samba.git
6 years agothird_party/popt: Initial support for popt.
Ira Cooper [Wed, 23 Jul 2014 04:34:17 +0000 (21:34 -0700)]
third_party/popt: Initial support for popt.

ctdb, ldb, and samba are supported builds for third_party popt.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agothird_party/popt: Initial copy of popt.
Ira Cooper [Wed, 23 Jul 2014 07:17:30 +0000 (00:17 -0700)]
third_party/popt: Initial copy of popt.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agolib/zlib: Remove non third_party zlib.
Ira Cooper [Wed, 23 Jul 2014 07:16:24 +0000 (00:16 -0700)]
lib/zlib: Remove non third_party zlib.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agothird_party/zlib: Initial support for zlib
Ira Cooper [Wed, 23 Jul 2014 04:27:13 +0000 (21:27 -0700)]
third_party/zlib: Initial support for zlib

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agothird_party/zlib: Initial copy of zlib.
Ira Cooper [Wed, 23 Jul 2014 04:26:40 +0000 (21:26 -0700)]
third_party/zlib: Initial copy of zlib.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agolib/iniparser: Remove non third_party iniparser.
Ira Cooper [Thu, 17 Jul 2014 22:07:31 +0000 (18:07 -0400)]
lib/iniparser: Remove non third_party iniparser.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agothird_party/iniparser: Initial support for iniparser.
Ira Cooper [Thu, 17 Jul 2014 22:04:35 +0000 (18:04 -0400)]
third_party/iniparser: Initial support for iniparser.

This is the initial support for iniparser, as well the basic
third_party framework.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agothird_party/iniparser: Initial copy of iniparser.
Ira Cooper [Thu, 17 Jul 2014 21:31:05 +0000 (17:31 -0400)]
third_party/iniparser: Initial copy of iniparser.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agonsswitch: Fix bogus #include line.
Ira Cooper [Wed, 16 Jul 2014 21:40:57 +0000 (17:40 -0400)]
nsswitch: Fix bogus #include line.

We are not allowed to reach around behind the system's back and
include the wrong headerfiles.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agopassdb: add missing newline to debug message in get_primary_group_sid()
Justin Maggard [Fri, 8 Aug 2014 17:19:41 +0000 (10:19 -0700)]
passdb: add missing newline to debug message in get_primary_group_sid()

Signed-off-by: Justin Maggard <jmaggard@netgear.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Sat Aug  9 00:44:06 CEST 2014 on sn-devel-104

6 years agoRevert "doc: Add new parameters to vfs_full_audit man page"
Christof Schmitt [Fri, 8 Aug 2014 17:00:43 +0000 (10:00 -0700)]
Revert "doc: Add new parameters to vfs_full_audit man page"

This reverts commit 685af0342ea7324086661a506e1d0ee15ab07f16.

Volker's patches already added the description to the manpage.

Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Fri Aug  8 21:47:58 CEST 2014 on sn-devel-104

6 years agos4-auth: Initialize the tokens by default.
Andreas Schneider [Fri, 18 Jul 2014 10:57:20 +0000 (12:57 +0200)]
s4-auth: Initialize the tokens by default.

Found with valgrind.

Signed-off-by: Andreas Schneider <asn@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Aug  8 19:01:56 CEST 2014 on sn-devel-104

6 years agokrb5_wrap: Use com_err in krb5_warnx.
Andreas Schneider [Tue, 20 May 2014 12:30:16 +0000 (14:30 +0200)]
krb5_wrap: Use com_err in krb5_warnx.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agos4-dsdb/cracknames: free realm from smb_krb5_principal_get_realm().
Günther Deschner [Thu, 15 May 2014 07:46:21 +0000 (09:46 +0200)]
s4-dsdb/cracknames: free realm from smb_krb5_principal_get_realm().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agos3-libads/krb5_setpw: free realm from smb_krb5_principal_get_realm().
Günther Deschner [Thu, 15 May 2014 07:45:32 +0000 (09:45 +0200)]
s3-libads/krb5_setpw: free realm from smb_krb5_principal_get_realm().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agolib/krb5_wrap: make sure smb_krb5_principal_get_realm returns a malloced string.
Günther Deschner [Thu, 15 May 2014 07:44:23 +0000 (09:44 +0200)]
lib/krb5_wrap: make sure smb_krb5_principal_get_realm returns a malloced string.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agowscript: Only build gensec_krb5 with heimdal.
Andreas Schneider [Thu, 7 Aug 2014 13:28:57 +0000 (15:28 +0200)]
wscript: Only build gensec_krb5 with heimdal.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agoprinting: reload printer shares on OpenPrinter
David Disseldorp [Tue, 5 Aug 2014 15:33:33 +0000 (17:33 +0200)]
printing: reload printer shares on OpenPrinter

The printer share inventory should be reloaded on open _and_
enumeration, as there are some clients, such as cupsaddsmb, that do not
perform an enumeration prior to access.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Aug  8 16:33:50 CEST 2014 on sn-devel-104

6 years agosmbd: split printer reload processing
David Disseldorp [Fri, 1 Aug 2014 14:25:59 +0000 (16:25 +0200)]
smbd: split printer reload processing

All printer inventory updates are currently done via
delete_and_reload_printers(), which handles registry.tdb updates for
added or removed printers, AD printer unpublishing on removal, as well
as share service creation and deletion.

This change splits this functionality into two functions such that
per-client smbd processes do not perform registry.tdb updates or printer
unpublishing. This is now only performed by the process that performs
the printcap cache update.

This change is similar to ac6604868d1325dd4c872dc0f6ab056d10ebaecf from
the 3.6 branch.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 years agoserver: remove duplicate snum_is_shared_printer()
David Disseldorp [Tue, 5 Aug 2014 16:45:24 +0000 (18:45 +0200)]
server: remove duplicate snum_is_shared_printer()

Only keep a single definition in server_reload.c

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 years agosmbd: only reprocess printer_list.tdb if it changed
David Disseldorp [Wed, 23 Jul 2014 12:42:00 +0000 (14:42 +0200)]
smbd: only reprocess printer_list.tdb if it changed

The per-client smbd printer share inventory is currently updated from
printer_list.tdb when a client enumerates printers, via EnumPrinters or
NetShareEnum.
printer_list.tdb is populated by the background print process, based on
the latest printcap values retrieved from the printing backend (e.g.
CUPS) at regular intervals.
This change ensures that per-client smbd processes don't reparse
printer_list.tdb if it hasn't been updated since the last enumeration.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652

Suggested-by: Volker Lendecke <vl@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 years agoprinting: return last change time with pcap_cache_loaded()
David Disseldorp [Wed, 23 Jul 2014 10:12:34 +0000 (12:12 +0200)]
printing: return last change time with pcap_cache_loaded()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 years agoprinting: remove pcap_cache_add()
David Disseldorp [Fri, 25 Jul 2014 10:18:54 +0000 (12:18 +0200)]
printing: remove pcap_cache_add()

All print list updates are now done via pcap_cache_replace(), which can
call into the print_list code directly.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 years agoprinting: reload printer_list.tdb from in memory list
David Disseldorp [Tue, 22 Jul 2014 18:17:38 +0000 (20:17 +0200)]
printing: reload printer_list.tdb from in memory list

This will allow in future for a single atomic printer_list.tdb update.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 years agoprinting: only reload printer shares on client enum
David Disseldorp [Fri, 11 Jul 2014 15:00:05 +0000 (17:00 +0200)]
printing: only reload printer shares on client enum

Currently, automatic printer share updates are handled in the following
way:
- Background printer process (BPP) forked on startup
- Parent smbd and per-client children await MSG_PRINTER_PCAP messages
- BPP periodically polls the printing backend for printcap data
- printcap data written to printer_list.tdb
- MSG_PRINTER_PCAP sent to all smbd processes following update
- smbd processes all read the latest printer_list.tdb data, and update
  their share listings

This procedure is not scalable, as all smbd processes hit
printer_list.tdb in parallel, resulting in a large spike in CPU usage.

This change sees smbd processes only update their printer share lists
only when a client asks for this information, e.g. via NetShareEnum or
EnumPrinters.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652

Suggested-by: Volker Lendecke <vl@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 years agoprinting: traverse_read the printer list for share updates
David Disseldorp [Wed, 9 Jul 2014 22:18:10 +0000 (00:18 +0200)]
printing: traverse_read the printer list for share updates

The printcap update procedure involves the background printer process
obtaining the printcap information from the printing backend, writing
this to printer_list.tdb, and then notifying all smbd processes of the
new list. The processes then all attempt to simultaneously traverse
printer_list.tdb, in order to update their local share lists.

With a large number of printers, and a large number of per-client smbd
processes, this traversal results in significant lock contention, mostly
due to the fact that the traversal is unnecessarily done with an
exclusive (write) lock on the printer_list.tdb database.

This commit changes the share update code path to perform a read-only
traversal.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10652

Reported-by: Alex K <korobkin+samba@gmail.com>
Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
6 years agolib/krb5_wrap: provide krb5_warnx() replacement.
Günther Deschner [Thu, 8 May 2014 13:06:51 +0000 (15:06 +0200)]
lib/krb5_wrap: provide krb5_warnx() replacement.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug  8 08:30:50 CEST 2014 on sn-devel-104

6 years agolib/krb5_wrap: use krb5_copy_data_contents in smb_krb5_principal_set_realm.
Günther Deschner [Tue, 13 May 2014 15:33:07 +0000 (17:33 +0200)]
lib/krb5_wrap: use krb5_copy_data_contents in smb_krb5_principal_set_realm.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agolib/krb5_wrap: provide CKSUMTYPE_HMAC_MD5 type matching MIT.
Günther Deschner [Thu, 8 May 2014 12:54:06 +0000 (14:54 +0200)]
lib/krb5_wrap: provide CKSUMTYPE_HMAC_MD5 type matching MIT.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agolib/krb5_wrap: define KRB5_PW_SALT if it is not already there.
Günther Deschner [Thu, 8 May 2014 12:31:37 +0000 (14:31 +0200)]
lib/krb5_wrap: define KRB5_PW_SALT if it is not already there.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agolib/krb5_wrap: add smb_krb5_principal_get_type().
Günther Deschner [Thu, 8 May 2014 10:13:00 +0000 (12:13 +0200)]
lib/krb5_wrap: add smb_krb5_principal_get_type().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agoauth/credentials_krb5: silence a build warning.
Günther Deschner [Thu, 8 May 2014 08:12:01 +0000 (10:12 +0200)]
auth/credentials_krb5: silence a build warning.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agolib/krb5_wrap: add smb_krb5_principal_set_realm().
Günther Deschner [Thu, 8 May 2014 07:57:21 +0000 (09:57 +0200)]
lib/krb5_wrap: add smb_krb5_principal_set_realm().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agolib/krb5_wrap: use const principal in smb_krb5_principal_get_realm().
Günther Deschner [Thu, 8 May 2014 08:06:13 +0000 (10:06 +0200)]
lib/krb5_wrap: use const principal in smb_krb5_principal_get_realm().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agowscript: add check for krb5_keyblock_init.
Günther Deschner [Thu, 8 May 2014 07:46:25 +0000 (09:46 +0200)]
wscript: add check for krb5_keyblock_init.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agos4-gensec_krb5: fix memleak in gensec_krb5_session_info().
Günther Deschner [Tue, 6 May 2014 11:47:28 +0000 (13:47 +0200)]
s4-gensec_krb5: fix memleak in gensec_krb5_session_info().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agolib/krb5_wrap: add krb5_copy_data_contents.
Günther Deschner [Thu, 8 May 2014 12:59:00 +0000 (14:59 +0200)]
lib/krb5_wrap: add krb5_copy_data_contents.

This reuses krb5_data_copy() if available, choosed not to call it
krb5_data_copy as that is easily mixed up with krb5_copy_data (which allocs the
krb5_data pointer). Thanks Simo for proposing the better name.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agos4-heimdal: fix krb5_get_init_creds_opt_set_process_last_req().
Günther Deschner [Wed, 7 May 2014 06:19:56 +0000 (08:19 +0200)]
s4-heimdal: fix krb5_get_init_creds_opt_set_process_last_req().

Most probably just a copy/paste error.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agos4-auth/kerberos: add a note how to implement krb5_get_init_creds_opt_set_win2k(...
Günther Deschner [Wed, 7 May 2014 06:24:15 +0000 (08:24 +0200)]
s4-auth/kerberos: add a note how to implement krb5_get_init_creds_opt_set_win2k() with MIT.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agos4-kerberos: remove duplicate macros.
Günther Deschner [Tue, 6 May 2014 09:30:51 +0000 (11:30 +0200)]
s4-kerberos: remove duplicate macros.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agos4-dsdb/samdb: use smb_krb5_principal_get_comp_string in ldb ACL module.
Günther Deschner [Wed, 30 Apr 2014 08:26:17 +0000 (10:26 +0200)]
s4-dsdb/samdb: use smb_krb5_principal_get_comp_string in ldb ACL module.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agolib/krb5_wrap: add smb_krb5_principal_get_comp_string().
Günther Deschner [Wed, 30 Apr 2014 08:49:14 +0000 (10:49 +0200)]
lib/krb5_wrap: add smb_krb5_principal_get_comp_string().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agolib/krb5_wrap: move krb5_princ_size replacement code to lib/krb5_wrap/krb5_samba.c.
Günther Deschner [Wed, 30 Apr 2014 08:46:20 +0000 (10:46 +0200)]
lib/krb5_wrap: move krb5_princ_size replacement code to lib/krb5_wrap/krb5_samba.c.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agoauth/credentials-krb5: use get_kerberos_allowed_etypes().
Günther Deschner [Tue, 29 Apr 2014 16:22:55 +0000 (18:22 +0200)]
auth/credentials-krb5: use get_kerberos_allowed_etypes().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agos4-torture: use smb_krb5_get_allowed_weak_crypto() in remote PAC test.
Günther Deschner [Tue, 29 Apr 2014 16:14:35 +0000 (18:14 +0200)]
s4-torture: use smb_krb5_get_allowed_weak_crypto() in remote PAC test.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>

6 years agolib/krb5_wrap: add smb_krb5_get_allowed_weak_crypto().
Günther Deschner [Tue, 29 Apr 2014 16:14:05 +0000 (18:14 +0200)]
lib/krb5_wrap: add smb_krb5_get_allowed_weak_crypto().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>

6 years agolib/krb5_wrap: remove unused create_kerberos_key_from_string_direct().
Günther Deschner [Fri, 25 Apr 2014 12:15:48 +0000 (14:15 +0200)]
lib/krb5_wrap: remove unused create_kerberos_key_from_string_direct().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>

6 years agosamba: use smb_krb5_create_key_from_string() in some places.
Günther Deschner [Fri, 25 Apr 2014 12:14:20 +0000 (14:14 +0200)]
samba: use smb_krb5_create_key_from_string() in some places.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>

6 years agolib/krb5_wrap: add smb_krb5_create_key_from_string().
Günther Deschner [Fri, 25 Apr 2014 12:12:05 +0000 (14:12 +0200)]
lib/krb5_wrap: add smb_krb5_create_key_from_string().

This function can take either a calculated salt or a principal and calculate the
salt on its own.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>

6 years agolib/krb5_wrap: add smb_krb5_get_pw_salt().
Günther Deschner [Fri, 25 Apr 2014 12:03:35 +0000 (14:03 +0200)]
lib/krb5_wrap: add smb_krb5_get_pw_salt().

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>

6 years agos4-dsdb/samdb: use smb_krb5_make_principal for compatibility reasons with MIT.
Günther Deschner [Fri, 25 Apr 2014 11:59:11 +0000 (13:59 +0200)]
s4-dsdb/samdb: use smb_krb5_make_principal for compatibility reasons with MIT.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
6 years agodoc: Add new parameters to vfs_full_audit man page
Christof Schmitt [Thu, 7 Aug 2014 19:01:56 +0000 (12:01 -0700)]
doc: Add new parameters to vfs_full_audit man page

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug  8 00:37:48 CEST 2014 on sn-devel-104

6 years agovfs_full_audit: Optionally log security descriptors in FSET_NT_ACL
Volker Lendecke [Thu, 7 Aug 2014 10:53:33 +0000 (10:53 +0000)]
vfs_full_audit: Optionally log security descriptors in FSET_NT_ACL

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agovfs_full_audit: Add "full_audit:syslog"
Volker Lendecke [Thu, 7 Aug 2014 10:44:01 +0000 (10:44 +0000)]
vfs_full_audit: Add "full_audit:syslog"

Defaults to true (for compatibility)

With full_audit:syslog=false we DEBUG the messages with level 1.

You can explicitly [en|dis]able this with debug class full_audit:0/1

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agovfs_full_audit: Save full_audit:priority in private_data
Volker Lendecke [Thu, 7 Aug 2014 10:34:18 +0000 (10:34 +0000)]
vfs_full_audit: Save full_audit:priority in private_data

lp_parm_enum can become expensive

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agovfs_full_audit: Save full_audit:facility in private_data
Volker Lendecke [Thu, 7 Aug 2014 10:34:18 +0000 (10:34 +0000)]
vfs_full_audit: Save full_audit:facility in private_data

lp_parm_enum can become expensive

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agovfs_full_audit: Pass "vfs_full_audit_private_data" to log_failure/success()
Volker Lendecke [Thu, 7 Aug 2014 10:23:25 +0000 (10:23 +0000)]
vfs_full_audit: Pass "vfs_full_audit_private_data" to log_failure/success()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agos4:torture: use torture_assert instead of torture_comment and return in defer_open...
Michael Adam [Thu, 24 Jul 2014 22:24:56 +0000 (00:24 +0200)]
s4:torture: use torture_assert instead of torture_comment and return in defer_open test

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agos4:torture: consistently log "pid %u: ..." in the defer_open test
Michael Adam [Thu, 24 Jul 2014 22:22:17 +0000 (00:22 +0200)]
s4:torture: consistently log "pid %u: ..." in the defer_open test

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agos4:torture: remove an unused variable and bogus check from the defer_open test
Michael Adam [Thu, 24 Jul 2014 22:20:47 +0000 (00:20 +0200)]
s4:torture: remove an unused variable and bogus check from the defer_open test

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
6 years agodocs: Fix typos in smb.conf (inherit acls)
Marc Muehlfeld [Wed, 6 Aug 2014 19:36:26 +0000 (21:36 +0200)]
docs: Fix typos in smb.conf (inherit acls)

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10761

Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Aug  7 00:52:42 CEST 2014 on sn-devel-104

6 years agoRedescribe --userou usage
Marc Muehlfeld [Wed, 6 Aug 2014 17:52:21 +0000 (19:52 +0200)]
Redescribe --userou usage

Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
6 years agoctdbd_conn: Only poll if there's a timeout
Volker Lendecke [Mon, 21 Jul 2014 12:35:39 +0000 (12:35 +0000)]
ctdbd_conn: Only poll if there's a timeout

At this point the ctdb socket is blocking, so we can save a syscall when
we wait indefinitely anyway.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Aug  6 18:01:54 CEST 2014 on sn-devel-104

6 years agoctdbd_conn: Remove ctdb_packet
Volker Lendecke [Tue, 27 May 2014 07:50:01 +0000 (07:50 +0000)]
ctdbd_conn: Remove ctdb_packet

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agoctdbd_conn: Remove ctdb_packet dependency
Volker Lendecke [Tue, 6 May 2014 10:21:42 +0000 (12:21 +0200)]
ctdbd_conn: Remove ctdb_packet dependency

This was an early, failed attempt at async socket handling.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agoctdb-locking: Simplify ctdb_find_lock_context()
Volker Lendecke [Mon, 4 Aug 2014 13:57:12 +0000 (13:57 +0000)]
ctdb-locking: Simplify ctdb_find_lock_context()

I like early returns that avoid else branches :-)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Aug  6 14:44:31 CEST 2014 on sn-devel-104

6 years agoctdb-locking: TALLOC_FREE copes with NULL
Volker Lendecke [Mon, 4 Aug 2014 12:41:06 +0000 (12:41 +0000)]
ctdb-locking: TALLOC_FREE copes with NULL

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
6 years agos3:smbd: pass smbXsrv_connection to smbd_[un]lock_socket()
Stefan Metzmacher [Thu, 12 Jun 2014 06:43:26 +0000 (08:43 +0200)]
s3:smbd: pass smbXsrv_connection to smbd_[un]lock_socket()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Aug  6 12:15:57 CEST 2014 on sn-devel-104

6 years agos3:smb2_server: pass smbXsrv_connection to smbd_smb2_send_break()
Stefan Metzmacher [Thu, 12 Jun 2014 06:43:26 +0000 (08:43 +0200)]
s3:smb2_server: pass smbXsrv_connection to smbd_smb2_send_break()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection to smb1 encryption functions
Stefan Metzmacher [Thu, 12 Jun 2014 06:43:26 +0000 (08:43 +0200)]
s3:smbd: pass smbXsrv_connection to smb1 encryption functions

These parameters are not really used currently, but may be in future.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smb2_server: propagate NTSTATUS from smb2_sendfile_send_data() to smbd_smb2_flush_...
Stefan Metzmacher [Fri, 11 Jul 2014 00:25:00 +0000 (02:25 +0200)]
s3:smb2_server: propagate NTSTATUS from smb2_sendfile_send_data() to smbd_smb2_flush_send_queue()

Calling exit_server() from within a destructor is a bit ugly...

This will result in smbd_server_connection_terminate() instead of
directly calling exit_server(), which will be useful for multi-channel in
future.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agosmbd: Use %s/__func__
Volker Lendecke [Wed, 23 Jul 2014 13:26:19 +0000 (13:26 +0000)]
smbd: Use %s/__func__

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection explicitly to sendfile_short_send()
Stefan Metzmacher [Thu, 12 Jun 2014 06:42:16 +0000 (08:42 +0200)]
s3:smbd: pass smbXsrv_connection explicitly to sendfile_short_send()

We now let the caller terminate the connection.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection explicitly to fake_sendfile()
Stefan Metzmacher [Thu, 12 Jun 2014 06:40:25 +0000 (08:40 +0200)]
s3:smbd: pass smbXsrv_connection explicitly to fake_sendfile()

In future (with multi-channel) a fsp can be used from multiple
connections, we need to make it explicit on which we want to reply.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: remember the time of the session setup auth_time
Stefan Metzmacher [Thu, 12 Jun 2014 07:49:28 +0000 (09:49 +0200)]
s3:smbd: remember the time of the session setup auth_time

This is the time of the last reauth.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smb2_sesssetup: make use of smb2req->xconn
Stefan Metzmacher [Thu, 12 Jun 2014 08:47:51 +0000 (10:47 +0200)]
s3:smb2_sesssetup: make use of smb2req->xconn

We should use stuff relative to the current request.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smb2_sesssetup: split out smbd_smb2_session_setup_auth_return()
Stefan Metzmacher [Thu, 12 Jun 2014 07:19:29 +0000 (09:19 +0200)]
s3:smb2_sesssetup: split out smbd_smb2_session_setup_auth_return()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbXsrv_tcon: don't pass smbXsrv_connection to smbXsrv_tcon_create()
Stefan Metzmacher [Thu, 12 Jun 2014 08:40:12 +0000 (10:40 +0200)]
s3:smbXsrv_tcon: don't pass smbXsrv_connection to smbXsrv_tcon_create()

A tcon can be used on multiple connections in future,
so better pass the few needed parameters explicitly
and let the caller figure out where to get them.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection to smbd_[un]lock_socket_internal()
Stefan Metzmacher [Thu, 12 Jun 2014 06:48:16 +0000 (08:48 +0200)]
s3:smbd: pass smbXsrv_connection to smbd_[un]lock_socket_internal()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: use req->xconn in smb_request_done()
Stefan Metzmacher [Thu, 12 Jun 2014 06:51:44 +0000 (08:51 +0200)]
s3:smbd: use req->xconn in smb_request_done()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: use req->xconn in message.c
Stefan Metzmacher [Wed, 11 Jun 2014 10:36:14 +0000 (12:36 +0200)]
s3:smbd: use req->xconn in message.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: use req->xconn in reply.c
Stefan Metzmacher [Wed, 11 Jun 2014 13:12:32 +0000 (15:12 +0200)]
s3:smbd: use req->xconn in reply.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: use req->xconn in sesssetup.c
Stefan Metzmacher [Wed, 11 Jun 2014 13:11:05 +0000 (15:11 +0200)]
s3:smbd: use req->xconn in sesssetup.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection to reply_readbraw_error()
Stefan Metzmacher [Wed, 11 Jun 2014 12:51:05 +0000 (14:51 +0200)]
s3:smbd: pass smbXsrv_connection to reply_readbraw_error()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection to is_valid_writeX_buffer()
Stefan Metzmacher [Wed, 11 Jun 2014 12:35:55 +0000 (14:35 +0200)]
s3:smbd: pass smbXsrv_connection to is_valid_writeX_buffer()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: remove unused 'sconn' from valid_smb_header()
Stefan Metzmacher [Wed, 11 Jun 2014 12:29:52 +0000 (14:29 +0200)]
s3:smbd: remove unused 'sconn' from valid_smb_header()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: remove unused 'sconn' from is_encrypted_packet()
Stefan Metzmacher [Wed, 11 Jun 2014 12:28:13 +0000 (14:28 +0200)]
s3:smbd: remove unused 'sconn' from is_encrypted_packet()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: use req->xconn in nttrans.c
Stefan Metzmacher [Wed, 11 Jun 2014 12:26:57 +0000 (14:26 +0200)]
s3:smbd: use req->xconn in nttrans.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: use req->xconn in send_trans_reply()
Stefan Metzmacher [Wed, 11 Jun 2014 12:26:08 +0000 (14:26 +0200)]
s3:smbd: use req->xconn in send_trans_reply()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: use req->xconn in files.c
Stefan Metzmacher [Wed, 11 Jun 2014 12:25:07 +0000 (14:25 +0200)]
s3:smbd: use req->xconn in files.c

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: use req->xconn to send_trans2_replies()
Stefan Metzmacher [Wed, 11 Jun 2014 12:22:13 +0000 (14:22 +0200)]
s3:smbd: use req->xconn to send_trans2_replies()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: remove unused 'sconn' in call_trans2setfsinfo()
Stefan Metzmacher [Wed, 11 Jun 2014 11:57:30 +0000 (13:57 +0200)]
s3:smbd: remove unused 'sconn' in call_trans2setfsinfo()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: use req->xconn in vfs_[p]write_data()
Stefan Metzmacher [Wed, 11 Jun 2014 11:54:43 +0000 (13:54 +0200)]
s3:smbd: use req->xconn in vfs_[p]write_data()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection to smbd_do_qfsinfo()
Stefan Metzmacher [Wed, 11 Jun 2014 11:36:34 +0000 (13:36 +0200)]
s3:smbd: pass smbXsrv_connection to smbd_do_qfsinfo()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection to netbios_session_retarget()
Stefan Metzmacher [Wed, 11 Jun 2014 10:55:24 +0000 (12:55 +0200)]
s3:smbd: pass smbXsrv_connection to netbios_session_retarget()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection to reply_special()
Stefan Metzmacher [Wed, 11 Jun 2014 10:54:47 +0000 (12:54 +0200)]
s3:smbd: pass smbXsrv_connection to reply_special()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection to get_challenge()
Stefan Metzmacher [Wed, 11 Jun 2014 10:42:56 +0000 (12:42 +0200)]
s3:smbd: pass smbXsrv_connection to get_challenge()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smbd: pass smbXsrv_connection to negprot_spnego()
Stefan Metzmacher [Wed, 11 Jun 2014 10:41:26 +0000 (12:41 +0200)]
s3:smbd: pass smbXsrv_connection to negprot_spnego()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smb2_negprot: remove NBT_HDR_SIZE from smbd_smb2_first_negprot()
Stefan Metzmacher [Tue, 24 Jun 2014 17:28:51 +0000 (19:28 +0200)]
s3:smb2_negprot: remove NBT_HDR_SIZE from smbd_smb2_first_negprot()

This will simplify future features like multi-channel and rdma.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
6 years agos3:smb2_server: pass smbXsrv_connection to smbd_server_connection_terminate*()
Stefan Metzmacher [Wed, 11 Jun 2014 10:15:48 +0000 (12:15 +0200)]
s3:smb2_server: pass smbXsrv_connection to smbd_server_connection_terminate*()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>