Garming Sam [Wed, 14 Feb 2018 00:27:27 +0000 (13:27 +1300)]
selftest: Add RODC variables to list of those exported
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Wed, 14 Feb 2018 00:27:59 +0000 (13:27 +1300)]
tests/drs_base: Allow the net drs replicate to try with a single object
This eventually passes down the replicate single object exop.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Garming Sam [Wed, 14 Feb 2018 00:26:35 +0000 (13:26 +1300)]
tests/replica_sync: Add some additional replication in setUp
This should avoid some failures due to stale objects.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 13 Feb 2018 22:19:49 +0000 (11:19 +1300)]
buildtools python: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 15 05:40:55 CET 2018 on sn-devel-144
Douglas Bagnall [Tue, 13 Feb 2018 21:36:22 +0000 (10:36 +1300)]
scripts/ python: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 13 Feb 2018 21:35:53 +0000 (10:35 +1300)]
selftest and autrobuild: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 13 Feb 2018 21:34:23 +0000 (10:34 +1300)]
drs torture python: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 13 Feb 2018 21:33:06 +0000 (10:33 +1300)]
source4/scripting python: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 13 Feb 2018 21:31:33 +0000 (10:31 +1300)]
dsdb python tests: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 13 Feb 2018 21:27:52 +0000 (10:27 +1300)]
samba python tests: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 13 Feb 2018 21:18:36 +0000 (10:18 +1300)]
samba python libs: convert 'except X, e' to 'except X as e'
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 13 Feb 2018 21:07:23 +0000 (10:07 +1300)]
samba-tool: convert 'except X, e' to 'except X as e' for all X
This is needed for Python 3 and is compatible with python 2.6
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 13 Feb 2018 22:29:54 +0000 (11:29 +1300)]
selftest: Avoid a build started around midnight failing (again)
This case most likely relates to Daylight Saving changes creating
a 23 hour day.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andreas Schneider [Fri, 5 Jan 2018 09:43:18 +0000 (10:43 +0100)]
smbspool: Initialize empty_str on declaration
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Sun, 11 Feb 2018 22:06:25 +0000 (11:06 +1300)]
selftest: GnuTLS is already mandetory to build the AD DC
This change avoids the code behind 'if have_tls_support' becoming untested
if the configure logic changes. We already assert that we have GnuTLS
elsewhere in the AD DC build scripts.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Sun, 11 Feb 2018 22:03:25 +0000 (11:03 +1300)]
selftest: Require jansson support for selftest of the AD DC
This avoids this code becoming untested if a package is not installed or
the configure test is accidentially broken.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Thu, 8 Feb 2018 03:01:41 +0000 (16:01 +1300)]
test samba-tool drs showrepl: test --json output
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 8 Feb 2018 02:52:01 +0000 (15:52 +1300)]
samba-tool drs showrepl: add --json option for JSON output
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 2 Feb 2018 02:39:47 +0000 (15:39 +1300)]
samba-tool drs showrepl: restructure in preparation for --json
Basically we just separate data extraction from printing.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 8 Feb 2018 01:22:39 +0000 (14:22 +1300)]
test samba-tool drs showrepl: test expected output more strictly
We try to ensure the output has all the expected information in the
expected order.
Soon we're going to add a JSON output mode, and we are strengthening
the tests here to ensure we don't break anything.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 8 Feb 2018 01:47:55 +0000 (14:47 +1300)]
test samba-tool drs showrepl: fix formatting and unused imports
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Fri, 2 Feb 2018 02:59:38 +0000 (15:59 +1300)]
tests: move samba-tool drs showrepl into its own suite
This is a simple copy of the sowrepl test to the new file, making room
to expand the test and (soon) to test JSON output.
pep-8 intentionally ignored to show this is a copy.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Sat, 10 Feb 2018 22:59:40 +0000 (11:59 +1300)]
python.subunit: add assertRegexpMatches for Python 2.6
This is used in python/samba/tests/samba_tool/provision_password_check.py
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Lumir Balhar [Tue, 30 Jan 2018 17:55:12 +0000 (18:55 +0100)]
python: tests: Make tests of dsdb Python module Python 3 compatible
Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Lumir Balhar [Tue, 30 Jan 2018 17:53:38 +0000 (18:53 +0100)]
python: Port dsdb module to Python 3 compatible form.
Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Lumir Balhar [Tue, 30 Jan 2018 17:52:11 +0000 (18:52 +0100)]
python: Port samdb module to Python 3 compatible form
Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Lumir Balhar [Fri, 9 Feb 2018 19:49:36 +0000 (20:49 +0100)]
python: Add `text_type` Python 2/3 compatible function name.
This compatible function name represents `str` in Python 3
and `unicode` in Python 2.
Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Lumir Balhar [Tue, 30 Jan 2018 17:47:32 +0000 (18:47 +0100)]
python: Port dsdb_dns module to Python 3 compatible form.
Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 30 Jan 2018 17:09:00 +0000 (18:09 +0100)]
python: Convert base64 encoded password to utf-8
Pair-Programmed-With: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 30 Jan 2018 15:39:21 +0000 (16:39 +0100)]
python: Generate random test usernames
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 14 Feb 2018 11:05:16 +0000 (12:05 +0100)]
docs: Add a not that 'wbinfo --user-groups' may be incomplete
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Feb 14 20:32:18 CET 2018 on sn-devel-144
Volker Lendecke [Sun, 4 Feb 2018 15:13:43 +0000 (15:13 +0000)]
libsocket: Avoid an unnecessary else branch
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Feb 13 21:07:17 CET 2018 on sn-devel-144
Volker Lendecke [Sun, 4 Feb 2018 15:48:23 +0000 (15:48 +0000)]
net: Slightly simplify net_lookup_dsgetdcname()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 12 Jan 2018 21:16:39 +0000 (22:16 +0100)]
dsgetdcname: Add some const
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 30 Jan 2018 12:47:35 +0000 (13:47 +0100)]
libsmb: Fix an error path memleak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 07:55:03 +0000 (08:55 +0100)]
libsmb: Fix destructor setup in unexpected.c
The destructor does DLIST_REMOVE, so better make sure "client" is in fact
member of that list when the destructor fires
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 4 Feb 2018 16:41:04 +0000 (16:41 +0000)]
libcli: Fix a cut&paste typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sun, 4 Feb 2018 15:45:57 +0000 (15:45 +0000)]
net: Add some {}
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Mon, 29 Jan 2018 09:17:11 +0000 (10:17 +0100)]
nbt_server: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 2 Feb 2018 12:13:31 +0000 (13:13 +0100)]
libnbt: Apply some const
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Sat, 3 Feb 2018 12:48:35 +0000 (12:48 +0000)]
libnbt: Use TALLOC_FREE
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Mon, 12 Feb 2018 10:24:26 +0000 (11:24 +0100)]
docs: Fix smbpasswd manpage about password storage
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Feb 13 16:25:33 CET 2018 on sn-devel-144
Volker Lendecke [Wed, 7 Feb 2018 13:32:37 +0000 (14:32 +0100)]
smbd: remove "id" from share_mode_entry
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 13 05:01:38 CET 2018 on sn-devel-144
Volker Lendecke [Wed, 7 Feb 2018 11:28:13 +0000 (12:28 +0100)]
smbd: Pass "file_id" explicitly to send_break_to_none
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 11:24:35 +0000 (12:24 +0100)]
smbd: Pass "file_id" explicitly to send_break_message()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 11:16:10 +0000 (12:16 +0100)]
srvsvc: Avoid a dependency on share_mode_entry->id
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 11:11:10 +0000 (12:11 +0100)]
smbd: Avoid a dependency on share_mode_entry->id
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 10:40:58 +0000 (11:40 +0100)]
smbd: Avoid a dependency on share_mode_entry->id
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 10:39:32 +0000 (11:39 +0100)]
smbd: Pass "file_id" explicitly to message_to_share_mode_entry()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 10:36:51 +0000 (11:36 +0100)]
smbd: Pass "file_id" explicitly into share_mode_entry_to_message()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 10:14:31 +0000 (11:14 +0100)]
smbd: Remove a redundant check
The file ids in all share modes match the share_mode_data's one
We don't have a paranoia check for this, but the share mode is per inode.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 10:13:40 +0000 (11:13 +0100)]
smbd: Use "share_mode_data->id", not "share_mode_entry->id"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 10:10:14 +0000 (11:10 +0100)]
srvsvc: Use the passed-in file_id
The one in share_mode_entry will go
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 10:09:10 +0000 (11:09 +0100)]
smbd: Pass in "file_id" into validate_my_share_entries
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 10:05:33 +0000 (11:05 +0100)]
smbd: Pass in "file_id" into share_mode_str()
This used to directly access share_entry->id, which will go
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 09:52:23 +0000 (10:52 +0100)]
srvsvc: Use the passed-in file id, not the one from share_mode_entry
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 09:43:11 +0000 (10:43 +0100)]
smbd: Pass "file_id" through share_entry_forall
It's also in the share_entry, but that is redundant and will go
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Feb 2018 09:05:57 +0000 (10:05 +0100)]
smbd: Fix a signed/unsigned hickup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 9 Feb 2018 15:19:53 +0000 (16:19 +0100)]
winbindd: Initialize the domain groups member
==9405== 4 errors in context 1 of 493:
==9405== Conditional jump or move depends on uninitialised value(s)
==9405== at 0x7507F71: vfprintf (in /lib64/libc-2.12.so)
==9405== by 0x75C515B: __vasprintf_chk (in /lib64/libc-2.12.so)
==9405== by 0x2A8728: dbgtext (stdio2.h:199)
==9405== by 0x22DCBB: winbindd_list_groups_done (winbindd_list_groups.c:127)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x3CDAE8: dcerpc_binding_handle_call_done (binding_handle.c:445)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x6C7F568: _tevent_req_error (tevent_req.c:167)
==9405== by 0x202701: wbint_bh_raw_call_done (winbindd_dual_ndr.c:139)
==9405== by 0x6C82C60: tevent_common_loop_timer_delay (tevent_timed.c:341)
==9405== by 0x6C83CA1: epoll_event_loop_once (tevent_epoll.c:911)
==9405== by 0x6C822D5: std_event_loop_once (tevent_standard.c:114)
==9405== by 0x6C7DC3C: _tevent_loop_once (tevent.c:533)
==9405== by 0x1D8A03: main (winbindd.c:1490)
==9405== Uninitialised value was created by a heap allocation
==9405== at 0x4A069EE: malloc (vg_replace_malloc.c:270)
==9405== by 0x6A71DCA: _talloc_array (in /usr/lib64/libtalloc.so.2.1.5)
==9405== by 0x22D959: winbindd_list_groups_send (winbindd_list_groups.c:69)
==9405== by 0x1D76BC: winbind_client_request_read (winbindd.c:647)
==9405== by 0x23AF2A: wb_req_read_done (wb_reqtrans.c:126)
==9405== by 0x6C83EA5: epoll_event_loop_once (tevent_epoll.c:728)
==9405== by 0x6C822D5: std_event_loop_once (tevent_standard.c:114)
==9405== by 0x6C7DC3C: _tevent_loop_once (tevent.c:533)
==9405== by 0x1D8A03: main (winbindd.c:1490)
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Feb 13 00:25:27 CET 2018 on sn-devel-144
Andreas Schneider [Fri, 9 Feb 2018 14:33:39 +0000 (15:33 +0100)]
winbindd: Free is_parent before we terminate
This makes valgrind happy.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andreas Schneider [Fri, 9 Feb 2018 14:27:42 +0000 (15:27 +0100)]
winbindd: Free memory before we exit the connect child
This will make valgrind happy.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Fri, 9 Feb 2018 09:27:55 +0000 (10:27 +0100)]
winbind: Improve child selection
This improves the situation when a client request blocks a winbind
child. This might be a slow samlogon or lookupnames to a domain that's
far away. With random selection of the child for new request coming in
we could end up with a long queue when other, non-blocked children
could serve those new requests. Choose the shortest queue.
This is an immediate and simple fix. Step two will be to have a
per-domain and not a per-child queue. Right now we're pre-selecting
the check-out queue at Fry's randomly without looking at the queue
length. With this change we're picking the shortest queue. The better
change will be what Fry's really does: One central queue and red/green
lights on the busy/free checkout counters.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Feb 12 19:51:35 CET 2018 on sn-devel-144
Douglas Bagnall [Fri, 9 Feb 2018 10:09:41 +0000 (23:09 +1300)]
tests/samba-tool user wdigest: fix a flapping test
The output of something like
samba-tool user getpassword $USER --attributes virtualWDigest01
contains an LDIF section with long strings folded on the 77th column.
To unfold this LDIF we were using:
result = re.sub(r"\n\s*", '', out)
which worked fine EXCEPT when a space in the output happened to land
immediately after the fold and got eaten by the \s*.
Instead we remove just a single space after the line break, because
that is always what fold_string() in lib/ldb/common/ldb_ldif.c
inserts, and for this simple replacement we don't need the re module.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb 12 05:21:01 CET 2018 on sn-devel-144
Douglas Bagnall [Fri, 9 Feb 2018 01:29:43 +0000 (14:29 +1300)]
tests: SambaToolCmdTest.assertMatch() indicates what was asserted
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 22:13:12 +0000 (23:13 +0100)]
winbindd: WBFLAG_PAM_AUTH_PAC should call add_trusted_domain_from_auth() is the result is trusted
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Feb 10 13:08:50 CET 2018 on sn-devel-144
Stefan Metzmacher [Fri, 9 Feb 2018 07:38:18 +0000 (08:38 +0100)]
winbindd: rename winbindd_pam_auth_pac_send and let it return validation
Just a preperational step. The next commit will update the caller to
make use of the validation info.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 22:10:42 +0000 (23:10 +0100)]
winbindd: complete WBFLAG_PAM_AUTH_PAC handling in winbindd_pam_auth_crap_send()
winbindd_pam_auth_crap_recv() should not have any real logic.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 22:02:26 +0000 (23:02 +0100)]
winbindd: let winbindd_pam_auth_pac_send() compute info6 from PAC
This way we don't loose the DNS info and UPN. A subsequent commit will
let winbindd_pam_auth_pac_send() return the full validation info.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 21:00:35 +0000 (22:00 +0100)]
winbindd: call add_trusted_domain_from_auth() in winbindd_pam_auth_crap_done()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 20:34:46 +0000 (21:34 +0100)]
winbindd: get netr_SamInfo6 out of winbindd_dual_pam_auth_kerberos()
This way we don't loose dns_domain_name and user principal.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13261
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 20:32:53 +0000 (21:32 +0100)]
s3/rpc_client: add map_info6_to_validation()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13261
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 20:32:25 +0000 (21:32 +0100)]
s3/auth: add create_info6_from_pac()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13261
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 16:58:07 +0000 (17:58 +0100)]
s4/auth_winbind: ask for validation level 6
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13260
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 16:57:37 +0000 (17:57 +0100)]
winbindd: allow validation level 6 in winbind_SamLogon
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13260
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 16:53:49 +0000 (17:53 +0100)]
s3/rpc_client: add copy_netr_SamInfo6() and map_validation_to_info6()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13260
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 2 Feb 2018 14:24:00 +0000 (15:24 +0100)]
winbindd: introduce a cm_connect_netlogon_secure() which gives a valid netlogon_creds_ctx
At lot of callers require a valid schannel connection.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13259
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 16:39:15 +0000 (17:39 +0100)]
winbindd: handle interactive logons in _winbind_SamLogon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 16:37:54 +0000 (17:37 +0100)]
winbindd: pass 'bool interactive' to winbind_dual_SamLogon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 8 Feb 2018 16:23:49 +0000 (17:23 +0100)]
winbindd: add a comment to a parameter in _winbind_SamLogon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 15:36:45 +0000 (16:36 +0100)]
winbindd: separate plaintext given and interactive in winbind_samlogon_retry_loop()
We need to handle 4 cases:
plaintext_given=true interactive=true
plaintext_given=false interactive=true
plaintext_given=true interactive=false
plaintext_given=false interactive=false
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 9 Feb 2018 15:15:18 +0000 (16:15 +0100)]
s3/rpc_client: add rpccli_netlogon_interactive_logon()
This will be used in a subsequent commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13258
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 23 Jan 2018 22:19:32 +0000 (23:19 +0100)]
winbindd: add_trusted_domain_from_auth() should not use dns_name = ""
Check whether the DNS domain name in the info6 struct is actually more
then just an empty string. If it is we want to call add_trusted_domain()
with NULL as DNS domain name argument.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13257
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Sun, 4 Feb 2018 21:48:01 +0000 (22:48 +0100)]
wbinfo: avoid segfault in wbinfo_auth_crap() if winbindd is not available
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13256
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 31 Jan 2018 07:22:07 +0000 (08:22 +0100)]
winbindd: fix debug message in find_default_route_domain() on a DC
As we don't support multiple domains in a forest yet,
we don't need to print a warning a log level 0.
This also adds a missing \n.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13255
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Thu, 18 Jan 2018 15:35:52 +0000 (16:35 +0100)]
s4/rpc_server: trigger trusts reload in winbindd after successfull trust info acquisition
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 18 Jan 2018 15:35:13 +0000 (16:35 +0100)]
winbindd: rename MSG_WINBIND_NEW_TRUSTED_DOMAIN to MSG_WINBIND_RELOAD_TRUSTED_DOMAINS
This reflects the new implementation in winbindd.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 18 Jan 2018 10:32:30 +0000 (11:32 +0100)]
s4/rpc_server: remove unused data argument from MSG_WINBIND_NEW_TRUSTED_DOMAIN
winbindd doesn't use that data anymore.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 18 Jan 2018 10:30:53 +0000 (11:30 +0100)]
winbindd: use add_trusted_domains_dc in wb_imsg_new_trusted_domain
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 18 Jan 2018 10:28:20 +0000 (11:28 +0100)]
winbindd: move loading of trusted domains on a DC to a seperate function
This allows using the split out function in a subsequent commit in the
MSG_WINBIND_NEW_TRUSTED_DOMAIN message handler.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13237
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 12:02:04 +0000 (13:02 +0100)]
winbindd: don't force using LSA_LOOKUP_NAMES_ALL for non workstation trusts.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13236
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 11:57:11 +0000 (12:57 +0100)]
s3:rpc_client: pass down lsa_LookupNamesLevel to dcerpc_lsa_lookup_sids_generic()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13236
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 11:06:50 +0000 (12:06 +0100)]
winbindd: prepare find_lookup_domain_from_{name,sid}() transitive trusts on a DC
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13235
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 11:06:50 +0000 (12:06 +0100)]
winbindd: prepare find_auth_domain() transitive trusts on a DC
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13235
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 11:03:11 +0000 (12:03 +0100)]
winbindd: remove const from set_routing_domain()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13235
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 11:02:05 +0000 (12:02 +0100)]
winbindd: use Netlogon{Interactive,Network}TransitiveInformation on transitive trusts
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13234
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 11:00:19 +0000 (12:00 +0100)]
s3:rpc_client: allow passing NetlogonNetwork[Transitive]Information to rpccli_netlogon_network_logon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13234
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 10:58:31 +0000 (11:58 +0100)]
s3:rpc_client: allow Netlogon{Network,Interactive}TransitiveInformation in rpccli_netlogon_password_logon()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13234
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Thu, 18 Jan 2018 07:38:59 +0000 (08:38 +0100)]
winbindd: add routing_domain as parameter to add_trusted_domain
This also fixes the following CIDs:
CID
1427622: Null pointer dereferences (REVERSE_INULL)
CID
1427619: Null pointer dereferences (REVERSE_INULL)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13233
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 13:30:48 +0000 (14:30 +0100)]
winbindd: add missing can_do_ncacn_ip_tcp initialisation
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13232
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2018 13:30:12 +0000 (14:30 +0100)]
winbindd: remove useless calls to get_trust_credentials() before cli_rpc_pipe_open_schannel_with_creds()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13231
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>