Jeff Layton [Wed, 31 Jul 2013 14:38:23 +0000 (10:38 -0400)]
torture: add LOCAL-sid_to_string testcase
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:22 +0000 (10:38 -0400)]
torture: add more string_to_sid torture testcases
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:21 +0000 (10:38 -0400)]
libcli: fix conversion logic in dom_sid_string_buf
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:20 +0000 (10:38 -0400)]
libcli: fix conversion logic in dom_sid_parse_endp
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:19 +0000 (10:38 -0400)]
wbclient: fix conversion logic in wbcSidToStringBuf
Might as well fix it to handle large authority values properly. Also
correct some of the formatting.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeff Layton [Wed, 31 Jul 2013 14:38:18 +0000 (10:38 -0400)]
wbclient: fix conversion logic in wbcStringToSid
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 31 Jul 2013 19:58:25 +0000 (21:58 +0200)]
schannel: Fix an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Sun, 14 Apr 2013 03:32:49 +0000 (13:32 +1000)]
samba-tool dbcheck: Correctly remove deleted DNs in dbcheck
The previous pattern never matched, as it was a typo.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 30 12:55:00 CEST 2013 on sn-devel-104
Andrew Bartlett [Tue, 4 Jun 2013 10:22:31 +0000 (20:22 +1000)]
dsdb: Include MS-ADTS doc references on deleted object contstraints
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 3 Jun 2013 07:51:41 +0000 (17:51 +1000)]
dsdb tests: Add member/memberOf checking to delete_objects testing
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 4 Jun 2013 09:57:06 +0000 (19:57 +1000)]
dsdb: Improve DRS deleted link source/target handing in repl_meta_data
We now correctly ignore the link updates if the source or target is
deleted locally.
This fixes the long-standing failure in the vampire_dc dbcheck test.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 17 Jun 2013 12:37:20 +0000 (22:37 +1000)]
dsdb: Ensure we always force deleted objects back under the deleted objects DN
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 5 Jun 2013 07:35:42 +0000 (09:35 +0200)]
dsdb/repl_meta_data: split out replmd_deletion_state()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 31 May 2013 10:01:17 +0000 (20:01 +1000)]
dsdb: Prune deleted objects of links and extra attributes of replicated deletes
When an object is deleted, the links to be removed are not propogated,
you have to watch out for them manually!
We do this by calling back into the originating update delete code (ie
what is called if you ldb_delete() locally) so that any extra
attribute found locally and not on the remote server becomes removed
remotely too.
We currently do the same with links, but that isn't strictly correct,
but for now our getNCChanges server code filters these out, so only
the usn is bumped.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 26 Jul 2013 10:26:30 +0000 (12:26 +0200)]
s3:winbind: add a warning DEBUG message when skipping a sid from the mapped GID list
This presents a potential security problem when ACLs contain DENY ACEs.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Jul 29 14:42:27 CEST 2013 on sn-devel-104
Michael Adam [Fri, 26 Jul 2013 10:25:27 +0000 (12:25 +0200)]
s3:winbind: change getgroups to only do one sids2xids call instead of many
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 26 Jul 2013 09:32:34 +0000 (11:32 +0200)]
s3:winbind: fix the getgroups implementation to include the user sid's GID in case of ID_TYPE_BOTH
This is important for acl checks on the unix level where only a group ace
has been added to the ACL for the user sid, e.g. when accessing Files with
nfs or local unix processes.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 26 Jul 2013 09:31:41 +0000 (11:31 +0200)]
s3:winbind: fix gid counting and error handling in the getgroups implementation
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Kai Blin [Sun, 28 Jul 2013 21:59:18 +0000 (23:59 +0200)]
dns: Update TODO list
A lot of the todo items have been resolved, avoid confusing people.
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 29 09:12:17 CEST 2013 on sn-devel-104
Christof Schmitt [Wed, 3 Jul 2013 19:49:43 +0000 (12:49 -0700)]
selftest: Print error message when smbd does not have ADS support
When smbd cannot be compiled with ADS support, setting up the s3member
environment fails with:
samba: using 'standard' process model
Samba can't provide environment 's3member' at /test/samba/selftest/target/Samba.pm line 44.
Can't use string ("UNKNOWN") as a HASH ref while "strict refs" in use at /test/samba/selftest/selftest.pl line 852.
samba: EOF on stdin - terminating
Add an explicit error message for the missing ADS support to make this
easier to debug and also avoid the warning about the hash reference:
samba: using 'standard' process model
Samba can't provide environment 's3member' at /test/samba/selftest/target/Samba.pm line 44.
Unable to setup environment s3member at /test/samba/selftest/selftest.pl line 851.
smbd does not have ADS support
samba: EOF on stdin - terminating
Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jul 27 08:31:14 CEST 2013 on sn-devel-104
Andreas Schneider [Fri, 26 Jul 2013 13:36:02 +0000 (15:36 +0200)]
nsswitch: Add OPT_KRB5CCNAME to avoid an error message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10048
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul 26 17:40:26 CEST 2013 on sn-devel-104
Andrew Bartlett [Mon, 17 Jun 2013 12:37:54 +0000 (22:37 +1000)]
torture/drs: Expand an error message to aid debugging
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 25 13:51:44 CEST 2013 on sn-devel-104
Stefan Metzmacher [Mon, 10 Jun 2013 12:00:01 +0000 (14:00 +0200)]
dsdb/samdb: use RECYCLED it implies DELETED...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sat, 13 Jul 2013 09:35:52 +0000 (19:35 +1000)]
selftest: ensure samba4.nss.test.*using.*winbind is always tested
With the winbind fixes now in master this should be more reliable.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sat, 13 Jul 2013 09:34:45 +0000 (19:34 +1000)]
selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested
This test should now be more reliable with the over-allocation of
RID values now fixed.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 27 Jun 2013 23:19:48 +0000 (09:19 +1000)]
rpc_server-drsuapi: Improve comments and DEBUG lines
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 27 Jun 2013 23:15:16 +0000 (09:15 +1000)]
dsdb: Add assert in drepl_take_FSMO_role
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 19 Jun 2013 01:33:36 +0000 (11:33 +1000)]
selftest: Ensure the DC has started and and got a RID set before we proceed
This avoids errors when a busy DC has not yet fetched a RID set, showing up
as flapping tests when users are created, such as the samr.large-dc test.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 19 Jun 2013 00:30:48 +0000 (10:30 +1000)]
dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails
We now also only poke the RID manager once per request.
This may help track down why RID allocation can fail, as while we
never wait for the RID set to be created/updated, it may be the only
clue the admin gets as to why the async allocations were failing.
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 23 Jun 2013 11:38:40 +0000 (21:38 +1000)]
dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches
This should be more efficient, particularly in the leaf node case when renaming and
deleting entries on large databases.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 23 Jun 2013 09:47:35 +0000 (19:47 +1000)]
dsdb-descriptor: Do not do a subtree search unless we have child entries
This avoids a subtree search here in most cases where an object is deleted.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 13 Jun 2013 09:33:42 +0000 (19:33 +1000)]
dynconfig: Remove last s3 markers now we have just one build system
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 24 16:29:15 CEST 2013 on sn-devel-104
Stefan Metzmacher [Tue, 23 Jul 2013 22:19:26 +0000 (10:19 +1200)]
s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_my_addr()
This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.
(similar to commit
e9ae36e9683372b86f1efbd29904722a33fea083)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10042
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 24 14:37:43 CEST 2013 on sn-devel-104
Andreas Schneider [Wed, 24 Jul 2013 08:12:19 +0000 (10:12 +0200)]
docs-xml: Remove obsolete swat manpage and references.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10041
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 24 12:42:29 CEST 2013 on sn-devel-104
Günther Deschner [Thu, 18 Jul 2013 17:09:14 +0000 (19:09 +0200)]
pam_winbind: update documentation for "DIR" krb5ccname pragma.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 24 02:43:10 CEST 2013 on sn-devel-104
Günther Deschner [Thu, 18 Jul 2013 17:05:51 +0000 (19:05 +0200)]
s3-winbindd: support the DIR pragma for raw kerberos user pam authentication.
It is currently only available in MIT. In addition, allow to define custom
filepaths for FILE, WRFILE and DIR pragmas and substitute one occurence of the
%u pattern.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Thu, 18 Jul 2013 17:04:29 +0000 (19:04 +0200)]
wbinfo: allow to define a custom krb5ccname for kerberized pam auth.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Tue, 23 Jul 2013 22:19:26 +0000 (10:19 +1200)]
s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr()
This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 22 Jun 2013 11:06:34 +0000 (13:06 +0200)]
smbd: Fix CID
1035536 Uninitialized pointer read
rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 23 02:05:19 CEST 2013 on sn-devel-104
Volker Lendecke [Sat, 22 Jun 2013 11:06:34 +0000 (13:06 +0200)]
smbd: Fix CID
1035537 Uninitialized pointer read
rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 22 Jun 2013 11:06:34 +0000 (13:06 +0200)]
smbd: Fix CID
1035538 Uninitialized pointer read
rpc_pipe_open_interface just returns okay if the pipe in question is
already open. For this, it needs to read the value.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 22 Jun 2013 10:13:26 +0000 (12:13 +0200)]
tdb: Fix CID
1034959 Uninitialized scalar variable
log_ctx.log_private was used uninitialized. Not a real bug here,
as tdb_log does not access it, but tdb_open_ex still moves around
uninitialized data. So this would show up in valgrind as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 22 Jun 2013 10:13:26 +0000 (12:13 +0200)]
tdb: Fix CID
1034960 Uninitialized scalar variable
log_ctx.log_private was used uninitialized. Not a real bug here,
as tdb_log does not access it, but tdb_open_ex still moves around
uninitialized data. So this would show up in valgrind as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 19 Jul 2013 14:08:39 +0000 (16:08 +0200)]
s3-waf: Rename regedit to samba-regedit.
This is needed cause wine already provides a binary with the name
regedit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10040
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Kai Blin <kai@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 22 14:12:38 CEST 2013 on sn-devel-104
Günther Deschner [Fri, 19 Jul 2013 13:10:05 +0000 (15:10 +0200)]
s3-printing: avoid KRB5CCNAME overwrite in printer publishing (Bug #7444).
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jul 19 17:53:08 CEST 2013 on sn-devel-104
Jeremy Allison [Tue, 9 Jul 2013 23:37:48 +0000 (16:37 -0700)]
Add torture tests to raw.eas to check sending Windows invalid names in the middle of an EA list.
Add torture tests to probe the set of invalid
Windows EA names.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 19 11:50:25 CEST 2013 on sn-devel-104
Jeremy Allison [Tue, 16 Jul 2013 16:14:12 +0000 (09:14 -0700)]
Reply with correct trans2 message on a setpathinfo with a bad EA name.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 16 Jul 2013 18:05:10 +0000 (11:05 -0700)]
Ensure we do pathname processing before SD and EA processing in NTTRANS_CREATE.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 9 Jul 2013 22:54:39 +0000 (15:54 -0700)]
Ensure we can't create a file using NTTRANS with an invalid EA list.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 9 Jul 2013 22:59:53 +0000 (15:59 -0700)]
Ensure we can't create a file using TRANS2_OPEN with an invalid EA list.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Wed, 10 Jul 2013 19:18:36 +0000 (12:18 -0700)]
Add error map of STATUS_INVALID_EA_NAME -> ERRDOS, ERRbadfile
(from Windows2012 tests).
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Wed, 10 Jul 2013 19:38:41 +0000 (12:38 -0700)]
Add the ability to send an NTSTATUS result back with a trans2 reply so we can return a parameter block with an error code.
This is needed when returning a STATUS_INVALID_NAME result (tested
from Windows 2012).
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 9 Jul 2013 23:02:50 +0000 (16:02 -0700)]
Ensure we can't create a file using SMB2_CREATE with an invalid EA list.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 9 Jul 2013 23:21:18 +0000 (16:21 -0700)]
Ensure we never return an EA name to a Windows client it can't handle.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 9 Jul 2013 22:52:47 +0000 (15:52 -0700)]
Ensure set_ea cannot set invalid Windows EA names.
Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 9 Jul 2013 22:50:47 +0000 (15:50 -0700)]
Add ea_list_has_invalid_name() function.
Invalid character list probed from Windows Server 2012.
Bug 9992: Windows error 0x800700FE when copying files with xattr names containing ":"
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Shekhar Amlekar [Thu, 11 Jul 2013 15:42:29 +0000 (21:12 +0530)]
librpc: srvsvc.idl: define level 1005 share info flags
define level 1005 share info flags.
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Jul 18 16:35:51 CEST 2013 on sn-devel-104
Andreas Schneider [Wed, 17 Jul 2013 14:13:22 +0000 (16:13 +0200)]
nsswitch: Don't enumerate all domains with wbinfo -u|-g.
By default wbinfo -u|-g should only enumerate the domain winbindd is
joined to. The command can be harmfull if you have e.g. 30 domains and
700k users. Then the parent will collect all information and the
oom-killer will kill winbind. As we still want to support it, you can
enable it the old behaviour with wbinfo --domain='*' -u. This is
a measure that sysadmins don't shoot themself.
https://bugzilla.samba.org/show_bug.cgi?id=10034
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 18 11:54:58 CEST 2013 on sn-devel-104
Richard Sharpe [Wed, 17 Jul 2013 23:29:39 +0000 (16:29 -0700)]
Fix memory leak in error code path.
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 18 03:22:37 CEST 2013 on sn-devel-104
Bill Parker [Wed, 17 Jul 2013 22:30:35 +0000 (15:30 -0700)]
Fix bug 10025 - Lack of Sanity Checking in calls to malloc()/calloc().
In reviewing various files in Samba-4.0.7, I found a number
of instances where malloc()/calloc() were called without the
checking the return value for a value of NULL, which would
indicate failure.
(NB. The changes needed to ccan, iniparser, popt and heimdal
will be reported upstream, not patched inside Samba).
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Source <idra@samba.org>
Alexander Werth [Tue, 9 Jul 2013 15:14:08 +0000 (17:14 +0200)]
s3: Remove old mode special substitution.
The mode special substitution now happens in a separate function.
The substitution at this point is unnecessary.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Tue Jul 16 00:52:26 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 11 Jul 2013 11:10:25 +0000 (13:10 +0200)]
s3:idmap_autorid: Add a NULL check in idmap_autorid_preallocate_wellknown
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Volker Lendecke [Thu, 11 Jul 2013 11:08:39 +0000 (13:08 +0200)]
s3:idmap_autorid: Don't zero in idmap_autorid_preallocate_wellknown
We initialize everything later anyway
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Volker Lendecke [Thu, 11 Jul 2013 11:07:52 +0000 (13:07 +0200)]
s3:idmap_autorid: Use ARRAY_SIZE where appropriate
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
Andreas Schneider [Thu, 11 Jul 2013 11:44:53 +0000 (13:44 +0200)]
s3-winbind: Do not delete an existing valid credential cache.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9994
Thanks to David Woodhouse <dwmw2@infradead.org>.
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 15 12:48:46 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 11 Jul 2013 14:22:26 +0000 (16:22 +0200)]
smbd: Fix a 100% loop at shutdown time
In the destructor of fsp->aio_requests[0] we put another request into
fsp->aio_requests[0]. Don't overwrite that with TALLOC_FREE.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 11 20:56:42 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 11 Jul 2013 09:31:50 +0000 (11:31 +0200)]
srvsvc: Use a symbolic constant where we have one
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 11 Jul 2013 12:57:53 +0000 (14:57 +0200)]
ccan: Fix calling memset with zero length parameter
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 11 16:55:49 CEST 2013 on sn-devel-104
Karolin Seeger [Mon, 8 Jul 2013 07:07:32 +0000 (09:07 +0200)]
docs: Bump version in meta data up to 4.1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jul 11 02:53:34 CEST 2013 on sn-devel-104
Stefan Metzmacher [Wed, 10 Jul 2013 12:48:18 +0000 (14:48 +0200)]
s4:server: avoid calling into nss_winbind from within 'samba'
The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().
As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
Michele Baldessari [Tue, 9 Jul 2013 21:23:33 +0000 (23:23 +0200)]
Fix typos in man-pages
Fix some typos in the man-pages.
Signed-off-by: Michele Baldessari <michele@acksyn.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Wed Jul 10 16:45:07 CEST 2013 on sn-devel-104
Stefan Metzmacher [Tue, 9 Jul 2013 14:38:59 +0000 (16:38 +0200)]
s4:rpc_server: make sure we don't terminate a connection with pending requests (bug #9820)
Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104
Andrew Bartlett [Thu, 27 Jun 2013 01:28:03 +0000 (11:28 +1000)]
s4-winbindd: Do not terminate a connection that is still pending (bug #9820)
Instead, wait until the call attempts to reply, and let it terminate then
(often this happens in the attempt to then write to the broken pipe).
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 27 Jun 2013 01:27:03 +0000 (11:27 +1000)]
service_stream: Log if the connection termination is deferred or not (bug #9820)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Tue, 9 Jul 2013 10:32:34 +0000 (12:32 +0200)]
s3-smbstatus: display [u|g]id of -1 as "-1" in connection list
In order to avoid displayed uid or gid of "
4294967295" instead of "-1", we
need to fetch the special case -1.
The id can be -1 if we are reading e.g. incomplete session information.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 10 01:18:30 CEST 2013 on sn-devel-104
Stefan Metzmacher [Mon, 8 Jul 2013 14:31:13 +0000 (16:31 +0200)]
s3-lib: hide incomplete smbXsrv_tcon_global records
Part of fix for bug #10003
Pair-programmed-with: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Björn Baumbach [Fri, 5 Jul 2013 11:19:59 +0000 (13:19 +0200)]
s3-lib: fix segf while reading incomplete session info (bug #10003)
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 5 Jul 2013 06:13:56 +0000 (08:13 +0200)]
waf: Build with RELRO if supported by the compiler.
Make sure we create binaries with full RELocation Read-Only support. See
https://isisblogs.poly.edu/2011/06/01/relro-relocation-read-only/
for more details.
The default is to check if the compiler supports RELRO and then enable
it. Specifying '--with-relro' will make it mandatory and
'--without-relro' will disable it.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 9 Jul 2013 18:02:39 +0000 (11:02 -0700)]
smbd: Fix a profile problem
When trying to read a profile, under certain circumstances Windows tries
to read with its machine account first. The profile previously written
was stored with an ACL that only allows access for the user and not
the machine. Windows should get an NT_STATUS_ACCESS_DENIED when using
the machine account, making it retry with the user account (which would
then succeed).
Samba under these circumstances erroneously gives
NT_STATUS_OBJECT_PATH_NOT_FOUND, which makes Windows give up and not
retry. The reasons is the "dropbox" patch in unix_convert, turning EACCESS
on the last path component to OBJECT_PATH_NOT_FOUND. This patch makes
the dropbox behaviour only kick in when we are creating a file. I think
this is an abstraction violation. unix_convert() should not have to know
about the create_disposition, but given that we have pathname resolution
separated from the core open code right now this is the best we can do.
Signed-off-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 4 Jul 2013 16:11:02 +0000 (18:11 +0200)]
lib/param: sync debug related options with source3/param
The most important change is "debug hires timestamp = Yes"
and "syslog = 1".
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bj@sernet.de>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Tue Jul 9 17:15:15 CEST 2013 on sn-devel-104
Stefan Metzmacher [Tue, 9 Jul 2013 11:56:35 +0000 (13:56 +0200)]
lib/ldb-samba: only debug LDB_DEBUG_TRACE at level 10
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bj@sernet.de>
Stefan Metzmacher [Tue, 9 Jul 2013 11:56:08 +0000 (13:56 +0200)]
lib/ldb-samba: make use of DBGC_LDB
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bj@sernet.de>
Stefan Metzmacher [Tue, 9 Jul 2013 11:55:44 +0000 (13:55 +0200)]
lib/util: add 'ldb' debug class
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bj@sernet.de>
David Disseldorp [Mon, 8 Jul 2013 13:11:25 +0000 (15:11 +0200)]
tevent: document tevent_req_create state zeroing
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jul 8 20:43:49 CEST 2013 on sn-devel-104
Volker Lendecke [Mon, 8 Jul 2013 10:35:46 +0000 (12:35 +0200)]
rpc_cli: Remove some unnecessary initializations
tevent_req_create already initializes "state" to 0
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jul 8 17:04:20 CEST 2013 on sn-devel-104
Karolin Seeger [Mon, 8 Jul 2013 07:20:33 +0000 (09:20 +0200)]
docs: Fix typo.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jul 8 12:19:38 CEST 2013 on sn-devel-104
Karolin Seeger [Mon, 8 Jul 2013 07:18:17 +0000 (09:18 +0200)]
docs: Fix typo.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Björn Jacke [Wed, 3 Jul 2013 16:57:57 +0000 (18:57 +0200)]
time: prefer CLOCK_BOOTTIME for clock_gettime_mono()
this clock moves on while the machine was suspended. This is what we prefer
actually.
Signed-off-by: Björn Jacke <bj@sernet.de>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Fri Jul 5 16:47:34 CEST 2013 on sn-devel-104
Björn Jacke [Wed, 3 Jul 2013 16:51:14 +0000 (18:51 +0200)]
time: don't try to use the coarse clock
as we prefer to use the suspend aware CLOCK_BOOTTIME as monotonic clock source
we cannot deal with the mono coarse clock any more. Actually I never saw a real
performance gain with it.
Signed-off-by: Björn Jacke <bj@sernet.de>
Reviewed-by: Simo Sorce <idra@samba.org>
Stefan Metzmacher [Fri, 5 Jul 2013 10:32:07 +0000 (12:32 +0200)]
VERSION: change to 4.2.0pre1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 5 Jul 2013 10:07:53 +0000 (12:07 +0200)]
Merge remote-tracking branch 'origin/v4-1-test' into master
git merge -s ours origin/v4-1-test
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Karolin Seeger [Fri, 5 Jul 2013 08:05:19 +0000 (10:05 +0200)]
VERSION: Set version to 4.1.0rc1-GITSNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Fri Jul 5 11:56:40 CEST 2013 on sn-devel-104
Volker Lendecke [Thu, 4 Jul 2013 09:24:33 +0000 (09:24 +0000)]
tevent: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Fri Jul 5 11:10:07 CEST 2013 on sn-devel-104
Karolin Seeger [Fri, 5 Jul 2013 08:04:37 +0000 (10:04 +0200)]
WHATSNEW: Start release notes for Samba 4.1.0rc1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 4 Jul 2013 08:36:33 +0000 (10:36 +0200)]
docs: Fix typos in "use ntdb" section.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jul 4 22:44:54 CEST 2013 on sn-devel-104
Andrew Bartlett [Sat, 22 Jun 2013 09:30:50 +0000 (19:30 +1000)]
dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly
A patch by Cove Schneider <cove_s@yahoo.com> who reports:
I noticed that the RID numbers seem to increase incrementally, then
will suddenly jump by 124501. Unless I'm misunderstanding, shouldn't
RID pool allocations just be 500 at a time?
e.g. Adding accounts one after another on a single test instance here's how they're incrementing (from 4.0.6):
1596
1597
1598
1599
126100
126101
126102
...
126599
251100
...
251599
376100
...
The problem is that this complicates using sssd's AD integration, as
that it doesn't expect the RIDs to increase in a single domain so
quickly.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 4 20:13:05 CEST 2013 on sn-devel-104
Matthieu Patou [Sun, 30 Jun 2013 08:59:53 +0000 (01:59 -0700)]
Make the output of the crackname script more readable
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 3 23:17:57 CEST 2013 on sn-devel-104
(cherry picked from commit
2536ee8b640c1257dbe28a977ae0b48a62093d0c)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Jul 4 11:47:53 CEST 2013 on sn-devel-104
Andreas Schneider [Mon, 1 Jul 2013 11:02:48 +0000 (13:02 +0200)]
s3-winbind: Allow sec_initial_uid() to store creds.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 2 23:26:24 CEST 2013 on sn-devel-104
(cherry picked from commit
caf3af33deeea9bee61a741fcc991285006cc6f5)
Andreas Schneider [Mon, 1 Jul 2013 11:02:47 +0000 (13:02 +0200)]
selftest: Use higher ip numbers.
127.0.0.2 is used by some distributions to resolve the own hostname.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
a4af4fa9db768dce2e009ba132cf88525a9b8314)
Andreas Schneider [Mon, 1 Jul 2013 11:02:46 +0000 (13:02 +0200)]
selftest: Add a newline to root entries in the nss files.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
d5511b125ccfd9c46cad63796aa49258bcc0ae38)