samba.git
11 months agobuild:wafsamba: Update dist/distcheck commands
Thomas Nagy [Thu, 13 Apr 2017 16:45:50 +0000 (18:45 +0200)]
build:wafsamba: Update dist/distcheck commands

Signed-off-by: Thomas Nagy <tnagy@waf.io>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agobuild:wafsamba: Build on waf 1.9
Thomas Nagy [Sat, 26 Mar 2016 12:18:07 +0000 (13:18 +0100)]
build:wafsamba: Build on waf 1.9

Signed-off-by: Thomas Nagy <tnagy@waf.io>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agokrb5-samba: interdomain trust uses different salt principal
Alexander Bokovoy [Fri, 16 Feb 2018 16:15:28 +0000 (18:15 +0200)]
krb5-samba: interdomain trust uses different salt principal

Salt principal for the interdomain trust is krbtgt/DOMAIN@REALM where
DOMAIN is the sAMAccountName without the dollar sign ($)

The salt principal for the BLA$ user object was generated wrong.

dn: CN=bla.base,CN=System,DC=w4edom-l4,DC=base
securityIdentifier: S-1-5-21-4053568372-2049667917-3384589010
trustDirection: 3
trustPartner: bla.base
trustPosixOffset: -2147483648
trustType: 2
trustAttributes: 8
flatName: BLA

dn: CN=BLA$,CN=Users,DC=w4edom-l4,DC=base
userAccountControl: 2080
primaryGroupID: 513
objectSid: S-1-5-21-278041429-3399921908-1452754838-1597
accountExpires: 9223372036854775807
sAMAccountName: BLA$
sAMAccountType: 805306370
pwdLastSet: 131485652467995000

The salt stored by Windows in the package_PrimaryKerberosBlob
(within supplementalCredentials) seems to be
'W4EDOM-L4.BASEkrbtgtBLA' for the above trust
and Samba stores 'W4EDOM-L4.BASEBLA$'.

While the salt used when building the keys from
trustAuthOutgoing/trustAuthIncoming is
'W4EDOM-L4.BASEkrbtgtBLA.BASE', which we handle correct.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep  5 03:57:22 CEST 2018 on sn-devel-144

11 months agotestprogs/blackbox: let test_trust_user_account.sh check the correct kerberos salt
Stefan Metzmacher [Tue, 4 Sep 2018 08:53:52 +0000 (10:53 +0200)]
testprogs/blackbox: let test_trust_user_account.sh check the correct kerberos salt

This demonstrates the bug we currently have.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agotestprogs/blackbox: add testit[_expect_failure]_grep() to subunit.sh
Stefan Metzmacher [Tue, 4 Sep 2018 08:38:44 +0000 (10:38 +0200)]
testprogs/blackbox: add testit[_expect_failure]_grep() to subunit.sh

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agosamba-tool: add virtualKerberosSalt attribute to 'user getpassword/syncpasswords'
Stefan Metzmacher [Tue, 4 Sep 2018 08:16:59 +0000 (10:16 +0200)]
samba-tool: add virtualKerberosSalt attribute to 'user getpassword/syncpasswords'

This might be useful for someone, but at least it's very useful for
tests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4:selftest: test kinit with the interdomain trust user account
Alexander Bokovoy [Fri, 16 Feb 2018 16:15:28 +0000 (18:15 +0200)]
s4:selftest: test kinit with the interdomain trust user account

To test it, add a blackbox test that ensures we pass a keytab-based
authentication with the trust user account for a trusted domain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agoexamples: Fix mingw64 detection
Volker Lendecke [Tue, 4 Sep 2018 08:26:18 +0000 (10:26 +0200)]
examples: Fix mingw64 detection

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos3:vfs: fix valgrind warning in SMB_VFS_{PREAD,PWRITE,FSYNC}_RECV()
Stefan Metzmacher [Wed, 29 Aug 2018 02:24:46 +0000 (04:24 +0200)]
s3:vfs: fix valgrind warning in SMB_VFS_{PREAD,PWRITE,FSYNC}_RECV()

tevent_req_received() destroys 'state', so we need helper variables
to hold the return value.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep  4 10:45:10 CEST 2018 on sn-devel-144

11 months agos4: torture: Ensure we close the handle on the correct tree-id.
Jeremy Allison [Fri, 31 Aug 2018 22:44:16 +0000 (15:44 -0700)]
s4: torture: Ensure we close the handle on the correct tree-id.

Otherwise we leave a directory behind on exit.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep  4 05:23:57 CEST 2018 on sn-devel-144

11 months agos4: torture: Ensure we can't exit without deleting our directory.
Jeremy Allison [Fri, 31 Aug 2018 22:43:41 +0000 (15:43 -0700)]
s4: torture: Ensure we can't exit without deleting our directory.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4: torture: Ensure all notify tests use separate directories.
Jeremy Allison [Fri, 31 Aug 2018 22:42:26 +0000 (15:42 -0700)]
s4: torture: Ensure all notify tests use separate directories.

Makes it much easier to find tests that error out whilst
leaving directories behind.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agoUpdate Samba URLs from http:// to https://
Robert Scheck [Sat, 1 Sep 2018 23:19:50 +0000 (01:19 +0200)]
Update Samba URLs from http:// to https://

Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agowaf: Add -fstack-clash-protection
Andreas Schneider [Mon, 3 Sep 2018 08:49:52 +0000 (10:49 +0200)]
waf: Add -fstack-clash-protection

https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13601

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agowaf: Check for -fstack-protect-strong support
Andreas Schneider [Mon, 3 Sep 2018 08:35:08 +0000 (10:35 +0200)]
waf: Check for -fstack-protect-strong support

The -fstack-protector* flags are compiler only flags, don't pass them to
the linker.

https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13601

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4:rpc_server/netlogon: don't treet trusted domains as primary in LogonGetDomainInfo()
Stefan Metzmacher [Tue, 28 Aug 2018 10:52:31 +0000 (12:52 +0200)]
s4:rpc_server/netlogon: don't treet trusted domains as primary in LogonGetDomainInfo()

We need to handle trusted domains differently than our primary
domain. The most important part is that we don't return
NETR_TRUST_FLAG_PRIMARY for them.

NETR_TRUST_FLAG_{INBOUND,OUTBOUND,IN_FOREST} are the relavant flags
for trusts.

This is an example of what Windows returns in a complex trust
environment:

     netr_LogonGetDomainInfo: struct netr_LogonGetDomainInfo
        out: struct netr_LogonGetDomainInfo
            return_authenticator     : *
                return_authenticator: struct netr_Authenticator
                    cred: struct netr_Credential
                        data                     : f48b51ff12ff8c6c
                    timestamp                : Tue Aug 28 22:59:03 2018 CEST
            info                     : *
                info                     : union netr_DomainInfo(case 1)
                domain_info              : *
                    domain_info: struct netr_DomainInformation
                        primary_domain: struct netr_OneDomainInfo
                            domainname: struct lsa_StringLarge
                                length                   : 0x0014 (20)
                                size                     : 0x0016 (22)
                                string                   : *
                                    string                   : 'W2012R2-L4'
                            dns_domainname: struct lsa_StringLarge
                                length                   : 0x0020 (32)
                                size                     : 0x0022 (34)
                                string                   : *
                                    string                   : 'w2012r2-l4.base.'
                            dns_forestname: struct lsa_StringLarge
                                length                   : 0x0020 (32)
                                size                     : 0x0022 (34)
                                string                   : *
                                    string                   : 'w2012r2-l4.base.'
                            domain_guid              : 0a133c91-8eac-4df0-96ac-ede69044a38b
                            domain_sid               : *
                                domain_sid               : S-1-5-21-2930975464-1937418634-1288008815
                            trust_extension: struct netr_trust_extension_container
                                length                   : 0x0000 (0)
                                size                     : 0x0000 (0)
                                info                     : NULL
                            dummy_string2: struct lsa_StringLarge
                                length                   : 0x0000 (0)
                                size                     : 0x0000 (0)
                                string                   : NULL
                            dummy_string3: struct lsa_StringLarge
                                length                   : 0x0000 (0)
                                size                     : 0x0000 (0)
                                string                   : NULL
                            dummy_string4: struct lsa_StringLarge
                                length                   : 0x0000 (0)
                                size                     : 0x0000 (0)
                                string                   : NULL
                            dummy_long1              : 0x00000000 (0)
                            dummy_long2              : 0x00000000 (0)
                            dummy_long3              : 0x00000000 (0)
                            dummy_long4              : 0x00000000 (0)
                        trusted_domain_count     : 0x00000006 (6)
                        trusted_domains          : *
                            trusted_domains: ARRAY(6)
                                trusted_domains: struct netr_OneDomainInfo
                                    domainname: struct lsa_StringLarge
                                        length                   : 0x000e (14)
                                        size                     : 0x0010 (16)
                                        string                   : *
                                            string                   : 'FREEIPA'
                                    dns_domainname: struct lsa_StringLarge
                                        length                   : 0x0018 (24)
                                        size                     : 0x001a (26)
                                        string                   : *
                                            string                   : 'freeipa.base'
                                    dns_forestname: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    domain_guid              : 00000000-0000-0000-0000-000000000000
                                    domain_sid               : *
                                        domain_sid               : S-1-5-21-429948374-2562621466-335716826
                                    trust_extension: struct netr_trust_extension_container
                                        length                   : 0x0010 (16)
                                        size                     : 0x0010 (16)
                                        info                     : *
                                            info: struct netr_trust_extension
                                                length                   : 0x00000008 (8)
                                                dummy                    : 0x00000000 (0)
                                                size                     : 0x00000008 (8)
                                                flags                    : 0x00000022 (34)
                                                       0: NETR_TRUST_FLAG_IN_FOREST
                                                       1: NETR_TRUST_FLAG_OUTBOUND
                                                       0: NETR_TRUST_FLAG_TREEROOT
                                                       0: NETR_TRUST_FLAG_PRIMARY
                                                       0: NETR_TRUST_FLAG_NATIVE
                                                       1: NETR_TRUST_FLAG_INBOUND
                                                       0: NETR_TRUST_FLAG_MIT_KRB5
                                                       0: NETR_TRUST_FLAG_AES
                                                parent_index             : 0x00000000 (0)
                                                trust_type               : LSA_TRUST_TYPE_UPLEVEL (2)
                                                trust_attributes         : 0x00000008 (8)
                                                       0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
                                                       0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
                                                       1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
                                                       0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
                                                       0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
                                                       0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
                                    dummy_string2: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string3: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string4: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_long1              : 0x00000000 (0)
                                    dummy_long2              : 0x00000000 (0)
                                    dummy_long3              : 0x00000000 (0)
                                    dummy_long4              : 0x00000000 (0)
                                trusted_domains: struct netr_OneDomainInfo
                                    domainname: struct lsa_StringLarge
                                        length                   : 0x0016 (22)
                                        size                     : 0x0018 (24)
                                        string                   : *
                                            string                   : 'S1-W2012-L4'
                                    dns_domainname: struct lsa_StringLarge
                                        length                   : 0x0036 (54)
                                        size                     : 0x0038 (56)
                                        string                   : *
                                            string                   : 's1-w2012-l4.w2012r2-l4.base'
                                    dns_forestname: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    domain_guid              : afe7fbde-af82-46cf-88a2-2df6920fc33e
                                    domain_sid               : *
                                        domain_sid               : S-1-5-21-1368093395-3821428921-3924672915
                                    trust_extension: struct netr_trust_extension_container
                                        length                   : 0x0010 (16)
                                        size                     : 0x0010 (16)
                                        info                     : *
                                            info: struct netr_trust_extension
                                                length                   : 0x00000008 (8)
                                                dummy                    : 0x00000000 (0)
                                                size                     : 0x00000008 (8)
                                                flags                    : 0x00000023 (35)
                                                       1: NETR_TRUST_FLAG_IN_FOREST
                                                       1: NETR_TRUST_FLAG_OUTBOUND
                                                       0: NETR_TRUST_FLAG_TREEROOT
                                                       0: NETR_TRUST_FLAG_PRIMARY
                                                       0: NETR_TRUST_FLAG_NATIVE
                                                       1: NETR_TRUST_FLAG_INBOUND
                                                       0: NETR_TRUST_FLAG_MIT_KRB5
                                                       0: NETR_TRUST_FLAG_AES
                                                parent_index             : 0x00000004 (4)
                                                trust_type               : LSA_TRUST_TYPE_UPLEVEL (2)
                                                trust_attributes         : 0x00000020 (32)
                                                       0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
                                                       0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
                                                       0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
                                                       1: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
                                                       0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
                                                       0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
                                    dummy_string2: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string3: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string4: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_long1              : 0x00000000 (0)
                                    dummy_long2              : 0x00000000 (0)
                                    dummy_long3              : 0x00000000 (0)
                                    dummy_long4              : 0x00000000 (0)
                                trusted_domains: struct netr_OneDomainInfo
                                    domainname: struct lsa_StringLarge
                                        length                   : 0x0006 (6)
                                        size                     : 0x0008 (8)
                                        string                   : *
                                            string                   : 'BLA'
                                    dns_domainname: struct lsa_StringLarge
                                        length                   : 0x0010 (16)
                                        size                     : 0x0012 (18)
                                        string                   : *
                                            string                   : 'bla.base'
                                    dns_forestname: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    domain_guid              : 00000000-0000-0000-0000-000000000000
                                    domain_sid               : *
                                        domain_sid               : S-1-5-21-4053568372-2049667917-3384589010
                                    trust_extension: struct netr_trust_extension_container
                                        length                   : 0x0010 (16)
                                        size                     : 0x0010 (16)
                                        info                     : *
                                            info: struct netr_trust_extension
                                                length                   : 0x00000008 (8)
                                                dummy                    : 0x00000000 (0)
                                                size                     : 0x00000008 (8)
                                                flags                    : 0x00000022 (34)
                                                       0: NETR_TRUST_FLAG_IN_FOREST
                                                       1: NETR_TRUST_FLAG_OUTBOUND
                                                       0: NETR_TRUST_FLAG_TREEROOT
                                                       0: NETR_TRUST_FLAG_PRIMARY
                                                       0: NETR_TRUST_FLAG_NATIVE
                                                       1: NETR_TRUST_FLAG_INBOUND
                                                       0: NETR_TRUST_FLAG_MIT_KRB5
                                                       0: NETR_TRUST_FLAG_AES
                                                parent_index             : 0x00000000 (0)
                                                trust_type               : LSA_TRUST_TYPE_UPLEVEL (2)
                                                trust_attributes         : 0x00000008 (8)
                                                       0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
                                                       0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
                                                       1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
                                                       0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
                                                       0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
                                                       0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
                                    dummy_string2: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string3: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string4: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_long1              : 0x00000000 (0)
                                    dummy_long2              : 0x00000000 (0)
                                    dummy_long3              : 0x00000000 (0)
                                    dummy_long4              : 0x00000000 (0)
                                trusted_domains: struct netr_OneDomainInfo
                                    domainname: struct lsa_StringLarge
                                        length                   : 0x000c (12)
                                        size                     : 0x000e (14)
                                        string                   : *
                                            string                   : 'S4XDOM'
                                    dns_domainname: struct lsa_StringLarge
                                        length                   : 0x0016 (22)
                                        size                     : 0x0018 (24)
                                        string                   : *
                                            string                   : 's4xdom.base'
                                    dns_forestname: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    domain_guid              : 00000000-0000-0000-0000-000000000000
                                    domain_sid               : *
                                        domain_sid               : S-1-5-21-313966788-4060240134-2249344781
                                    trust_extension: struct netr_trust_extension_container
                                        length                   : 0x0010 (16)
                                        size                     : 0x0010 (16)
                                        info                     : *
                                            info: struct netr_trust_extension
                                                length                   : 0x00000008 (8)
                                                dummy                    : 0x00000000 (0)
                                                size                     : 0x00000008 (8)
                                                flags                    : 0x00000022 (34)
                                                       0: NETR_TRUST_FLAG_IN_FOREST
                                                       1: NETR_TRUST_FLAG_OUTBOUND
                                                       0: NETR_TRUST_FLAG_TREEROOT
                                                       0: NETR_TRUST_FLAG_PRIMARY
                                                       0: NETR_TRUST_FLAG_NATIVE
                                                       1: NETR_TRUST_FLAG_INBOUND
                                                       0: NETR_TRUST_FLAG_MIT_KRB5
                                                       0: NETR_TRUST_FLAG_AES
                                                parent_index             : 0x00000000 (0)
                                                trust_type               : LSA_TRUST_TYPE_UPLEVEL (2)
                                                trust_attributes         : 0x00000008 (8)
                                                       0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
                                                       0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
                                                       1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
                                                       0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
                                                       0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
                                                       0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
                                    dummy_string2: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string3: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string4: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_long1              : 0x00000000 (0)
                                    dummy_long2              : 0x00000000 (0)
                                    dummy_long3              : 0x00000000 (0)
                                    dummy_long4              : 0x00000000 (0)
                                trusted_domains: struct netr_OneDomainInfo
                                    domainname: struct lsa_StringLarge
                                        length                   : 0x0014 (20)
                                        size                     : 0x0016 (22)
                                        string                   : *
                                            string                   : 'W2012R2-L4'
                                    dns_domainname: struct lsa_StringLarge
                                        length                   : 0x001e (30)
                                        size                     : 0x0020 (32)
                                        string                   : *
                                            string                   : 'w2012r2-l4.base'
                                    dns_forestname: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    domain_guid              : 0a133c91-8eac-4df0-96ac-ede69044a38b
                                    domain_sid               : *
                                        domain_sid               : S-1-5-21-2930975464-1937418634-1288008815
                                    trust_extension: struct netr_trust_extension_container
                                        length                   : 0x0010 (16)
                                        size                     : 0x0010 (16)
                                        info                     : *
                                            info: struct netr_trust_extension
                                                length                   : 0x00000008 (8)
                                                dummy                    : 0x00000000 (0)
                                                size                     : 0x00000008 (8)
                                                flags                    : 0x0000001d (29)
                                                       1: NETR_TRUST_FLAG_IN_FOREST
                                                       0: NETR_TRUST_FLAG_OUTBOUND
                                                       1: NETR_TRUST_FLAG_TREEROOT
                                                       1: NETR_TRUST_FLAG_PRIMARY
                                                       1: NETR_TRUST_FLAG_NATIVE
                                                       0: NETR_TRUST_FLAG_INBOUND
                                                       0: NETR_TRUST_FLAG_MIT_KRB5
                                                       0: NETR_TRUST_FLAG_AES
                                                parent_index             : 0x00000000 (0)
                                                trust_type               : LSA_TRUST_TYPE_UPLEVEL (2)
                                                trust_attributes         : 0x00000000 (0)
                                                       0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
                                                       0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
                                                       0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
                                                       0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
                                                       0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
                                                       0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
                                    dummy_string2: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string3: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string4: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_long1              : 0x00000000 (0)
                                    dummy_long2              : 0x00000000 (0)
                                    dummy_long3              : 0x00000000 (0)
                                    dummy_long4              : 0x00000000 (0)
                                trusted_domains: struct netr_OneDomainInfo
                                    domainname: struct lsa_StringLarge
                                        length                   : 0x0016 (22)
                                        size                     : 0x0018 (24)
                                        string                   : *
                                            string                   : 'S2-W2012-L4'
                                    dns_domainname: struct lsa_StringLarge
                                        length                   : 0x004e (78)
                                        size                     : 0x0050 (80)
                                        string                   : *
                                            string                   : 's2-w2012-l4.s1-w2012-l4.w2012r2-l4.base'
                                    dns_forestname: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    domain_guid              : 29daace6-cded-4ce3-a754-7482a4d9127c
                                    domain_sid               : *
                                        domain_sid               : S-1-5-21-167342819-981449877-2130266853
                                    trust_extension: struct netr_trust_extension_container
                                        length                   : 0x0010 (16)
                                        size                     : 0x0010 (16)
                                        info                     : *
                                            info: struct netr_trust_extension
                                                length                   : 0x00000008 (8)
                                                dummy                    : 0x00000000 (0)
                                                size                     : 0x00000008 (8)
                                                flags                    : 0x00000001 (1)
                                                       1: NETR_TRUST_FLAG_IN_FOREST
                                                       0: NETR_TRUST_FLAG_OUTBOUND
                                                       0: NETR_TRUST_FLAG_TREEROOT
                                                       0: NETR_TRUST_FLAG_PRIMARY
                                                       0: NETR_TRUST_FLAG_NATIVE
                                                       0: NETR_TRUST_FLAG_INBOUND
                                                       0: NETR_TRUST_FLAG_MIT_KRB5
                                                       0: NETR_TRUST_FLAG_AES
                                                parent_index             : 0x00000001 (1)
                                                trust_type               : LSA_TRUST_TYPE_UPLEVEL (2)
                                                trust_attributes         : 0x00000000 (0)
                                                       0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
                                                       0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
                                                       0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
                                                       0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
                                                       0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
                                                       0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
                                                       0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
                                    dummy_string2: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string3: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_string4: struct lsa_StringLarge
                                        length                   : 0x0000 (0)
                                        size                     : 0x0000 (0)
                                        string                   : NULL
                                    dummy_long1              : 0x00000000 (0)
                                    dummy_long2              : 0x00000000 (0)
                                    dummy_long3              : 0x00000000 (0)
                                    dummy_long4              : 0x00000000 (0)
                        lsa_policy: struct netr_LsaPolicyInformation
                            policy_size              : 0x00000000 (0)
                            policy                   : NULL
                        dns_hostname: struct lsa_StringLarge
                            length                   : 0x0036 (54)
                            size                     : 0x0038 (56)
                            string                   : *
                                string                   : 'torturetest.w2012r2-l4.base'
                        dummy_string2: struct lsa_StringLarge
                            length                   : 0x0000 (0)
                            size                     : 0x0000 (0)
                            string                   : NULL
                        dummy_string3: struct lsa_StringLarge
                            length                   : 0x0000 (0)
                            size                     : 0x0000 (0)
                            string                   : NULL
                        dummy_string4: struct lsa_StringLarge
                            length                   : 0x0000 (0)
                            size                     : 0x0000 (0)
                            string                   : NULL
                        workstation_flags        : 0x00000003 (3)
                               1: NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS
                               1: NETR_WS_FLAG_HANDLES_SPN_UPDATE
                        supported_enc_types      : 0x0000001f (31)
                               1: KERB_ENCTYPE_DES_CBC_CRC
                               1: KERB_ENCTYPE_DES_CBC_MD5
                               1: KERB_ENCTYPE_RC4_HMAC_MD5
                               1: KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96
                               1: KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96
                               0: KERB_ENCTYPE_FAST_SUPPORTED
                               0: KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED
                               0: KERB_ENCTYPE_CLAIMS_SUPPORTED
                               0: KERB_ENCTYPE_RESOURCE_SID_COMPRESSION_DISABLED
                        dummy_long3              : 0x00000000 (0)
                        dummy_long4              : 0x00000000 (0)
            result                   : NT_STATUS_OK

Best viewed with: git show --histogram -w

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4:rpc_server/netlogon: make use of talloc_zero_array() for the netr_OneDomainInfo...
Stefan Metzmacher [Tue, 28 Aug 2018 14:30:17 +0000 (16:30 +0200)]
s4:rpc_server/netlogon: make use of talloc_zero_array() for the netr_OneDomainInfo array

It's much safer than having uninitialized memory when we hit an error
case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4:rpc_server/netlogon: use samdb_domain_guid()/dsdb_trust_local_tdo_info() to build...
Stefan Metzmacher [Tue, 28 Aug 2018 09:46:16 +0000 (11:46 +0200)]
s4:rpc_server/netlogon: use samdb_domain_guid()/dsdb_trust_local_tdo_info() to build our netr_OneDomainInfo values

The logic for constructing the values for our own primary domain differs
from the values of trusted domains. In order to make the code easier to
understand we have a new fill_our_one_domain_info() helper that
only takes care of our primary domain.

The cleanup for the trust case will follow in a separate commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4:dsdb/common: add samdb_domain_guid() helper function
Stefan Metzmacher [Tue, 28 Aug 2018 09:52:27 +0000 (11:52 +0200)]
s4:dsdb/common: add samdb_domain_guid() helper function

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agodsdb:util_trusts: add dsdb_trust_local_tdo_info() helper function
Stefan Metzmacher [Thu, 1 Feb 2018 22:09:26 +0000 (23:09 +0100)]
dsdb:util_trusts: add dsdb_trust_local_tdo_info() helper function

This is similar to dsdb_trust_xref_tdo_info(), but will also work
if we ever support more than one domain in our forest.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agodsdb/util_trusts: domain_dn is an input parameter of dsdb_trust_crossref_tdo_info()
Stefan Metzmacher [Thu, 1 Feb 2018 22:08:08 +0000 (23:08 +0100)]
dsdb/util_trusts: domain_dn is an input parameter of dsdb_trust_crossref_tdo_info()

We should not overwrite it within the function.
Currently it doesn't matter as we don't have multiple domains
within our forest, but that will change in future.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4:torture/rpc/netlogon: verify the trusted domains output of LogonGetDomainInfo()
Stefan Metzmacher [Tue, 28 Aug 2018 15:46:46 +0000 (17:46 +0200)]
s4:torture/rpc/netlogon: verify the trusted domains output of LogonGetDomainInfo()

This makes sure we don't treat trusted domains in the same way we treat
our primary domain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4:torture/rpc/netlogon: assert that cli_credentials_get_{workstation,password} don...
Stefan Metzmacher [Mon, 3 Sep 2018 07:55:18 +0000 (09:55 +0200)]
s4:torture/rpc/netlogon: assert that cli_credentials_get_{workstation,password} don't return NULL

This is better that generating a segfault while dereferencing a NULL
pointer later.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agodbwrap_tool: We don't do "listwatchers" anymore
Volker Lendecke [Fri, 24 Aug 2018 13:11:53 +0000 (15:11 +0200)]
dbwrap_tool: We don't do "listwatchers" anymore

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph B√∂hme <slow@samba.org>
Autobuild-Date(master): Mon Sep  3 21:38:40 CEST 2018 on sn-devel-144

11 months agodbwrap_tool: Avoid an unnecessary "else"
Volker Lendecke [Fri, 24 Aug 2018 13:07:28 +0000 (15:07 +0200)]
dbwrap_tool: Avoid an unnecessary "else"

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
11 months agodbwrap_tool: Simplify persistent/non-persistent check
Volker Lendecke [Fri, 24 Aug 2018 13:06:34 +0000 (15:06 +0200)]
dbwrap_tool: Simplify persistent/non-persistent check

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
11 months agodbwrap_tool: Simplify listkey_fn
Volker Lendecke [Fri, 24 Aug 2018 12:41:41 +0000 (14:41 +0200)]
dbwrap_tool: Simplify listkey_fn

To me dbwrap_record_get_key(rec).dsize just looks a bit ugly

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
11 months agodbwrap_tool: Simplify dbwrap_tool_erase
Volker Lendecke [Fri, 24 Aug 2018 12:39:19 +0000 (14:39 +0200)]
dbwrap_tool: Simplify dbwrap_tool_erase

That's what dbwrap_wipe is for :-)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
11 months agosmbd: Fix a memleak in async search ask sharemode
Volker Lendecke [Mon, 3 Sep 2018 13:54:48 +0000 (15:54 +0200)]
smbd: Fix a memleak in async search ask sharemode

fetch_share_mode_unlocked_parser() takes a "struct
fetch_share_mode_unlocked_state *" as
"private_data". fetch_share_mode_send() used a talloc_zero'ed "struct
share_mode_lock". This lead to the parser putting a "struct
share_mode_lock on the NULL talloc_context where nobody really picked it
up.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13602
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
11 months agoctdb-tests: Don't run valgrind or other tracing in simple_test_command()
Martin Schwenke [Mon, 20 Aug 2018 04:55:17 +0000 (14:55 +1000)]
ctdb-tests: Don't run valgrind or other tracing in simple_test_command()

This function is used to run a extra command to check a result.  This
command is usually a script (often a stub) or an external command, so
no need to trace it with valgrind or whatever else might be specified.
In the worst case the command being run is a shell function, which
valgrind won't be able to find.

There is little use running the event script tests under valgrind.
However, when the whole test suite is being run under valgrind then it
should work.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Sep  3 14:04:00 CEST 2018 on sn-devel-144

11 months agoctdb-tests: Use known install paths in local daemon tests
Martin Schwenke [Wed, 29 Aug 2018 23:37:53 +0000 (09:37 +1000)]
ctdb-tests: Use known install paths in local daemon tests

The in-tree local daemons tests don't work from a top-level Samba
compile.  The simple test suite was the first test suite and things
have generally worked, so it has been slow to adopt general test
infrastructure changes.

Instead of re-calculating script and helper locations, use the paths
from script_install_paths.sh.  The bin/ directory is already added to
PATH in common.sh, so don't add it here.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoctdb-tests: If bin/ isn't in ctdb/ then look one level higher
Martin Schwenke [Wed, 29 Aug 2018 23:35:58 +0000 (09:35 +1000)]
ctdb-tests: If bin/ isn't in ctdb/ then look one level higher

CTDB's test suite doesn't work from a top-level compile.  The first
step to fixing this is to correctly locate the bin/ directory.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoctdb-common: Process the whole config file even if an error occurs
Martin Schwenke [Thu, 30 Aug 2018 23:35:14 +0000 (09:35 +1000)]
ctdb-common: Process the whole config file even if an error occurs

At the moment multiple errors will be encountered one at a time, on
each load or validate.  Instead, allow all configuration errors to
printed in a single pass.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoctdb-common: Avoid ENOENT for unknown conf options
Martin Schwenke [Thu, 30 Aug 2018 22:42:04 +0000 (08:42 +1000)]
ctdb-common: Avoid ENOENT for unknown conf options

Only use ENOENT for missing configuration file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoctdb-common: Avoid ENOENT for unknown conf type tags
Martin Schwenke [Thu, 30 Aug 2018 22:45:25 +0000 (08:45 +1000)]
ctdb-common: Avoid ENOENT for unknown conf type tags

Only use ENOENT for missing configuration file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoctdb-common: Log a message when an invalid conf value is encountered
Martin Schwenke [Thu, 30 Aug 2018 23:34:12 +0000 (09:34 +1000)]
ctdb-common: Log a message when an invalid conf value is encountered

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoctdb-common: Log a message for unknown conf option
Martin Schwenke [Thu, 30 Aug 2018 22:32:12 +0000 (08:32 +1000)]
ctdb-common: Log a message for unknown conf option

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoctdb-common: Fix log message for conf option with unknown section
Martin Schwenke [Fri, 31 Aug 2018 09:57:56 +0000 (19:57 +1000)]
ctdb-common: Fix log message for conf option with unknown section

This covers both options that appear before a section and options in
unknown sections.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoctdb-daemon: Drop incorrect log message
Martin Schwenke [Thu, 30 Aug 2018 23:06:51 +0000 (09:06 +1000)]
ctdb-daemon: Drop incorrect log message

The message is incorrect because the actual failure was loading the
config file.  Instead of fixing the message, drop it because
ctdb_config_load() already logs the failure.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13589

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoctdb-daemon: Log complete eventd startup command
Martin Schwenke [Mon, 3 Sep 2018 06:12:16 +0000 (16:12 +1000)]
ctdb-daemon: Log complete eventd startup command

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13592

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
11 months agoselftest: Split up password_lockout into tests with and without a call to sleep()
Andrew Bartlett [Sun, 2 Sep 2018 06:03:06 +0000 (18:03 +1200)]
selftest: Split up password_lockout into tests with and without a call to sleep()

This means we can have a long observation window for many of the tests and
so make them much more reliable.  Many of these cause frustrating flapping
failures in our CI systems.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Sep  3 06:14:55 CEST 2018 on sn-devel-144

11 months agoselftest: Prepare to allow override of lockout duration in password_lockout tests
Andrew Bartlett [Sun, 2 Sep 2018 05:34:03 +0000 (17:34 +1200)]
selftest: Prepare to allow override of lockout duration in password_lockout tests

This will make it easier to avoid flapping tests.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
11 months agos4/selftest: enable samba.tests.samba_tool.user_virtualCryptSHA for py3
Noel Power [Thu, 3 May 2018 19:31:07 +0000 (20:31 +0100)]
s4/selftest: enable samba.tests.samba_tool.user_virtualCryptSHA for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/netcmd: PY2/PY3 changes required for user_virtualCryptSHA test
Noel Power [Wed, 15 Aug 2018 15:40:16 +0000 (16:40 +0100)]
python/samba/netcmd: PY2/PY3 changes required for user_virtualCryptSHA test

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.samba_tool.user for py3
Noel Power [Thu, 3 May 2018 18:30:06 +0000 (19:30 +0100)]
s4/selftest: enable samba.tests.samba_tool.user for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/tests: Adjust teardown so second run of tests succeeds
Noel Power [Tue, 14 Aug 2018 10:43:44 +0000 (11:43 +0100)]
python/samba/tests: Adjust teardown so second run of tests succeeds

A second run of this test (e.g. with --extra-python) or even
an manual re-run and the cache is still there.
use of '--cache-ldb-initialize'  will fail and so with the test
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/tests: PY2/PY3 required changes for samba.tests.samba_tool.user
Noel Power [Tue, 14 Aug 2018 10:25:35 +0000 (11:25 +0100)]
python/samba/tests: PY2/PY3 required changes for samba.tests.samba_tool.user

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.dcerpc.raw_protocol for py3
Noel Power [Tue, 1 May 2018 11:51:41 +0000 (12:51 +0100)]
s4/selftest: enable samba.tests.dcerpc.raw_protocol for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/test/dcerpc: Py3 port of samba.tests.dcerpc.raw_protocol
Noel Power [Tue, 1 May 2018 11:24:47 +0000 (12:24 +0100)]
python/samba/test/dcerpc: Py3 port of samba.tests.dcerpc.raw_protocol

Port code to allow this test run with either py2 or py3
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/tests: ensure byte content (not strings)
Noel Power [Mon, 30 Apr 2018 17:31:36 +0000 (18:31 +0100)]
python/samba/tests: ensure byte content (not strings)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.dcerpc.dnsserver(ad_dc) for python3
Noel Power [Mon, 30 Apr 2018 15:35:59 +0000 (16:35 +0100)]
s4/selftest: enable samba.tests.dcerpc.dnsserver(ad_dc) for python3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.dcerpc.dnsserver for python3
Noel Power [Mon, 30 Apr 2018 15:20:05 +0000 (16:20 +0100)]
s4/selftest: enable samba.tests.dcerpc.dnsserver for python3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agoselftest: Update known fail with py3 variant of samba.tests.dcerpc.dnsserver
Noel Power [Tue, 28 Aug 2018 11:05:14 +0000 (12:05 +0100)]
selftest: Update known fail with py3 variant of samba.tests.dcerpc.dnsserver

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.samba_tool.dnscmd for py3
Noel Power [Mon, 30 Apr 2018 15:06:12 +0000 (16:06 +0100)]
s4/selftest: enable samba.tests.samba_tool.dnscmd for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: Enable samba.tests.samba_tool.sites for py3
Noel Power [Mon, 30 Apr 2018 14:47:05 +0000 (15:47 +0100)]
s4/selftest: Enable samba.tests.samba_tool.sites for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.samba_tool.help for py3
Noel Power [Fri, 27 Apr 2018 14:49:40 +0000 (15:49 +0100)]
s4/selftest: enable samba.tests.samba_tool.help for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/tests: Py2/Py2 enable samba.tests.samba_tool.help to run
Noel Power [Mon, 13 Aug 2018 16:25:37 +0000 (17:25 +0100)]
python/samba/tests: Py2/Py2 enable samba.tests.samba_tool.help to run

Ensure bytes output is converted to text type for PY3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: Enable samba.tests.samba_tool.provision_password_check for py3
Noel Power [Fri, 27 Apr 2018 14:13:49 +0000 (15:13 +0100)]
s4/selftest: Enable samba.tests.samba_tool.provision_password_check for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/netcmd: Fix password usage for py2/py3 compatability
Noel Power [Fri, 27 Apr 2018 14:11:54 +0000 (15:11 +0100)]
python/samba/netcmd: Fix password usage for py2/py3 compatability

getpass returns str (e.g. bytes) in python2 and str (unicode) in
py3. Adapt code to so we don't do illegal things (like try and decode)
a string in python3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.samba_tool.ntacl for Py3
Noel Power [Fri, 27 Apr 2018 12:05:15 +0000 (13:05 +0100)]
s4/selftest: enable samba.tests.samba_tool.ntacl for Py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/provision: remove use of str() func for binary data
Noel Power [Fri, 27 Apr 2018 12:02:50 +0000 (13:02 +0100)]
python/samba/provision: remove use of str() func for binary data

Python 2 code works with str(policy["nTSecurityDescriptor"]) however
this cannot work with Python 3. One could argue even the str method
doesn't make sense at all (returning a string) for data.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/netcmd: changes for samab.tests.samba_tool.computer
Noel Power [Thu, 26 Apr 2018 17:22:21 +0000 (18:22 +0100)]
python/samba/netcmd: changes for samab.tests.samba_tool.computer

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.samba_tool.ou for py3
Noel Power [Thu, 26 Apr 2018 14:47:19 +0000 (15:47 +0100)]
s4/selftest: enable samba.tests.samba_tool.ou for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.group for py3
Noel Power [Tue, 24 Apr 2018 18:08:27 +0000 (19:08 +0100)]
s4/selftest: enable samba.tests.group for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/sambe/tests/samba_tool: PY3 port for tests.samba_tool.group
Noel Power [Sat, 11 Aug 2018 13:25:26 +0000 (14:25 +0100)]
python/sambe/tests/samba_tool: PY3 port for tests.samba_tool.group

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.samba_tool.user_check_password_script py3
Noel Power [Tue, 24 Apr 2018 15:55:49 +0000 (16:55 +0100)]
s4/selftest: enable samba.tests.samba_tool.user_check_password_script py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.samba_tool.user_wdigest for python3
Noel Power [Mon, 23 Apr 2018 17:22:08 +0000 (18:22 +0100)]
s4/selftest: enable samba.tests.samba_tool.user_wdigest for python3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba: PY3 port for samba.tests.samba_tool.user_wdigest test
Noel Power [Sat, 11 Aug 2018 13:02:25 +0000 (14:02 +0100)]
python/samba: PY3 port for samba.tests.samba_tool.user_wdigest test

In addition to the attributes that caused some issues specifically
with the test some other ldb.bytes objects (those seen to be
used as strings) have been adjusted (with str()) to ensure they should
work correct in PY3.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba: Add some helper functions to encode/decode strings
Noel Power [Sat, 11 Aug 2018 12:54:51 +0000 (13:54 +0100)]
python/samba: Add some helper functions to encode/decode strings

Sometimes in PY3 we have variables whose content can be 'bytes' or
'str' and we can't be sure which. Generally this is because the
code variable to be used can be initialised (or reassigned) a value
from different api(s) or functions depending on complex conditions or
logic. Or another common case is in PY2 the variable is 'type <str>'
and in PY3 it is 'class <str>' but the function to use e.g. b64encode
requires 'bytes' in PY3. In such cases in PY3 it would be nice to avoid
excessive testing in the client code, in PY2 we would like to ensure the
code runs unchanged. In otherwords we wish to avoid in PY2 unnecessary
decode() calls which convert otherwise 'str' types to 'unicode'.
Mixing 'str' and 'unicode' can cause strange and unexpected problems,
sometimes we can't avoid this but it we should avoid if we can.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.samba_tool.processes for PY3
Noel Power [Fri, 10 Aug 2018 20:23:35 +0000 (21:23 +0100)]
s4/selftest: enable samba.tests.samba_tool.processes for PY3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos3/selftest: Enable samba.tests.samba_tool.fsmo for python3
Noel Power [Mon, 23 Apr 2018 11:21:53 +0000 (12:21 +0100)]
s3/selftest: Enable samba.tests.samba_tool.fsmo for python3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/tests: Port fsmo test to python3
Noel Power [Fri, 10 Aug 2018 19:29:46 +0000 (20:29 +0100)]
python/samba/tests: Port fsmo test to python3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agoenable samba_tool.visualize_drs samba_tool.visualize_drs for py3
Noel Power [Fri, 20 Apr 2018 16:24:44 +0000 (17:24 +0100)]
enable samba_tool.visualize_drs samba_tool.visualize_drs for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba: changes needed for samba.tests.samba_tool.visualize PY2/PY3
Noel Power [Fri, 10 Aug 2018 17:07:11 +0000 (18:07 +0100)]
python/samba: changes needed for samba.tests.samba_tool.visualize PY2/PY3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: Enable samba.tests.samba_tool.join for py3
Noel Power [Tue, 17 Apr 2018 15:48:56 +0000 (16:48 +0100)]
s4/selftest: Enable samba.tests.samba_tool.join for py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba: changes to make samba.tests.samba_tool.join run under py3
Noel Power [Tue, 17 Apr 2018 15:48:03 +0000 (16:48 +0100)]
python/samba: changes to make samba.tests.samba_tool.join run under py3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/compat: use cStringIO instead of StringIO in compat.py
Noel Power [Fri, 10 Aug 2018 18:54:46 +0000 (19:54 +0100)]
python/compat: use cStringIO instead of StringIO in compat.py

Using cStringIO for py2 seems to incur alot less problems and less changes
to the py2/py3 code then using StringIO.StringIO

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/tests: Use io.StringIO for py3 and StringIO.StrinIO for py2
Noel Power [Fri, 4 May 2018 10:49:23 +0000 (11:49 +0100)]
python/samba/tests: Use io.StringIO for py3 and StringIO.StrinIO for py2

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest/tests: enable samba.tests.samba_tool.timecmd for python3
Noel Power [Tue, 17 Apr 2018 12:53:57 +0000 (13:53 +0100)]
s4/selftest/tests: enable samba.tests.samba_tool.timecmd for python3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.dcerpc.unix for python3
Noel Power [Mon, 16 Apr 2018 17:58:01 +0000 (18:58 +0100)]
s4/selftest: enable samba.tests.dcerpc.unix for python3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba/tests: port samba.tests.unix for py3
Noel Power [Tue, 17 Apr 2018 10:56:40 +0000 (11:56 +0100)]
python/samba/tests: port samba.tests.unix for py3

L for long literal is no longer valid in Python3, also
long keyword has been removed. int and long have been unified
in python3. A duplicated test has been removed (for long and
int) only the int test remains now.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agos4/selftest: enable samba.tests.dsdb_lock for python3
Noel Power [Tue, 10 Apr 2018 15:03:37 +0000 (16:03 +0100)]
s4/selftest: enable samba.tests.dsdb_lock for python3

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba: port changes to allow samba.tests.dsdb_lock to work with PY3/PY2
Noel Power [Wed, 8 Aug 2018 16:03:48 +0000 (17:03 +0100)]
python/samba: port changes to allow samba.tests.dsdb_lock to work with PY3/PY2

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba: open files in binary mode as appropriate
Noel Power [Wed, 8 Aug 2018 15:56:33 +0000 (16:56 +0100)]
python/samba: open files in binary mode as appropriate

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba: port open to io.open for PY2/PY3 compat
Noel Power [Wed, 8 Aug 2018 15:52:35 +0000 (16:52 +0100)]
python/samba: port open to io.open for PY2/PY3 compat

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agopython/samba: Fix py2/3 relative module import issue
Noel Power [Mon, 30 Apr 2018 14:46:04 +0000 (15:46 +0100)]
python/samba: Fix py2/3 relative module import issue

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
11 months agoselftest: Remove excption for NSS_WRAPPER_HOSTS and RESOLV_WRAPPER_HOSTS
Andrew Bartlett [Fri, 31 Aug 2018 08:26:19 +0000 (20:26 +1200)]
selftest: Remove excption for NSS_WRAPPER_HOSTS and RESOLV_WRAPPER_HOSTS

These must be set correctly for each command in provision also.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
11 months agoselftest: Set RESOLV_WRAPPER_CONF/RESOLV_WRAPPER_HOSTS when running dcpromo
Andrew Bartlett [Sat, 1 Sep 2018 11:12:44 +0000 (23:12 +1200)]
selftest: Set RESOLV_WRAPPER_CONF/RESOLV_WRAPPER_HOSTS when running dcpromo

Otherwise this relies on the order that tests run to cause the environment variable
to be left behind.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
11 months agoselftest: Set NSS_WRAPPER_HOSTS when creating the trusts
Andrew Bartlett [Fri, 31 Aug 2018 08:22:54 +0000 (20:22 +1200)]
selftest: Set NSS_WRAPPER_HOSTS when creating the trusts

Otherwise this relies on the order that tests run to cause the environment variable
to be left behind.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
11 months agos3:smbd: add a comment stating that file_close_user() is redundant for SMB2
Ralph Boehme [Thu, 30 Aug 2018 13:57:33 +0000 (15:57 +0200)]
s3:smbd: add a comment stating that file_close_user() is redundant for SMB2

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep  1 01:26:35 CEST 2018 on sn-devel-144

11 months agos3:smbd: let session logoff close files and tcons before deleting the session
Ralph Boehme [Wed, 29 Aug 2018 15:19:29 +0000 (17:19 +0200)]
s3:smbd: let session logoff close files and tcons before deleting the session

This avoids a race in durable handle reconnects if the reconnect comes
in while the old session is still in the tear-down phase.

The new session is supposed to rendezvous with and wait for destruction
of the old session, which is internally implemented with
dbwrap_watch_send() on the old session record.

If the old session deletes the session record before calling
file_close_user() which marks all file handles as disconnected, the
durable handle reconnect in the new session will fail as the records are
not yet marked as disconnected which is a prerequisite.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
11 months agos3:smbd: reorder tcon global record deletion and closing files of a tcon
Ralph Boehme [Thu, 30 Aug 2018 13:50:02 +0000 (15:50 +0200)]
s3:smbd: reorder tcon global record deletion and closing files of a tcon

As such, this doesn't change overall behaviour, but in case we ever add
semantics acting on tcon record changes via an API like
dbwrap_watch_send(), this will make a difference as it enforces
ordering.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
11 months agoselftest: add a durable handle test with delayed disconnect
Ralph Boehme [Thu, 30 Aug 2018 17:15:19 +0000 (19:15 +0200)]
selftest: add a durable handle test with delayed disconnect

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
11 months agos4:selftest: reformat smb2_s3only list
Ralph Boehme [Fri, 31 Aug 2018 06:28:46 +0000 (08:28 +0200)]
s4:selftest: reformat smb2_s3only list

No change besides reformatting the list to one entry per line.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
11 months agovfs_delay_inject: adding delay to VFS calls
Ralph Boehme [Thu, 30 Aug 2018 15:27:08 +0000 (17:27 +0200)]
vfs_delay_inject: adding delay to VFS calls

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
11 months agolib: Fix the build on FreeBSD
Volker Lendecke [Fri, 31 Aug 2018 04:25:30 +0000 (06:25 +0200)]
lib: Fix the build on FreeBSD

FreeBSD needs to explicitly #include <unistd.h> for geteuid() and close()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 31 18:42:31 CEST 2018 on sn-devel-144

11 months agotorture: Add test for directory_create_or_exist
Christof Schmitt [Wed, 29 Aug 2018 19:07:42 +0000 (12:07 -0700)]
torture: Add test for directory_create_or_exist

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Thu Aug 30 21:19:31 CEST 2018 on sn-devel-144

11 months agolib: Fix lstat check in directory_create_or_exist
Christof Schmitt [Wed, 29 Aug 2018 19:04:29 +0000 (12:04 -0700)]
lib: Fix lstat check in directory_create_or_exist

The lstat check in directory_create_or_exist did not verify whether an
existing object is actually a directory. Also move the check to only
apply when mkdir returns EEXIST; this fixes CID 241930 Time of check
time of use.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
11 months agoctdb-common: Clean up comments in TCP packet parsing
Martin Schwenke [Fri, 17 Aug 2018 11:33:39 +0000 (21:33 +1000)]
ctdb-common: Clean up comments in TCP packet parsing

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Aug 30 07:50:04 CEST 2018 on sn-devel-144

11 months agoctdb-common: Check the version field in IPv6 packets
Martin Schwenke [Tue, 28 Aug 2018 06:10:21 +0000 (16:10 +1000)]
ctdb-common: Check the version field in IPv6 packets

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>