samba.git
2 hours agoldb tests: fix null test on incorrect variable master
Gary Lockyer [Fri, 23 Feb 2018 02:03:20 +0000 (15:03 +1300)]
ldb tests: fix null test on incorrect variable

Fix up tests that were  performing a null check on the wrong variable
after a call to ldb_msg_new

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Feb 24 15:50:35 CET 2018 on sn-devel-144

7 hours agos4:lib:com: Fix function declartions
Andreas Schneider [Wed, 26 Jul 2017 16:16:43 +0000 (18:16 +0200)]
s4:lib:com: Fix function declartions

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 hours agos3:selftest: Run the smbtorture3 TLDAP test
Andreas Schneider [Thu, 21 Dec 2017 16:24:01 +0000 (17:24 +0100)]
s3:selftest: Run the smbtorture3 TLDAP test

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 hours agorepl_md: avoid returning LDB_SUCCESS on failure
Douglas Bagnall [Wed, 14 Feb 2018 04:15:07 +0000 (17:15 +1300)]
repl_md: avoid returning LDB_SUCCESS on failure

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 hours agotests: Authenticate again so make sure we are not locked out
Andreas Schneider [Thu, 22 Feb 2018 16:30:36 +0000 (17:30 +0100)]
tests: Authenticate again so make sure we are not locked out

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
7 hours agoselftest: Fail testsuite on unknown environment
Jamie McClymont [Tue, 13 Feb 2018 03:58:26 +0000 (16:58 +1300)]
selftest: Fail testsuite on unknown environment

The status quo was that tests in typo'd/unknown environments would be skipped.
This was a side effect of the mechanism by which samba3 tests were run, which
has now been changed.

For an example of this being a problem in the past, see commit 523bd03f (which
fixes an issue I noticed when reading subunit logs, and which did not fail the
test).

Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
19 hours agos3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()
Jeremy Allison [Wed, 14 Feb 2018 21:23:12 +0000 (13:23 -0800)]
s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir()

HPUX has this problem.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13270

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Feb 23 22:56:35 CET 2018 on sn-devel-144

24 hours agowinbind: don't try to do an authenticated SMB connection as AD DC
Stefan Metzmacher [Thu, 22 Feb 2018 09:19:58 +0000 (10:19 +0100)]
winbind: don't try to do an authenticated SMB connection as AD DC

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 23 17:58:23 CET 2018 on sn-devel-144

29 hours agowinbind: set_dc_type_and_flags() is not needed on a DC
Stefan Metzmacher [Thu, 22 Feb 2018 10:24:38 +0000 (11:24 +0100)]
winbind: set_dc_type_and_flags() is not needed on a DC

On a DC we load the trusts in the parent in add_trusted_domains_dc()
from our local configuration. There's no need to find out the trust details
via network calls.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
29 hours agowinbind: make sure we don't contact trusted domains via LDAP as AD DC
Stefan Metzmacher [Fri, 2 Feb 2018 15:55:01 +0000 (16:55 +0100)]
winbind: make sure we don't contact trusted domains via LDAP as AD DC

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
29 hours agowinbind: make sure we don't contact trusted domains via SAMR as AD DC
Stefan Metzmacher [Thu, 22 Feb 2018 09:33:48 +0000 (10:33 +0100)]
winbind: make sure we don't contact trusted domains via SAMR as AD DC

This is not needed for the normal operation of an AD DC.

Administrators should just use other tools instead of
wbinfo to list and query users and groups.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
29 hours agowinbind: let cm_connect_netlogon_transport() only work against direct trust as AD DC
Stefan Metzmacher [Thu, 22 Feb 2018 09:40:19 +0000 (10:40 +0100)]
winbind: let cm_connect_netlogon_transport() only work against direct trust as AD DC

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
29 hours agowinbind: force the usage of schannel in cm_connect_lsa() as AD DC
Stefan Metzmacher [Thu, 22 Feb 2018 09:40:19 +0000 (10:40 +0100)]
winbind: force the usage of schannel in cm_connect_lsa() as AD DC

This makes sure we only talk to direct trusts.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
29 hours agos3:smb_macros.h: add IS_AD_DC as addition to IS_DC
Stefan Metzmacher [Thu, 22 Feb 2018 09:03:23 +0000 (10:03 +0100)]
s3:smb_macros.h: add IS_AD_DC as addition to IS_DC

In the long run we should remove this again (as well as IS_DC).

But for now this makes some code changes in winbindd easier to
follow.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
29 hours agodsdb/encrypted_secrets: remove dependency to libnettle and use our own aes_gcm_128_*()
Stefan Metzmacher [Thu, 22 Feb 2018 14:56:45 +0000 (15:56 +0100)]
dsdb/encrypted_secrets: remove dependency to libnettle and use our own aes_gcm_128_*()

We already rely on gnutls in order to implement SSL/TLS, so using that
to speed up crypto like aes gcm 128 is fine, but as we already have
code for that algorithm, we should use that instead of adding a new
dependency to libnettle.

Some (I guess newer versions) of gnutls use nettle internally, so
we may end up using that code, but we should not have a direct dependency.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13276

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
29 hours agovfs_fruit: use off_t, not size_t for TM size calculations
Ralph Boehme [Thu, 22 Feb 2018 14:52:46 +0000 (15:52 +0100)]
vfs_fruit: use off_t, not size_t for TM size calculations

size_t is only a 32-bit integer on 32-bit platforms. We must use off_t
for file sizes.

https://bugzilla.samba.org/show_bug.cgi?id=13296

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
33 hours agowinbind: Use one queue for all domain children
Stefan Metzmacher [Wed, 14 Feb 2018 14:04:01 +0000 (15:04 +0100)]
winbind: Use one queue for all domain children

If we have multiple domain children, it's important
that the first idle child takes over the next waiting request.

Before we had the problem that a request could get stuck in the
queue of a busy child, while later requests could get served fine by
other children.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 23 09:04:23 CET 2018 on sn-devel-144

38 hours agowinbind: Maintain a binding handle per domain and always go via wb_domain_request_send()
Volker Lendecke [Tue, 13 Feb 2018 15:04:44 +0000 (16:04 +0100)]
winbind: Maintain a binding handle per domain and always go via wb_domain_request_send()

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: make choose_domain_child() static
Stefan Metzmacher [Tue, 20 Feb 2018 13:43:38 +0000 (14:43 +0100)]
winbind: make choose_domain_child() static

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: add locator_child_handle() and use it instead of child->binding_handle
Stefan Metzmacher [Wed, 14 Feb 2018 12:24:54 +0000 (13:24 +0100)]
winbind: add locator_child_handle() and use it instead of child->binding_handle

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: add idmap_child_handle() and use it instead of child->binding_handle
Stefan Metzmacher [Wed, 14 Feb 2018 12:24:54 +0000 (13:24 +0100)]
winbind: add idmap_child_handle() and use it instead of child->binding_handle

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: improve wb_domain_request_send() to use wb_dsgetdcname_send() for a foreign...
Stefan Metzmacher [Wed, 14 Feb 2018 14:11:50 +0000 (15:11 +0100)]
winbind: improve wb_domain_request_send() to use wb_dsgetdcname_send() for a foreign domain

Commit ed3bc614cccec6167c64ac58d78344b6426cd019 got the logic wrong while
trying to implement the logic we had in init_child_connection(),
which was removed by commit d61f3626b79e0523beadff355453145aa7b0195c.

Instead of doing a WINBINDD_GETDCNAME request (which would caused an error
because the implementation was removed in commit
958fdaf5c3ba17969a5110e6b2b08babb9096d7e), we sent the callers request
and interpreted the result as WINBINDD_GETDCNAME response, which
led to an empty dcname variable. As result the domain child
opened a connection to the primary domain in order to lookup
a dc.

If we want to connect the primary domain from the parent via
a domain child of the primary domain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13295

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: use state->{ev,request} in wb_domain_request_send()
Stefan Metzmacher [Wed, 14 Feb 2018 14:09:51 +0000 (15:09 +0100)]
winbind: use state->{ev,request} in wb_domain_request_send()

This will reduce the diff for the following changes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13295

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: avoid using fstrcpy(dcname,...) in _dual_init_connection
Stefan Metzmacher [Thu, 15 Feb 2018 15:00:33 +0000 (16:00 +0100)]
winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection

domain->dcname was converted from fstring to char * by commit
14bae61ba36814ea5eca7c51cf1cc039e9e6803f.

Luckily this was only ever called with an empty string in
state->request->data.init_conn.dcname.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13294

Signed-off-by: Stefan Metzmacher <metze@samba.org>
38 hours agowinbind: cleanup winbindd_cli_state->pwent_state if winbindd_getpwent_recv() returns...
Stefan Metzmacher [Fri, 16 Feb 2018 15:13:16 +0000 (16:13 +0100)]
winbind: cleanup winbindd_cli_state->pwent_state if winbindd_getpwent_recv() returns an error

A client may skip the explicit endpwent() if getgrent() fails.

This allows client_is_idle() return true in more cases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13293

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: cleanup winbindd_cli_state->grent_state if winbindd_getgrent_recv() returns...
Stefan Metzmacher [Fri, 16 Feb 2018 15:13:16 +0000 (16:13 +0100)]
winbind: cleanup winbindd_cli_state->grent_state if winbindd_getgrent_recv() returns an error

A client may skip the explicit endgrent() if getgrent() fails.

This allows client_is_idle() return true in more cases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13293

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: call lp_winbind_enum_{users,groups}() already in set{pw,gr}ent()
Stefan Metzmacher [Fri, 16 Feb 2018 15:09:58 +0000 (16:09 +0100)]
winbind: call lp_winbind_enum_{users,groups}() already in set{pw,gr}ent()

This way we don't keep winbindd_cli_state->{pw,gr}ent_state arround forever,
if the client forgets an explicit end{pw,gr}ent().

This allows client_is_idle() return true in more cases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13293

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: protect a pending wb_child_request against a talloc_free()
Stefan Metzmacher [Fri, 16 Feb 2018 14:05:57 +0000 (15:05 +0100)]
winbind: protect a pending wb_child_request against a talloc_free()

If the (winbind) client gave up we call TALLOC_FREE(state->mem_ctx)
in remove_client(). This triggers a recursive talloc_free() for all
in flight requests.

In order to maintain the winbindd parent-child protocol, we need
to keep the orphaned wb_simple_trans request until the parent
got the response from the child.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13290

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agowinbind: use tevent_queue_wait_send/recv in wb_child_request_*()
Stefan Metzmacher [Fri, 16 Feb 2018 14:02:42 +0000 (15:02 +0100)]
winbind: use tevent_queue_wait_send/recv in wb_child_request_*()

We need a way to keep the child->queue blocked without relying on
the current 'req' (wb_child_request_state).

The next commit will make use of this.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13290

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agotevent: version 0.9.36 tevent-0.9.36
Stefan Metzmacher [Tue, 20 Feb 2018 12:54:49 +0000 (13:54 +0100)]
tevent: version 0.9.36

* improve documentation of tevent_queue_add_optimize_empty()
* add tevent_queue_entry_untrigger()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agotevent: add tevent_queue_entry_untrigger()
Stefan Metzmacher [Thu, 15 Feb 2018 13:47:25 +0000 (14:47 +0100)]
tevent: add tevent_queue_entry_untrigger()

Pair-Programmed-With: Volker Lendecke <vl@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
38 hours agotevent: improve documentation of tevent_queue_add_optimize_empty()
Stefan Metzmacher [Fri, 16 Feb 2018 15:47:57 +0000 (16:47 +0100)]
tevent: improve documentation of tevent_queue_add_optimize_empty()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
38 hours agos4:auth_sam: allow logons with an empty domain name
Stefan Metzmacher [Tue, 9 Jan 2018 07:54:11 +0000 (08:54 +0100)]
s4:auth_sam: allow logons with an empty domain name

It turns out that an empty domain name maps to the local SAM.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Feb 23 04:08:26 CET 2018 on sn-devel-144

43 hours agotests/bind.py: Add a bind test with NTLMSSP with no domain
Garming Sam [Mon, 8 Jan 2018 03:34:02 +0000 (16:34 +1300)]
tests/bind.py: Add a bind test with NTLMSSP with no domain

Confirmed to pass against Windows 2012 R2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
43 hours agotests/py_creds: Add a SamLogonEx test with an empty string domain
Garming Sam [Mon, 8 Jan 2018 00:36:59 +0000 (13:36 +1300)]
tests/py_creds: Add a SamLogonEx test with an empty string domain

This test passes against 4.6, but failed against 4.7.5 and master.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
43 hours agos3:cliconnect.c: remove useless ';'
Stefan Metzmacher [Tue, 9 Jan 2018 07:57:05 +0000 (08:57 +0100)]
s3:cliconnect.c: remove useless ';'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
43 hours agos3:libsmb: allow -U"\\administrator" to work
Stefan Metzmacher [Tue, 9 Jan 2018 07:55:48 +0000 (08:55 +0100)]
s3:libsmb: allow -U"\\administrator" to work

cli_credentials_get_principal() returns NULL in that case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
47 hours agobuild: fix libceph-common detection
Günther Deschner [Mon, 15 Jan 2018 22:20:39 +0000 (23:20 +0100)]
build: fix libceph-common detection

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13277

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Feb 22 19:30:12 CET 2018 on sn-devel-144

2 days agoutil/rfc1738: update preamble
Douglas Bagnall [Mon, 19 Feb 2018 01:24:42 +0000 (14:24 +1300)]
util/rfc1738: update preamble

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Feb 22 06:13:49 CET 2018 on sn-devel-144

2 days agoutil/rfc1738: simplify and fix rfc1738_escape_part()
Douglas Bagnall [Tue, 20 Feb 2018 10:56:11 +0000 (23:56 +1300)]
util/rfc1738: simplify and fix rfc1738_escape_part()

We now encode according to RFC 3986 (section 2.1 - 2.3).

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 days agoutil/rfc1738: remove unused versions of rfc1738_escape
Douglas Bagnall [Fri, 16 Feb 2018 22:23:44 +0000 (11:23 +1300)]
util/rfc1738: remove unused versions of rfc1738_escape

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 days agoutil/rfc1738: simplify and fix rfc1738_unescape()
Douglas Bagnall [Mon, 19 Feb 2018 01:12:03 +0000 (14:12 +1300)]
util/rfc1738: simplify and fix rfc1738_unescape()

Improvements:

* NULL is returned when the string is incorrectly formed.

* Badly formed escapes like "% b" that were accepted by sscanf() are now
  rejected.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 days agoutil/tests: add rfc1738 cmocka tests
Douglas Bagnall [Sat, 17 Feb 2018 20:53:32 +0000 (09:53 +1300)]
util/tests: add rfc1738 cmocka tests

These don't pass yet.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 days agoutil/rfc1738_unescape(): return end pointer or NULL on error
Douglas Bagnall [Fri, 16 Feb 2018 21:46:44 +0000 (10:46 +1300)]
util/rfc1738_unescape(): return end pointer or NULL on error

At present we don't detect errors, but when we do we'll return NULL.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 days agoshift read_hex_bytes() and parse_guid_string() into lib/util
Douglas Bagnall [Fri, 16 Feb 2018 04:53:15 +0000 (17:53 +1300)]
shift read_hex_bytes() and parse_guid_string() into lib/util

read_hex_bytes() is going to be used in lib/util/rfc1738.c.

parse_guid_string() is shifted for two reasons: Firstly, it is called
very often in some operations, sometimes constituting a few percent of
the CPU load, and it makes several calls to read_hex_bytes(). We want
the compiler to be able to inline those calls if it thinks that is
wise. Secondly, there are other places that could do with fast GUID
parsing.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 days agoselftest/tests.py: remove always-needed, never-set with_cmocka flag
Douglas Bagnall [Wed, 21 Feb 2018 22:54:45 +0000 (11:54 +1300)]
selftest/tests.py: remove always-needed, never-set with_cmocka flag

We have cmocka in third_party, so we are never without it.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 days agounittests.lib_util_modules: test module probe with "skel", not "unix"
Douglas Bagnall [Wed, 21 Feb 2018 22:26:00 +0000 (11:26 +1300)]
unittests.lib_util_modules: test module probe with "skel", not "unix"

The unix module is not available as a module on some systems.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 days agoselftest: subunithelper needs to follow the subunit spec more closely
Douglas Bagnall [Wed, 21 Feb 2018 23:46:47 +0000 (12:46 +1300)]
selftest: subunithelper needs to follow the subunit spec more closely

In particular allow ]\n without \n]\n as used by cmocka

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 days agos4:rpc_server: fix call_id truncation in dcesrv_find_fragmented_call()
Stefan Metzmacher [Tue, 20 Feb 2018 23:49:55 +0000 (00:49 +0100)]
s4:rpc_server: fix call_id truncation in dcesrv_find_fragmented_call()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13289

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Feb 21 19:02:56 CET 2018 on sn-devel-144

3 days agotests:dcerpc/raw_protocol: reproduce call_id truncation bug
Stefan Metzmacher [Tue, 20 Feb 2018 23:50:26 +0000 (00:50 +0100)]
tests:dcerpc/raw_protocol: reproduce call_id truncation bug

We need to make sure the server handles call_id values > UINT16_MAX.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13289

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agoheimdal_build: use closefrom from libreplace
Bjoern Jacke [Wed, 21 Feb 2018 09:51:42 +0000 (01:51 -0800)]
heimdal_build: use closefrom from libreplace

this silences a lot of "... has been redefined" compiler warnings on
platforms that don't have closefrom

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 days agos4:rpc_server/lsa: implement forwarding lsa_Lookup{Sids,Names}() requests to winbindd
Stefan Metzmacher [Fri, 19 Jan 2018 12:42:40 +0000 (13:42 +0100)]
s4:rpc_server/lsa: implement forwarding lsa_Lookup{Sids,Names}() requests to winbindd

This might not be perfect yet, but it's enough to allow names from trusted
forests/domain to be resolved, which is very important for samba based
domain members.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agowinbindd: implement wb_irpc_lsa_{LookupNames4,LookupSids3}()
Stefan Metzmacher [Tue, 23 Jan 2018 12:19:37 +0000 (13:19 +0100)]
winbindd: implement wb_irpc_lsa_{LookupNames4,LookupSids3}()

This will be used by the LSA Server on an AD DC to request remote views
from trusts.

In future we should implement wb_lookupnames_send/recv similar to
wb_lookupsids_send/recv, but for now using wb_lookupname_send/recv in a loop
works as a first step.

We also need to make use of req->in.level and req->in.client_revision
once we want to support more than one domain within our own forest.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: rewrite lookup sids/names code to honor the given lookup level
Stefan Metzmacher [Mon, 22 Jan 2018 23:52:50 +0000 (00:52 +0100)]
s4:rpc_server/lsa: rewrite lookup sids/names code to honor the given lookup level

[MS-LSAT] 2.2.16 LSAP_LOOKUP_LEVEL defines the which views each level should
consult.

Up to now we support some wellknown sids, the builtin domain and our
account domain, but all levels query all views.

This commit implements 3 views (predefined, builtin, account domain)
+ a dummy winbind view (which will later be used to implement the
gc, forest and trust views)..

Depending on the level we select the required views.

This might not be perfect in all details, but it's enough
to pass all existing tests, which already revealed bugs
during the development of this patch.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agotest_trust_ntlm.sh: add lookup name tests
Stefan Metzmacher [Thu, 15 Feb 2018 09:30:28 +0000 (10:30 +0100)]
test_trust_ntlm.sh: add lookup name tests

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agolibcli/security: add dom_sid_lookup_predefined_{sid,name}()
Stefan Metzmacher [Mon, 20 Mar 2017 11:55:44 +0000 (12:55 +0100)]
libcli/security: add dom_sid_lookup_predefined_{sid,name}()

This basically implements [MS-LSAT] 3.1.1.1.1 Predefined Translation Database
and Corresponding View.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:dsdb: add dsdb_trust_domain_by_{sid,name}()
Stefan Metzmacher [Fri, 16 Feb 2018 00:14:00 +0000 (01:14 +0100)]
s4:dsdb: add dsdb_trust_domain_by_{sid,name}()

This gets the lsa_ForestTrustDomainInfo for the searched
domain as well as the lsa_TrustDomainInfoInfoEx for the
direct trust (which might be the same for external trust or
the forest root domain).

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: prepare dcesrv_lsa_LookupNames* for async processing
Stefan Metzmacher [Fri, 19 Jan 2018 12:42:40 +0000 (13:42 +0100)]
s4:rpc_server/lsa: prepare dcesrv_lsa_LookupNames* for async processing

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: prepare dcesrv_lsa_LookupSids* for async processing
Stefan Metzmacher [Fri, 19 Jan 2018 12:42:40 +0000 (13:42 +0100)]
s4:rpc_server/lsa: prepare dcesrv_lsa_LookupSids* for async processing

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: base dcesrv_lsa_LookupNames2() on dcesrv_lsa_LookupNames_common()
Stefan Metzmacher [Mon, 22 Jan 2018 19:21:14 +0000 (20:21 +0100)]
s4:rpc_server/lsa: base dcesrv_lsa_LookupNames2() on dcesrv_lsa_LookupNames_common()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: base dcesrv_lsa_LookupNames() on dcesrv_lsa_LookupNames_common()
Stefan Metzmacher [Mon, 22 Jan 2018 19:21:14 +0000 (20:21 +0100)]
s4:rpc_server/lsa: base dcesrv_lsa_LookupNames() on dcesrv_lsa_LookupNames_common()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupNames2()
Stefan Metzmacher [Mon, 22 Jan 2018 08:27:49 +0000 (09:27 +0100)]
s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupNames2()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupSids2()
Stefan Metzmacher [Mon, 22 Jan 2018 08:27:49 +0000 (09:27 +0100)]
s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupSids2()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupSids...
Stefan Metzmacher [Mon, 22 Jan 2018 08:27:49 +0000 (09:27 +0100)]
s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupSids_common()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: simplify [ref] pointer handling in dcesrv_lsa_LookupNames()
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: simplify [ref] pointer handling in dcesrv_lsa_LookupNames()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: simplify [ref] pointer handling in dcesrv_lsa_LookupSids()
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: simplify [ref] pointer handling in dcesrv_lsa_LookupSids()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: remove unused 'status' variable in dcesrv_lsa_LookupSids_common()
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: remove unused 'status' variable in dcesrv_lsa_LookupSids_common()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: make sure dcesrv_lsa_LookupNames2() gets prepared [ref] pointers
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: make sure dcesrv_lsa_LookupNames2() gets prepared [ref] pointers

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: expect prepared [ref] pointers in dcesrv_lsa_LookupNames_common()
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: expect prepared [ref] pointers in dcesrv_lsa_LookupNames_common()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: make sure dcesrv_lsa_LookupSids_common() gets prepared [ref] pointers
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: make sure dcesrv_lsa_LookupSids_common() gets prepared [ref] pointers

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:rpc_server/lsa: use LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES/LSA_CLIENT_REVISION_1...
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: use LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES/LSA_CLIENT_REVISION_1 in compat code

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agorpcclient: add lookupsids_level command
Stefan Metzmacher [Thu, 25 Jan 2018 10:24:25 +0000 (11:24 +0100)]
rpcclient: add lookupsids_level command

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agorpcclient: fix variable initialisation and add parenthesis to if clauses
Ralph Boehme [Tue, 20 Feb 2018 14:57:37 +0000 (15:57 +0100)]
rpcclient: fix variable initialisation and add parenthesis to if clauses

Just a few README.Coding fixes.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 days agoprovision: fix the 'dnsdomain' for the local sam of a domain member
Stefan Metzmacher [Fri, 2 Feb 2018 20:06:38 +0000 (21:06 +0100)]
provision: fix the 'dnsdomain' for the local sam of a domain member

A member has a local AD database, which should not use the 'dnsdomain'
as the one on domain controllers.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13285

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agotraffic_packets.py: let Lookup{Sids,Names}() work against a sane server
Stefan Metzmacher [Thu, 25 Jan 2018 17:04:29 +0000 (18:04 +0100)]
traffic_packets.py: let Lookup{Sids,Names}() work against a sane server

In order to resolve predefined sids or names we need to use
level = LSA_LOOKUP_NAMES_ALL (1).

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13284

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agonsswitch: fix double free errors in nsstest.c
Stefan Metzmacher [Sat, 10 Feb 2018 22:54:33 +0000 (23:54 +0100)]
nsswitch: fix double free errors in nsstest.c

We need to zero out static pointers on free.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13283

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos4:torture: zero initialize variables in test_LookupSidsReply()
Stefan Metzmacher [Thu, 25 Jan 2018 23:38:32 +0000 (00:38 +0100)]
s4:torture: zero initialize variables in test_LookupSidsReply()

This avoids crashes if the server returns unexpected results.  The test
should just report the failure in that case.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13282

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agowinbindd: make use of talloc_zero_array() in wb_lookupsids*()
Stefan Metzmacher [Tue, 23 Jan 2018 22:52:37 +0000 (23:52 +0100)]
winbindd: make use of talloc_zero_array() in wb_lookupsids*()

It just feels better for such a complex function.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13281

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agos3:cli_lsarpc: use talloc_zero_array() in dcerpc_lsa_lookup_names_generic()
Stefan Metzmacher [Fri, 2 Feb 2018 11:07:11 +0000 (12:07 +0100)]
s3:cli_lsarpc: use talloc_zero_array() in dcerpc_lsa_lookup_names_generic()

It just feels better for such a complex function.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13281

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
3 days agos3:cli_lsarpc: use talloc_zero_array() in dcerpc_lsa_lookup_sids_generic()
Stefan Metzmacher [Fri, 2 Feb 2018 11:07:11 +0000 (12:07 +0100)]
s3:cli_lsarpc: use talloc_zero_array() in dcerpc_lsa_lookup_sids_generic()

It just feels better for such a complex function.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13281

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
3 days agowinbindd: initialize type = SID_NAME_UNKNOWN in wb_lookupsids_single_done()
Stefan Metzmacher [Tue, 23 Jan 2018 22:52:59 +0000 (23:52 +0100)]
winbindd: initialize type = SID_NAME_UNKNOWN in wb_lookupsids_single_done()

We check for !NT_STATUS_LOOKUP_ERR(), but wb_lookupsid_recv()
only initializes the results together with NT_STATUS_OK.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13280

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agowinbindd: don't split the rid for SID_NAME_DOMAIN sids in wb_lookupsids
Stefan Metzmacher [Tue, 23 Jan 2018 13:34:45 +0000 (14:34 +0100)]
winbindd: don't split the rid for SID_NAME_DOMAIN sids in wb_lookupsids

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13279

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 days agoreplace: remove some duplicate checks
Björn Jacke [Wed, 24 Jan 2018 00:28:25 +0000 (01:28 +0100)]
replace: remove some duplicate checks

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 days agowscript: drop checks for setnetgrent/endnetgrent/getnetgrent
Björn Jacke [Wed, 24 Jan 2018 09:02:13 +0000 (10:02 +0100)]
wscript: drop checks for setnetgrent/endnetgrent/getnetgrent

we don't use setnetgrent/endnetgrent/getnetgrent since security share passed
away.

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 days agos3: remove dead already commented code
Björn Jacke [Thu, 11 Jan 2018 21:13:20 +0000 (22:13 +0100)]
s3: remove dead already commented code

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 days agoselftest: change technique for running specific envs
Jamie McClymont [Thu, 1 Feb 2018 04:46:37 +0000 (17:46 +1300)]
selftest: change technique for running specific envs

Currently testsuites excluded with --exclude/--include-env are skipped when
encountered in the middle of a run, so they are included in progress reporting,
and the @todo list does not accurately show what will be done.

This change skips them earlier, preventing them from being added to @todo, as is
done with pattern-based including/excluding.

As well as making the progress indicator more accurate, this means that
selftest.pl can use @todo to determine when we are finished with an environment.

Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 21 07:47:58 CET 2018 on sn-devel-144

3 days agoselftest: move to declaratively specifying environments and their dependencies
Jamie McClymont [Wed, 21 Feb 2018 00:33:49 +0000 (13:33 +1300)]
selftest: move to declaratively specifying environments and their dependencies

This removes the tangle of code for starting up dependencies, and allows
selftest.pl to query dependencies (hence it can know when things can be shut
down early and how to order environments for optimal memory usage - that patch
not yet submitted).

It also removes the slightly hacky special-casing of the ad_members, and sets
$target->{vars} centrally (so each setup_ function does not need to).

Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 days agoselftest: remove prototypes from some subroutine templates
Jamie McClymont [Thu, 8 Feb 2018 03:51:23 +0000 (16:51 +1300)]
selftest: remove prototypes from some subroutine templates

Rationale, as sent to samba-technical:

  > Why do you remove the explicit argument declarations for so many functions?
  > These declarations help catch usage errors, i.e. wrong number of calling
  > arguments, especially when you add arguments to functions.

  My understanding is that because these are object methods, the prototypes
  actually were not providing the checking benefits [see PERLSUB(1) (section
  "Prototypes")] -- this is evidenced by the fact that some of the prototypes I
  removed actually had the wrong number of arguments!

  Now that the subroutines are being dynamically called by function references,
  the checking also appears not to apply [see the same source].

  There was also a more concrete reason: the setup code will automatically set
  up multiple environment dependencies and pass each of their vars as an
  individual parameter. Accomplishing this was [seemingly] impossible with the
  prototypes in place.

  Additionally, there seems to be a consensus among perl devs that prototypes
  are generally harmful: see this post (by my colleague) for example:
  http://www.perlmonks.org/?node_id=406231

Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 days agos3:auth: Pass mem_ctx to init_system_session_info()
Andreas Schneider [Tue, 13 Feb 2018 11:12:06 +0000 (12:12 +0100)]
s3:auth: Pass mem_ctx to init_system_session_info()

We have a stackframe we can use for the lifetime of the session.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Feb 21 02:46:40 CET 2018 on sn-devel-144

3 days agos3:auth: Pass mem_ctx to init_guest_session_info()
Andreas Schneider [Tue, 13 Feb 2018 11:09:12 +0000 (12:09 +0100)]
s3:auth: Pass mem_ctx to init_guest_session_info()

Use a mem_ctx which gets freed if possible.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
3 days agos3:auth: Pass a mem_ctx to make_new_session_info_guest()
Andreas Schneider [Tue, 13 Feb 2018 11:05:29 +0000 (12:05 +0100)]
s3:auth: Pass a mem_ctx to make_new_session_info_guest()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
3 days agotldap: Dump unnecessary includes
Volker Lendecke [Thu, 15 Feb 2018 11:30:23 +0000 (12:30 +0100)]
tldap: Dump unnecessary includes

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
3 days agosmbspool: Improve URI handling code
Andreas Schneider [Fri, 5 Jan 2018 09:50:57 +0000 (10:50 +0100)]
smbspool: Improve URI handling code

This also checks that the URI given via the environment variables
starts with smb://

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Feb 20 21:46:38 CET 2018 on sn-devel-144

4 days agotests: Add tests for parsing LDAPv3 and LDAPv2 filter strings
Andreas Schneider [Mon, 19 Feb 2018 11:08:26 +0000 (12:08 +0100)]
tests: Add tests for parsing LDAPv3 and LDAPv2 filter strings

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb 19 23:47:08 CET 2018 on sn-devel-144

4 days agos3:tldap: Comment code for to LDAP escaping version
Andreas Schneider [Mon, 19 Feb 2018 11:29:55 +0000 (12:29 +0100)]
s3:tldap: Comment code for to LDAP escaping version

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
4 days agos3:tldap: Fix parsing LDAPv2 escaped strings
Andreas Schneider [Wed, 26 Jul 2017 15:48:34 +0000 (17:48 +0200)]
s3:tldap: Fix parsing LDAPv2 escaped strings

Yes, this is outdated, but the missing 'break' produces a compiler
warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
4 days agopython/tests/sites: ensure we can't manipulate subnets as non-admin
Douglas Bagnall [Thu, 15 Feb 2018 02:08:03 +0000 (15:08 +1300)]
python/tests/sites: ensure we can't manipulate subnets as non-admin

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13031

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
4 days agosubnet: Avoid a segfault when renaming subnet objects
Garming Sam [Wed, 20 Sep 2017 02:55:11 +0000 (14:55 +1200)]
subnet: Avoid a segfault when renaming subnet objects

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13031

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 days agoFix incorrect `ldbsearch` invocation
Timur I. Bakeyev [Mon, 11 Dec 2017 04:05:19 +0000 (05:05 +0100)]
Fix incorrect `ldbsearch` invocation

Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Feb 19 12:31:38 CET 2018 on sn-devel-144

5 days agoRemove some bashisms from the test scripts
Timur I. Bakeyev [Mon, 11 Dec 2017 01:47:21 +0000 (02:47 +0100)]
Remove some bashisms from the test scripts

Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>