Tim Beale [Sun, 2 Dec 2018 21:50:19 +0000 (10:50 +1300)]
s3:pylibsmb: Add .unlink() API to SMB Py bindings
Add a basic .unlink() API to the source3 bindings. This is based on the
source4 python bindings, but uses the source3 client library APIs.
(We use a helper function to do most of the work, because we will need
to reuse it in order to support the deltree API).
Update the source4 test to use the source3 API. We will gradually
convert it over, and then delete the source4 python bindings.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Tue, 11 Dec 2018 21:25:35 +0000 (10:25 +1300)]
s3:pylibsmb: Make lp a mandatory param for the SMB connection
Currently establishing the SMB connection relies on having initialized
the global source3 loadparm.
This patch makes the lp param mandatory, so that you always have to pass
the parameter in when establishing the SMB connection.
It also makes the source3 API more consistent with the current source4
API, which will make it easier to replace the source4 version later.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bjoern Jacke [Wed, 28 Nov 2018 10:38:44 +0000 (04:38 -0600)]
s3:smbd: Fix build on AIX
AIX makes a define of ip_len in netinet/ip.h (sic!)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13731
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jan 4 16:29:50 CET 2019 on sn-devel-144
Bjoern Jacke [Sat, 22 Dec 2018 02:27:32 +0000 (20:27 -0600)]
waf: let CHECK_SIZEOF check for 64 bit also
wafsamba: utmp can be 64 bit also (like on AIX)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12017
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jan 2 14:10:41 CET 2019 on sn-devel-144
Stefan Metzmacher [Tue, 1 Jan 2019 11:52:26 +0000 (12:52 +0100)]
Happy New Year 2019!
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan 1 16:02:05 CET 2019 on sn-devel-144
Stefan Metzmacher [Wed, 31 Oct 2018 14:55:57 +0000 (15:55 +0100)]
auth/gensec: enforce that all DCERPC contexts support SIGN_PKT_HEADER
That's currently always the case and will simplifies the callers.
WORKS now???
TDB_NO_FSYNC=1 buildnice make -j test FAIL_IMMEDIATELY=1 SOCKET_WRAPPER_KEEP_PCAP=1 TESTS='samba4.rpc.lsa.secrets.*ncacn_np.*Kerberos.*Samba3.*fl2000dc'
and
TDB_NO_FSYNC=1 buildnice make -j test FAIL_IMMEDIATELY=1 SOCKET_WRAPPER_KEEP_PCAP=1 TESTS='samba3.rpc.lsa.*ncacn_ip_tcp.*nt4_dc'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Dec 23 21:33:51 CET 2018 on sn-devel-144
Stefan Metzmacher [Thu, 22 Nov 2018 17:21:03 +0000 (18:21 +0100)]
py:dcerpc/raw_testcase: add helper functions for ncacn_np: SMB connection support
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2018 17:21:03 +0000 (18:21 +0100)]
py:dcerpc/raw_testcase: maintain self.secondary_address
This was it's easier to alter once add support for SMB connections.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2018 17:21:03 +0000 (18:21 +0100)]
py:dcerpc/raw_testcase: maintain self.max_{xmit,recv}_frag
This was it's easier to alter once add support for SMB connections.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 26 Nov 2018 10:41:26 +0000 (11:41 +0100)]
py:dcerpc/raw_testcase: support DCERPC_AUTH_LEVEL_CONNECT in do_single_request()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 22 Nov 2018 07:29:32 +0000 (08:29 +0100)]
py:dcerpc/raw_testcase: add start_with_alter to do_generic_bind()
This will allow do_generic_bind() to be used to test
security context multiplexing.
Check with git show -w
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 16:37:38 +0000 (17:37 +0100)]
py:dcerpc/raw_protocol: test signing also with raw NTLMSSP and Kerberos
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 16:37:38 +0000 (17:37 +0100)]
py:dcerpc/raw_protocol: test signing with and without header signing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 14:15:04 +0000 (15:15 +0100)]
py:dcerpc/raw_testcase: prepare get_auth_context_creds() and do_generic_bind() for header signing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 14:15:04 +0000 (15:15 +0100)]
py:dcerpc/raw_testcase: prepare do_generic_bind() for raw NTLMSSP and Kerberos authentication
They just use 3 legs (messages) for the authentication, while SPNEGO
uses 2 or 4 messages.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 16:22:56 +0000 (17:22 +0100)]
py:dcerpc/raw_testcase: use require DOMAIN/REALM in get_user_creds()
This is the usage now:
SMB_CONF_PATH=/dev/null \
SERVER=172.31.9.188 \
TARGET_HOSTNAME=w2012r2-188.w2012r2-l6.base \
USERNAME=administrator \
PASSWORD=
A1b2C3d4 \
DOMAIN=W2012R2-L6 \
REALM=W2012R2-L6.BASE \
IGNORE_RANDOM_PAD=1 \
python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 16:19:32 +0000 (17:19 +0100)]
py:dcerpc/raw_testcase: use generate_request_auth() in do_single_request()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 15:02:50 +0000 (16:02 +0100)]
py:dcerpc/raw_testcase: use check_response_auth() in do_single_request()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 16:16:05 +0000 (17:16 +0100)]
py:dcerpc/raw_testcase: add generate_request_auth() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 15:02:50 +0000 (16:02 +0100)]
py:dcerpc/raw_testcase: add check_response_auth() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 14:43:24 +0000 (15:43 +0100)]
py:dcerpc/raw_protocol: rename _test_spnego_signing_auth_level_request to _test_auth_signing_auth_level_request
We now pass down dcerpc.DCERPC_AUTH_TYPE_SPNEGO from callers
instead of having SPNEGO specific functions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 14:43:24 +0000 (15:43 +0100)]
py:dcerpc/raw_protocol: rename _test_spnego_bind_auth_level to_test_auth_bind_auth_level
We now pass down dcerpc.DCERPC_AUTH_TYPE_SPNEGO from callers
instead of having SPNEGO specific functions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 14:48:08 +0000 (15:48 +0100)]
py:dcerpc/raw_testcase: pass auth_context and stub_len to parse_auth() in order to assert
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 14:38:06 +0000 (15:38 +0100)]
py:dcerpc/raw_protocol: let self._test_spnego_bind_auth_level() return auth_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 15:01:01 +0000 (16:01 +0100)]
py:dcerpc/raw_testcase: let do_single_request() check stub length against alloc_hint
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 11 Dec 2018 18:56:58 +0000 (19:56 +0100)]
py:dcerpc/raw_protocol: make use of assertPadding()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 11 Dec 2018 18:56:58 +0000 (19:56 +0100)]
py:dcerpc/raw_testcase: make use of assertPadding()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 11 Dec 2018 18:56:58 +0000 (19:56 +0100)]
py:dcerpc/raw_testcase: add assertPadding() that allows IGNORE_RANDOM_PAD=1
Sometimes Windows returns non zero bytes in padding fields,
we won't allow that by default, but IGNORE_RANDOM_PAD=1 will
will only do the length check.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 11 Dec 2018 18:42:09 +0000 (19:42 +0100)]
py:dcerpc/raw_protocol: explicitly disconnect additional connections
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 11 Dec 2018 18:41:08 +0000 (19:41 +0100)]
py:dcerpc/raw_testcase: disconnect on tearDown() of RawDCERPCTest
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Thu, 13 Dec 2018 22:57:35 +0000 (23:57 +0100)]
py:dcerpc/raw_protocol: rename test_spnego_packet_bind_sign_privacy => test_spnego_packet_bind_seal
This makes it consistent with other tests like
test_spnego_integrity_bind_seal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 20 Nov 2018 07:25:31 +0000 (08:25 +0100)]
py:dcerpc/tests: rename dcerpc/string.py -> string_tests.py
Otherwise it's not possible to run the raw_protocol tests anymore:
python/samba/tests/dcerpc/raw_protocol.py
Traceback (most recent call last):
File "python/samba/tests/dcerpc/raw_protocol.py", line 26, in <module>
import samba.dcerpc.dcerpc as dcerpc
File "bin/python/samba/__init__.py", line 32, in <module>
from samba.compat import string_types
File "bin/python/samba/compat.py", line 151, in <module>
from urllib import quote as urllib_quote
File "/usr/lib/python2.7/urllib.py", line 25, in <module>
import string
File "/abs/path/samba/python/samba/tests/dcerpc/string.py", line 22, in <module>
# Some strings for ctype-style character classification
File "bin/python/samba/tests/__init__.py", line 36, in <module>
from samba.compat import text_type
ImportError: cannot import name text_type
This allows the following again:
SMB_CONF_PATH=/dev/null \
SERVER=172.31.9.188 \
TARGET_HOSTNAME=w2012r2-188.w2012r2-l6.base \
USERNAME=administrator \
PASSWORD=
A1b2C3d4 \
DOMAIN=W2012R2-L6 \
REALM=W2012R2-L6.BASE \
python/samba/tests/dcerpc/raw_protocol.py -v -f TestDCERPC_BIND
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Wed, 19 Dec 2018 14:18:17 +0000 (15:18 +0100)]
s3:pylibsmb: add settimeout()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 13 Sep 2016 04:31:04 +0000 (06:31 +0200)]
s4:librpc: add python winspool bindings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 13 Sep 2016 04:31:04 +0000 (06:31 +0200)]
s4:librpc: add python spoolss bindings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 13 Sep 2016 03:51:57 +0000 (05:51 +0200)]
s4:librpc: add python witness bindings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 7 Oct 2016 16:18:56 +0000 (18:18 +0200)]
s3:libads: do an early return if we don't have a password for ads_kinit_password()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Bjoern Jacke [Fri, 21 Dec 2018 12:12:56 +0000 (06:12 -0600)]
nss/waf: check for secmethod_table.method_{attrlist,version} for aix >= 5.2
The original commit
02c9b46fab46ab401a3cf6bb74c8260801c41032 was not ported to waf yet.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Sat Dec 22 06:22:22 CET 2018 on sn-devel-144
Björn Jacke [Fri, 21 Dec 2018 14:02:40 +0000 (15:02 +0100)]
winbind_nss_aix: add incomplete attr_flag initializations
Found by Jürgen Starek, see https://bugzilla.samba.org/show_bug.cgi?id=5157
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
Björn Jacke [Sat, 22 Dec 2018 01:39:00 +0000 (02:39 +0100)]
winbind_nss_aix: use WBFLAG_FROM_NSS
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Jacke [Fri, 21 Dec 2018 00:00:09 +0000 (01:00 +0100)]
winbind_nss_solaris: use WBFLAG_FROM_NSS
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Jacke [Thu, 20 Dec 2018 23:50:38 +0000 (00:50 +0100)]
winbind_nss_netbsd: use WBFLAG_FROM_NSS
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Bjoern Jacke [Fri, 21 Dec 2018 11:54:31 +0000 (05:54 -0600)]
nsswitch/winbind_nss_linux.c use WBFLAG_FROM_NSS
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
Stefan Metzmacher [Thu, 20 Dec 2018 16:25:01 +0000 (10:25 -0600)]
winbind: honor WBFLAG_FROM_NSS along with winbind enum users/groups
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
Bjoern Jacke [Thu, 20 Dec 2018 16:23:02 +0000 (10:23 -0600)]
winbind introduce WBFLAG_FROM_NSS
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
Stefan Metzmacher [Fri, 21 Dec 2018 11:51:29 +0000 (05:51 -0600)]
nsswitch/winbind_nss_aix: reimplement fetching the SID of a user
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
Björn Jacke [Fri, 21 Dec 2018 01:20:00 +0000 (02:20 +0100)]
winbind_nss_aix: support also S_GROUPSIDS
which is used by lsuser up to AIX 5.2, see also https://bugzilla.samba.org/show_bug.cgi?id=5157
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Fri, 21 Dec 2018 01:51:54 +0000 (14:51 +1300)]
group_audit: Ensure we still log membership changes (with an error) where status != LDB_SUCCESS
This restores the previous behaviour. It causes (only) the event ID
to be omitted if status != LDB_SUCCESS or there was a problem getting
the group type.
Errors at this stage are exceedingly rare, because the values have
already been checked by the repl_meta_data module, but this is
cosistent with the rest of the module again.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Dec 22 01:58:48 CET 2018 on sn-devel-144
Gary Lockyer [Tue, 18 Dec 2018 20:29:23 +0000 (09:29 +1300)]
tests group_audit: PEP8 cleanup.
Remove Flake8 warnings from the group audit JSON log tests.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Tue, 18 Dec 2018 20:08:22 +0000 (09:08 +1300)]
s4 group_audit: Add Windows Event Id's to Group membership changes
Generate a GroupChange event when a user is created with a PrimaryGroup
membership. Log the windows event id in the JSON GroupChange message.
Event Id's supported are:
4728 A member was added to a security enabled global group
4729 A member was removed from a security enabled global
group
4732 A member was added to a security enabled local group
4733 A member was removed from a security enabled local group
4746 A member was added to a security disabled local group
4747 A member was removed from a security disabled local group
4751 A member was added to a security disabled global group
4752 A member was removed from a security disabled global
group
4756 A member was added to a security enabled universal
group
4757 A member was removed from a security enabled universal
group
4761 A member was added to a security disabled universal
group
4762 A member was removed from a security disabled universal
group
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 18 Dec 2018 03:27:14 +0000 (16:27 +1300)]
build: Remove --timestamp-dependencies (BROKEN)
Remove this code marked as broken, we do not need broken configure options making Samba
appear to be more complex than it already is.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Aaron Haslett [Mon, 12 Nov 2018 01:35:40 +0000 (14:35 +1300)]
paged results: testing suite for new paged results module
Testing the new GUID list based paged results module
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Fri Dec 21 11:10:30 CET 2018 on sn-devel-144
Aaron Haslett [Mon, 12 Nov 2018 01:30:55 +0000 (14:30 +1300)]
paged results: new paged results module using GUID list
Replacing paged results module to use GUID list instead of storing
result list in memory, in order to improve memory performance.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Aaron Haslett [Mon, 12 Nov 2018 01:15:08 +0000 (14:15 +1300)]
vlv: tests for delete, add, and modify cases
More vlv testing for cases involving modifying, deleting, and adding records
while observing the effect on already initialised views.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Tue, 18 Dec 2018 16:18:33 +0000 (17:18 +0100)]
s3-vfs-fruit: add close call
https://bugzilla.samba.org/show_bug.cgi?id=13725
We cannot always rely on vfs_default to close the fake fds. This mostly is
relevant when used with another non-local VFS filesystem module such as
gluster.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Dec 21 07:20:49 CET 2018 on sn-devel-144
Gary Lockyer [Thu, 20 Dec 2018 02:46:21 +0000 (15:46 +1300)]
s4 messaging tests: Fix race condition in smbcontrol tests
The test for the smbcontrol sleep command and the inject fault command
both used the "rpc_server" process as a target. As the inject fault
command caused the process to restart there was a race condition between
the process restarting and the sleep test running. To prevent this the
tests now use different target processes.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Dec 21 03:39:24 CET 2018 on sn-devel-144
Gary Lockyer [Sun, 16 Dec 2018 21:04:42 +0000 (10:04 +1300)]
tests (audit_auth)_log: PEP8 cleanup.
Remove Flake8 warnings from the audit and authentication JSON log
tests.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Gary Lockyer [Sun, 16 Dec 2018 21:03:01 +0000 (10:03 +1300)]
WHATSNEW: JSON logging changes
Add details of the Windows Event Id's and Logon Types added to the
Authorization qnd PasswordChange JSON messages.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Aaron Haslett [Fri, 17 Aug 2018 05:30:20 +0000 (17:30 +1200)]
dns: treating fully qualified and unqualified zone as identical.
"zone.com." and "zone.com" should be treated as the same zone. This patch
picks the unqualified representation as standard and enforces it, in order to
match BIND9 behaviour.
Note: This fixes the failing test added previously, but that test still fails
on the rodc test target so we modify the expected failure but don't remove it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13442
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Aaron Haslett [Mon, 20 Aug 2018 04:07:15 +0000 (16:07 +1200)]
dns: test for treating fully qualified zones same as unqualified
Failing test that checks if fully qualified zone names are treated the same
as unqualified zone names by the dns zone creation RPC method. Fix to follow.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13214
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Volker Lendecke [Sat, 15 Dec 2018 14:22:25 +0000 (15:22 +0100)]
lib: Remove sid_string_dbg
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 14 Dec 2018 21:11:56 +0000 (22:11 +0100)]
samr: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 14 Dec 2018 20:48:48 +0000 (21:48 +0100)]
lsasrv: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 14 Dec 2018 20:44:49 +0000 (21:44 +0100)]
spoolss: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Fri, 14 Dec 2018 20:09:51 +0000 (21:09 +0100)]
winbindd: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Thu, 13 Dec 2018 21:23:30 +0000 (22:23 +0100)]
wkssvc: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Thu, 13 Dec 2018 20:41:43 +0000 (21:41 +0100)]
libnet: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Thu, 13 Dec 2018 20:22:27 +0000 (21:22 +0100)]
lib: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Thu, 13 Dec 2018 20:21:57 +0000 (21:21 +0100)]
lib: Avoid sid_string_dbg
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Thu, 13 Dec 2018 20:01:00 +0000 (21:01 +0100)]
auth3: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Tue, 11 Dec 2018 16:17:46 +0000 (17:17 +0100)]
vfs: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Tue, 11 Dec 2018 16:00:48 +0000 (17:00 +0100)]
lookup_sid: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Tue, 11 Dec 2018 15:52:39 +0000 (16:52 +0100)]
pdb_ldap: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Tue, 11 Dec 2018 15:39:19 +0000 (16:39 +0100)]
pdb_smbpasswd: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Tue, 11 Dec 2018 15:09:41 +0000 (16:09 +0100)]
passdb: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Tue, 11 Dec 2018 12:56:03 +0000 (13:56 +0100)]
groupdb: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Tue, 11 Dec 2018 10:03:02 +0000 (11:03 +0100)]
winbind: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Tue, 11 Dec 2018 06:44:13 +0000 (07:44 +0100)]
libads: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Mon, 10 Dec 2018 12:04:11 +0000 (13:04 +0100)]
smbd: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Mon, 10 Dec 2018 11:51:56 +0000 (12:51 +0100)]
smbcacls: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Volker Lendecke [Mon, 10 Dec 2018 11:47:36 +0000 (12:47 +0100)]
net: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andreas Schneider [Tue, 11 Dec 2018 13:31:26 +0000 (14:31 +0100)]
lib:util: Use memset_s() in data_blob_clear()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Dec 20 16:11:03 CET 2018 on sn-devel-144
Andreas Schneider [Thu, 18 Oct 2018 09:26:44 +0000 (11:26 +0200)]
libcli:smb: Avoid explicit ZERO_STRUCT
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 3 Dec 2018 14:42:03 +0000 (15:42 +0100)]
libcli:auth: Use C99 initializers or ZERO_ARRAY instead of ZERO_STRUCT
ZERO_STRUCT is not wrong here, it will give the same result, but better
use macros with correct naming as it makes clear what happens when you
read the code.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 3 Dec 2018 14:37:03 +0000 (15:37 +0100)]
lib:util: Sync memory.h with replace.h
We can't remove memory.h as this is a public header file. So we need to
duplicate them from replace.h
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 3 Dec 2018 14:35:58 +0000 (15:35 +0100)]
lib:util: Cleanup comments in memory.h
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 3 Dec 2018 14:31:30 +0000 (15:31 +0100)]
replace: Use memset_s for ZERO_* macros
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 3 Dec 2018 14:27:32 +0000 (15:27 +0100)]
replace: Cleanup comments for ZERO_*
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 11 Dec 2018 17:09:14 +0000 (18:09 +0100)]
replace: Add memset_s to replacement functions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 17 Dec 2018 20:40:55 +0000 (21:40 +0100)]
wafsamba: Do not remove BUILTINS as duplicates
BUILTINS add object files to the target, so we can't remove them as
duplicates.
The issue e.g happens when tevent wants to link libreplace:
20:04:10 deps removing dups from tevent of type LIBRARY: {'replace'}
also in LIBRARY talloc
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 19 Dec 2018 08:34:12 +0000 (09:34 +0100)]
waf: Add missing libreplace deps to pyldb*
This will require memset_s() because of a later commit moving
ZERO_STRUCT to use memset_s().
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Sat, 8 Dec 2018 22:25:40 +0000 (23:25 +0100)]
s3:auth_winbind: ignore a missing winbindd as NT4 PDC/BDC without trusts
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13722
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Thu Dec 20 12:15:09 CET 2018 on sn-devel-144
Stefan Metzmacher [Sat, 8 Dec 2018 21:53:21 +0000 (22:53 +0100)]
s3:auth_winbind: return NT_STATUS_NO_LOGON_SERVERS if winbindd is not available
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13722
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13723
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Stefan Metzmacher [Sat, 8 Dec 2018 21:48:33 +0000 (22:48 +0100)]
s3:auth_winbind: remove fallback to optional backend
This is not possible anymore, as the trustdomain backend
was removed in commit
75c152c0d764165a4a9dd0a85390af063dd0192a.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13722
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13723
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Stefan Metzmacher [Wed, 19 Dec 2018 08:38:33 +0000 (09:38 +0100)]
s3:auth: ignore create_builtin_guests() failing without a valid idmap configuration
This happens on standalone servers, where winbindd is automatically
started by init scripts if it's installed. But it's not really
used and may not have a valid idmap configuration (
"idmap config * : range" has no default!)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13697
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Günther Deschner [Tue, 18 Dec 2018 16:20:29 +0000 (17:20 +0100)]
s3-vfs-streams_xattr: add close call
https://bugzilla.samba.org/show_bug.cgi?id=13725
We cannot always rely on vfs_default to close the fake fds. This mostly is
relevant when used with another non-local VFS filesystem module such as
gluster.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Dec 20 07:18:20 CET 2018 on sn-devel-144
Philipp Gesang [Tue, 18 Dec 2018 15:09:19 +0000 (16:09 +0100)]
lib/audit_logging: actually create talloc
Heal damage of
79f494e51e..
That context is being passed around and freed but is never
actually allocated on that stack.
Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 12 Dec 2018 20:04:42 +0000 (21:04 +0100)]
docs-xml: document "log level" changes
"log level" now takes an optional per debug-class logfile:
log level = 1 full_audit:1@/var/log/audit.log winbind:2
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 12 Dec 2018 21:46:49 +0000 (22:46 +0100)]
debug: enable per debug-class logfiles
This finally enables per debug-class logfiles by hooking into
reopen_logs_internal() calls to reopen_one_log() per configured
debug-class.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 12 Dec 2018 21:49:15 +0000 (22:49 +0100)]
debug: remove fd and debugf from state, use dbgc_config[DBGC_ALL]
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>