samba.git
8 months agoctdb-daemon: Fix signed/unsigned comparisons by casting
Martin Schwenke [Fri, 7 Jun 2019 20:40:12 +0000 (06:40 +1000)]
ctdb-daemon: Fix signed/unsigned comparisons by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-daemon: Fix signed/unsigned comparisons by declaring as unsigned
Martin Schwenke [Fri, 7 Jun 2019 20:38:56 +0000 (06:38 +1000)]
ctdb-daemon: Fix signed/unsigned comparisons by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-daemon: Make type of list_of_nodes() consistent with callers
Martin Schwenke [Fri, 7 Jun 2019 20:22:49 +0000 (06:22 +1000)]
ctdb-daemon: Make type of list_of_nodes() consistent with callers

Instead of taking exclude_pnn as a parameter, calculate it from an
include_self_parameter, which is passed through from the 2 calling
functions.

While doing this, fix a signed/unsigned comparison issue by declaring
the new exclude_pnn local variable as an unsigned type.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-daemon: Make old list_of_nodes() function static
Martin Schwenke [Fri, 7 Jun 2019 20:08:48 +0000 (06:08 +1000)]
ctdb-daemon: Make old list_of_nodes() function static

The next commit will change the type of this function, which is only
used in this file.  So, make it static to isolate the change.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tools: Drop separate parallel+verbose stdout/stderr filtering
Martin Schwenke [Fri, 28 Jun 2019 05:46:57 +0000 (15:46 +1000)]
ctdb-tools: Drop separate parallel+verbose stdout/stderr filtering

This has been broken for 10 years since commit
9616959bd6938e4c5c3713fe986c1e17cbdc574c, which introduced the
separate filtering.  This commit was missing a redirect of the output
of stderr_filter() to stderr.

Since nobody depends on the separate filtering (i.e. nobody reported a
bug), just return to combining stdout and stderr, and filtering them
together.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tools: Drop no-op stdout-filter from non-parallel case
Martin Schwenke [Fri, 28 Jun 2019 05:44:59 +0000 (15:44 +1000)]
ctdb-tools: Drop no-op stdout-filter from non-parallel case

This filter no longer does anything useful in this context.  By
default it adds a pipeline with trailing cat process.  In many
contexts, stdout of the process being run is still open so the cat
process will stay around and will stop onnode from exiting.

The filters should all go away because they are simply an example of
code that is trying to be too clever while causing unfortunate corner
cases.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agoctdb-tools: Drop onnode -o option
Martin Schwenke [Fri, 28 Jun 2019 05:43:27 +0000 (15:43 +1000)]
ctdb-tools: Drop onnode -o option

I don't think anyone uses this and it causes complications.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
8 months agos3:tests: Add test for manual smbtorture zero-data
Christof Schmitt [Wed, 22 May 2019 22:09:59 +0000 (15:09 -0700)]
s3:tests: Add test for manual smbtorture zero-data

Ensure that these tests keep working.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  5 05:02:12 UTC 2019 on sn-devel-184

8 months agosmbtorture: Add smb2.ioctl.zero_data
Christof Schmitt [Fri, 28 Sep 2018 23:37:51 +0000 (16:37 -0700)]
smbtorture: Add smb2.ioctl.zero_data

Allow to manually issue the FSCTL_ZERO_DATA call and verify the
state of the file in the file system.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosmbtorture: Add smb2.ioctl.sparse_set_sparse
Christof Schmitt [Fri, 28 Sep 2018 23:08:22 +0000 (16:08 -0700)]
smbtorture: Add smb2.ioctl.sparse_set_sparse

This allows for manual testing of changing the sparse setting on a file
and verifying the flag in the file system.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agowinexe: Add support for connecting to a host on an alternate port
Karl Lenz [Fri, 5 Jul 2019 00:28:33 +0000 (20:28 -0400)]
winexe: Add support for connecting to a host on an alternate port

This commit allows an optional port number to be specified after the
hostname on the winexe command line. If no port is given, it defaults
to port 445, just like it used before. Although this is probably a
pretty uncommon use-case, it allows port-forwarding the service through
a firewall to an alternate port, which can occassionally be helpful.

$ ./bin/winexe -U karl%password1 //127.0.0.1:5445 cmd.exe
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
8 months agos4 heimdal_build: Fix static heimdal builds with replacement closefrom()
Karl Lenz [Fri, 5 Jul 2019 00:27:46 +0000 (20:27 -0400)]
s4 heimdal_build: Fix static heimdal builds with replacement closefrom()

If Samba was configured with "--nonshared-binary=winexe" to build
winexe as a static binary, and the replacement closefrom() function
was used (which is default on most GNU/Linux systems without the libbsd
development package installed), then winexe would fail to link with the
error message shown below.

[2631/3059] Linking bin/default/examples/winexe/winexe
source4/heimdal/lib/roken/closefrom.c.1.o: In function `rep_closefrom':
closefrom.c:(.text+0x0): multiple definition of `rep_closefrom'
lib/replace/closefrom.c.2.o:closefrom.c:(.text+0x292): first defined here
collect2: error: ld returned 1 exit status

The real problem here was not with the winexe build itself - that was
merely the application that I was attempting to build statically when I
encountered it. As Andrew Bartlett very helpfully pointed out to me, this
regression was introduced when "lib/replace/closefrom.c" was added in
commit 55529d0f and, more to the point, when the heimdal build started
using it in commit 3a7ebd0e. From that point on, any time that Samba's
embedded copy of heimdal was statically linked into an application, it
would fail to link because heimdal's own rep_closefrom() function in its
"roken" library would conflict with the rep_closefrom() function in the
"replace" library used elsewhere in Samba - a library which the "roken"
library itself depends on. To further compound the problem, heimdal's
own "roken" library is also compiled for the host (a necessary
distinction for cross-compiled builds) and linked into a small number of
utility applications used during the heimdal build. However, they can't
link directly against the "replace" library, unlike the main "roken"
library build which carries that dependency, because the "replace"
library is _not_ built for the host.

I solved this problem by eliminating heimdal's version of rep_closefrom()
and making it use the one from "lib/replace" everywhere. That wasn't a
problem for the main heimdal library that is built for the target because
it was already linking in "lib/replace" (that's what caused this problem
in the first place!), but to solve the aforementioned issue with
"lib/replace" not being built for the host, I added
"lib/replace/closefrom.c" to the list of "source4/heimdal/lib/roken"
sources to be built for the host to satisfy heimdal's host utilities.
Everyone wins, I think.

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
8 months agowinexe: Fix translation of the winexesvc binaries to C
Karl Lenz [Thu, 4 Jul 2019 22:30:44 +0000 (18:30 -0400)]
winexe: Fix translation of the winexesvc binaries to C

Two small Windows binaries that winexe uses to execute commands on a
remote system, winexesvc32.exe and winexesvc64.exe, are compiled then
translated into a C byte array as hex so that they can be embedded into
the winexe binary. Although the winexesvc binaries were built properly,
the Python method that does the translation to C tried to open them in
text mode, which would have worked in Python 2 before the concept of
bytearrays was introduced, but instead raises an exception in Python 3.
The exception was unfortunately suppressed, so the build didn't stop,
and the winexe binary that was produced was effectively useless because
it didn't contain either winexesvc binary as expected. After winexe
successfully authenticated with a Windows host, it showed the error
message below rather than executing the given command on the remote
system.

$ ./bin/winexe -U karl%password1 -d 2 //192.168.56.3 cmd
winexe_svc_install: dcerpc_svcctl_StartServiceW failed: WERR_BAD_EXE_FORMAT
main: winexe_svc_install failed: NT_STATUS_BAD_INITIAL_PC

This commit fixes that problem by opening the winexesvc binaries in
binary mode rather than text mode when the winexe build script reads
them to translate them to C. Furthermore it adds an additional
sanity check that will cause the winexesvc binary generator commands to
fail if the winexesvc binaries cannot be opened or read correctly to
guarantee that the build does not silently "succeed" if something like
this ever happens again.

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
8 months agoutil: Fix off-by-one error in message about overflow
Martin Schwenke [Mon, 1 Jul 2019 11:42:56 +0000 (21:42 +1000)]
util: Fix off-by-one error in message about overflow

len includes space for the NUL character, so the calculation needs to
take the NUL character into account.

While touching this, drop unnecessary casts by updating format string
and update to modern debug macro.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  5 02:24:52 UTC 2019 on sn-devel-184

8 months agoutil: Avoid localised underflow
Martin Schwenke [Mon, 1 Jul 2019 11:28:43 +0000 (21:28 +1000)]
util: Avoid localised underflow

Avoid parenthesising an unsigned subtraction that can be negative and,
therefore, underflow.  There is no need for the parentheses and
removing them results in an expression that is evaluated left-to-right
and can not underflow.

It isn't clear that the underflow matters.  lp <= ls, so if (li - lp)
underflows then ls + (li - lp) will always overflow.  This should
produce the correct answer.  However, depending on this seems wrong.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agos4/scripting/smbstatus: begone
Douglas Bagnall [Tue, 2 Jul 2019 00:30:26 +0000 (12:30 +1200)]
s4/scripting/smbstatus: begone

Untested and unused.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agos4/torture: remove autoidl
Douglas Bagnall [Tue, 2 Jul 2019 00:25:22 +0000 (12:25 +1200)]
s4/torture: remove autoidl

This has been turned off by default for 10 years
(since 26e114b83ce1de7515bfbf365), and is only interesting for
nostalgia purposes.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agos4/scripting/autoidl: remove it
Douglas Bagnall [Mon, 1 Jul 2019 23:55:46 +0000 (11:55 +1200)]
s4/scripting/autoidl: remove it

What does it even do? Possibly nothing, not least because nobody ever
runs it.

It was introduced as source4/scripting/bin/autoidl.py in
a2446e5f8550582c0d4353bb85874dea17cf1d98 ("initial work for script
that uses probing to figure out IDL"). Since then it has only had
superficial patches, generally aimed at Python 3.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotests/usage: test for --help consistency
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
tests/usage: test for --help consistency

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotests/samba-tool: test --help consistency
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
tests/samba-tool: test --help consistency

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agopython/tests: helper function for checking --help consistency
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
python/tests: helper function for checking --help consistency

Check that --help output doesn't contradict itself by assigning the same
option string to different meanings (which *does* happen in the ldb tools).

This will be used in the samba-tool help tests and the usage tests.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotests/usage: generalise to cover non-python scripts
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
tests/usage: generalise to cover non-python scripts

It is not as simple as running everything executable, because for example
.so library files are marked as executable.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotests/usage: python scripts --help should be helpful
Douglas Bagnall [Thu, 27 Jun 2019 04:57:22 +0000 (16:57 +1200)]
tests/usage: python scripts --help should be helpful

We want to be sure it says *something* and returns success.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agos4/scripting/samba_dnsupdate: print usage with no arguments
Douglas Bagnall [Thu, 27 Jun 2019 04:57:21 +0000 (16:57 +1200)]
s4/scripting/samba_dnsupdate: print usage with no arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agos4/scripting/demodirsync: print usage if no host named
Douglas Bagnall [Thu, 27 Jun 2019 04:57:21 +0000 (16:57 +1200)]
s4/scripting/demodirsync: print usage if no host named

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agos4/scripting/mymachinepw: print usage with bad arguments
Douglas Bagnall [Thu, 27 Jun 2019 04:57:21 +0000 (16:57 +1200)]
s4/scripting/mymachinepw: print usage with bad arguments

Also, use sys.exit() function, not exit(), because sys.exit() reliably
exists.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agos4/scripting/get-descriptors: print usage with insufficient arguments
Douglas Bagnall [Thu, 27 Jun 2019 04:57:21 +0000 (16:57 +1200)]
s4/scripting/get-descriptors: print usage with insufficient arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoscript/compare_cc_results: print usage on too few args
Douglas Bagnall [Thu, 27 Jun 2019 04:57:20 +0000 (16:57 +1200)]
script/compare_cc_results: print usage on too few args

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agodns_hub: print usage with too few args
Douglas Bagnall [Thu, 27 Jun 2019 04:57:20 +0000 (16:57 +1200)]
dns_hub: print usage with too few args

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agotests: ensure that most python scripts have usage text
Douglas Bagnall [Sun, 17 Mar 2019 01:47:40 +0000 (14:47 +1300)]
tests: ensure that most python scripts have usage text

When a script is run with the wrong arguments, it should at least say
something like this:

    Usage: samba-foo [OPTIONS]

For many samba scripts, especially without a server environment, having
no arguments is the wrong arguments.

Here we look for every executable file with '#![...]python[3]' on the
first line, and exclude certain files and directories that have excuses
to fail the test. For example, many selftest scripts are stream-oriented
and will hang forever waiting for stdin, which is not an error. Some
test modules are designed so they can be optionally run from the command
line, but this option is typically only used by the developer who is
writing them.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoWHATSNEW: entries for gnutls and samba-tool
Andrew Bartlett [Thu, 4 Jul 2019 19:19:53 +0000 (07:19 +1200)]
WHATSNEW: entries for gnutls and samba-tool

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  5 00:05:15 UTC 2019 on sn-devel-184

8 months agos4/libnet: Fix joining a Windows pre-2008R2 DC
Tim Beale [Mon, 1 Jul 2019 05:06:31 +0000 (17:06 +1200)]
s4/libnet: Fix joining a Windows pre-2008R2 DC

From v4.8 onwards, Samba may not be able join a DC older than 2008R2
because the Windows DC doesn't support GET_TGT.

If the dsdb repl_md code can't resolve a link target it returns an
error, and the calling code (e.g. drs_util.py) should retry with
GET_TGT. However, GET_TGT is only supported on Windows 2008R2 and later,
so if you try to join an earlier Windows DC, the join will throw an
error that you can't work-around.

We can avoid this problem by setting the same DSDB flag that GET_TGT
sets to indicate that the link targets are as up-to-date as possible,
and so there's no point retrying. Missing targets are still logged, so
this at least allows the admin to fix up any problems after the join
completed.

I've only done this for the join case (problems during periodic
replication are probably still worth escalating to an error).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14021
RN: From Samba v4.8 onwards, joining a Windows 2003 or 2008 (non-R2) AD
DC may not have worked. When this problem occurred, the following
message would be displayed:
 'Failed to commit objects: DOS code 0x000021bf'
This particular issue has now been resolved. Note that there may still
be other potential problems that occur when joining an older Windows DC.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agos3: smbd: SMB1 add range checks to reply_fclose().
Jeremy Allison [Wed, 3 Jul 2019 19:15:56 +0000 (12:15 -0700)]
s3: smbd: SMB1 add range checks to reply_fclose().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jul  4 15:40:31 UTC 2019 on sn-devel-184

8 months agos3: smbd: SMB1 add range checks to reply_search().
Jeremy Allison [Wed, 3 Jul 2019 19:13:59 +0000 (12:13 -0700)]
s3: smbd: SMB1 add range checks to reply_search().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agovfs_nfs4acl_xattr: fix setting of permissions via NFS
Bjoern Jacke [Fri, 28 Jun 2019 14:36:43 +0000 (16:36 +0200)]
vfs_nfs4acl_xattr: fix setting of permissions via NFS

via NFS root may not be priviledged user, so we should not call become_root()
here. The normal NFS4 permissions already handle permission modify right, no
need to do more magic things for Samba here.

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Don't store num_read_oplocks in brlock.tdb
Volker Lendecke [Sun, 30 Jun 2019 17:51:13 +0000 (19:51 +0200)]
smbd: Don't store num_read_oplocks in brlock.tdb

This removes a kludgy implementation that worked around a locking
hierarchy problem: Setting a byte range lock had to contend the level2
oplocks, which are stored in locking.tdb/leases.tdb. We could not
access locking.tdb in the brlock.tdb code, as brlock.tdb might have
been locked first without locking.tdb, violating the locking hierarchy
locking.tdb->brlock.tdb. Now that that problem is gone (see the commit
wrapping do_lock() in share_mode_do_locked()), we can remove this
kludge.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Use share_mode's flags in contend_level2_oplocks
Volker Lendecke [Sun, 30 Jun 2019 07:50:46 +0000 (09:50 +0200)]
smbd: Use share_mode's flags in contend_level2_oplocks

Here we traverse the oplocks and leases when breaking read leases. We
find out here whether any of those are still left.

As it's the receivers of the messages that downgrade the database
entries, we might do that more than once. Possible future
optimization?

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Set SHARE_MODE_HAS_READ_LEASE when downgrading an oplock
Volker Lendecke [Sun, 30 Jun 2019 17:57:39 +0000 (19:57 +0200)]
smbd: Set SHARE_MODE_HAS_READ_LEASE when downgrading an oplock

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Set SHARE_MODE_HAS_READ_LEASE when granting a read lease
Volker Lendecke [Sun, 30 Jun 2019 07:15:48 +0000 (09:15 +0200)]
smbd: Set SHARE_MODE_HAS_READ_LEASE when granting a read lease

Lazy update of the flag: Whenever we add a read lease, we have to set
the flag. Nobody except contend_level2_oplocks_begin will remove that
flag again, as this would mean a full lease traverse when removing
one. And contend_level2_oplocks_begin traverses the leases anyway

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Add file_has_read_lease()
Volker Lendecke [Sun, 30 Jun 2019 06:54:20 +0000 (08:54 +0200)]
smbd: Add file_has_read_lease()

This caches share_mode_data->flags in the fsp, cache flush happening
on tdb_seqnum change.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Add flags to the beginning of share_mode_data
Volker Lendecke [Fri, 28 Jun 2019 05:48:45 +0000 (07:48 +0200)]
smbd: Add flags to the beginning of share_mode_data

They are put at the beginning for easy parsing without reading the
full struct. First step to remove the number of read oplocks/leases
from brlock.tdb, where it does not belong.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Send do_lock() through share_mode_do_locked()
Volker Lendecke [Mon, 1 Jul 2019 13:56:27 +0000 (15:56 +0200)]
smbd: Send do_lock() through share_mode_do_locked()

We need to maintain the locking hierarchy locking.tdb->brlock.tdb at
all times. vfs_fruit directly calls do_lock(), which might fail to
maintain the locking hierarchy: In brlock.c we call
contend_level2_oplocks_begin(), which will soon look at the
locking.tdb record.

For the SMB1 and SMB2 callers we already have the share mode locked,
we might want to watch that record for unlocks. For those callers
share_mode_do_locked() is practically free to call, we share the
underlying db_record.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Add share_mode_do_locked()
Volker Lendecke [Thu, 27 Jun 2019 15:23:07 +0000 (17:23 +0200)]
smbd: Add share_mode_do_locked()

This is made for efficient locking of share mode records in
locking.tdb. Right now we already need that when accessing leases.tdb,
and soon it will be required for brlock.tdb as well. It does not give
direct access to the parsed share mode entry, but the record is
available for dbwrap_watched_wakeup() within downgrade_lease().

It can be freely nested with get_share_mode_lock calls, the record
will be shared and proper nesting should be checked.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Introduce static_share_mode_record
Volker Lendecke [Thu, 27 Jun 2019 14:58:54 +0000 (16:58 +0200)]
smbd: Introduce static_share_mode_record

The next commit will introduce share_mode_do_locked(), which allocates
a share mode record on the stack. We have to expect nested
get_share_mode_lock() calls from within share_mode_do_locked() for
which we need to share a db_record.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agosmbd: Simplify share_mode_lock.c
Volker Lendecke [Thu, 27 Jun 2019 12:40:08 +0000 (14:40 +0200)]
smbd: Simplify share_mode_lock.c

Do explicit refcounting instead of talloc_reference(). A later patch
will introduce a share_mode_do_locked() routine that can be nested
arbitrarily with get_share_mode_lock(). To do sanity checks for proper
nesting, share_mode_do_locked needs to be aware of the reference
counts for "static_share_mode_lock".

Why is share_mode_memcache_delete() gone? In parse_share_modes() we
already move the data out of the cache, share_mode_lock_destructor()
we don't even bother re-adding the share_mode_data to the cache if
it does not have share entries, because the next opener will invent a
new seqnum anyway.

Also: Less talloc_reference(), less lines of code.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agodbwrap: Add publically available dbwrap_watch_wakeup()
Volker Lendecke [Fri, 24 May 2019 13:00:45 +0000 (15:00 +0200)]
dbwrap: Add publically available dbwrap_watch_wakeup()

Without this, to notify watchers you need to actually store data. This
might be a waste of resources. locking.tdb waiters might actually wait
for leases.tdb or brlock.tdb changes, and locking.tdb records can be
large.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agodbwrap: Rename dbwrap_watched_wakeup()
Volker Lendecke [Fri, 24 May 2019 12:49:47 +0000 (14:49 +0200)]
dbwrap: Rename dbwrap_watched_wakeup()

In the next step I want to make dbwrap_watched_wakeup() publically
available under that canonical name.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agoWHATSNEW: add news the sad passing of python2 support
Andrew Bartlett [Thu, 4 Jul 2019 05:43:35 +0000 (17:43 +1200)]
WHATSNEW: add news the sad passing of python2 support

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jul  4 11:25:07 UTC 2019 on sn-devel-184

8 months agoWHATSNEW: add news about Samba AD at 100,000 scale
Andrew Bartlett [Thu, 4 Jul 2019 05:43:20 +0000 (17:43 +1200)]
WHATSNEW: add news about Samba AD at 100,000 scale

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
8 months agoWHATSNEW: ldb_batch mode and join performance
Gary Lockyer [Wed, 3 Jul 2019 22:00:03 +0000 (10:00 +1200)]
WHATSNEW: ldb_batch mode and join performance

Document the join performance improvement, and the ldb "batch_mode"
option.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agodomain join: set ldb "transaction_index_cache_size" option
Gary Lockyer [Wed, 3 Jul 2019 04:41:59 +0000 (16:41 +1200)]
domain join: set ldb "transaction_index_cache_size" option

Set the "transaction_index_cache_size" on a join to improve
performance. These setting reduced a join to a 100k user domain from
105 minutes to 44 minutes.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agodomain join: enable ldb batch mode
Gary Lockyer [Tue, 2 Jul 2019 00:31:52 +0000 (12:31 +1200)]
domain join: enable ldb batch mode

Enable ldb "batch_mode" transactions duting a join to improve
performance.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoldb: Release ldb 2.0.5 ldb-2.0.5
Gary Lockyer [Thu, 4 Jul 2019 02:37:31 +0000 (14:37 +1200)]
ldb: Release ldb 2.0.5

* add ldb_options_get
  add a function to get the options passed in ldb connect.

* add "batch_mode" option.
  This options stops sub transactions being started for key value
  operations.  It is intended to improve the performance in batch
  operations.  As it bypasses the protections on operations if an
  operation fails, the entire transaction will be aborted by a commit.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoldb: Rework index_transaction_cache_size to allow caller to specify a larger size
Gary Lockyer [Thu, 4 Jul 2019 04:49:29 +0000 (16:49 +1200)]
ldb: Rework index_transaction_cache_size to allow caller to specify a larger size

The previous code would override the caller with the DB size
estimate rather than allowing the caller to force the bigger size.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoldb ldb_key_value: test ldb batch
Gary Lockyer [Tue, 2 Jul 2019 04:42:44 +0000 (16:42 +1200)]
ldb ldb_key_value: test ldb batch

Test the the ldb "batch_mode" option sets batch mode operation.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoldb key_value: Add batch_mode option
Gary Lockyer [Tue, 2 Jul 2019 00:30:44 +0000 (12:30 +1200)]
ldb key_value: Add batch_mode option

When performing a join the overhead of the sub transactions protecting
key value operations becomes significant.  This commit adds a new
"batch_mode" option that disables the sub transactions around key value
operations.

The operation level index cache is also disabled, which means the
overall transaction level index cache can become inconsistent if an
operation fails. To protect against this and other possible on disk
inconsistencies, if any operation fails during a batch_mode
transaction the commit will fail and transaction will be rolled back.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agos4 samdb: pass ldb options to ldb_module_connect_backend
Gary Lockyer [Thu, 4 Jul 2019 02:22:29 +0000 (14:22 +1200)]
s4 samdb: pass ldb options to ldb_module_connect_backend

Pass the ldb options into ldb_module_connect_backend, to ensure ldb
options such as "batch mode" and "transaction index cache size" get passed
through to the backend modules.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoldb: Add new internal helper function ldb_options_get()
Gary Lockyer [Thu, 4 Jul 2019 04:44:21 +0000 (16:44 +1200)]
ldb: Add new internal helper function ldb_options_get()

This is needed for modules to access the ldb->options array, as this in in ldb_private.h

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoldb: Fix dependency on ldb_key_value_sub_txn_{mdb_}test
Andrew Bartlett [Thu, 4 Jul 2019 02:52:27 +0000 (14:52 +1200)]
ldb: Fix dependency on ldb_key_value_sub_txn_{mdb_}test

ldb_tdb can be a module, but the test is actually looking for ltdb_err_map() in
ldb_tdb_err_map.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
8 months agoldb: Try to explain the confusing overload of the LDB_FLG_MOD_* enumeration and other...
Andrew Bartlett [Thu, 4 Jul 2019 01:50:22 +0000 (13:50 +1200)]
ldb: Try to explain the confusing overload of the LDB_FLG_MOD_* enumeration and other flags

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jul  4 03:51:58 UTC 2019 on sn-devel-184

8 months agoldb: Add tests for Ldb.write_ldif() including the FLG_SHOW_BINARY and FLAG_FORCE_NO_B...
Andrew Bartlett [Thu, 4 Jul 2019 01:30:36 +0000 (13:30 +1200)]
ldb: Add tests for Ldb.write_ldif() including the FLG_SHOW_BINARY and FLAG_FORCE_NO_BASE64_LDIF

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
8 months agopyldb: Apply flags specified by ldb.Ldb(flags=...) even if the URL is not set
Andrew Bartlett [Thu, 4 Jul 2019 01:26:20 +0000 (13:26 +1200)]
pyldb: Apply flags specified by ldb.Ldb(flags=...) even if the URL is not set

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
8 months agodoc: add documentation for "samba-tool" contact management
Björn Baumbach [Thu, 28 Mar 2019 19:39:41 +0000 (20:39 +0100)]
doc: add documentation for "samba-tool" contact management

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool tests: add tests for contact management
Björn Baumbach [Wed, 20 Mar 2019 16:17:05 +0000 (17:17 +0100)]
samba-tool tests: add tests for contact management

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool: implement contact management commands
Björn Baumbach [Tue, 19 Mar 2019 16:55:37 +0000 (17:55 +0100)]
samba-tool: implement contact management commands

Usage: samba-tool contact <subcommand>

Contact management.

Available subcommands:
  create  - Create a new contact.
  delete  - Delete a contact.
  edit    - Modify a contact.
  list    - List all contacts.
  move    - Move a contact object to an organizational unit or container.
  show    - Display a contact.

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agodoc: add samba-tool group command to samba-tool man page
Björn Baumbach [Thu, 28 Mar 2019 19:31:48 +0000 (20:31 +0100)]
doc: add samba-tool group command to samba-tool man page

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool tests: add test for 'samba-tool group edit' command
Björn Baumbach [Mon, 18 Mar 2019 12:31:04 +0000 (13:31 +0100)]
samba-tool tests: add test for 'samba-tool group edit' command

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool group: add 'edit' command to edit an AD group object
Björn Baumbach [Wed, 13 Mar 2019 20:20:29 +0000 (21:20 +0100)]
samba-tool group: add 'edit' command to edit an AD group object

Same like the samba-tool user edit command.

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool tests: add test for 'samba-tool computer edit' command
Björn Baumbach [Mon, 18 Mar 2019 11:00:24 +0000 (12:00 +0100)]
samba-tool tests: add test for 'samba-tool computer edit' command

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agodoc: add samba-tool computer command to samba-tool man page
Björn Baumbach [Thu, 28 Mar 2019 19:34:20 +0000 (20:34 +0100)]
doc: add samba-tool computer command to samba-tool man page

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool computer: add 'edit' command to edit an AD computer object
Björn Baumbach [Wed, 13 Mar 2019 20:40:25 +0000 (21:40 +0100)]
samba-tool computer: add 'edit' command to edit an AD computer object

Similar to the samba-tool user edit command.

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool user edit: avoid base64 encoded strings in editable ldif if possible
Björn Baumbach [Fri, 15 Mar 2019 13:20:05 +0000 (14:20 +0100)]
samba-tool user edit: avoid base64 encoded strings in editable ldif if possible

Use clear text arguments strings if possible. Makes it more comfortable
for users to edit the user objects attributes.

Remove test from knownfail:
  samba.tests.samba_tool.user_edit.change_attribute_force_no_base64

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool tests: add test for 'samba-tool user edit', using LDB_FLAG_FORCE_NO_BASE64...
Björn Baumbach [Fri, 15 Mar 2019 11:59:09 +0000 (12:59 +0100)]
samba-tool tests: add test for 'samba-tool user edit', using LDB_FLAG_FORCE_NO_BASE64_LDIF

Test to edit a user: Change attributes with LDB_FLAG_FORCE_NO_BASE64_LDIF

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool user edit: simplify code
Björn Baumbach [Wed, 13 Mar 2019 16:40:37 +0000 (17:40 +0100)]
samba-tool user edit: simplify code

Use "None"-changetype here, instead of "Add". This avoids the need to
remove the changetype line afterwards.

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool user edit: use ldb methods to create ldif to modify user
Björn Baumbach [Fri, 15 Mar 2019 13:19:35 +0000 (14:19 +0100)]
samba-tool user edit: use ldb methods to create ldif to modify user

Remove tests from knownfail:
  samba.tests.samba_tool.user_edit.add_attribute_base64
  samba.tests.samba_tool.user_edit.add_attribute_base64_control
  samba.tests.samba_tool.user_edit.change_attribute_base64_control

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14003

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool tests: add additional tests for "samba-tool user edit" command
Björn Baumbach [Thu, 14 Mar 2019 13:04:28 +0000 (14:04 +0100)]
samba-tool tests: add additional tests for "samba-tool user edit" command

Especially test handling of base64 encoded attribute values here.

Add selftest/knownfail.d/samba_tool.user_edit.
Tests fail, because:
 - can not work with ldif without a trailing new line
 - can not handle base64 strings

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14003

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoldb/ldb_ldif: add LDB_FLAG_FORCE_NO_BASE64_LDIF flag
Björn Baumbach [Tue, 19 Feb 2019 11:29:58 +0000 (12:29 +0100)]
ldb/ldb_ldif: add LDB_FLAG_FORCE_NO_BASE64_LDIF flag

Flag is used to enforce binary encoded attribute values per attribute.

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agoldb/ldb_ldif: add copy_raw_bytes helper variable to ldb_ldif_write_trace()
Björn Baumbach [Tue, 19 Feb 2019 11:14:37 +0000 (12:14 +0100)]
ldb/ldb_ldif: add copy_raw_bytes helper variable to ldb_ldif_write_trace()

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool user edit test: use testit instead of subunit_start_test, pass/failed
Björn Baumbach [Thu, 14 Mar 2019 15:55:42 +0000 (16:55 +0100)]
samba-tool user edit test: use testit instead of subunit_start_test, pass/failed

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool tests: remove probably outdated comment
Björn Baumbach [Thu, 14 Mar 2019 11:29:13 +0000 (12:29 +0100)]
samba-tool tests: remove probably outdated comment

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool tests: rename "user edit" test from edit.sh to user_edit.sh
Björn Baumbach [Thu, 14 Mar 2019 15:47:36 +0000 (16:47 +0100)]
samba-tool tests: rename "user edit" test from edit.sh to user_edit.sh

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agosamba-tool: fix format of command description (help messages)
Björn Baumbach [Thu, 21 Mar 2019 13:15:22 +0000 (14:15 +0100)]
samba-tool: fix format of command description (help messages)

Need to quote the backslash '\'.

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agobootstrap: Add OpenSUSE 15.1 image
Samuel Cabrero [Tue, 18 Jun 2019 09:03:41 +0000 (11:03 +0200)]
bootstrap: Add OpenSUSE 15.1 image

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
8 months agowinbind: fix crash in fill_domain_username_talloc() if specified username is NULL
Ralf Habacker [Mon, 24 Jun 2019 07:25:48 +0000 (09:25 +0200)]
winbind: fix crash in fill_domain_username_talloc() if specified username is NULL

Signed-off-by: Ralf Habacker <ralf.habacker@freenet.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul  3 19:24:52 UTC 2019 on sn-devel-184

8 months agodocs: Correct 'net ads dns unregister --help' description
Amit Kumar [Mon, 24 Jun 2019 22:20:42 +0000 (03:50 +0530)]
docs: Correct 'net ads dns unregister --help' description

This change corrects the content of 'net ads dns unregister --help'
command. Updated output would be:
Usage:
net ads dns unregister [hostname]
    Remove all IP Address entires for a given
    hostname from the Active Directory server.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14005

Signed-off-by: Amit Kumar <amitkuma@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul  3 15:12:50 UTC 2019 on sn-devel-184

8 months agoAdd PrimaryGroupId to group array in DC response
Isaac Boukris [Wed, 3 Apr 2019 16:45:02 +0000 (19:45 +0300)]
Add PrimaryGroupId to group array in DC response

This is a simplified version of the original patch by:
Felix Botner <botner@univention.de>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11362

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul  3 13:52:55 UTC 2019 on sn-devel-184

8 months agoselftest: check for PrimaryGroupId in DC returned group array
Isaac Boukris [Fri, 31 May 2019 14:22:50 +0000 (17:22 +0300)]
selftest: check for PrimaryGroupId in DC returned group array

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11362

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
8 months agoselftest: remote_pac: s/s2u4self/s4u2self/g
Isaac Boukris [Fri, 31 May 2019 17:02:30 +0000 (20:02 +0300)]
selftest: remote_pac: s/s2u4self/s4u2self/g

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11362

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
8 months agos3:modules: Use hash_inode() in vfs_streams_xattr
Andreas Schneider [Tue, 18 Jun 2019 15:09:29 +0000 (17:09 +0200)]
s3:modules: Use hash_inode() in vfs_streams_xattr

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul  3 12:37:12 UTC 2019 on sn-devel-184

8 months agos3:modules: Use hash_inode() in vfs_fruit
Andreas Schneider [Tue, 18 Jun 2019 14:58:29 +0000 (16:58 +0200)]
s3:modules: Use hash_inode() in vfs_fruit

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agos3:modules: Allow SHA1 usage for file IDs in FIPS mode
Andreas Schneider [Mon, 1 Jul 2019 14:36:13 +0000 (16:36 +0200)]
s3:modules: Allow SHA1 usage for file IDs in FIPS mode

This is non-cryptographic use!

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agos3:modules: Add hash_inode() function based on SHA1
Andreas Schneider [Tue, 18 Jun 2019 14:56:43 +0000 (16:56 +0200)]
s3:modules: Add hash_inode() function based on SHA1

This should use SHA1 as modern CPUs have SHA NI instruction support.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
8 months agolib: Fix return of server_id_db_prune_name()
Volker Lendecke [Mon, 1 Jul 2019 19:07:55 +0000 (21:07 +0200)]
lib: Fix return of server_id_db_prune_name()

The tdb routines return 0/-1 and return the specific error via
tdb_error(). server_id_db_prune_name() is expected to return an errno,
not 0/-1.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Wed Jul  3 10:51:32 UTC 2019 on sn-devel-184

8 months agotdb: Adapt _tdb_transaction_cancel() to README.Coding
Volker Lendecke [Mon, 1 Jul 2019 19:02:21 +0000 (21:02 +0200)]
tdb: Adapt _tdb_transaction_cancel() to README.Coding

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
8 months agotdb: Adapt tdb_rescue() to README.Coding
Volker Lendecke [Mon, 1 Jul 2019 19:00:23 +0000 (21:00 +0200)]
tdb: Adapt tdb_rescue() to README.Coding

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
8 months agolib/krb5_wrap: Fix leaking using mkstemp
Noel Power [Tue, 2 Jul 2019 08:29:47 +0000 (09:29 +0100)]
lib/krb5_wrap: Fix leaking using mkstemp

commit: 8b92539997a9df8e0d217790fd82fc8f59ea50cc introduced a leak
by replacing mktemp with mkstemp (mkstemp returns an open fd)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
8 months agosmbd: Simplify filename_convert_internal()
Volker Lendecke [Mon, 24 Jun 2019 11:48:10 +0000 (13:48 +0200)]
smbd: Simplify filename_convert_internal()

Use a direct struct assignment

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul  2 18:17:39 UTC 2019 on sn-devel-184

8 months agosmbd: Remove unused "msg_ctx" from smbd_smb1_do_locks_send()
Volker Lendecke [Mon, 1 Jul 2019 13:42:56 +0000 (15:42 +0200)]
smbd: Remove unused "msg_ctx" from smbd_smb1_do_locks_send()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agosmbd: Remove unused "msg_ctx" from smbd_do_locks_try()
Volker Lendecke [Mon, 1 Jul 2019 13:41:07 +0000 (15:41 +0200)]
smbd: Remove unused "msg_ctx" from smbd_do_locks_try()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
8 months agosmbd: Remove unused "msg_ctx" from locking_close_file()
Volker Lendecke [Mon, 1 Jul 2019 13:35:19 +0000 (15:35 +0200)]
smbd: Remove unused "msg_ctx" from locking_close_file()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>