samba.git
16 hours agosrvsvc: Announce [username] in NetShareEnum master
Volker Lendecke [Wed, 18 May 2022 14:01:08 +0000 (16:01 +0200)]
srvsvc: Announce [username] in NetShareEnum

This patch has two flaws: First, it does not cover api_RNetShareEnum()
for SMB1, and the second one is: To make this elegant, we would have
to restructure our share handling. It is really only listing shares
for which we have to pull in everything from smb.conf, registry,
usershares and potentially printers. What we should do is modify our
loadparm handling to only load share definitions on demand and for
listing shares handle all the potential sources specially. Add code
that walks the registry shares without adding them to our services
list and so on.

This patch is the quick&dirty way to fix the bug, the alternative
would be weeks or more. And hopefully nobody notices the SMB1
problem...

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15062

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 18 17:42:20 UTC 2022 on sn-devel-184

17 hours agosrvsvc: Add a central return point to init_srv_share_info_ctr()
Volker Lendecke [Wed, 18 May 2022 13:39:23 +0000 (15:39 +0200)]
srvsvc: Add a central return point to init_srv_share_info_ctr()

Soon there will be cleanup work to do.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15062

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
17 hours agoselftest: Test for bug 15062 -- list "username" in netshareenum
Volker Lendecke [Wed, 18 May 2022 14:40:49 +0000 (14:40 +0000)]
selftest: Test for bug 15062 -- list "username" in netshareenum

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15062

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
26 hours agogitlab-ci: Update Fedora to version 36
Andreas Schneider [Tue, 17 May 2022 08:08:35 +0000 (10:08 +0200)]
gitlab-ci: Update Fedora to version 36

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed May 18 07:56:52 UTC 2022 on sn-devel-184

27 hours agolib:util: Do not error for array-bounds warning
Andreas Schneider [Tue, 17 May 2022 10:43:51 +0000 (12:43 +0200)]
lib:util: Do not error for array-bounds warning

This just prints a warning for:

ms_fnmatch.c:95:51: error: array subscript 0 is outside array bounds of
‘struct max_n[0]’ [-Werror=array-bounds]
   95 |                         if (max_n != NULL && max_n->predot &&
      |

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
27 hours agogitlab-ci: Use openSUSE 15.3 for coverity
Andreas Schneider [Tue, 17 May 2022 08:03:41 +0000 (10:03 +0200)]
gitlab-ci: Use openSUSE 15.3 for coverity

It provides gcc 10.3 and MIT krb5 1.19. The current coverity version
only supports gcc up to 11.1.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
27 hours agos3:tests: Reformat test_local_s3.sh
Andreas Schneider [Fri, 22 Apr 2022 13:34:09 +0000 (15:34 +0200)]
s3:tests: Reformat test_local_s3.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
27 hours agos3:tests: Reformat test_libwbclient_threads.sh
Andreas Schneider [Fri, 22 Apr 2022 13:34:09 +0000 (15:34 +0200)]
s3:tests: Reformat test_libwbclient_threads.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
27 hours agos3:tests: Reformat test_large_acl.sh
Andreas Schneider [Fri, 22 Apr 2022 13:34:09 +0000 (15:34 +0200)]
s3:tests: Reformat test_large_acl.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
27 hours agos3:tests: Reformat test_inherit_owner.sh
Andreas Schneider [Fri, 22 Apr 2022 13:34:09 +0000 (15:34 +0200)]
s3:tests: Reformat test_inherit_owner.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
27 hours agos3:tests: Reformat test_homes.sh
Andreas Schneider [Fri, 22 Apr 2022 13:34:09 +0000 (15:34 +0200)]
s3:tests: Reformat test_homes.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
27 hours agos3:tests: Reformat test_guest_auth.sh
Andreas Schneider [Fri, 22 Apr 2022 13:34:09 +0000 (15:34 +0200)]
s3:tests: Reformat test_guest_auth.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
27 hours agos3:tests: Reformat test_groupmap.sh
Andreas Schneider [Fri, 22 Apr 2022 13:34:09 +0000 (15:34 +0200)]
s3:tests: Reformat test_groupmap.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
27 hours agos3:tests: Reformat test_give_owner.sh
Andreas Schneider [Fri, 22 Apr 2022 13:34:09 +0000 (15:34 +0200)]
s3:tests: Reformat test_give_owner.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
35 hours agolzxpress: compress shortcut if we've reached maximum length
Douglas Bagnall [Sun, 15 May 2022 00:28:32 +0000 (12:28 +1200)]
lzxpress: compress shortcut if we've reached maximum length

A simple degenerate case for our compressor has been a large number of
repeated bytes that will match the maximum length (~64k) at all 8192
search positions, 8191 of which searches are in vain because the
matches are not of greater length than the first one.

Here we recognise the inevitable and reduce runtime proportionately.

Credit to OSS-Fuzz.

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47428

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Tue May 17 23:11:21 UTC 2022 on sn-devel-184

36 hours agolzxpress/test: time performance of long boring sequences
Douglas Bagnall [Sun, 15 May 2022 02:38:55 +0000 (14:38 +1200)]
lzxpress/test: time performance of long boring sequences

We get *very* slow when long runs of the bytes are the same. On this
laptop the test takes 18s; with the next commit it will be 0.006s.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
37 hours agovfs_glusterfs: Fix fdopendir implementation
Anoop C S [Fri, 13 May 2022 11:16:01 +0000 (16:46 +0530)]
vfs_glusterfs: Fix fdopendir implementation

Directory stream returned for fdopendir() within vfs_glusterfs doesn't
correctly point to required directory fd. Since GlusterFS still don't
support *at() variant syscalls we will have to rely on full path/name
constructed out of fsp.

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 17 20:20:05 UTC 2022 on sn-devel-184

38 hours agovfs_glusterfs: Fix get_real_filename_at implementation
Anoop C S [Mon, 2 May 2022 09:45:53 +0000 (15:15 +0530)]
vfs_glusterfs: Fix get_real_filename_at implementation

glfd(gluster fd) used in glfs_fgetxattr() for get_real_filename_at()
implementation doesn't correctly point to required directory fd. Since
GlusterFS still don't support *at() variant syscalls we will have to
rely on full path/name constructed out of dirfsp.

Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 days agos3:smbd: Covscan: remove dead code
Pavel Filipenský [Wed, 11 May 2022 12:20:34 +0000 (14:20 +0200)]
s3:smbd: Covscan: remove dead code

Covscan:
source3/smbd/files.c:575: check_after_deref: Null-checking "fsp" suggests that it
may be null, but it has already been dereferenced on all paths leading to the check.

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat May 14 04:41:57 UTC 2022 on sn-devel-184

5 days agos3:smbd Fix trailing whitespace in files.c
Pavel Filipenský [Wed, 11 May 2022 12:19:44 +0000 (14:19 +0200)]
s3:smbd Fix trailing whitespace in files.c

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agos3:libsmb: Covscan: unchecked return value for cli_credentials_set_smb_encryption()
Pavel Filipenský [Wed, 11 May 2022 08:14:53 +0000 (10:14 +0200)]
s3:libsmb: Covscan: unchecked return value for cli_credentials_set_smb_encryption()

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agoauth: Covscan: unchecked return value for cli_credentials_set_smb_encryption()
Pavel Filipenský [Wed, 11 May 2022 10:11:21 +0000 (12:11 +0200)]
auth: Covscan: unchecked return value for cli_credentials_set_smb_encryption()

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agoauth: Fix trailing whitespace in pycredentials.c
Pavel Filipenský [Wed, 11 May 2022 10:10:36 +0000 (12:10 +0200)]
auth: Fix trailing whitespace in pycredentials.c

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agoctdb: Covscan: unchecked return value for trbt_traversearray32()
Pavel Filipenský [Wed, 11 May 2022 10:06:22 +0000 (12:06 +0200)]
ctdb: Covscan: unchecked return value for trbt_traversearray32()

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agoctdb: Fix trailing whitespace in rb_tree.c
Pavel Filipenský [Wed, 11 May 2022 10:04:34 +0000 (12:04 +0200)]
ctdb: Fix trailing whitespace in rb_tree.c

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agos4:libcli: Covscan: unchecked return value for file_save()
Pavel Filipenský [Wed, 11 May 2022 09:39:28 +0000 (11:39 +0200)]
s4:libcli: Covscan: unchecked return value for file_save()

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agos4:libcli: Fix trailing whitespace in browse.c
Pavel Filipenský [Wed, 11 May 2022 09:38:45 +0000 (11:38 +0200)]
s4:libcli: Fix trailing whitespace in browse.c

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agos4:libcli: Covscan: unchecked return value for file_save()
Pavel Filipenský [Wed, 11 May 2022 09:36:48 +0000 (11:36 +0200)]
s4:libcli: Covscan: unchecked return value for file_save()

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agos4:libcli: Fix trailing whitespace in netlogon.c
Pavel Filipenský [Wed, 11 May 2022 09:36:03 +0000 (11:36 +0200)]
s4:libcli: Fix trailing whitespace in netlogon.c

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agolibcli: Covscan: unchecked return value for file_save()
Pavel Filipenský [Wed, 11 May 2022 09:32:47 +0000 (11:32 +0200)]
libcli: Covscan: unchecked return value for file_save()

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agolibcli: Fix trailing whitespace in netlogon.c
Pavel Filipenský [Wed, 11 May 2022 09:31:52 +0000 (11:31 +0200)]
libcli: Fix trailing whitespace in netlogon.c

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
5 days agogpo: Cert Auto Enroll use ldap trust cert if NDES disabled
David Mulder [Thu, 12 May 2022 19:24:07 +0000 (13:24 -0600)]
gpo: Cert Auto Enroll use ldap trust cert if NDES disabled

If the CA does not have the Network Device
Enrollment Service enabled, we can still use the
certificate from the ldap request (unless this is
a complex request and ldap config isn't present).

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri May 13 15:38:53 UTC 2022 on sn-devel-184

5 days agogpo: Fix Cert Auto Enroll docstrings
David Mulder [Thu, 5 May 2022 13:30:16 +0000 (07:30 -0600)]
gpo: Fix Cert Auto Enroll docstrings

These were flagged by pydocstyle.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
5 days agogpo: Remove sscep depends from Cert Auto Enroll
David Mulder [Wed, 4 May 2022 21:01:22 +0000 (15:01 -0600)]
gpo: Remove sscep depends from Cert Auto Enroll

Certificate Auto Enrollment currently depends on
sscep to retrieve the root certificate chain.
This isn't necessary, since this can be
accomplished with a simple GET.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
5 days agobootstrap: Add python3-requests dependency
David Mulder [Fri, 6 May 2022 15:06:23 +0000 (09:06 -0600)]
bootstrap: Add python3-requests dependency

Certificate Auto Enrollment will depend on
python3-requests in order to fetch the
root chain.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 days agogpo: Halt Cert Auto Enroll process if data corrupted
David Mulder [Fri, 6 May 2022 15:46:44 +0000 (09:46 -0600)]
gpo: Halt Cert Auto Enroll process if data corrupted

If the CA URL cannot be processed, then halt
processing. Otherwise we'll end up in a broken
state later when trying to read from the end
points with missing data.

Signed-off-by: David Mulder <dmulder@suse.com>
Revewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 12 18:45:41 UTC 2022 on sn-devel-184

6 days agogpo: Supress error caused by ldap Cert Auto Enroll config
David Mulder [Fri, 6 May 2022 15:41:19 +0000 (09:41 -0600)]
gpo: Supress error caused by ldap Cert Auto Enroll config

When the CA url specified on the SYSVOL is 'LDAP:'
this means that configuration should be fetched
from LDAP. This corrects an error message that
was being reported when the URL appeared improper
but really is not. This does not change the
code behavior (it was still working), but
removes the invalid error.

Signed-off-by: David Mulder <dmulder@suse.com>
Revewed-by: Andreas Schneider <asn@samba.org>
7 days agos4-samr: Fix missing check for GnuTLS errors from E_old_pw_hash()
Andrew Bartlett [Wed, 11 May 2022 22:54:22 +0000 (10:54 +1200)]
s4-samr: Fix missing check for GnuTLS errors from E_old_pw_hash()

Not likely to be an issue in the real world as the earlier calls
will have failed if weak crypto was disabled, but this was missed
in dce944e8a1119034f184336f6b71a28080152a0a.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu May 12 03:18:42 UTC 2022 on sn-devel-184

7 days agofuzz: add lzxpress compress/decompress round-trip
Douglas Bagnall [Wed, 11 May 2022 00:08:54 +0000 (12:08 +1200)]
fuzz: add lzxpress compress/decompress round-trip

We say it is an error to end up at a different result.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agofuzz: add fuzz_lzxpress_compress
Douglas Bagnall [Wed, 11 May 2022 00:08:06 +0000 (12:08 +1200)]
fuzz: add fuzz_lzxpress_compress

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression:tests: align test names with functions
Douglas Bagnall [Wed, 11 May 2022 05:21:46 +0000 (17:21 +1200)]
compression:tests: align test names with functions

You'll thank me if you're ever debugging these and wondering why
'lzxpress4' calls 'lzxpress2' (or is it the other way round?).

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: add a few comments, including MS-XCA pointers.
Douglas Bagnall [Wed, 11 May 2022 04:20:46 +0000 (16:20 +1200)]
compression: add a few comments, including MS-XCA pointers.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: remove always false constant comparison
Douglas Bagnall [Tue, 10 May 2022 22:25:13 +0000 (10:25 +1200)]
compression: remove always false constant comparison

We set `uncompressed_pos = 0;` unconditionally, just ~10 lines up.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: lzxpress decompress empty string as empty string
Douglas Bagnall [Wed, 11 May 2022 04:06:38 +0000 (16:06 +1200)]
compression: lzxpress decompress empty string as empty string

This mirrors the behaviour of lzxpress_compress, which "encodes" an
empty string as an empty string.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: fix lzxpress decompress with trailing flags
Douglas Bagnall [Wed, 11 May 2022 00:46:21 +0000 (12:46 +1200)]
compression: fix lzxpress decompress with trailing flags

Every so often, lzxpress adds a 32-bit block of indicator flags to
help decode the next clump of 32 code words. A naive compressor (such
as we have) might do this at the very end for flags that aren't
actually used because there are no more bytes to decompress. If that
happens we need to stop processing, or we'll come to worse outcome at
the next CHECK_INPUT_BYTES.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression:tests: test lzxpress in some edge cases
Douglas Bagnall [Wed, 11 May 2022 03:24:38 +0000 (15:24 +1200)]
compression:tests: test lzxpress in some edge cases

Empty strings and trailing flag blocks.

(found with Honggfuzz and a round-trip fuzzer that aborts if the
strings differ).

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: Move maximum length calculation out of inner loop
Joseph Sutton [Mon, 7 Mar 2022 23:27:10 +0000 (12:27 +1300)]
compression: Move maximum length calculation out of inner loop

This makes the code clearer.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Use correct values for max len and offset
Joseph Sutton [Mon, 7 Mar 2022 23:25:59 +0000 (12:25 +1300)]
compression: Use correct values for max len and offset

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Replace divisions with shifts
Joseph Sutton [Mon, 7 Mar 2022 23:21:02 +0000 (12:21 +1300)]
compression: Replace divisions with shifts

This is more consistent with the compression code.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Remove unneeded loop variable
Joseph Sutton [Mon, 7 Mar 2022 23:19:45 +0000 (12:19 +1300)]
compression: Remove unneeded loop variable

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: Reduce scope of variables
Joseph Sutton [Mon, 7 Mar 2022 23:17:15 +0000 (12:17 +1300)]
compression: Reduce scope of variables

This makes the code clearer.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: Use PUSH_LE_U32 for first output buffer write
Joseph Sutton [Mon, 7 Mar 2022 23:13:12 +0000 (12:13 +1300)]
compression: Use PUSH_LE_U32 for first output buffer write

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: Add bounds check for first output buffer write
Joseph Sutton [Mon, 7 Mar 2022 23:11:51 +0000 (12:11 +1300)]
compression: Add bounds check for first output buffer write

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Remove helper variables str1 and str2
Joseph Sutton [Mon, 7 Mar 2022 23:10:01 +0000 (12:10 +1300)]
compression: Remove helper variables str1 and str2

This simplifies the code and makes it clearer.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Fix writing output flags
Joseph Sutton [Mon, 7 Mar 2022 23:02:13 +0000 (12:02 +1300)]
compression: Fix writing output flags

If indic_bit == 0, the shift amount of 32 - indic_bit == 32 will equal
the width of a 32-bit integer type, and these shifts will invoke
undefined behaviour, which is likely to cause incorrect output. Fix this
by not shifting a 32-bit integer type by 32 bits or more.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Remove byte_left variable
Joseph Sutton [Mon, 7 Mar 2022 07:33:45 +0000 (20:33 +1300)]
compression: Remove byte_left variable

We can simplify this code using the identity:
  byte_left + uncompressed_pos = uncompressed_size

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Remove redundant bounds check
Joseph Sutton [Mon, 7 Mar 2022 07:31:33 +0000 (20:31 +1300)]
compression: Remove redundant bounds check

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Add range check for indic_pos
Joseph Sutton [Mon, 7 Mar 2022 07:30:42 +0000 (20:30 +1300)]
compression: Add range check for indic_pos

This now matches the other use of indic_pos.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Remove redundant nibble_index check
Joseph Sutton [Mon, 7 Mar 2022 07:28:05 +0000 (20:28 +1300)]
compression: Remove redundant nibble_index check

If nibble_index is non-zero, we have already written to it, and so don't
need to check again that it is in bounds.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Make use of PUSH_LE_Uxx macros
Joseph Sutton [Mon, 7 Mar 2022 07:24:48 +0000 (20:24 +1300)]
compression: Make use of PUSH_LE_Uxx macros

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: Simplify code by making indic_pos an index
Joseph Sutton [Mon, 7 Mar 2022 07:21:32 +0000 (20:21 +1300)]
compression: Simplify code by making indic_pos an index

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Make use of CHECK_{IN,OUT}PUT_BYTES macros
Joseph Sutton [Mon, 7 Mar 2022 06:38:08 +0000 (19:38 +1300)]
compression: Make use of CHECK_{IN,OUT}PUT_BYTES macros

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Simplify code by removing metadata_size variable
Joseph Sutton [Mon, 7 Mar 2022 07:12:46 +0000 (20:12 +1300)]
compression: Simplify code by removing metadata_size variable

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Use correct value for indic_pos
Joseph Sutton [Mon, 7 Mar 2022 07:09:40 +0000 (20:09 +1300)]
compression: Use correct value for indic_pos

Previously, we were setting this to the wrong value and overwriting
existing output data.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Use correct value for nibble_index
Joseph Sutton [Mon, 7 Mar 2022 07:09:40 +0000 (20:09 +1300)]
compression: Use correct value for nibble_index

Previously, we were setting this to the wrong value and overwriting
existing output data.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Simplify redundant branches
Joseph Sutton [Mon, 7 Mar 2022 06:58:51 +0000 (19:58 +1300)]
compression: Simplify redundant branches

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: Consistently use PUSH_LE_Uxx macros
Joseph Sutton [Mon, 7 Mar 2022 06:34:00 +0000 (19:34 +1300)]
compression: Consistently use PUSH_LE_Uxx macros

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: Use explicit data sizes
Joseph Sutton [Mon, 7 Mar 2022 06:30:43 +0000 (19:30 +1300)]
compression: Use explicit data sizes

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression tests: Add additional compression tests
Joseph Sutton [Mon, 7 Mar 2022 21:38:09 +0000 (10:38 +1300)]
compression tests: Add additional compression tests

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression: fix lzxpress-compress
Matt Suiche [Tue, 23 Mar 2021 16:33:34 +0000 (20:33 +0400)]
compression: fix lzxpress-compress

Signed-off-by: Matt Suiche <msuiche@comae.com>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: lzxpress_compress: fix no-op shift of 0
Matt Suiche [Mon, 14 Jun 2021 23:14:51 +0000 (11:14 +1200)]
compression: lzxpress_compress: fix no-op shift of 0

Signed-off-by: Matt Suiche <msuiche@comae.com>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression: fix lzxpress_decompress
Matt Suiche [Mon, 14 Jun 2021 23:52:37 +0000 (11:52 +1200)]
compression: fix lzxpress_decompress

Signed-off-by: Matt Suiche <msuiche@comae.com>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 days agocompression tests: add test for legacy compressed data
Matt Suiche [Thu, 25 Mar 2021 12:50:42 +0000 (16:50 +0400)]
compression tests: add test for legacy compressed data

Signed-off-by: Matt Suiche <msuiche@comae.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agocompression tests: add LZXpress tests based on [MS-XCA]
Matt Suiche [Mon, 14 Jun 2021 22:45:19 +0000 (10:45 +1200)]
compression tests: add LZXpress tests based on [MS-XCA]

MS-XCA contains examples, and we should at least get those right.

Signed-off-by: Matt Suiche <msuiche@comae.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agoutil/base64: decode_data_blob_talloc catches talloc error
Douglas Bagnall [Tue, 6 Apr 2021 18:53:16 +0000 (06:53 +1200)]
util/base64: decode_data_blob_talloc catches talloc error

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 days agos3: libsmbclient: Cope with SMB2 servers that return STATUS_USER_SESSION_DELETED...
Jeremy Allison [Wed, 11 Dec 2019 23:06:40 +0000 (15:06 -0800)]
s3: libsmbclient: Cope with SMB2 servers that return STATUS_USER_SESSION_DELETED on a SMB2_ECHO (SMB2_OP_KEEPALIVE) call with a NULL session.

This is already tested by smb2.session.expire which
shows that Windows and Samba servers don't need this,
but some third party server are returning STATUS_USER_SESSION_DELETED
with a NULL sessionid.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13218

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Bjoern Jacke <bjacke@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Wed May 11 18:06:42 UTC 2022 on sn-devel-184

8 days agogitignore: Add .ropeproject for pylsp-rope plugin
Andreas Schneider [Tue, 10 May 2022 06:38:33 +0000 (08:38 +0200)]
gitignore: Add .ropeproject for pylsp-rope plugin

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 11 00:04:55 UTC 2022 on sn-devel-184

8 days agotests/user_check_password_script: Don't try to delete user after failed add
Joseph Sutton [Tue, 10 May 2022 04:18:14 +0000 (16:18 +1200)]
tests/user_check_password_script: Don't try to delete user after failed add

The user account should not exist if account creation failed.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 days agotests/user_check_password_script: Remove unused imports
Joseph Sutton [Tue, 10 May 2022 20:47:40 +0000 (08:47 +1200)]
tests/user_check_password_script: Remove unused imports

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 days agosamdb: Avoid half-created accounts
Joseph Sutton [Tue, 10 May 2022 01:02:30 +0000 (13:02 +1200)]
samdb: Avoid half-created accounts

If newuser() or newcomputer() create an account over LDAP, and an
attempt to modify it (e.g. to change the password) fails, ensure that we
properly clean up the account. If we are connected over LDAP, we won't
have transactions to clean things up for us.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 days agotests/samba-tool user: Add test for adding a user over LDAP
Joseph Sutton [Tue, 10 May 2022 01:01:43 +0000 (13:01 +1200)]
tests/samba-tool user: Add test for adding a user over LDAP

Ensure that we do not end up with half-created accounts.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 days agotests/samba-tool user_wdigest: Check command results
Joseph Sutton [Tue, 10 May 2022 00:59:59 +0000 (12:59 +1200)]
tests/samba-tool user_wdigest: Check command results

Ensure that the commands to create and delete the user execute
successfully.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 days agotests/samba-tool user_wdigest: Add accounts to local database
Joseph Sutton [Tue, 10 May 2022 00:59:06 +0000 (12:59 +1200)]
tests/samba-tool user_wdigest: Add accounts to local database

Adding accounts over LDAP means transactions cannot be used, potentially
leading to problems.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 days agotests/samba-tool user_wdigest: Fix flapping test
Joseph Sutton [Tue, 10 May 2022 00:49:50 +0000 (12:49 +1200)]
tests/samba-tool user_wdigest: Fix flapping test

The randomly-generated password for the user account may be too weak,
causing account creation to fail. This leads to further problems, as the
result of the command is not checked, and connecting over LDAP means
transactions cannot be used, leading to a half-created account and
failing tests.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 days agotests/samba-tool user_wdigest: Remove unused imports
Joseph Sutton [Tue, 10 May 2022 20:45:24 +0000 (08:45 +1200)]
tests/samba-tool user_wdigest: Remove unused imports

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 days agobootstrap: matplotlib is not a real Samba dep
Andrew Bartlett [Thu, 5 May 2022 03:44:05 +0000 (15:44 +1200)]
bootstrap: matplotlib is not a real Samba dep

This came in via the original list of packages used
at Catalyst when building Samba for testing, in particular
related to an example LDB module to trace LDB requests.

There is no testing need for this even in make test.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 days agobootstrap: chown the whole cloned repo, not just the subfolders
Andrew Bartlett [Fri, 6 May 2022 01:29:05 +0000 (13:29 +1200)]
bootstrap: chown the whole cloned repo, not just the subfolders

Modern git versions have started to notice the possible security issue.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 days ago.gitlab-ci: Work around new git restrictions arising from CVE-2022-24765
Andrew Bartlett [Fri, 6 May 2022 05:53:29 +0000 (17:53 +1200)]
.gitlab-ci: Work around new git restrictions arising from CVE-2022-24765

It was realised that git would run commands found in a git repo
(eg from configuration).

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 days agogpo: Add Centrify Compatible Crontab Extensions
David Mulder [Fri, 29 Apr 2022 21:21:33 +0000 (15:21 -0600)]
gpo: Add Centrify Compatible Crontab Extensions

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 10 20:05:48 UTC 2022 on sn-devel-184

8 days agogpo: Test Centrify Compatible Crontab Extensions
David Mulder [Fri, 29 Apr 2022 20:40:41 +0000 (14:40 -0600)]
gpo: Test Centrify Compatible Crontab Extensions

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 days agogpo: Add Centrify Compatible Sudoers Extension
David Mulder [Fri, 29 Apr 2022 16:29:01 +0000 (10:29 -0600)]
gpo: Add Centrify Compatible Sudoers Extension

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 days agogpo: Test Centrify Compatible Sudoers Extension
David Mulder [Fri, 29 Apr 2022 15:14:10 +0000 (09:14 -0600)]
gpo: Test Centrify Compatible Sudoers Extension

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 days agowinbind: send "debug traceid" from winbindd parent to child
Pavel Filipenský [Sun, 5 Sep 2021 18:37:55 +0000 (20:37 +0200)]
winbind: send "debug traceid" from winbindd parent to child

Bumping WINBIND_INTERFACE_VERSION to 32

Pair-Programmed-With: Andreas Schneider <asn@samba.org>

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 10 18:25:01 UTC 2022 on sn-devel-184

8 days agowinbind: enable "debug traceid" in main winbindd
Pavel Filipenský [Sun, 5 Sep 2021 18:36:15 +0000 (20:36 +0200)]
winbind: enable "debug traceid" in main winbindd

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 days agodocs-xml: document "winbind debug traceid" in smb.conf
Pavel Filipenský [Sun, 5 Sep 2021 20:18:11 +0000 (22:18 +0200)]
docs-xml: document "winbind debug traceid" in smb.conf

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 days agos3:winbindd add "'winbind debug traceid" support via tevent tracing
Pavel Březina [Wed, 1 Sep 2021 14:05:37 +0000 (16:05 +0200)]
s3:winbindd add "'winbind debug traceid" support via tevent tracing

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 days agodebug: add debug_traceid_set/get() interface
Pavel Filipenský [Sun, 8 May 2022 19:06:13 +0000 (21:06 +0200)]
debug: add debug_traceid_set/get() interface

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 days agodebug: fix trailing whitespace
Pavel Filipenský [Sun, 8 May 2022 19:09:04 +0000 (21:09 +0200)]
debug: fix trailing whitespace

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 days agos3:lib: reset all tevent trace callbacks in reinit_after_fork()
Pavel Filipenský [Tue, 10 May 2022 11:06:53 +0000 (13:06 +0200)]
s3:lib: reset all tevent trace callbacks in reinit_after_fork()

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
With "tevent: add event trace api" we have now more callbacks to reset.
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 days agos3:lib: fix trailing whitespaces
Pavel Filipenský [Tue, 10 May 2022 11:06:05 +0000 (13:06 +0200)]
s3:lib: fix trailing whitespaces

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>