing vfs_streaminfo to do the same.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Mar 7 21:12:56 CET 2016 on sn-devel-144
Jeremy Allison [Fri, 4 Mar 2016 22:16:13 +0000 (14:16 -0800)]
s3: smbd: Change open_streams_for_delete() to take a struct smb_filename *.
Prepare for changing vfs_streaminfo to do the same.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 4 Mar 2016 22:13:22 +0000 (14:13 -0800)]
s3: smbd: Change open_streams_for_delete() to static.
Not used outside of open.c
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 4 Mar 2016 22:07:04 +0000 (14:07 -0800)]
s3: smbd: Change delete_all_streams() to take a const struct smb_filename *.
Prepare for changing the interface to vfs_streaminfo().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 4 Mar 2016 22:01:47 +0000 (14:01 -0800)]
s3: VFS: vfs_fruit. If we have an fsp, use it in preference to a pathname in vfs_streaminfo.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 3 Mar 2016 16:39:09 +0000 (17:39 +0100)]
lib: Avoid a gencache_parse when setting a delete marker
We know that we want to put something into _notrans, no point in
doing another round trip into gencache.tdb.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 3 Mar 2016 16:41:34 +0000 (17:41 +0100)]
lib: Avoid looking at fcntl'ed gencache.tdb
gencache_notrans.tdb is much cheaper to look at than gencache.tdb because it's
mutexed and thus avoids expensive fcntl locks. This patch aggressively uses the
shared _notrans tdb for both positive and negative entries. It's a replacement
for the memcache copy in every process that was removed a few patches ago.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 22 Jul 2015 14:03:47 +0000 (16:03 +0200)]
lib: Simplify gencache_pull_timeout callers
gencache_pull_timeout used to point at the "/" right after the timeout. None
of the callers was interested in the "/", they are interested in the payload.
Increment the endpointer in gencache_pull_timeout and rename it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 22 Jul 2015 14:00:03 +0000 (16:00 +0200)]
lib: Make gencache_pull_timeout look at uint8_t
At this point we're still looking at TDB_DATA. This patch moves the casts to a
more appropriate place.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 22 Jul 2015 13:50:00 +0000 (15:50 +0200)]
lib: Remove memcache from gencache
The main reason for this was to avoid access to the fcntl-governed transaction
based gencache.tdb. A later patch will make this unnecessary by filling
gencache_notrans more aggressively.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 6 Mar 2016 09:27:06 +0000 (10:27 +0100)]
lib: Fix a typo in gencache
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 3 Mar 2016 14:59:05 +0000 (15:59 +0100)]
lib: Simplify gencache_del
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Thu, 3 Mar 2016 14:59:05 +0000 (15:59 +0100)]
lib: skip deleted entries in gencache_iterate
"net cache flush" can give nasty error messages like
Couldn't delete entry! key = IDMAP/UID2SID/12345
These happen when there's an already deleted entry in
gencache_notrans.tdb, indicated by a 0 timeout. This happens if two
gencache_del function calls have happened right after the other and a
gencache_stabilize has not wiped them.
In gencache_iterate, don't show these deleted entries
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Wed, 2 Mar 2016 16:36:55 +0000 (17:36 +0100)]
krb5_wrap: Do not use deprecated KRB5 functions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Mar 7 17:57:39 CET 2016 on sn-devel-144
Martin Schwenke [Tue, 1 Mar 2016 01:20:35 +0000 (12:20 +1100)]
ctdb-packaging: Set --libexecdir in RPM spec file
If the files section uses %{_libexecdir} then CTDB must also be
configured to build and install with the same path, otherwise rpmbuild
can fail due to a mismatch. "rpmbuild --showrc" indicates that the
default %configure command sets:
--libexecdir=%{_libexecdir} \
A mismatch will occur on SUSE systems, where SLES 12 and OpenSUSE 12
set _libexecdir to %{_exec_prefix}/lib.
The failure was initially seen when testing on Debian where
_libexecdir is set to %{_prefix}/lib/x86_64-linux-gnu, though Debian
is an unlikely platform for building RPMs...
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Mar 7 14:43:15 CET 2016 on sn-devel-144
Amitay Isaacs [Tue, 9 Feb 2016 00:59:30 +0000 (11:59 +1100)]
ctdb-locking: Use real-time only for actual record or DB locking
Use real-time priority only for obtaining record and database locks.
Do not open databases with real-time priority as it can cause thundering
herd on fcntl lock while opening tdb database. Also relinquish real-time
priority after the lock is obtained.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Mar 7 11:29:00 CET 2016 on sn-devel-144
Amitay Isaacs [Sat, 5 Mar 2016 03:05:21 +0000 (14:05 +1100)]
ctdb-takeover: Inform clients when dropping all IP addresses
CTDB releases all IPs in following cases: starting up, shutting down,
node gets banned, node does not come out of recovery for a long time.
Always inform samba when CTDB releases IP addresses.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 4 Mar 2016 04:04:13 +0000 (15:04 +1100)]
ctdb-takeover: Do not kill smbd processes on releasing IP
CTDB already notifies Samba with RELEASE_IP message. Samba can take
appropriate action based on that.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Rowland Penny [Tue, 15 Dec 2015 11:00:37 +0000 (11:00 +0000)]
Remove posixAccount from samdb.py
Signed-off-by: Rowland Penny rpenny@samba.org
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Mar 7 08:13:42 CET 2016 on sn-devel-144
Martin Schwenke [Tue, 1 Mar 2016 01:25:13 +0000 (12:25 +1100)]
ctdb-packaging: Drop changelog section from RPM spec file
This is unmaintained and misleading.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Mar 7 05:00:15 CET 2016 on sn-devel-144
Volker Lendecke [Mon, 22 Feb 2016 20:32:08 +0000 (21:32 +0100)]
g_lock: Remove some unneeded includes
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Mar 6 19:34:42 CET 2016 on sn-devel-144
Volker Lendecke [Mon, 22 Feb 2016 19:39:20 +0000 (20:39 +0100)]
lib: Avoid "includes.h" in dbwrap.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 28 Feb 2016 16:56:23 +0000 (17:56 +0100)]
lib: Introduce SERVER_ID_BUF_LENGTH
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Jeremy Allison [Thu, 3 Mar 2016 23:29:10 +0000 (15:29 -0800)]
smbd: Clean up the logic inside vfs_chown_fsp() to prevent future security issues.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Mar 5 12:53:11 CET 2016 on sn-devel-144
Jeremy Allison [Thu, 3 Mar 2016 22:34:57 +0000 (14:34 -0800)]
VFS: Modify lchown to take a const struct smb_filename * instead of const char *
Preparing to reduce use of lp_posix_pathnames().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Thu, 3 Mar 2016 19:54:23 +0000 (11:54 -0800)]
VFS: Modify chown to take a const struct smb_filename * instead of const char *
Preparing to reduce use of lp_posix_pathnames().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Thu, 3 Mar 2016 19:53:39 +0000 (11:53 -0800)]
VFS: vfs_netatalk. Fix wrong VFS call used inside atalk_lchown()
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ira Cooper [Fri, 4 Mar 2016 23:00:07 +0000 (18:00 -0500)]
vfs_glusterfs: Fix use after free in AIO callback.
The wrapper->state pointer is not getting NULLed during free
allowing use of freed memory, causing a crash.
Thanks to Red Hat for discovering this issue.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11774
Signed-off-by: Ira Copper <ira@samba.org>
Reviewed-by: Poornima G <pgurusid@redhat.com>
Tested-by: Christopher Blum <cblum@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 5 09:08:53 CET 2016 on sn-devel-144
Ira Cooper [Thu, 3 Mar 2016 18:47:32 +0000 (13:47 -0500)]
source3: Honor the core soft limit of the OS.
We should honor the soft limits set by the operating system.
In any case, 16M doesn't make a useful coredump for modern
Samba.
Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 5 00:39:48 CET 2016 on sn-devel-144
Aurelien Aptel [Thu, 3 Mar 2016 15:30:35 +0000 (16:30 +0100)]
s3/rpc_server/srvsvc/srv_srvsvc_nt.c: change snum to signed int
snum is used to store the result of the find_service() call which
returns a signed int, with -1 being an error.
with an uint32_t the error check (< 0) is always false.
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Reviewed-by: Jeremy Allison <jra@samba.org>
Aurelien Aptel [Fri, 4 Mar 2016 09:05:22 +0000 (10:05 +0100)]
s3,s4 torture/denytest: fix possible infinite loop
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: David Disseldorf <ddis@suse.de>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Mar 4 21:23:45 CET 2016 on sn-devel-144
Aurelien Aptel [Fri, 4 Mar 2016 08:29:48 +0000 (09:29 +0100)]
s4/torture/libnetapi/libnetapi_user.c: fix typo
fixed misplaced parenthesis and wrong sizeof().
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: David Disseldorf <ddis@suse.de>
Amitay Isaacs [Thu, 3 Mar 2016 03:17:40 +0000 (14:17 +1100)]
ctdb-common: For AF_PACKET socket types, protocol is in network order
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11770
From man page of packet(7):
protocol is the IEEE 802.3
protocol number in network byte order. See the <linux/if_ether.h>
include file for a list of allowed protocols. When protocol is set to
htons(ETH_P_ALL), then all protocols are received.
Protocol argument was changed from network order to host order wrongly
in commit
9f8395cb7d49b63a82f75bf504f5f83920102b29.
Specifying "protocol" field to socket(AF_PACKET, ...) call only affects
the packets that are recevied. So use protocol = 0 when sending raw
packets.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Mar 4 12:58:50 CET 2016 on sn-devel-144
Volker Lendecke [Thu, 3 Mar 2016 16:19:18 +0000 (17:19 +0100)]
vfs: Fix the vfs_gpfs build
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Mar 4 02:09:15 CET 2016 on sn-devel-144
Douglas Bagnall [Wed, 2 Mar 2016 20:33:38 +0000 (09:33 +1300)]
heimdal asn1: avoid fclose(NULL) caused by missing braces
Thanks to GCC6 -Wmisleading-indentation.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Mar 3 16:21:52 CET 2016 on sn-devel-144
Douglas Bagnall [Wed, 2 Mar 2016 20:31:32 +0000 (09:31 +1300)]
regtree: avoid GCC indentation warning
This was not actually a bug, but GCC6 (sort of reasonably) thought it could be.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>