Andreas Schneider [Thu, 10 Oct 2019 12:18:23 +0000 (14:18 +0200)]
param: Add 'server smb encrypt' parameter
And this also makes 'smb encrypt' a synonym of that.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 6 Nov 2019 16:37:45 +0000 (17:37 +0100)]
auth:creds: Introduce CRED_SMB_CONF
We have several places where we check '> CRED_UNINITIALISED',
so we better don't use CRED_UNINITIALISED for values from
our smb.conf.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Mon, 13 Jul 2020 15:23:37 +0000 (17:23 +0200)]
libcli:smb2: Use talloc NULL context if we don't have a stackframe
If we execute this code from python we don't have a talloc stackframe
around and segfault with talloc_tos().
To fix the crash we use the NULL context as we take care for freeing the
memory as soon as possible.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Mon, 13 Jul 2020 14:15:03 +0000 (16:15 +0200)]
libcli:smb2: Do not leak ptext on error
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Mon, 17 Aug 2020 12:12:48 +0000 (14:12 +0200)]
s3:smbd: Fix %U substitutions if it contains a domain name
'valid users = DOMAIN\%U' worked with Samba 3.6 and broke in a newer
version.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14467
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Aug 19 06:43:10 UTC 2020 on sn-devel-184
Andreas Schneider [Mon, 17 Aug 2020 11:39:58 +0000 (13:39 +0200)]
s3:tests: Add test for 'valid users = DOMAIN\%U'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14467
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Thu, 23 Jul 2020 02:03:23 +0000 (19:03 -0700)]
s3: libads: Don't re-do DNS lookups in ads_domain_func_level() if not needed.
ADS_STRUCT may be being reused after a
DC lookup from ads_find_dc(), so ads->ldap.ss may already have a
good address (even if ads->server.ldap_server == NULL).
Only re-initialize the ADS_STRUCT and redo the ads_find_fc()
DNS lookups if we have to.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Aug 18 09:46:28 UTC 2020 on sn-devel-184
Jeremy Allison [Thu, 23 Jul 2020 02:00:52 +0000 (19:00 -0700)]
s3: libads: Don't re-do DNS lookups in ads_current_time() if not needed.
ADS_STRUCT may be being reused after a
DC lookup from ads_find_dc(), so ads->ldap.ss may already have a
good address (even if ads->server.ldap_server == NULL).
Only re-initialize the ADS_STRUCT and redo the ads_find_fc()
DNS lookups if we have to.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 22 Jul 2020 22:35:43 +0000 (15:35 -0700)]
s3: libads: ads_connect can be passed in an ADS_STRUCT with an existing IP address.
ads_connect can be passed in a reused ADS_STRUCT
with an existing ads->ldap.ss IP address that
is stored by going through ads_find_dc()
if ads->server.ldap_server was NULL.
If ads->server.ldap_server is still NULL but
the target address isn't a zero ip address,
then store it off before zeroing out ads->ldap
so we don't keep doing multiple calls to
ads_find_dc() in the reuse case.
If a caller wants a clean ADS_STRUCT they
will re-initialize by calling ads_init(), or
call ads_destroy() both of which ensures
ads->ldap.ss is a correctly zero'ed out IP address
by using ads_zero_ldap().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Sat, 8 Aug 2020 03:24:07 +0000 (20:24 -0700)]
s3: libads: In ads_connect(), and ads_disconnect(), replace ZERO_STRUCT(ads->ldap) with calls to ads_zero_ldap(ads)
This clears out the memory, but also leaves ads->ldap as a valid (zero) IPaddr.
Otherwise it's left by accident as AF_UNSPEC (0).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Sat, 8 Aug 2020 03:22:50 +0000 (20:22 -0700)]
s3: libads: Where we implicitly zero out ads->ldap in ads_init() or ads_destroy() ensure we call ads_zero_ldap() after.
For ads_destroy(), this has a mode where the memory is not destroyed
but is being re-initialized. Horrid, but that's the way it works right
now.
This clears out the memory, but also leaves ads->ldap as a valid (zero) IPaddr.
Otherwise it's left by accident as AF_UNSPEC (0).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Sat, 8 Aug 2020 03:18:50 +0000 (20:18 -0700)]
s3: libads: Add utility function ads_zero_ldap().
When initializing or re-initializing the ldap part of the ADS_STRUCT,
we should call this to ensure that ads->ldap.ss is correctly recognized
as a zero IPaddr by is_zero_addr(). It zeros out the ads->ldap but
then adds zero_sockaddr() to initialize as AF_INET. Otherwise it's
left by accident as AF_UNSPEC (0).
Not yet used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Martin Schwenke [Tue, 28 Jul 2020 21:02:45 +0000 (07:02 +1000)]
ctdb-recoverd: Broadcast takeover run message when verifying IPs
This makes it consistent with the monitoring code. If the master has
changed then this means the master will always get the message.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Aug 18 06:24:11 UTC 2020 on sn-devel-184
Martin Schwenke [Tue, 23 Jan 2018 23:21:37 +0000 (10:21 +1100)]
ctdb-recoverd: Rename update_local_flags() -> update_flags()
This also updates remote flags so the name is misleading.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 18 Jan 2018 09:35:55 +0000 (20:35 +1100)]
ctdb-recoverd: Change update_local_flags() to use already retrieved nodemaps
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 13 Jun 2019 17:51:01 +0000 (03:51 +1000)]
ctdb-recoverd: Get remote nodemaps earlier
update_local_flags() will be changed to use these nodemaps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 13 Jun 2019 14:23:22 +0000 (00:23 +1000)]
ctdb-recoverd: Do not fetch the nodemap from the recovery master
The nodemap has already been fetched from the local node and is
actually passed to this function. Care must be taken to avoid
referencing the "remote" nodemap for the recovery master. It also
isn't useful to do so, since it would be the same nodemap.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 18 Jan 2018 09:02:42 +0000 (20:02 +1100)]
ctdb-recoverd: Change get_remote_nodemaps() to use connected nodes
The plan here is to use the nodemaps retrieved by get_remote_nodes()
in update_local_flags(). This will improve efficiency, since
get_remote_nodes() fetches flags from nodes in parallel. It also
means that get_remote_nodes() can be used exactly once early on in
main_loop() to retrieve remote nodemaps. Retrieving nodemaps multiple
times is unnecessary and racy - a single monitoring iteration should
not fetch flags multiple times and compare them.
This introduces a temporary behaviour change but it will be of no
consequence when the above changes are made.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 30 Jul 2020 01:57:51 +0000 (11:57 +1000)]
ctdb-recoverd: Fix node_pnn check and assignment of nodemap into array
This array is indexed by the same index as nodemap, not the PNN.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 18 Jan 2018 08:58:15 +0000 (19:58 +1100)]
ctdb-recoverd: Add fail callback to assign banning credits
Also drop error handling in main_loop() that is replaced by this
change.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 18 Jan 2018 08:52:22 +0000 (19:52 +1100)]
ctdb-recoverd: Add an intermediate state struct for nodemap fetching
This will allow an error callback to be added.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 18 Jan 2018 05:31:39 +0000 (16:31 +1100)]
ctdb-recoverd: Move memory allocation into get_remote_nodemaps()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 18 Jan 2018 05:41:19 +0000 (16:41 +1100)]
ctdb-recoverd: Change signature of get_remote_nodemaps()
Change 1st argument to a rec context, since this will be needed later.
Drop the nodemap argument and access it via rec->nodemap instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 17 Aug 2020 10:27:18 +0000 (20:27 +1000)]
ctdb-recoverd: Fix a local memory leak
The memory is allocated off the memory context used by the current
iteration of main loop. It is freed when main loop completes the fix
doesn't require backporting to stable branches. However, it is sloppy
so it is worth fixing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 18 Jan 2018 05:19:36 +0000 (16:19 +1100)]
ctdb-recoverd: Basic cleanups for get_remote_nodemaps()
Don't log an error on failure - let the caller can do this. Apart
from this: fix up coding style and modernise the remaining error
message.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14466
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Andrew Bartlett [Tue, 16 Jun 2020 10:23:32 +0000 (22:23 +1200)]
WHATSNEW: list deprecated parameters
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 18 01:32:21 UTC 2020 on sn-devel-184
Andrew Bartlett [Thu, 5 Sep 2019 04:55:35 +0000 (16:55 +1200)]
docs: deprecate "raw NTLMv2 auth"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 5 Sep 2019 04:55:23 +0000 (16:55 +1200)]
docs: deprecate "client plaintext auth"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 5 Sep 2019 04:54:01 +0000 (16:54 +1200)]
docs: deprecate "client NTLMv2 auth"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 5 Sep 2019 04:53:46 +0000 (16:53 +1200)]
docs: deprecate "client lanman auth"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 5 Sep 2019 04:53:20 +0000 (16:53 +1200)]
docs: deprecate "client use spnego"
This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 16 Jun 2020 09:46:33 +0000 (21:46 +1200)]
docs: Deprecate NT4-like domains and SMBv1-only protocol options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 10 Aug 2020 08:36:53 +0000 (20:36 +1200)]
selftest: Do not let deprecated option warnings muck this test up
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 29 Jul 2020 09:26:55 +0000 (21:26 +1200)]
param: Allow tests to silence deprecation warnings
This helps make output sensitive tests more reliable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 10 Aug 2020 00:18:07 +0000 (12:18 +1200)]
selftest: Add test for suppression of deprecation warnings
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 12 Aug 2020 14:33:54 +0000 (16:33 +0200)]
auth: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 17 20:59:51 UTC 2020 on sn-devel-184
Volker Lendecke [Tue, 11 Aug 2020 10:34:14 +0000 (12:34 +0200)]
tests: Fix typos
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 9 Aug 2020 14:14:02 +0000 (16:14 +0200)]
Fix a comment typo copied around
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 6 Aug 2020 16:39:01 +0000 (18:39 +0200)]
ldap_server: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 3 Aug 2020 19:55:51 +0000 (21:55 +0200)]
torture: Align a few integer types
Also move a variable closer to its use
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 4 Aug 2020 07:43:28 +0000 (09:43 +0200)]
torture: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 3 Aug 2020 19:48:41 +0000 (21:48 +0200)]
torture: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 22 Jul 2020 09:49:49 +0000 (11:49 +0200)]
gensec: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 19 Jul 2020 19:38:29 +0000 (21:38 +0200)]
auth_log_test: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 29 Jun 2020 12:59:54 +0000 (14:59 +0200)]
test: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 17 Jul 2020 20:29:10 +0000 (22:29 +0200)]
lib: Move get_socket_port() to its only consumer
This is only used in netbios_session_retarget()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 17 Jul 2020 10:56:43 +0000 (12:56 +0200)]
lib: Remove unused client_socket_port()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 21 Jul 2020 13:45:24 +0000 (15:45 +0200)]
lib: Align integer types in same_net()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 17 Jul 2020 10:55:53 +0000 (12:55 +0200)]
lib: Remove unused client_socket_addr()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 17 Jul 2020 10:52:15 +0000 (12:52 +0200)]
lib: Remove unused client_addr()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 17 Jul 2020 10:48:10 +0000 (12:48 +0200)]
lib: Remove unused open_udp_socket()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 17 Jul 2020 10:40:28 +0000 (12:40 +0200)]
lib: Move read_udp_v4_socket() to nmbd
This is the only consumer of it
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 17 Jul 2020 10:36:22 +0000 (12:36 +0200)]
lib: Move send_keepalive() to smbd/smb1_utils.c
This is a SMB1-only packet sent from smbd only
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 10 Aug 2020 12:48:45 +0000 (14:48 +0200)]
ldap_server: Do an early TALLOC_FREE()
We don't need the asn1 struct after this point anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Aug 17 11:10:04 UTC 2020 on sn-devel-184
Volker Lendecke [Mon, 10 Aug 2020 12:47:26 +0000 (14:47 +0200)]
ldap_server: Avoid talloc_memdup() for ldap_decode()
Slight optimization for the ldap server: We don't need to copy the
client PDU into the ASN1 struct, the decoding process happens
immediately in the same routine.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Martin Schwenke [Sat, 8 Aug 2020 11:05:55 +0000 (21:05 +1000)]
ctdb-doc: Link to CTDB page in wiki
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Aug 17 06:13:11 UTC 2020 on sn-devel-184
Martin Schwenke [Fri, 7 Aug 2020 02:21:33 +0000 (12:21 +1000)]
WHATSNEW: Document removal of "ctdb isnotrecmaster" command
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 7 Aug 2020 02:19:09 +0000 (12:19 +1000)]
ctdb-tools: Drop "ctdb isnotrecmaster" command
This isn't used anywhere and can easily be checked via "ctdb pnn" and
"ctdb recmaster" commands.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Christof Schmitt [Fri, 14 Aug 2020 19:18:51 +0000 (12:18 -0700)]
util: Add cmocka unit test for directory_create_or_exists
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14166
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Aug 16 07:06:59 UTC 2020 on sn-devel-184
Christof Schmitt [Fri, 14 Aug 2020 16:36:26 +0000 (09:36 -0700)]
util: Allow symlinks in directory_create_or_exist
Commit
9f60a77e0b updated the check to avoid having files or other
objects instead of a directory. This missed the valid case that there
might be a symlink to a directory. Updated the check accordingly to
allow symlinks to directories.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14166
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Matthew DeVore [Wed, 5 Aug 2020 00:49:42 +0000 (17:49 -0700)]
lib/util: Standardize use of st_[acm]time ns
Commit
810397f89a10, and possibly others, broke the build for macOS and
other environments which don't have st_[acm]tim fields on 'struct stat'.
Multiple places in the codebase used the config.h values to determine
how to access the nanosecond or microsecond values of the stat
timestamps, so rather than add more, centralize them all into
lib/util/time.c.
Also allow pvfs_fileinfo.c to read nanosecond-granularity timestamps on
platforms where it didn't before, since its #if branches were not
complete.
Signed-off-by: Matthew DeVore <matvore@google.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Aug 15 08:51:09 UTC 2020 on sn-devel-184
Matthew DeVore [Thu, 6 Aug 2020 18:18:58 +0000 (11:18 -0700)]
s3: lib: Fix unneeded relative path in #include.
Signed-off-by: Matthew DeVore <matvore@google.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Tue, 11 Aug 2020 07:51:39 +0000 (09:51 +0200)]
libsmb: Fix CID
1465860 Control flow issues (DEADCODE)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Aug 11 18:00:26 UTC 2020 on sn-devel-184
Douglas Bagnall [Sat, 4 Jul 2020 02:27:06 +0000 (14:27 +1200)]
python compat: remove text_type
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Douglas Bagnall [Sat, 4 Jul 2020 02:05:16 +0000 (14:05 +1200)]
python compat: remove binary_type
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Douglas Bagnall [Sat, 4 Jul 2020 02:01:32 +0000 (14:01 +1200)]
python compat: reduce use of 'if PY3:'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Douglas Bagnall [Sat, 4 Jul 2020 01:53:34 +0000 (13:53 +1200)]
python compat: remove StringIO
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Douglas Bagnall [Sat, 4 Jul 2020 01:47:44 +0000 (13:47 +1200)]
python compat: remove string_types
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Douglas Bagnall [Sat, 4 Jul 2020 01:44:52 +0000 (13:44 +1200)]
python compat: remove integer_types
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Isaac Boukris [Mon, 10 Aug 2020 10:15:26 +0000 (12:15 +0200)]
Remove depracated "ldap ssl ads" smb.conf option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14462
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Tue Aug 11 10:53:05 UTC 2020 on sn-devel-184
Isaac Boukris [Mon, 10 Aug 2020 10:21:51 +0000 (12:21 +0200)]
Revert "selftest: add tests for net-ads over TLS"
As we are removing the option.
This reverts commit
10f61cd39b9e03e7bb781edf04022ea6ae1f1cac.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14462
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 7 Nov 2019 09:03:36 +0000 (10:03 +0100)]
lzxpress: add bounds checking to lzxpress_decompress()
lzxpress_decompress() would wander past the end of the array in
numerous locations.
Credit to OSS-Fuzz.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14190
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19382
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20083
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22485
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22667
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Sun Aug 9 00:30:26 UTC 2020 on sn-devel-184
Ralph Boehme [Fri, 7 Aug 2020 10:07:28 +0000 (12:07 +0200)]
winbind: directly use dcerpc_binding_handle_is_connected() in reset_connection_on_error() SAMR code
In the end we should avoid rpccli_is_connected(), rpccli_set_timeout() and the
whole rpc_pipe_client concept.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14457
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Aug 8 10:59:38 UTC 2020 on sn-devel-184
Stefan Metzmacher [Fri, 7 Aug 2020 13:57:15 +0000 (15:57 +0200)]
s3:rpc_client: reverse rpccli_{is_connected,set_timeout}() and rpccli_bh_{is_connected,set_timeout}()
rpccli->transport should never be used directly,
everything should go via the binding handle.
Internal pipes don't have a transport, so p->transport is always
NULL. rpccli_is_connected() checks this and this causes all SAMR and LSA
requests for the local domain to be processed a second time by the triggered
retry logic.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14457
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Wed, 5 Aug 2020 18:37:03 +0000 (11:37 -0700)]
s3: libsmb: Cleanup - Remove the last use of a struct sockaddr_storage variable in dsgetdcname.c
Remove from process_dc_netbios().
This is a logic change, but as all the logic did was force a round-trip
through converting an already guaranteed numeric hostname printed by
print_sockaddr() inside discover_dc_netbios() to a struct
sockaddr_storage and then discard the result (!) I think it's harmless.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Aug 7 07:58:14 UTC 2020 on sn-devel-184
Jeremy Allison [Tue, 28 Jul 2020 18:54:02 +0000 (11:54 -0700)]
s3: libsmb: Cleanup - Move dsgetdcname.c to using struct samba_sockaddr internally.
Mostly renames of ss -> sa and access union members. No logic changes.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Tue, 28 Jul 2020 23:51:03 +0000 (16:51 -0700)]
s3: libsmb: Change dns_lookup_list_async() and associated functions to return a struct samba_sockaddr * array.
This fullfills the promise to Andreas and Metze
of all new code using struct samba_sockaddr.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Tue, 28 Jul 2020 18:28:19 +0000 (11:28 -0700)]
s3: libsmb: Add utility function sockaddr_storage_to_samba_sockaddr().
As requested by Andreas and Metze, ensure new code uses
struct samba_sockaddr. This is part of changing dns_lookup_list_async()
and callers to use struct samba_sockaddr.
Currently putting this into namequery.c even though it's
used inside dsgetdcname.c as I have future patches that
heavily make use of this to convert sockaddr_storage -> samba_sockaddr.
I'm not committed to putting it here, it may fit better
in lib/util/util_net.[ch]. It just needs to be somewhere
other functions inside source/libsmb/*.c can get to it,
and currently namequery.h exports the most stuff.
Not yet used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 22 Jul 2020 05:09:27 +0000 (22:09 -0700)]
s3: libsmb: Make discover_dc_dns() use async DNS.
Change to call dns_lookup_list_async(). This is
doing the samba SRV lookup followed by A and AAAA
record host lookup as resolve_ads() does and so
benefits from the same changes to make it async.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 21:56:47 +0000 (14:56 -0700)]
s3: libsmb: Make dns_lookup_list_async() available to other Samba callers.
This allows the async DNS lookups to be re-used inside the dsgetdcname() internals
code as previously described.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 22 Jul 2020 05:14:02 +0000 (22:14 -0700)]
s3: libsmb: Remove dns_lookup_list(). No longer used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 19:38:42 +0000 (12:38 -0700)]
s3: libsmb: Use dns_lookup_list_async() instead of dns_lookup_list().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Tue, 21 Jul 2020 19:34:02 +0000 (12:34 -0700)]
s3: libsmb: Add dns_lookup_list_async() - not yet used.
Take a list of hostnames and does async A and AAAA (if
supported) lookups on them. Interface compatible with
dns_lookup_list() (with the addition of one extra
parameter returning the query name list, for use inside
dsgetdcname() internals later) and we'll replace it in the next
commit. Waits for lp_get_async_dns_timeout() seconds to complete.
Commented out as not yet used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Thu, 23 Jul 2020 20:10:12 +0000 (13:10 -0700)]
s3: Parameters. Add 'async dns timeout' parameter. Default to 10. Minimum value 1.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Wed, 5 Aug 2020 22:46:04 +0000 (15:46 -0700)]
s4: tests: Add new async DNS unit test - samba4.blackbox.net_ads_dns_async(ad_member:local).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 17 Jul 2020 21:45:45 +0000 (14:45 -0700)]
s3: net: Add new 'net ads dns async <name>' command.
Will test the async DNS lookups in the next commit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 17 Jul 2020 21:30:02 +0000 (14:30 -0700)]
lib: addns: Add code for asynchronously looking up AAAA records.
Returns an array of struct samba_sockaddr.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Fri, 17 Jul 2020 21:21:09 +0000 (14:21 -0700)]
lib: addns: Add code for asynchronously looking up A records.
Returns an array of struct samba_sockaddr.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Douglas Bagnall [Thu, 6 Aug 2020 05:07:09 +0000 (17:07 +1200)]
libprc/test: add pull_string_array large array test
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Aug 7 04:44:17 UTC 2020 on sn-devel-184
Douglas Bagnall [Tue, 4 Aug 2020 23:04:11 +0000 (11:04 +1200)]
ndr: fix ndr_pull_string_array() off by one alloc
The correct line should have been
talloc_realloc(ndr->current_mem_ctx, a, const char *, count + 2);
because if the loop does not increment count on exit (it exits via
break), so count is left pointing at the thing that just got put in.
i.e., if there was one item it is at a[0], count is 0, but we also
need the trailing NULL byte at a[1] and the length is 2. Thus + 2, not
+ 1.
This will not affect ordinary (that is, non-malicious) traffic,
because talloc_realloc will not actually realloc unless it is saving a
kilobyte. Since the allocation grows slowly with the exponent ~1.25,
the actual reallocs will start happening at some point between 512 and
1024 items.
In the example we have, there were 666 pointers, and space for 824 was
allocated.
Rather than doing the +2 realloc, it is simpler to leave it off
altogether; in the common case (<512 items) it is a no-op anyway, and
in the best possible case it reduces the temporary array by 20%.
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24646
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 20 Sep 2018 02:24:32 +0000 (19:24 -0700)]
kdc: Remind us that these values need to match other values
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Tue, 18 Sep 2018 04:44:20 +0000 (21:44 -0700)]
selftest: Work around existing CA certificates to get PKINIT tests working
This could be reverted in the future, but for now the certificate validation is not what
we are testing and this allows the heimdal upgrade to work.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Thu, 6 Sep 2018 02:55:09 +0000 (14:55 +1200)]
heimdal_build: Add missing dependency on heimbase
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 27 May 2020 09:50:41 +0000 (21:50 +1200)]
Revert "build: fix the coverage build"
This reverts commit
3e072b3fb78f0d3132b1d3ce719b8f3706e8491a.
This is no longer required now that --noline is set globally
and that is a much nicer solution.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Mon, 25 Sep 2017 01:16:48 +0000 (14:16 +1300)]
heimdal_build: Do not allow warnings in the heimdal code!
(const excepted)
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Updated to 2020 requirements since changes in
13a2f70a4dd6dd68e0dbd0379d35409c5f100f06
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 27 May 2020 09:31:43 +0000 (21:31 +1200)]
Compile .l files (flex) with the waf rule at runtime
Other parts of Samba already compile these directly.
This makes these files compile with modern compiler warnings.
The primary difference (other than being built with a newer
flex) is the loss of the #include "config.h" but
this is not used in the other .l files elsewehre and does not
seem to matter on modern systems.
The generated output from compile_et asn1_compile has not changed
(so I think the hx509 case is safe).
The mdssvc case just has changed file locations and line numbers.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Mon, 25 Sep 2017 01:16:09 +0000 (14:16 +1300)]
heimdal_build: provide a prototype with the dummy afs header-only function stubs
We do not do AFS in Samba
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Mon, 25 Sep 2017 01:00:51 +0000 (14:00 +1300)]
heimdal_build: Include keys.c in the hdb autoproto
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Gary Lockyer [Thu, 21 Sep 2017 04:19:57 +0000 (16:19 +1200)]
Make HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE available in krb5.h
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Wed, 27 May 2020 10:18:31 +0000 (22:18 +1200)]
heimdal: Exclude more of plugin.c if HAVE_DLOPEN (which Samba unsets) is not set
This allows us to avoid warnings and errors due to unsued variables
and functions.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>