samba.git
5 months agopy:dcerpc/raw_testcase: let do_single_request() check stub length against alloc_hint
Stefan Metzmacher [Tue, 20 Nov 2018 15:01:01 +0000 (16:01 +0100)]
py:dcerpc/raw_testcase: let do_single_request() check stub length against alloc_hint

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agopy:dcerpc/raw_protocol: make use of assertPadding()
Stefan Metzmacher [Tue, 11 Dec 2018 18:56:58 +0000 (19:56 +0100)]
py:dcerpc/raw_protocol: make use of assertPadding()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agopy:dcerpc/raw_testcase: make use of assertPadding()
Stefan Metzmacher [Tue, 11 Dec 2018 18:56:58 +0000 (19:56 +0100)]
py:dcerpc/raw_testcase: make use of assertPadding()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agopy:dcerpc/raw_testcase: add assertPadding() that allows IGNORE_RANDOM_PAD=1
Stefan Metzmacher [Tue, 11 Dec 2018 18:56:58 +0000 (19:56 +0100)]
py:dcerpc/raw_testcase: add assertPadding() that allows IGNORE_RANDOM_PAD=1

Sometimes Windows returns non zero bytes in padding fields,
we won't allow that by default, but IGNORE_RANDOM_PAD=1 will
will only do the length check.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agopy:dcerpc/raw_protocol: explicitly disconnect additional connections
Stefan Metzmacher [Tue, 11 Dec 2018 18:42:09 +0000 (19:42 +0100)]
py:dcerpc/raw_protocol: explicitly disconnect additional connections

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agopy:dcerpc/raw_testcase: disconnect on tearDown() of RawDCERPCTest
Stefan Metzmacher [Tue, 11 Dec 2018 18:41:08 +0000 (19:41 +0100)]
py:dcerpc/raw_testcase: disconnect on tearDown() of RawDCERPCTest

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agopy:dcerpc/raw_protocol: rename test_spnego_packet_bind_sign_privacy => test_spnego_pa...
Stefan Metzmacher [Thu, 13 Dec 2018 22:57:35 +0000 (23:57 +0100)]
py:dcerpc/raw_protocol: rename test_spnego_packet_bind_sign_privacy => test_spnego_packet_bind_seal

This makes it consistent with other tests like
test_spnego_integrity_bind_seal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agopy:dcerpc/tests: rename dcerpc/string.py -> string_tests.py
Stefan Metzmacher [Tue, 20 Nov 2018 07:25:31 +0000 (08:25 +0100)]
py:dcerpc/tests: rename dcerpc/string.py -> string_tests.py

Otherwise it's not possible to run the raw_protocol tests anymore:

python/samba/tests/dcerpc/raw_protocol.py
Traceback (most recent call last):
  File "python/samba/tests/dcerpc/raw_protocol.py", line 26, in <module>
    import samba.dcerpc.dcerpc as dcerpc
  File "bin/python/samba/__init__.py", line 32, in <module>
    from samba.compat import string_types
  File "bin/python/samba/compat.py", line 151, in <module>
    from urllib import quote as urllib_quote
  File "/usr/lib/python2.7/urllib.py", line 25, in <module>
    import string
  File "/abs/path/samba/python/samba/tests/dcerpc/string.py", line 22, in <module>
    # Some strings for ctype-style character classification
  File "bin/python/samba/tests/__init__.py", line 36, in <module>
    from samba.compat import text_type
ImportError: cannot import name text_type

This allows the following again:

SMB_CONF_PATH=/dev/null \
    SERVER=172.31.9.188 \
    TARGET_HOSTNAME=w2012r2-188.w2012r2-l6.base \
    USERNAME=administrator \
    PASSWORD=A1b2C3d4 \
    DOMAIN=W2012R2-L6 \
    REALM=W2012R2-L6.BASE \
    python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agos3:pylibsmb: add settimeout()
Stefan Metzmacher [Wed, 19 Dec 2018 14:18:17 +0000 (15:18 +0100)]
s3:pylibsmb: add settimeout()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agos4:librpc: add python winspool bindings
Stefan Metzmacher [Tue, 13 Sep 2016 04:31:04 +0000 (06:31 +0200)]
s4:librpc: add python winspool bindings

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agos4:librpc: add python spoolss bindings
Stefan Metzmacher [Tue, 13 Sep 2016 04:31:04 +0000 (06:31 +0200)]
s4:librpc: add python spoolss bindings

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agos4:librpc: add python witness bindings
Stefan Metzmacher [Tue, 13 Sep 2016 03:51:57 +0000 (05:51 +0200)]
s4:librpc: add python witness bindings

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agos3:libads: do an early return if we don't have a password for ads_kinit_password()
Stefan Metzmacher [Fri, 7 Oct 2016 16:18:56 +0000 (18:18 +0200)]
s3:libads: do an early return if we don't have a password for ads_kinit_password()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agonss/waf: check for secmethod_table.method_{attrlist,version} for aix >= 5.2
Bjoern Jacke [Fri, 21 Dec 2018 12:12:56 +0000 (06:12 -0600)]
nss/waf: check for secmethod_table.method_{attrlist,version} for aix >= 5.2

The original commit 02c9b46fab46ab401a3cf6bb74c8260801c41032 was not ported to waf yet.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Sat Dec 22 06:22:22 CET 2018 on sn-devel-144

5 months agowinbind_nss_aix: add incomplete attr_flag initializations
Björn Jacke [Fri, 21 Dec 2018 14:02:40 +0000 (15:02 +0100)]
winbind_nss_aix: add incomplete attr_flag initializations

Found by Jürgen Starek, see https://bugzilla.samba.org/show_bug.cgi?id=5157

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
5 months agowinbind_nss_aix: use WBFLAG_FROM_NSS
Björn Jacke [Sat, 22 Dec 2018 01:39:00 +0000 (02:39 +0100)]
winbind_nss_aix: use WBFLAG_FROM_NSS

Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
5 months agowinbind_nss_solaris: use WBFLAG_FROM_NSS
Björn Jacke [Fri, 21 Dec 2018 00:00:09 +0000 (01:00 +0100)]
winbind_nss_solaris: use WBFLAG_FROM_NSS

Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
5 months agowinbind_nss_netbsd: use WBFLAG_FROM_NSS
Björn Jacke [Thu, 20 Dec 2018 23:50:38 +0000 (00:50 +0100)]
winbind_nss_netbsd: use WBFLAG_FROM_NSS

Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
5 months agonsswitch/winbind_nss_linux.c use WBFLAG_FROM_NSS
Bjoern Jacke [Fri, 21 Dec 2018 11:54:31 +0000 (05:54 -0600)]
nsswitch/winbind_nss_linux.c use WBFLAG_FROM_NSS

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
5 months agowinbind: honor WBFLAG_FROM_NSS along with winbind enum users/groups
Stefan Metzmacher [Thu, 20 Dec 2018 16:25:01 +0000 (10:25 -0600)]
winbind: honor WBFLAG_FROM_NSS along with winbind enum users/groups

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
5 months agowinbind introduce WBFLAG_FROM_NSS
Bjoern Jacke [Thu, 20 Dec 2018 16:23:02 +0000 (10:23 -0600)]
winbind introduce WBFLAG_FROM_NSS

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
5 months agonsswitch/winbind_nss_aix: reimplement fetching the SID of a user
Stefan Metzmacher [Fri, 21 Dec 2018 11:51:29 +0000 (05:51 -0600)]
nsswitch/winbind_nss_aix: reimplement fetching the SID of a user

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
5 months agowinbind_nss_aix: support also S_GROUPSIDS
Björn Jacke [Fri, 21 Dec 2018 01:20:00 +0000 (02:20 +0100)]
winbind_nss_aix: support also S_GROUPSIDS

which is used by lsuser up to AIX 5.2, see also https://bugzilla.samba.org/show_bug.cgi?id=5157

Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
5 months agogroup_audit: Ensure we still log membership changes (with an error) where status...
Andrew Bartlett [Fri, 21 Dec 2018 01:51:54 +0000 (14:51 +1300)]
group_audit: Ensure we still log membership changes (with an error) where status != LDB_SUCCESS

This restores the previous behaviour.  It causes (only) the event ID
to be omitted if status != LDB_SUCCESS or there was a problem getting
the group type.

Errors at this stage are exceedingly rare, because the values have
already been checked by the repl_meta_data module, but this is
cosistent with the rest of the module again.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Dec 22 01:58:48 CET 2018 on sn-devel-144

5 months agotests group_audit: PEP8 cleanup.
Gary Lockyer [Tue, 18 Dec 2018 20:29:23 +0000 (09:29 +1300)]
tests group_audit: PEP8 cleanup.

Remove Flake8 warnings from the group  audit JSON log tests.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agos4 group_audit: Add Windows Event Id's to Group membership changes
Gary Lockyer [Tue, 18 Dec 2018 20:08:22 +0000 (09:08 +1300)]
s4 group_audit: Add Windows Event Id's to Group membership changes

Generate a GroupChange event when a user is created with a PrimaryGroup
membership.  Log the windows event id in the JSON GroupChange message.

Event Id's supported are:
4728 A member was added to a security enabled global group
4729 A member was removed from a security enabled global
group
4732 A member was added to a security enabled local group
4733 A member was removed from a security enabled local group
4746 A member was added to a security disabled local group
4747 A member was removed from a security disabled local group
4751 A member was added to a security disabled global group
4752 A member was removed from a security disabled global
group
4756 A member was added to a security enabled universal
group
4757 A member was removed from a security enabled universal
group
4761 A member was added to a security disabled universal
group
4762 A member was removed from a security disabled universal
group

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agobuild: Remove --timestamp-dependencies (BROKEN)
Andrew Bartlett [Tue, 18 Dec 2018 03:27:14 +0000 (16:27 +1300)]
build: Remove --timestamp-dependencies (BROKEN)

Remove this code marked as broken, we do not need broken configure options making Samba
appear to be more complex than it already is.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agopaged results: testing suite for new paged results module
Aaron Haslett [Mon, 12 Nov 2018 01:35:40 +0000 (14:35 +1300)]
paged results: testing suite for new paged results module

Testing the new GUID list based paged results module

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Fri Dec 21 11:10:30 CET 2018 on sn-devel-144

5 months agopaged results: new paged results module using GUID list
Aaron Haslett [Mon, 12 Nov 2018 01:30:55 +0000 (14:30 +1300)]
paged results: new paged results module using GUID list

Replacing paged results module to use GUID list instead of storing
result list in memory, in order to improve memory performance.

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agovlv: tests for delete, add, and modify cases
Aaron Haslett [Mon, 12 Nov 2018 01:15:08 +0000 (14:15 +1300)]
vlv: tests for delete, add, and modify cases

More vlv testing for cases involving modifying, deleting, and adding records
while observing the effect on already initialised views.

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agos3-vfs-fruit: add close call
Günther Deschner [Tue, 18 Dec 2018 16:18:33 +0000 (17:18 +0100)]
s3-vfs-fruit: add close call

https://bugzilla.samba.org/show_bug.cgi?id=13725

We cannot always rely on vfs_default to close the fake fds. This mostly is
relevant when used with another non-local VFS filesystem module such as
gluster.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Dec 21 07:20:49 CET 2018 on sn-devel-144

5 months agos4 messaging tests: Fix race condition in smbcontrol tests
Gary Lockyer [Thu, 20 Dec 2018 02:46:21 +0000 (15:46 +1300)]
s4 messaging tests: Fix race condition in smbcontrol tests

The test for the smbcontrol sleep command and the inject fault command
both used the "rpc_server" process as a target.  As the inject fault
command caused the process to restart there was a race condition between
the process restarting and the sleep test running.  To prevent this the
tests now use different target processes.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Dec 21 03:39:24 CET 2018 on sn-devel-144

5 months agotests (audit_auth)_log: PEP8 cleanup.
Gary Lockyer [Sun, 16 Dec 2018 21:04:42 +0000 (10:04 +1300)]
tests (audit_auth)_log: PEP8 cleanup.

Remove Flake8 warnings from the audit and authentication JSON log
tests.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agoWHATSNEW: JSON logging changes
Gary Lockyer [Sun, 16 Dec 2018 21:03:01 +0000 (10:03 +1300)]
WHATSNEW: JSON logging changes

Add details of the Windows Event Id's and Logon Types added to the
Authorization qnd PasswordChange JSON messages.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agodns: treating fully qualified and unqualified zone as identical.
Aaron Haslett [Fri, 17 Aug 2018 05:30:20 +0000 (17:30 +1200)]
dns: treating fully qualified and unqualified zone as identical.

"zone.com." and "zone.com" should be treated as the same zone.  This patch
picks the unqualified representation as standard and enforces it, in order to
match BIND9 behaviour.
Note: This fixes the failing test added previously, but that test still fails
on the rodc test target so we modify the expected failure but don't remove it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13442
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agodns: test for treating fully qualified zones same as unqualified
Aaron Haslett [Mon, 20 Aug 2018 04:07:15 +0000 (16:07 +1200)]
dns: test for treating fully qualified zones same as unqualified

Failing test that checks if fully qualified zone names are treated the same
as unqualified zone names by the dns zone creation RPC method. Fix to follow.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13214
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agolib: Remove sid_string_dbg
Volker Lendecke [Sat, 15 Dec 2018 14:22:25 +0000 (15:22 +0100)]
lib: Remove sid_string_dbg

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agosamr: Use dom_sid_str_buf
Volker Lendecke [Fri, 14 Dec 2018 21:11:56 +0000 (22:11 +0100)]
samr: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agolsasrv: Use dom_sid_str_buf
Volker Lendecke [Fri, 14 Dec 2018 20:48:48 +0000 (21:48 +0100)]
lsasrv: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agospoolss: Use dom_sid_str_buf
Volker Lendecke [Fri, 14 Dec 2018 20:44:49 +0000 (21:44 +0100)]
spoolss: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agowinbindd: Use dom_sid_str_buf
Volker Lendecke [Fri, 14 Dec 2018 20:09:51 +0000 (21:09 +0100)]
winbindd: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agowkssvc: Use dom_sid_str_buf
Volker Lendecke [Thu, 13 Dec 2018 21:23:30 +0000 (22:23 +0100)]
wkssvc: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agolibnet: Use dom_sid_str_buf
Volker Lendecke [Thu, 13 Dec 2018 20:41:43 +0000 (21:41 +0100)]
libnet: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agolib: Use dom_sid_str_buf
Volker Lendecke [Thu, 13 Dec 2018 20:22:27 +0000 (21:22 +0100)]
lib: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agolib: Avoid sid_string_dbg
Volker Lendecke [Thu, 13 Dec 2018 20:21:57 +0000 (21:21 +0100)]
lib: Avoid sid_string_dbg

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agoauth3: Use dom_sid_str_buf
Volker Lendecke [Thu, 13 Dec 2018 20:01:00 +0000 (21:01 +0100)]
auth3: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agovfs: Use dom_sid_str_buf
Volker Lendecke [Tue, 11 Dec 2018 16:17:46 +0000 (17:17 +0100)]
vfs: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agolookup_sid: Use dom_sid_str_buf
Volker Lendecke [Tue, 11 Dec 2018 16:00:48 +0000 (17:00 +0100)]
lookup_sid: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agopdb_ldap: Use dom_sid_str_buf
Volker Lendecke [Tue, 11 Dec 2018 15:52:39 +0000 (16:52 +0100)]
pdb_ldap: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agopdb_smbpasswd: Use dom_sid_str_buf
Volker Lendecke [Tue, 11 Dec 2018 15:39:19 +0000 (16:39 +0100)]
pdb_smbpasswd: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agopassdb: Use dom_sid_str_buf
Volker Lendecke [Tue, 11 Dec 2018 15:09:41 +0000 (16:09 +0100)]
passdb: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agogroupdb: Use dom_sid_str_buf
Volker Lendecke [Tue, 11 Dec 2018 12:56:03 +0000 (13:56 +0100)]
groupdb: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agowinbind: Use dom_sid_str_buf
Volker Lendecke [Tue, 11 Dec 2018 10:03:02 +0000 (11:03 +0100)]
winbind: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agolibads: Use dom_sid_str_buf
Volker Lendecke [Tue, 11 Dec 2018 06:44:13 +0000 (07:44 +0100)]
libads: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agosmbd: Use dom_sid_str_buf
Volker Lendecke [Mon, 10 Dec 2018 12:04:11 +0000 (13:04 +0100)]
smbd: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agosmbcacls: Use dom_sid_str_buf
Volker Lendecke [Mon, 10 Dec 2018 11:51:56 +0000 (12:51 +0100)]
smbcacls: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agonet: Use dom_sid_str_buf
Volker Lendecke [Mon, 10 Dec 2018 11:47:36 +0000 (12:47 +0100)]
net: Use dom_sid_str_buf

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
5 months agolib:util: Use memset_s() in data_blob_clear()
Andreas Schneider [Tue, 11 Dec 2018 13:31:26 +0000 (14:31 +0100)]
lib:util: Use memset_s() in data_blob_clear()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Dec 20 16:11:03 CET 2018 on sn-devel-144

5 months agolibcli:smb: Avoid explicit ZERO_STRUCT
Andreas Schneider [Thu, 18 Oct 2018 09:26:44 +0000 (11:26 +0200)]
libcli:smb: Avoid explicit ZERO_STRUCT

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agolibcli:auth: Use C99 initializers or ZERO_ARRAY instead of ZERO_STRUCT
Andreas Schneider [Mon, 3 Dec 2018 14:42:03 +0000 (15:42 +0100)]
libcli:auth: Use C99 initializers or ZERO_ARRAY instead of ZERO_STRUCT

ZERO_STRUCT is not wrong here, it will give the same result, but better
use macros with correct naming as it makes clear what happens when you
read the code.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agolib:util: Sync memory.h with replace.h
Andreas Schneider [Mon, 3 Dec 2018 14:37:03 +0000 (15:37 +0100)]
lib:util: Sync memory.h with replace.h

We can't remove memory.h as this is a public header file. So we need to
duplicate them from replace.h

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agolib:util: Cleanup comments in memory.h
Andreas Schneider [Mon, 3 Dec 2018 14:35:58 +0000 (15:35 +0100)]
lib:util: Cleanup comments in memory.h

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agoreplace: Use memset_s for ZERO_* macros
Andreas Schneider [Mon, 3 Dec 2018 14:31:30 +0000 (15:31 +0100)]
replace: Use memset_s for ZERO_* macros

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agoreplace: Cleanup comments for ZERO_*
Andreas Schneider [Mon, 3 Dec 2018 14:27:32 +0000 (15:27 +0100)]
replace: Cleanup comments for ZERO_*

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agoreplace: Add memset_s to replacement functions
Andreas Schneider [Tue, 11 Dec 2018 17:09:14 +0000 (18:09 +0100)]
replace: Add memset_s to replacement functions

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agowafsamba: Do not remove BUILTINS as duplicates
Andreas Schneider [Mon, 17 Dec 2018 20:40:55 +0000 (21:40 +0100)]
wafsamba: Do not remove BUILTINS as duplicates

BUILTINS add object files to the target, so we can't remove them as
duplicates.

The issue e.g happens when tevent wants to link libreplace:

   20:04:10 deps removing dups from tevent of type LIBRARY: {'replace'}
   also in LIBRARY talloc

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agowaf: Add missing libreplace deps to pyldb*
Andreas Schneider [Wed, 19 Dec 2018 08:34:12 +0000 (09:34 +0100)]
waf: Add missing libreplace deps to pyldb*

This will require memset_s() because of a later commit moving
ZERO_STRUCT to use memset_s().

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
5 months agos3:auth_winbind: ignore a missing winbindd as NT4 PDC/BDC without trusts
Stefan Metzmacher [Sat, 8 Dec 2018 22:25:40 +0000 (23:25 +0100)]
s3:auth_winbind: ignore a missing winbindd as NT4 PDC/BDC without trusts

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13722

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Thu Dec 20 12:15:09 CET 2018 on sn-devel-144

5 months agos3:auth_winbind: return NT_STATUS_NO_LOGON_SERVERS if winbindd is not available
Stefan Metzmacher [Sat, 8 Dec 2018 21:53:21 +0000 (22:53 +0100)]
s3:auth_winbind: return NT_STATUS_NO_LOGON_SERVERS if winbindd is not available

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13722
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13723

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
5 months agos3:auth_winbind: remove fallback to optional backend
Stefan Metzmacher [Sat, 8 Dec 2018 21:48:33 +0000 (22:48 +0100)]
s3:auth_winbind: remove fallback to optional backend

This is not possible anymore, as the trustdomain backend
was removed in commit 75c152c0d764165a4a9dd0a85390af063dd0192a.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13722
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13723

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
5 months agos3:auth: ignore create_builtin_guests() failing without a valid idmap configuration
Stefan Metzmacher [Wed, 19 Dec 2018 08:38:33 +0000 (09:38 +0100)]
s3:auth: ignore create_builtin_guests() failing without a valid idmap configuration

This happens on standalone servers, where winbindd is automatically
started by init scripts if it's installed. But it's not really
used and may not have a valid idmap configuration (
"idmap config * : range" has no default!)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13697

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
5 months agos3-vfs-streams_xattr: add close call
Günther Deschner [Tue, 18 Dec 2018 16:20:29 +0000 (17:20 +0100)]
s3-vfs-streams_xattr: add close call

https://bugzilla.samba.org/show_bug.cgi?id=13725

We cannot always rely on vfs_default to close the fake fds. This mostly is
relevant when used with another non-local VFS filesystem module such as
gluster.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Dec 20 07:18:20 CET 2018 on sn-devel-144

5 months agolib/audit_logging: actually create talloc
Philipp Gesang [Tue, 18 Dec 2018 15:09:19 +0000 (16:09 +0100)]
lib/audit_logging: actually create talloc

Heal damage of 79f494e51e..

That context is being passed around and freed but is never
actually allocated on that stack.

Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodocs-xml: document "log level" changes
Ralph Boehme [Wed, 12 Dec 2018 20:04:42 +0000 (21:04 +0100)]
docs-xml: document "log level" changes

"log level" now takes an optional per debug-class logfile:

  log level = 1 full_audit:1@/var/log/audit.log winbind:2

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: enable per debug-class logfiles
Ralph Boehme [Wed, 12 Dec 2018 21:46:49 +0000 (22:46 +0100)]
debug: enable per debug-class logfiles

This finally enables per debug-class logfiles by hooking into
reopen_logs_internal() calls to reopen_one_log() per configured
debug-class.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: remove fd and debugf from state, use dbgc_config[DBGC_ALL]
Ralph Boehme [Wed, 12 Dec 2018 21:49:15 +0000 (22:49 +0100)]
debug: remove fd and debugf from state, use dbgc_config[DBGC_ALL]

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: update logsize checking for per debug-class logfiles
Ralph Boehme [Wed, 12 Dec 2018 13:43:22 +0000 (14:43 +0100)]
debug: update logsize checking for per debug-class logfiles

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: update need_to_check_log_size() for per debug-class logfiles
Ralph Boehme [Wed, 12 Dec 2018 13:54:41 +0000 (14:54 +0100)]
debug: update need_to_check_log_size() for per debug-class logfiles

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: add support for per debug-class logfiles
Ralph Boehme [Wed, 12 Dec 2018 12:11:26 +0000 (13:11 +0100)]
debug: add support for per debug-class logfiles

This adds support for per debug-class logfiles to the function parsing
the "log level" option.

The enhanced syntax is:

  log level = CLASS:LEVEL[@PATH] [CLASS:LEVEL[@PATH] ... ]

Eg

  log level = full_audit:1@/var/log/audit.logfile

While the option is already parsed and stored in in the dbgc_config[]
array, the feature is still effectively disabled, as
reopen_logs_internal() still doesn't open the per debug-class logfiles.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: add resource cleanup for per debug-class logfiles
Ralph Boehme [Wed, 12 Dec 2018 12:09:03 +0000 (13:09 +0100)]
debug: add resource cleanup for per debug-class logfiles

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: add logfile and fd to struct debug_class
Ralph Boehme [Wed, 12 Dec 2018 11:51:16 +0000 (12:51 +0100)]
debug: add logfile and fd to struct debug_class

Initialized to -1. Already checked in debug_file_log() without affecting
behaviour until subsequent commits set per-debug-class fds.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: factor out logfile size check
Ralph Boehme [Wed, 12 Dec 2018 11:45:11 +0000 (12:45 +0100)]
debug: factor out logfile size check

The new function will also be used for upcoming per-debug-class logfiles.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: add a call to debug_parse_levels() to reopen_logs()
Ralph Boehme [Wed, 12 Dec 2018 11:43:47 +0000 (12:43 +0100)]
debug: add a call to debug_parse_levels() to reopen_logs()

This allows correct refresh of the "log level" setting when reloading config.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: add an empty line
Ralph Boehme [Wed, 12 Dec 2018 07:48:35 +0000 (08:48 +0100)]
debug: add an empty line

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: factor out a function that opens and closes the new and old logfile
Ralph Boehme [Wed, 12 Dec 2018 11:35:42 +0000 (12:35 +0100)]
debug: factor out a function that opens and closes the new and old logfile

The new function reopen_one_log() will also be used for per-class
logfiles in subsequent commmits.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: track current debug message class
Ralph Boehme [Wed, 12 Dec 2018 21:22:44 +0000 (22:22 +0100)]
debug: track current debug message class

This is analog to current_msg_level.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: convert dbgc_config to an array of struct debug_class
Ralph Boehme [Wed, 12 Dec 2018 21:21:57 +0000 (22:21 +0100)]
debug: convert dbgc_config to an array of struct debug_class

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: README.Coding fixes
Ralph Boehme [Wed, 12 Dec 2018 10:57:05 +0000 (11:57 +0100)]
debug: README.Coding fixes

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: rename DEBUGLEVEL_CLASS variable to dbgc_config
Ralph Boehme [Wed, 12 Dec 2018 21:19:06 +0000 (22:19 +0100)]
debug: rename DEBUGLEVEL_CLASS variable to dbgc_config

Variable names should not be given in uppercase.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agodebug: move some definitions around
Ralph Boehme [Wed, 12 Dec 2018 07:57:28 +0000 (08:57 +0100)]
debug: move some definitions around

They will be needed by some function in a subsequent commit.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
5 months agos4: Add kerberos tracing
Swen Schillig [Wed, 5 Dec 2018 10:55:09 +0000 (11:55 +0100)]
s4: Add kerberos tracing

Replace kerberos context initialization from
raw krb5_init_context() to smb_krb5_init_context_basic()
which is adding common tracing as well.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Thu Dec 20 01:31:17 CET 2018 on sn-devel-144

5 months agowinbindd: Add kerberos tracing
Swen Schillig [Wed, 5 Dec 2018 10:46:46 +0000 (11:46 +0100)]
winbindd: Add kerberos tracing

Replace kerberos context initialization from
raw krb5_init_context() to smb_krb5_init_context_basic()
which is adding common tracing as well.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
5 months agoutils: Add kerberos tracing
Swen Schillig [Wed, 5 Dec 2018 10:44:24 +0000 (11:44 +0100)]
utils: Add kerberos tracing

Replace kerberos context initialization from
raw krb5_init_context() to smb_krb5_init_context_basic()
which is adding common tracing as well.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
5 months agopassdb: Add kerberos tracing
Swen Schillig [Wed, 5 Dec 2018 10:41:47 +0000 (11:41 +0100)]
passdb: Add kerberos tracing

Replace kerberos context initialization from
raw krb5_init_context() to smb_krb5_init_context_basic()
which is adding common tracing as well.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
5 months agolibrpc: Add kerberos tracing
Swen Schillig [Wed, 5 Dec 2018 10:38:44 +0000 (11:38 +0100)]
librpc: Add kerberos tracing

Replace kerberos context initialization from
raw krb5_init_context() to smb_krb5_init_context_basic()
which is adding common tracing as well.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
5 months agolibnet: Add kerberos tracing
Swen Schillig [Wed, 5 Dec 2018 10:35:42 +0000 (11:35 +0100)]
libnet: Add kerberos tracing

Replace kerberos context initialization from
raw krb5_init_context() to smb_krb5_init_context_basic()
which is adding common tracing as well.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
5 months agolibads: Add kerberos tracing
Swen Schillig [Wed, 5 Dec 2018 10:16:42 +0000 (11:16 +0100)]
libads: Add kerberos tracing

Replace kerberos context initialization from
raw krb5_init_context() to smb_krb5_init_context_basic()
which is adding common tracing as well.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
5 months agoclient: Add kerberos tracing
Swen Schillig [Wed, 5 Dec 2018 10:06:20 +0000 (11:06 +0100)]
client: Add kerberos tracing

Replace kerberos context initialization from
raw krb5_init_context() to smb_krb5_init_context_basic()
which is adding common tracing as well.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
5 months agolib: Add kerberos tracing
Swen Schillig [Wed, 5 Dec 2018 10:03:33 +0000 (11:03 +0100)]
lib: Add kerberos tracing

Add krb5 tracing to samba krb5 wrapper.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
5 months agoAdd MIT kerberos tracing capability
Swen Schillig [Wed, 5 Dec 2018 09:29:44 +0000 (10:29 +0100)]
Add MIT kerberos tracing capability

HEIMDAL kerberos offers already tracing via a logging facility
through smb_krb5_init_context().
MIT kerberos offers to register a callback via krb5_set_trace_callback
with which tracing information can be routed to a common logging facility.
This is now integrated into smb_krb5_init_context_basic() offering
the same functionality for both kerberos fragrances.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>