Jeremy Allison [Tue, 21 Jul 2020 19:34:02 +0000 (12:34 -0700)]
s3: libsmb: Add dns_lookup_list_async() - not yet used.
Take a list of hostnames and does async A and AAAA (if
supported) lookups on them. Interface compatible with
dns_lookup_list() (with the addition of one extra
parameter returning the query name list, for use inside
dsgetdcname() internals later) and we'll replace it in the next
commit. Waits for lp_get_async_dns_timeout() seconds to complete.
Commented out as not yet used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Thu, 23 Jul 2020 20:10:12 +0000 (13:10 -0700)]
s3: Parameters. Add 'async dns timeout' parameter. Default to 10. Minimum value 1.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 5 Aug 2020 22:46:04 +0000 (15:46 -0700)]
s4: tests: Add new async DNS unit test - samba4.blackbox.net_ads_dns_async(ad_member:local).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 17 Jul 2020 21:45:45 +0000 (14:45 -0700)]
s3: net: Add new 'net ads dns async <name>' command.
Will test the async DNS lookups in the next commit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 17 Jul 2020 21:30:02 +0000 (14:30 -0700)]
lib: addns: Add code for asynchronously looking up AAAA records.
Returns an array of struct samba_sockaddr.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 17 Jul 2020 21:21:09 +0000 (14:21 -0700)]
lib: addns: Add code for asynchronously looking up A records.
Returns an array of struct samba_sockaddr.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Douglas Bagnall [Thu, 6 Aug 2020 05:07:09 +0000 (17:07 +1200)]
libprc/test: add pull_string_array large array test
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Aug 7 04:44:17 UTC 2020 on sn-devel-184
Douglas Bagnall [Tue, 4 Aug 2020 23:04:11 +0000 (11:04 +1200)]
ndr: fix ndr_pull_string_array() off by one alloc
The correct line should have been
talloc_realloc(ndr->current_mem_ctx, a, const char *, count + 2);
because if the loop does not increment count on exit (it exits via
break), so count is left pointing at the thing that just got put in.
i.e., if there was one item it is at a[0], count is 0, but we also
need the trailing NULL byte at a[1] and the length is 2. Thus + 2, not
+ 1.
This will not affect ordinary (that is, non-malicious) traffic,
because talloc_realloc will not actually realloc unless it is saving a
kilobyte. Since the allocation grows slowly with the exponent ~1.25,
the actual reallocs will start happening at some point between 512 and
1024 items.
In the example we have, there were 666 pointers, and space for 824 was
allocated.
Rather than doing the +2 realloc, it is simpler to leave it off
altogether; in the common case (<512 items) it is a no-op anyway, and
in the best possible case it reduces the temporary array by 20%.
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24646
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 20 Sep 2018 02:24:32 +0000 (19:24 -0700)]
kdc: Remind us that these values need to match other values
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Tue, 18 Sep 2018 04:44:20 +0000 (21:44 -0700)]
selftest: Work around existing CA certificates to get PKINIT tests working
This could be reverted in the future, but for now the certificate validation is not what
we are testing and this allows the heimdal upgrade to work.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Thu, 6 Sep 2018 02:55:09 +0000 (14:55 +1200)]
heimdal_build: Add missing dependency on heimbase
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 27 May 2020 09:50:41 +0000 (21:50 +1200)]
Revert "build: fix the coverage build"
This reverts commit
3e072b3fb78f0d3132b1d3ce719b8f3706e8491a.
This is no longer required now that --noline is set globally
and that is a much nicer solution.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Mon, 25 Sep 2017 01:16:48 +0000 (14:16 +1300)]
heimdal_build: Do not allow warnings in the heimdal code!
(const excepted)
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Updated to 2020 requirements since changes in
13a2f70a4dd6dd68e0dbd0379d35409c5f100f06
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 27 May 2020 09:31:43 +0000 (21:31 +1200)]
Compile .l files (flex) with the waf rule at runtime
Other parts of Samba already compile these directly.
This makes these files compile with modern compiler warnings.
The primary difference (other than being built with a newer
flex) is the loss of the #include "config.h" but
this is not used in the other .l files elsewehre and does not
seem to matter on modern systems.
The generated output from compile_et asn1_compile has not changed
(so I think the hx509 case is safe).
The mdssvc case just has changed file locations and line numbers.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Mon, 25 Sep 2017 01:16:09 +0000 (14:16 +1300)]
heimdal_build: provide a prototype with the dummy afs header-only function stubs
We do not do AFS in Samba
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Mon, 25 Sep 2017 01:00:51 +0000 (14:00 +1300)]
heimdal_build: Include keys.c in the hdb autoproto
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Thu, 21 Sep 2017 04:19:57 +0000 (16:19 +1200)]
Make HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE available in krb5.h
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 27 May 2020 10:18:31 +0000 (22:18 +1200)]
heimdal: Exclude more of plugin.c if HAVE_DLOPEN (which Samba unsets) is not set
This allows us to avoid warnings and errors due to unsued variables
and functions.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Mon, 25 Sep 2017 00:58:10 +0000 (13:58 +1300)]
heimdal: Use #ifdef HAVE_DLOPEN around function used by HAVE_DLOPEN
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Mon, 25 Sep 2017 01:15:28 +0000 (14:15 +1300)]
heimdal: Use #ifdef HAVE_DLOPEN around functions used only by HAVE_DLOPEN
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Stefan Metzmacher [Wed, 1 Apr 2020 21:51:59 +0000 (23:51 +0200)]
wafsamba: run SAMBA_GENERATOR('VERSION') with group='setup'
This means this is the first thing that's done.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Volker Lendecke [Wed, 5 Aug 2020 14:22:10 +0000 (16:22 +0200)]
libsmb: Fix CID
1465656 Resource leak
This is very likely a false positive, because Coverity does not see
that we only assign "dns_addrs" when NT_STATUS_IS_OK(status), so we
might not want this. But it is a fresh finding and looks cleaner this
way.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 6 20:23:53 UTC 2020 on sn-devel-184
Volker Lendecke [Wed, 5 Aug 2020 09:25:27 +0000 (11:25 +0200)]
libcli/ldap: Fix CID
1462695 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 5 Aug 2020 09:23:30 +0000 (11:23 +0200)]
libcli/ldap: Fix CID
1462696 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 5 Aug 2020 09:18:35 +0000 (11:18 +0200)]
libcli/ldap: Fix CID
1465278 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Mulder [Wed, 8 Jul 2020 20:50:27 +0000 (14:50 -0600)]
gpo: Remove unused gp_ext_setter code
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): David Mulder <dmulder@samba.org>
Autobuild-Date(master): Thu Aug 6 18:01:49 UTC 2020 on sn-devel-184
David Mulder [Wed, 8 Jul 2020 20:48:45 +0000 (14:48 -0600)]
gpo: Extract Access policy from Security extension
Rewrite the extension to be easier to understand,
and to remove references to gp_ext_setter.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Fri, 26 Jun 2020 21:34:02 +0000 (15:34 -0600)]
gpo: Extract Kerberos policy from Security extension
Rewrite the extension to be easier to understand,
and to remove references to gp_ext_setter.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Mon, 6 Jul 2020 17:16:45 +0000 (11:16 -0600)]
gpo: Add RSOP output for Scripts Extension
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Mon, 6 Jul 2020 17:16:14 +0000 (11:16 -0600)]
gpo: Add RSOP output for Security Extension
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Tue, 7 Jul 2020 16:35:25 +0000 (10:35 -0600)]
gpo: Test samba-gpupdate --rsop
Test that the rsop command produces the expected
output.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Mon, 6 Jul 2020 14:25:23 +0000 (08:25 -0600)]
gpo: Add --rsop option to samba-gpupdate
This command prints the Resultant Set of Policy
for applicable GPOs, for either the Computer or
User policy (depending on the target specified).
Policy specific output must be implemented for
each client side extension.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Mon, 6 Jul 2020 14:13:57 +0000 (08:13 -0600)]
gpo: Properly decode utf-8/16 inf files from bytes
This code was python 2 specific (string handling
has changed dramatically in python 3), and didn't
correctly decode utf-16 in python3. We should
instead read the file as bytes, then attempt a
utf-8 decode (the default), and try utf-16 if
encountering a decode failure.
The existing code actually throws an exception on
the initial file read when the data is utf-16,
since it tries to decode the bytes to a utf-8
string.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Tue, 7 Jul 2020 17:10:10 +0000 (11:10 -0600)]
gpo: Test proper decoding of utf-16 inf files
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Fri, 26 Jun 2020 18:35:20 +0000 (12:35 -0600)]
gpo: Apply Group Policy Sudo Rights
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Fri, 26 Jun 2020 18:37:11 +0000 (12:37 -0600)]
gpo: Test Group Policy Sudo Rights
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Thu, 2 Jul 2020 16:13:15 +0000 (10:13 -0600)]
gpo: Scripts gpo add warning about generated scripts
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Thu, 2 Jul 2020 16:04:36 +0000 (10:04 -0600)]
gpo: Scripts extension use 'gp_' prefix, not 'tmp'
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Fri, 26 Jun 2020 19:10:43 +0000 (13:10 -0600)]
gpo: Move all scripts to a sub-category in samba.admx
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Thu, 25 Jun 2020 21:23:14 +0000 (15:23 -0600)]
gpo: Apply Group Policy Weekly Scripts
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Thu, 25 Jun 2020 21:23:35 +0000 (15:23 -0600)]
gpo: Test gpo weekly scripts apply
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Thu, 25 Jun 2020 21:02:37 +0000 (15:02 -0600)]
gpo: Apply Group Policy Monthly Scripts
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Thu, 25 Jun 2020 21:03:03 +0000 (15:03 -0600)]
gpo: Test gpo monthly scripts apply
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Thu, 25 Jun 2020 20:14:09 +0000 (14:14 -0600)]
gpo: Apply Group Policy Hourly Scripts
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
David Mulder [Thu, 25 Jun 2020 20:15:18 +0000 (14:15 -0600)]
gpo: Test gpo hourly scripts apply
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Ralph Boehme [Wed, 5 Aug 2020 08:11:29 +0000 (10:11 +0200)]
lib: fix smb_strtox.[c|h] license header
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Aug 5 10:17:06 UTC 2020 on sn-devel-184
Jeremy Allison [Tue, 21 Jul 2020 03:52:58 +0000 (20:52 -0700)]
s3: libsmb: Move all calls to convert_ss2service() to one place now all methods return a sockaddr_storage.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Tue Aug 4 10:13:53 UTC 2020 on sn-devel-184
Jeremy Allison [Tue, 21 Jul 2020 03:40:02 +0000 (20:40 -0700)]
s3: libsmb: Now all resolution functions return a ss_list on success, we only need one local variable for this.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 03:17:54 +0000 (20:17 -0700)]
s3: libsmb: Change resolve_ads() to return a talloc'ed ss_list, matching the other name resolution methods.
Now we can move all the convert_ss2service() calls to one place.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 02:50:04 +0000 (19:50 -0700)]
s3: libsmb: Rewrite resolve_ads() to use the previously added dns_lookup_list() function.
Clean up internals - a LOT.
This one needs careful review. Ditch the (unused) port returns from
the SRV replies.
Internally uses talloc'ed arrays of struct sockaddr_storage
which it then convert to MALLOC'ed struct ip_service.
Still returns struct ip_service but this will be
fixed in the next commit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 01:31:16 +0000 (18:31 -0700)]
s3: libsmb: Add in (currently unused) function dns_lookup_list().
This function takes a list of names returned from a DNS SRV
query which didn't have returned IP addresses and returns an
array of struct sockaddr_storage.
Currently synchronous, but this is the function that will
be changed to be asynchronous later.
Compiles but commented out for now so we don't get "unused
function" warnings.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:59:20 +0000 (17:59 -0700)]
s3: libsmb: Pass in TALLOC_CTX * parameter to resolve_ads() instead of creating one internally.
Pass in talloc_tos() to make it match the other resolve_XXX() functions.
No memory leaks as this is used for transient data and is cleaned up
when the calling frame in internal_resolve_name() is destroyed.
Preparing to have it return a talloc'ed struct sockaddr_storage array
rather than a malloc'ed struct ip_service array.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 03:27:38 +0000 (20:27 -0700)]
s3: libsmb: Cleanup - ensure ss_list variables are initialized with NULL.
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:56:48 +0000 (17:56 -0700)]
s3: libsmb: Cleanup - put talloc parameter first in name_resolve_bcast().
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:53:28 +0000 (17:53 -0700)]
s3: libsmb: Cleanup - put talloc parameter first in resolve_wins().
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:50:21 +0000 (17:50 -0700)]
s3/s4: Cleanup. Move TALLOC_CTX * parameter to be first in resolve_lmhosts_file_as_sockaddr() to match modern conventions.
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:45:44 +0000 (17:45 -0700)]
s3: libsmb: Cleanup - put talloc parameter first in resolve_hosts().
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:44:03 +0000 (17:44 -0700)]
s3: libsmb: Cleanup - reformatting name_resolve_bcast() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:43:26 +0000 (17:43 -0700)]
s3: libsmb: Cleanup - reformatting resolve_wins() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:42:44 +0000 (17:42 -0700)]
s3: libsmb: Cleanup - reformatting resolve_lmhosts_file_as_sockaddr() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:40:06 +0000 (17:40 -0700)]
s3: libsmb: Cleanup - reformatting 2nd use of resolve_ads() parameters inside internal_resolve_name().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:39:33 +0000 (17:39 -0700)]
s3: libsmb: Cleanup - reformatting resolve_ads() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:38:20 +0000 (17:38 -0700)]
s3: libsmb: Cleanup - reformatting resolve_hosts() parameters inside internal_resolve_name().
No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:35:22 +0000 (17:35 -0700)]
s3: libsmb: Cleanup - Remove incorrect comment in resolve_ads(). The DNS code copes fine with IPv6 addresses.
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:32:47 +0000 (17:32 -0700)]
s3: libsmb: Cleanup - modernize DEBUG -> DBG_ in internal_resolve_name()
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:28:41 +0000 (17:28 -0700)]
s3: libsmb: Cleanup - split allocation and NULL check in internal_resolve_name().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:27:13 +0000 (17:27 -0700)]
s3: libsmb: Cleanup - use helper 'ok' bool for internal_resolve_name().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:05:27 +0000 (17:05 -0700)]
s3: libsmb: Cleanup - use helper 'ok' bool for name_resolve_bcast().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:04:57 +0000 (17:04 -0700)]
s3: libsmb: Cleanup - use helper 'ok' bool for resolve_wins().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:03:21 +0000 (17:03 -0700)]
s3: libsmb: Cleanup - use helper 'ok' bool for resolve_lmhosts_file_as_sockaddr().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:02:15 +0000 (17:02 -0700)]
s3: libsmb: Cleanup - use helper 'ok' bool for resolve_hosts().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:01:04 +0000 (17:01 -0700)]
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for name_resolve_bcast().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 00:00:35 +0000 (17:00 -0700)]
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for resolve_wins().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Mon, 20 Jul 2020 23:59:38 +0000 (16:59 -0700)]
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for 0x1D name in resolve_wins().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Mon, 20 Jul 2020 23:58:46 +0000 (16:58 -0700)]
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for resolve_lmhosts_file_as_sockaddr().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Mon, 20 Jul 2020 23:57:43 +0000 (16:57 -0700)]
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for resolve_ads().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Mon, 20 Jul 2020 23:56:14 +0000 (16:56 -0700)]
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for KDC resolve_ads().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Mon, 20 Jul 2020 23:54:45 +0000 (16:54 -0700)]
s3: libsmb: Cleanup - change to early continue in internal_resolve_name() for resolve_hosts().
No logic change.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 03:57:44 +0000 (20:57 -0700)]
s3: libsmb: Cleanup - ensure we don't try and continue resolving names on failure of convert_ss2service().
Logic change, but correct error cleanup - jump to new 'fail:' label.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Jeremy Allison [Mon, 3 Aug 2020 22:06:03 +0000 (15:06 -0700)]
s3: scripts: Selfttest. samba3.blackbox.smbclient_iconv.*
Fix missing 'include' in temporary client smb.conf file.
The current temporary generated smb.conf file for the client, "client_cp850_smbconf"
doesn't include the normal client smb.conf file "client.conf".
This means it's missing the:
interfaces = XXXX,YYYY
line we needed to find the server via socketwrapper. Currently this test is finding the server by accident :-).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Aug 4 06:30:25 UTC 2020 on sn-devel-184
Ralph Boehme [Fri, 3 Jul 2020 06:11:20 +0000 (08:11 +0200)]
lib: relicense smb_strtoul(l) under LGPLv3
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 3 22:21:04 UTC 2020 on sn-devel-184
Samuel Thibault [Sun, 2 Aug 2020 18:06:08 +0000 (18:06 +0000)]
ldap_server: fix hurd build
There is no hardcoded IOV_MAX iov limitation on GNU/Hurd. We however do
not want unbound allocation, so define it to a reasonable amount.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Aug 3 09:39:02 UTC 2020 on sn-devel-184
Douglas Bagnall [Wed, 29 Jul 2020 03:35:12 +0000 (15:35 +1200)]
README.Coding: target Python 3.6+
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Aug 3 04:13:37 UTC 2020 on sn-devel-184
Douglas Bagnall [Sat, 4 Jul 2020 02:28:40 +0000 (14:28 +1200)]
python tests: drop python 2.6 compatibility functions
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 30 Jul 2020 00:06:10 +0000 (12:06 +1200)]
ndr: avoid excessive reallocing in pull_string_array
Before, talloc_realloc() was being called n times for an array of
length n. This could be very expensive on long string arrays since it
is reasonable to assume each realloc moves O(n) bytes.
This addresses at least one OSS-Fuzz bug, making a timing out test case
100 times faster. Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19706
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 29 Jul 2020 22:46:17 +0000 (10:46 +1200)]
ndr: maintain proper talloc tree in pull_string_array
We don't want to leave other parts of the ndr struct hanging off this
string array just because LIBNDR_FLAG_REMAINING is used.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 31 Jul 2020 03:36:16 +0000 (15:36 +1200)]
oss-fuzz: use uninstrumented dynamic python
We can't link to the instrumented statically built Python, so instead
we use the system Python in the docker image.
REF: https://github.com/google/oss-fuzz/issues/4223
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22618
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14451
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Ralph Boehme [Wed, 29 Jul 2020 12:17:52 +0000 (14:17 +0200)]
smbd: remove get_current_vuid()
The last user was removed by
3d09993725412bb0e856cc2ebf6ac68f8e762730.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Jul 29 13:44:47 UTC 2020 on sn-devel-184
Douglas Bagnall [Fri, 24 Jul 2020 00:41:29 +0000 (12:41 +1200)]
ldb_controls: control_to_string avoids crash
Otherwise a malformed control with unexpected NULL data will segfault
ldb_control_to_string(), though this is not very likely to affect
anyone in practice as converting controls to strings is rarely
necessary. If it happens at all in Samba it is in Python code.
Found by Honggfuzz using fuzz_ldb_parse_control.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Jul 29 04:43:23 UTC 2020 on sn-devel-184
Andrew Bartlett [Sun, 26 Jul 2020 23:37:29 +0000 (11:37 +1200)]
dbcheck: Allow a dangling forward link outside our known NCs
If we do not have the NC of the target object we can not be really sure
that the object is redundent and so we want to keep it for now
and not (as happened until now) break the dbcheck run made during the
replication stage of a "samba-tool domain backup rename".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14450
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Stefan Metzmacher [Thu, 23 Apr 2020 09:56:54 +0000 (11:56 +0200)]
kdc:db-glue: ignore KRB5_PROG_ETYPE_NOSUPP also for Primary:Kerberos
Currently we only ignore KRB5_PROG_ETYPE_NOSUPP for
Primary:Kerberos-Newer-Keys, but not for Primary:Kerberos.
If a service account has msDS-SupportedEncryptionTypes: 31
and DES keys stored in Primary:Kerberos, we'll pass the
DES key to smb_krb5_keyblock_init_contents(), but may get
KRB5_PROG_ETYPE_NOSUPP.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 28 14:04:26 UTC 2020 on sn-devel-184
Isaac Boukris [Mon, 27 Apr 2020 12:00:38 +0000 (14:00 +0200)]
Add a test with old msDS-SupportedEncryptionTypes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14354
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Khem Raj [Thu, 23 Jul 2020 05:42:09 +0000 (22:42 -0700)]
nsswitch/nsstest.c: Avoid nss function conflicts with glibc nss.h
glibc 2.32 will define these varibles [1] which results in conflicts
with these static function names, therefore prefix these function names
with samba_ to avoid it
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=
499a92df8b9fc64a054cf3b7f728f8967fc1da7d
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jul 28 10:52:00 UTC 2020 on sn-devel-184
Martin Schwenke [Mon, 20 Jul 2020 02:02:45 +0000 (12:02 +1000)]
ctdb-scripts: Use nfsconf as a last resort get nfsd thread count
If nfsconf exists then use it as last resort to attempt to extract
[nfsd]:threads from /etc/nfs.conf.
Invocation of nfsconf requires "|| true" because this script uses "set
-e". Add a stub that always fails to at least test this much.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14444
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Jul 27 07:06:58 UTC 2020 on sn-devel-184
Martin Schwenke [Mon, 13 Jul 2020 00:16:33 +0000 (10:16 +1000)]
ctdb-scripts: Use nfsconf as a last resort to set NFS_HOSTNAME
If nfsconf exists then use it as last resort to attempt to extract
[statd]:name from /etc/nfs.conf.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14444
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 25 Jul 2020 20:50:22 +0000 (06:50 +1000)]
WHATSNEW: Fix description of CTDB NAT gateway and LVS changes
Oops! Using parentheses makes it harder to get this wrong.
Reported-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sun Jul 26 13:01:09 UTC 2020 on sn-devel-184
Martin Schwenke [Fri, 17 Jul 2020 10:38:12 +0000 (20:38 +1000)]
WHATSNEW: Document CTDB NAT gateway and LVS changes
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jul 24 09:58:53 UTC 2020 on sn-devel-184
Martin Schwenke [Fri, 17 Jul 2020 10:46:07 +0000 (20:46 +1000)]
ctdb: Change LVS to use leader/follower
Instead of master/slave.
Nearly all of these are simple textual substitutions, which preserve
the case of the original. A couple of minor cleanups were made in the
documentation (such as "LVSMASTER" -> "LVS leader").
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 24 Jun 2020 01:20:24 +0000 (11:20 +1000)]
ctdb: Change NAT gateway to use leader/follower
Instead of master/slave.
Nearly all of these are simple textual substitutions, which preserve
the case of the original.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 14 Jul 2020 04:29:09 +0000 (14:29 +1000)]
ctdb-recoverd: Simplify calculation of new flags
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Jul 24 06:03:23 UTC 2020 on sn-devel-184