Michael Hanselmann [Thu, 11 Apr 2019 22:46:49 +0000 (00:46 +0200)]
Add fuzzing binary for ldb_parse_tree
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Michael Hanselmann [Tue, 9 Apr 2019 23:20:36 +0000 (01:20 +0200)]
Add fuzzing binary for ldap_decode
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Michael Hanselmann [Tue, 9 Apr 2019 22:36:03 +0000 (00:36 +0200)]
Add fuzzing binary for lzxpress
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Michael Hanselmann [Thu, 4 Apr 2019 00:26:26 +0000 (02:26 +0200)]
Add fuzzing binary for regfio
Checksums are better ignored during fuzzing, hence a flag is added to
the regfio parser to disable checksums.
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Michael Hanselmann [Mon, 23 Sep 2019 21:53:55 +0000 (21:53 +0000)]
regfio: Allow ignoring of checksum
In order to get good coverage fuzzing code has to either calculate
checksums correctly or to disable their verification. This change
implements the latter for the "REGF_FILE" structure used by the
"regfio_*" family of functions.
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Michael Hanselmann [Thu, 4 Apr 2019 22:50:09 +0000 (00:50 +0200)]
Add fuzzing binary for reg_parse
A temporary file is used to store the fuzzing input.
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Michael Hanselmann [Mon, 23 Sep 2019 21:47:51 +0000 (21:47 +0000)]
Build registry parsing code into subsystem
Fuzzing code will make use of the "reg_parse_fd" function. By building
it into the "SMBREGISTRY" subsystem it can just be linked and
"reg_parse.c" doesn't need to be explicitly included.
Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 06:10:26 +0000 (08:10 +0200)]
selftest/Samba3.pm: use "winbind use krb5 enterprise principals = yes" for ad_member
This demonstrates that can do krb5_auth in winbindd without knowning about trusted domains.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Sep 24 19:51:29 UTC 2019 on sn-devel-184
Stefan Metzmacher [Wed, 18 Sep 2019 06:02:38 +0000 (08:02 +0200)]
selftest/Samba3.pm: use "winbind scan trusted domains = no" for ad_member
This demonstrates that we rely on knowning about trusted domains before
we can do krb5_auth in winbindd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Sat, 10 Jun 2017 12:38:40 +0000 (14:38 +0200)]
selftest/tests.py: test pam_winbind for trusts domains
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Mon, 20 Mar 2017 10:39:41 +0000 (11:39 +0100)]
selftest: Export TRUST information in the ad_member target environment
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 12:03:34 +0000 (14:03 +0200)]
selftest/tests.py: test pam_winbind with a lot of username variations
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 06:08:57 +0000 (08:08 +0200)]
selftest/tests.py: test pam_winbind with krb5_auth
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 23:25:23 +0000 (01:25 +0200)]
selftest/tests.py: prepare looping over pam_winbindd tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 23:25:58 +0000 (01:25 +0200)]
test_pam_winbind.sh: allow different pam_winbindd config options to be specified
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 20 Sep 2019 06:13:28 +0000 (08:13 +0200)]
tests/pam_winbind.py: allow upn names to be used in USERNAME with an empty DOMAIN value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 06:04:42 +0000 (08:04 +0200)]
tests/pam_winbind.py: turn pypamtest.PamTestError into a failure
A failure generated by the AssertionError() checks can be added
to selftest/knownfail.d/*.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 19 Jul 2019 15:10:09 +0000 (15:10 +0000)]
s3:winbindd: implement the "winbind use krb5 enterprise principals" logic
We can use enterprise principals (e.g. upnfromB@B.EXAMPLE.COM@PRIMARY.A.EXAMPLE.COM)
and delegate the routing decisions to the KDCs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 11 Sep 2019 14:44:43 +0000 (16:44 +0200)]
docs-xml: add "winbind use krb5 enterprise principals" option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 13:52:25 +0000 (15:52 +0200)]
krb5_wrap: let smb_krb5_parse_name() accept enterprise principals
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 14:04:30 +0000 (16:04 +0200)]
s3:libads: ads_krb5_chg_password() should always use the canonicalized principal
We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.
There's no reason to have a different logic between MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 14:04:30 +0000 (16:04 +0200)]
s4:auth: kinit_to_ccache() should always use the canonicalized principal
We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.
There's no reason to have a different logic between MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 14:04:30 +0000 (16:04 +0200)]
krb5_wrap: smb_krb5_kinit_password_ccache() should always use the canonicalized principal
We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.
There's no reason to have a different logic between MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 14:04:30 +0000 (16:04 +0200)]
s3:libads/kerberos: always use the canonicalized principal after kinit
We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.
There's no reason to have a different logic between MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 06:49:13 +0000 (08:49 +0200)]
s3:libsmb: let cli_session_creds_prepare_krb5() update the canonicalized principal to cli_credentials
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 08:08:10 +0000 (10:08 +0200)]
s3:libsmb: avoid wrong debug message in cli_session_creds_prepare_krb5()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 16 Sep 2019 15:14:11 +0000 (17:14 +0200)]
s3:libads: let kerberos_kinit_password_ext() return the canonicalized principal/realm
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 06:05:09 +0000 (08:05 +0200)]
s4:auth: use the correct client realm in gensec_gssapi_update_internal()
The function gensec_gssapi_client_creds() may call kinit and gets
a TGT for the user. The principal provided by the user may not
be canonicalized. The user may use 'given.last@example.com'
but that may be mapped to glast@AD.EXAMPLE.PRIVATE in the background.
It means we should use client_realm = AD.EXAMPLE.PRIVATE
instead of client_realm = EXAMPLE.COM
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 11:58:46 +0000 (13:58 +0200)]
nsswitch: add logging to wbc_auth_error_to_pam_error() for non auth errors
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Björn Jacke [Fri, 23 Aug 2019 00:19:20 +0000 (02:19 +0200)]
wscript_build: string concatenation efficiency cleanup
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Tue Sep 24 13:40:21 UTC 2019 on sn-devel-184
Björn Jacke [Fri, 23 Aug 2019 00:21:17 +0000 (02:21 +0200)]
pfm_verif: string concatenation efficiency cleanup
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:10:19 +0000 (23:10 +0200)]
scripting: avoid inefficient string redefinition
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:09:19 +0000 (23:09 +0200)]
wscript: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:08:18 +0000 (23:08 +0200)]
s3/wscript: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:07:48 +0000 (23:07 +0200)]
posixacl.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:07:13 +0000 (23:07 +0200)]
auth_log_winbind.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:06:19 +0000 (23:06 +0200)]
schema.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:06:00 +0000 (23:06 +0200)]
user.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:05:31 +0000 (23:05 +0200)]
gpo.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:05:10 +0000 (23:05 +0200)]
kcc_utils.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:04:25 +0000 (23:04 +0200)]
traffic.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Martin Schwenke [Mon, 9 Sep 2019 07:59:15 +0000 (17:59 +1000)]
ctdb-tests: Switch TEST_VAR_DIR to a local script variable
This is now local to run_tests.sh.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Sep 24 03:46:59 UTC 2019 on sn-devel-184
Martin Schwenke [Mon, 9 Sep 2019 06:13:45 +0000 (16:13 +1000)]
ctdb-tests: Use CTDB_TEST_TMP_DIR in integration.bash
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 5 Sep 2019 03:57:35 +0000 (13:57 +1000)]
ctdb-tests: Switch simple tests to use CTDB_TEST_TMP_DIR
CTDB_TEST_TMP_DIR repaces SIMPLE_TESTS_VAR_DIR. local.bash no longer
needs to ensure that TEST_VAR_DIR is set, since it longer uses this
variable. Drop the comment because state has not been maintained
between tests for some time.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 11:35:39 +0000 (21:35 +1000)]
ctdb-tests: Switch takeover helper unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 11:35:16 +0000 (21:35 +1000)]
ctdb-tests: Switch tool unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 09:58:46 +0000 (19:58 +1000)]
ctdb-tests: Switch onnode unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 10:13:19 +0000 (20:13 +1000)]
ctdb-tests: Switch eventscript unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 11:35:54 +0000 (21:35 +1000)]
ctdb-tests: Switch eventd unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 11:47:52 +0000 (21:47 +1000)]
ctdb-tests: Switch cunit unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 5 Sep 2019 03:42:26 +0000 (13:42 +1000)]
ctdb-tests: Add new variable CTDB_TEST_TMP_DIR
This is a subdirectory of TEST_VAR_DIR that is unique to the current
test suite. It is recreated for each individual test.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 9 Sep 2019 06:19:52 +0000 (16:19 +1000)]
ctdb-tests: Move setting of CTDB_TEST_SUITE_DIR to run_tests.sh
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 10:54:37 +0000 (20:54 +1000)]
ctdb-tests: Rename variable TEST_SUBDIR -> CTDB_TEST_SUITE_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 5 Sep 2019 05:47:13 +0000 (15:47 +1000)]
ctdb-tests: Use local_daemons.sh onnode for local daemons tests
With some upcoming changes, the setting of CTDB_BASE becomes
problematic because it will be included unconditionally whereas it is
currently being conveniently and almost accidentally not include in
some contexts.
So, instead of trying to coerce onnode into behaving as desired, have
the local daemons tests use local_daemons.sh onnode directly.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 Sep 2019 06:57:36 +0000 (16:57 +1000)]
ctdb-tests: Use local $ctdb_base instead of $CTDB_BASE
The latter might not be defined in a test.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 Sep 2019 06:13:05 +0000 (16:13 +1000)]
ctdb-tests: Generalise pattern for matching valgrind memcheck executable
On my laptop this is "memcheck-amd64-linux instead of just "memcheck".
Alternatively, this part of the test could simply be skipped if
$VALGRIND is set.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Volker Lendecke [Fri, 20 Sep 2019 15:37:28 +0000 (08:37 -0700)]
smbd: Add an error return END_PROFILE call
All other return; statements in reply_tcon_and_X have this
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Sep 23 17:06:25 UTC 2019 on sn-devel-184
Björn Jacke [Sat, 21 Sep 2019 11:24:59 +0000 (13:24 +0200)]
classicupgrade: fix a a bytes-like object is required, not 'str' error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14136
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Björn Baumbach <bb@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Mon Sep 23 12:58:20 UTC 2019 on sn-devel-184
Björn Jacke [Mon, 23 Sep 2019 06:57:33 +0000 (08:57 +0200)]
fault.c: improve fault_report message text pointing to our wiki
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14139
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:03:54 +0000 (23:03 +0200)]
samba_version.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Sep 21 20:50:17 UTC 2019 on sn-devel-184
Björn Jacke [Sun, 25 Aug 2019 21:02:37 +0000 (23:02 +0200)]
samba_deps.py avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:02:00 +0000 (23:02 +0200)]
samba_bundled.py avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:01:22 +0000 (23:01 +0200)]
samba_autoconf.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 20:53:59 +0000 (22:53 +0200)]
samba_abi.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 22:50:29 +0000 (00:50 +0200)]
user.py: import tempfile module only where needed
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Sat, 28 Oct 2017 08:44:11 +0000 (10:44 +0200)]
spoolss: Add PRINTER_DRIVER_CATEGORY_3D driver define
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Sep 20 12:58:49 UTC 2019 on sn-devel-184
Günther Deschner [Wed, 18 Sep 2019 17:41:50 +0000 (19:41 +0200)]
s4-torture: add netr_LogonGetDomainInfo NDR(64) tests
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Sep 20 02:32:44 UTC 2019 on sn-devel-184
Günther Deschner [Wed, 18 Sep 2019 23:55:09 +0000 (01:55 +0200)]
s4-torture: reformat test table in ndr test
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Wed, 18 Sep 2019 17:48:40 +0000 (19:48 +0200)]
torture: add torture_suite_add_ndr_pull_io_test_flags()
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Wed, 18 Sep 2019 02:11:33 +0000 (04:11 +0200)]
s3-rpcclient: add logongetdomaininfo command
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 20 Jul 2015 12:00:05 +0000 (14:00 +0200)]
libcli/auth: add netlogon_creds_cli_LogonGetDomainInfo()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 15 Aug 2019 11:22:43 +0000 (13:22 +0200)]
netlogon.idl: fix the marshalling of netr_trust_extension_container for NDR64
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 15 Aug 2019 11:22:43 +0000 (13:22 +0200)]
netlogon.idl: fix the marshalling of netr_OsVersion for NDR64
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 20 Mar 2018 11:40:25 +0000 (12:40 +0100)]
security.idl: add SE_GROUP_INTEGRITY[_ENABLED] to security_GroupAttrs
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 20 Mar 2018 11:39:02 +0000 (12:39 +0100)]
librpc/idl: change from samr_GroupAttrs in samr.idl to security_GroupAttrs in security.idl
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 22:44:33 +0000 (23:44 +0100)]
security.idl: add GUID_DRS_ALLOWED_TO_AUTHENTICATE
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Günther Deschner [Thu, 12 Sep 2019 21:27:13 +0000 (23:27 +0200)]
misc: fix AD trust attributes in adssearch
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Thu, 12 Sep 2019 14:36:20 +0000 (16:36 +0200)]
lsa: document new LSA trust attributes
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Thu, 12 Sep 2019 14:39:10 +0000 (16:39 +0200)]
s3-winbindd: fix forest trusts with additional trust attributes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14130
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Mon, 16 Sep 2019 23:50:33 +0000 (01:50 +0200)]
s3-libads: adapt to coding standards, no code changes
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Sep 19 20:48:45 UTC 2019 on sn-devel-184
Karolin Seeger [Thu, 19 Sep 2019 07:19:40 +0000 (09:19 +0200)]
s3/vfs_shadow_copy2.c: Fix typo in comment.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Thu Sep 19 14:09:44 UTC 2019 on sn-devel-184
Karolin Seeger [Thu, 19 Sep 2019 07:18:44 +0000 (09:18 +0200)]
docs: Fix typo in vfs_ceph_snapshots man page.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Andrew Bartlett [Fri, 16 Aug 2019 08:54:03 +0000 (20:54 +1200)]
replace: Remove crypt() reimplementation
Use of Samba with plaintext authenticaiton is incredibly rare, even more
rare is plaintext authentication on systems without a crypt() call and
where DES based crypt() would be the right thing to do.
Remove this additional cryptographic code per our current efforts
to rely entirely on external libraries instead.
Similar to the arguments in this thread about zlib discussed on
samba-technical here:
https://lists.samba.org/archive/samba-technical/2019-May/133476.html
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Sep 19 09:28:21 UTC 2019 on sn-devel-184
Volker Lendecke [Fri, 30 Aug 2019 13:08:40 +0000 (15:08 +0200)]
messaging: Do POOL_USAGE via a socket
This makes debugging run-away processes much more efficient and even
possible at all: If the pool-usage output is more than 256MB, the
previous code could not realloc it and threw it away. Also, it is not
helpful for an already huge process to allocate even more.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 18 21:27:30 UTC 2019 on sn-devel-184
Volker Lendecke [Fri, 30 Aug 2019 15:09:20 +0000 (17:09 +0200)]
lib: Add talloc_full_report_printf()
Print the talloc full report into a FILE*. talloc itself provides a
very similar function, talloc_report_full(). However, that has a
slightly different output, in particular it does not print the
contents of strings, which is very handy for debugging.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 2 Sep 2019 09:41:05 +0000 (11:41 +0200)]
lib: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 18 Sep 2019 16:19:37 +0000 (09:19 -0700)]
messaging4: Pass fds to messaging handlers
Boiler-plate replacement moving the (num_fds!=0) check down
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Sam Zaydel [Thu, 7 Feb 2019 20:07:57 +0000 (20:07 +0000)]
Argument to control number of operations -o no longer valid
(This patch, only removing manpage text, submitted by gitlab.com user
Sam Zaydel @szaydel in MR 243 but without a Signed-off-by, so I
(Andrew Bartlett) am adding mine to say I'm happy to say this is a
legitimate and deliberate contribtion.)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 18 19:51:11 UTC 2019 on sn-devel-184
Mathieu Parent [Wed, 18 Sep 2019 03:15:47 +0000 (03:15 +0000)]
pod2man is no longer needed
Since
e24e344d0da58013fd5fa404529fe1d25ef403bf.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14131
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bryan Mason [Mon, 16 Sep 2019 19:35:06 +0000 (12:35 -0700)]
s3:client:Use DEVICE_URI, instead of argv[0],for Device URI
CUPS sanitizes argv[0] by removing username/password, so use
DEVICE_URI environment variable first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14128
Signed-off-by: Bryan Mason <bmason@redhat.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Sep 18 12:31:11 UTC 2019 on sn-devel-184
Jeremy Allison [Tue, 17 Sep 2019 23:08:17 +0000 (16:08 -0700)]
s3: VFS: Remove vfs_netatalk. Old, unused and unmaintained.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 18 01:26:06 UTC 2019 on sn-devel-184
Volker Lendecke [Mon, 16 Sep 2019 23:16:40 +0000 (16:16 -0700)]
smbd: Don't always walk the share mode array in open_mode_check()
share_mode_data->flags contains the "most restrictive" share mode of
the whole array. This is maintained lazily: Whenever set_share_mode()
is called, d->flags is updated if the new share mode got more
restrictive. It is not updated when a file is closed, as this would
mean we would have to walk the whole array, making sure that the
closed handle was indeed the only most restrictive one. Instead, we
walk the share mode array only when a conflict happens: Then we need
to know "the truth" and recalculate it by walking the share mode
array.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 18 00:07:13 UTC 2019 on sn-devel-184
Volker Lendecke [Fri, 9 Aug 2019 14:27:48 +0000 (16:27 +0200)]
smbd: Add share mode flags
This will contain a summary of the "most restrictive" share mode and
lease, i.e. intersection of all share_access entries and the union of
all access_mask and leases in the share mode array. This way
open_mode_check in the non-conflicting case will only have to look at
the summary and not walk the share mode array.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 9 Aug 2019 14:16:21 +0000 (16:16 +0200)]
smbd: Make "share_mode_flags" 16-bit wide
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 16 Sep 2019 17:01:36 +0000 (10:01 -0700)]
smbd: Introduce share_entries.tdb - ADD COMMENT FIXME !!
This moves share_modes[] from "struct share_mode_data" into a separate
share_entries.tdb with a sorted array of fixed-length (132 byte)
"struct share_mode_entry" entries.
I know it's one huge commit, but I did not see a way to keep both data
structures and associated code working together without a lot of code
duplication after having centralized all the code accessing the
share_modes[] array into a few routines.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 13 Aug 2019 12:18:05 +0000 (14:18 +0200)]
lib: Enable watching and storing dbwrap_watch records.
Samba so far on a dbwrap_watch record either watches or stores a
record, but never both from the same db_record instance acquired from
a dbwrap_fetch_locked(). In one of the next commits this will change,
we will watch a record and at the same time store data into it. This
patch enables a watch_send() followed by a storev() by properly
keeping the watchers around.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 15 Sep 2019 09:58:43 +0000 (11:58 +0200)]
smbd: Allow another database between brlock.tdb and leases.tdb
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 15 Sep 2019 09:56:25 +0000 (11:56 +0200)]
lib: Allow a 4th lock order
We will have another tdb soon
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 3 Sep 2019 12:37:26 +0000 (14:37 +0200)]
torture3: Remove cleanup3
This goes directly into the database, for which the format changes
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 2 Sep 2019 14:25:28 +0000 (16:25 +0200)]
smbd: Remove stale share mode entries while walking the array
Previously, we did this only when writing out the locking.tdb
record. That was because we had places where the index of a particular
share mode entry mattered while operating on the array. This is no
longer the case, so we can remove stale entries early.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>