Andrew Bartlett [Tue, 2 Sep 2014 22:21:01 +0000 (10:21 +1200)]
winbindd: Do not use group_list->out.resume_index after free
Found by AddressSanitizer
Change-Id: I59009144b28c390ddb80b7b3fbb4007dfd16db0e
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Andrew Bartlett [Tue, 2 Sep 2014 05:03:34 +0000 (17:03 +1200)]
winbindd: Do not use user_list->out.resume_index after free
Found by AddressSanitizer
Change-Id: I9f8b95b65de788994a7404fa8889fce45ccb3a30
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Andrew Bartlett [Tue, 2 Sep 2014 02:28:04 +0000 (14:28 +1200)]
torture: allow us to correctly use sizeof(buf) in raw.open tests
This changes the sizeof(buf) from sizeof(void *), 8 on 64-bit machines, to sizeof("test") (eg 5).
Found by AddressSanitizer
Andrew Bartlett
Change-Id: I01f18b35c041f3b16be9f6da8ae5d1917d7e24d9
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Andrew Bartlett [Mon, 1 Sep 2014 23:25:07 +0000 (11:25 +1200)]
s3-lib: Do not walk past the end of the dos_to_ntstatus_map array
Found by AddressSanitizer
Change-Id: Ic8b3e2599713c37b11324f9ec2d01891f0f287b9
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Andrew Bartlett [Mon, 1 Sep 2014 22:48:34 +0000 (10:48 +1200)]
Use correct size for test string, sizeof() was of the pointer
Found by AddressSanitizer
Change-Id: Ifc9883d958f253df903775544010c0228a102f0f
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Andrew Bartlett [Mon, 1 Sep 2014 22:47:57 +0000 (10:47 +1200)]
passdb: Avoid use-after-free when setting a plaintext password
The issue here is that pdb_set_plaintext_passwd() re-used the memory from pdb_get_pw_history() as input
We need to free this after we copy and set it.
Found by AddressSanitizer
Andrew Bartlett
Change-Id: I4e148e23ccbbe5444c969ff8f91709791c7696bb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Andrew Bartlett [Mon, 1 Sep 2014 21:48:08 +0000 (09:48 +1200)]
s4-auth: Use sizeof() rather than a fixed constant in memcmp() call
Change-Id: I2807cf2af9e4c3282e6ff54a6dd8e90f34e9481f
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Andrew Bartlett [Mon, 1 Sep 2014 05:13:39 +0000 (17:13 +1200)]
selftest: Show filename or script we had trouble reading
Change-Id: I12c26e807ab0d65031347bc3be609b2e87dcabb5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Michael Adam [Wed, 20 Aug 2014 13:25:17 +0000 (15:25 +0200)]
torture: fix whitespace/tab mixup in internal_torture_run_test()
No diff visible with "git show|diff -w".
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Sep 8 04:21:52 CEST 2014 on sn-devel-104
Stefan Metzmacher [Tue, 26 Aug 2014 19:32:17 +0000 (21:32 +0200)]
script/autobuild.py: remove explicit --with-perl-*-install-dir options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Sep 5 22:09:47 CEST 2014 on sn-devel-104
Michael Adam [Mon, 25 Aug 2014 21:58:48 +0000 (23:58 +0200)]
pidl: remove superfluous "use lib ...".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 25 Aug 2014 21:57:23 +0000 (23:57 +0200)]
pidl: fix the perl module search path (use lib ...) when installing pidl.
This way, pidl can also run with modules installed under the $prefix.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 17 Jul 2014 14:54:54 +0000 (16:54 +0200)]
wafsamba: add perl_fixup parameter to INSTALL_FILES
This fixes the search path for modules when installing
a perl "binary" by replacing a line 'use lib "$RealBin/lib";'
which works for the build directory with the appropriate
"use lib" line.
This is a step in allowing to install perl modules under the
prefix directory again.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 27 Aug 2014 20:19:38 +0000 (22:19 +0200)]
s3:build: don't detect perl in source3/wscript again.
This is done in the top level now.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 3 Sep 2014 23:38:14 +0000 (01:38 +0200)]
pidl/wscript: don't check for perl again.
This is done at the toplevel now.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 25 Aug 2014 23:31:17 +0000 (01:31 +0200)]
build: do full SAMBA_CHECK_PERL() check in configure
...instead of only checking for the perl binary
This autodetects PERL_LIB_INSTALL_DIR and removes the
need of the --with-perl-lib-install-dir when using a --prefix!=/usr.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 25 Aug 2014 23:29:57 +0000 (01:29 +0200)]
wafsamba: add samba_perl.py with SAMBA_CHECK_PERL() higher level check.
This checks for the perl binary, sets PERL and PERL_SPECIFIED
as well es the PERL_ARCH_INSTALL_DIR and PERL_LIB_INSTALL_DIR.
We want to avoid installing the perl modules outside the prefix.
I.e. generally,the perl modules should be installed
under "$prefix/share/perl5".
This improves the fixes for bug #10472.
The new strategy for automatically setting the paths is this:
- if the prefix equals perl's vendorprefix, then
- PERL_LIB_INSTALL_DIR is set to perl's vendorlib dir
- PERL_ARCH_INSTALL_DIR is set to perl's vendorarch dir
- otherwise:
- PERL_LIB_INSTALL_DIR is set to ${DATADIR}/perl5
(usually ${PREFIX}/share/perl5)
- PERL_ARCH_INSTALL_DIR is set to ${LIBDIR}/perl5
(usually ${PREFIX}/lib/perl5)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 25 Aug 2014 22:41:54 +0000 (00:41 +0200)]
dynconfig: implement PERL_ARCH_INSTALL_DIR
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 25 Aug 2014 21:59:46 +0000 (23:59 +0200)]
dynconfig: implement PERL_LIB_INSTALL_DIR.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 27 Aug 2014 08:29:50 +0000 (10:29 +0200)]
lib/ldb/wscript: pass dep_vars=['LDB_VERSION'] to SAMBA_GENERATOR()
bld.add_manual_dependency() only works for files not for environment variables.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 27 Aug 2014 08:15:56 +0000 (10:15 +0200)]
docs-xml/wscript_build: pass dep_vars=bld.dynconfig_varnames() to SAMBA_GENERATOR()
This avoids the use of always=True.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 27 Aug 2014 08:13:09 +0000 (10:13 +0200)]
dynconfig/wscript: add dynconfig_varnames()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 27 Aug 2014 08:10:34 +0000 (10:10 +0200)]
ctdb/wscript: pass dep_vars=['VERSION'] to SAMBA_GENERATOR()
This avoid the use of always=True.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 27 Aug 2014 08:08:21 +0000 (10:08 +0200)]
wafsamba: let SAMBA_BLDOPTIONS() use dep_vars=['defines'] instead of always=True
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 26 Aug 2014 21:14:23 +0000 (23:14 +0200)]
wafsamba: fix dependencies on environment variables for python_fixup
We now checksum the sourcecode of copy_and_fix_python_path()
and the env variables used by this function.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 26 Aug 2014 21:11:39 +0000 (23:11 +0200)]
wafsamba: allow an optional dep_vars list to be passed to SAMBA_GENERATOR()
This can be used to checksum variables used in the rule function.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 26 Aug 2014 21:11:39 +0000 (23:11 +0200)]
wafsamba: fix dependency for SAMBA_GENERATOR() when passing vars!=None
vars can only be a dictionary as that's the only thing bld.EXPAND_VARIABLES()
accepts.
We need to checksum the whole vars dictionary into the dependencies.
We set task.env.SAMBA_GENERATOR_VARS = vars and add SAMBA_GENERATOR_VARS
to the dep_vars.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Tue, 26 Aug 2014 21:11:39 +0000 (23:11 +0200)]
wafsamba: fix dependency calculation for SAMBA_GENERATOR()
We need to checksum the rule as string command of the
sourcecode of the python function.
This is stored in the 'ruledeps' envariable on the waf Task.
See exec_rule() in wafadmin/TaskGen.py.
dep_vars = getattr(self, 'dep_vars', ['ruledeps'])
if dep_vars:
tsk.dep_vars = dep_vars
if isinstance(self.rule, str):
tsk.env.ruledeps = self.rule
else:
# only works if the function is in a global module such as a waf tool
tsk.env.ruledeps = Utils.h_fun(self.rule)
If there's no 'dep_vars' it defaults to ['ruledeps'].
As we pass our own 'dep_vars' we need to explicitly add
'ruledeps'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 25 Aug 2014 21:39:50 +0000 (23:39 +0200)]
wafsamba: improve wording in a comment
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Mon, 25 Aug 2014 21:38:29 +0000 (23:38 +0200)]
wafsamba: remove unused variable from copy_and_fix_python_path
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Amitay Isaacs [Tue, 2 Sep 2014 06:10:20 +0000 (16:10 +1000)]
ctdb-call: Drop all deferred requests from older generation
Deferring packets has a nasty interaction with recovery. All deferred
packets must be dropped when recovery happens, since those packets are
tracked as pending requests and will be re-sent with new generation.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Sep 5 09:30:50 CEST 2014 on sn-devel-104
Amitay Isaacs [Tue, 19 Aug 2014 11:49:59 +0000 (21:49 +1000)]
ctdb-locking: Do not reset real-time priority for lock helpers
When using TDB robust mutexes, the kernel wakes waiting processes one
by one, in the priority list order. To ensure that ctdb lock helper
processes do not starve, lock helper processes need to run at a higher
priority than smbd.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 15 Aug 2014 05:20:36 +0000 (15:20 +1000)]
ctdb-daemon: Defer all calls when processing dmaster packets
When CTDB receives DMASTER_REQUEST or DMASTER_REPLY packet, the specified
record needs to be updated as soon as possible to avoid inconsistent
dmaster information between nodes. During this time, queue up all calls
for that record and process them only after dmaster request/reply has
been processed.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 15 Aug 2014 03:33:24 +0000 (13:33 +1000)]
ctdb-daemon: Remove duplicate code with refactored function
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 15 Aug 2014 03:22:29 +0000 (13:22 +1000)]
ctdb-common: Refactor code to convert TDB_DATA key to aligned uint32 array
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Fri, 15 Aug 2014 03:31:37 +0000 (13:31 +1000)]
ctdb-include: Remove declaration of non-existent function
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 11 Aug 2014 07:10:23 +0000 (17:10 +1000)]
ctdb-locking: Remove unused function ctdb_free_lock_request_context
There is no need for a special function to free lock request and
corresponding lock context. Freeing lock request will free lock
context also.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 11 Aug 2014 07:08:20 +0000 (17:08 +1000)]
ctdb-locking: Talloc lock request from client specified context
This makes sure that when the client context is destroyed, the lock
request goes away. If the lock requests is already scheduled, then the
lock child process will be terminated.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Amitay Isaacs [Mon, 11 Aug 2014 06:43:07 +0000 (16:43 +1000)]
ctdb-locking: Run debug locks script only if the node is active
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Andreas Schneider [Thu, 4 Sep 2014 10:55:53 +0000 (12:55 +0200)]
selftest: Fix selftest where pid is used uninitialized.
On my system this gets evaluated to 0 so in the end we detect samba to
be running cause $childpid is set to 0.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10793
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Sep 4 17:09:17 CEST 2014 on sn-devel-104
Stefan Metzmacher [Thu, 4 Sep 2014 07:40:34 +0000 (09:40 +0200)]
s4-rpc: dnsserver: return DNS_RANK_NS_GLUE recors when explicitly asked for
NS records should be included in the query for sub-domains. NS records
got dropped when the rank for NS records was correctly set to NS_GLUE
from ZONE in commit
2036cbd9249c84d9b46370f0e8cd6a0264c737ba.
samba-tool dns query 172.31.9.161 s4xdom.base @ ALL
=>
Name=glue, Records=0, Children=0
samba-tool dns query 172.31.9.161 s4xdom.base glue ALL
=>
Name=, Records=1, Children=0
NS: glue.dns.private. (flags=
40000082, serial=21, ttl=900)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10751
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Sep 4 14:37:51 CEST 2014 on sn-devel-104
Stefan Metzmacher [Thu, 4 Sep 2014 05:19:46 +0000 (07:19 +0200)]
s4-rpc: dnsserver: handle updates of tombstoned dnsNode objects
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Thu, 31 Jul 2014 07:24:52 +0000 (17:24 +1000)]
s4-rpc: dnsserver: Do not search for deleted DNS entries
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10749
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Wed, 3 Sep 2014 14:54:51 +0000 (07:54 -0700)]
s3: smbd: vfs_dirsort module.
Fix an off-by-one check that would cause seekdir to
seek off the end of the cached array.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ronnie Sahlberg <ronniesahlberg.gmail.com>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 3 19:59:54 CEST 2014 on sn-devel-104
Amitay Isaacs [Thu, 21 Aug 2014 07:26:14 +0000 (17:26 +1000)]
ctdb-build: SAMBA_BINARY targets should not include bin/ prefix
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Sep 3 06:26:16 CEST 2014 on sn-devel-104
Andrew Bartlett [Fri, 22 Aug 2014 02:16:30 +0000 (14:16 +1200)]
join.py: Set NT ACL on crossRef object for new partition
Change-Id: Icb1b00697cc5641481370ded26f2f0551a5b2a97
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 2 14:15:54 CEST 2014 on sn-devel-104
Stefan Metzmacher [Wed, 27 Aug 2014 13:13:30 +0000 (15:13 +0200)]
samba-tool/ldapcmp: update the list of non replicated attributes
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10788
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep 2 03:49:49 CEST 2014 on sn-devel-104
Günther Deschner [Wed, 27 Aug 2014 07:09:13 +0000 (09:09 +0200)]
s3-kpasswd: Fix build warning.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Sep 1 18:15:15 CEST 2014 on sn-devel-104
Günther Deschner [Tue, 26 Aug 2014 16:05:32 +0000 (18:05 +0200)]
s4-heimdal: do not build rkpty anymore.
It is fully replaced with texpect now.
Guenther
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Günther Deschner [Tue, 26 Aug 2014 16:01:10 +0000 (18:01 +0200)]
testprogs: use texpect instead of rkpty.
Guenther
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Günther Deschner [Tue, 26 Aug 2014 10:39:06 +0000 (12:39 +0200)]
testprogs: test kpasswd via "net ads password".
Guenther
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Günther Deschner [Mon, 25 Aug 2014 17:41:14 +0000 (19:41 +0200)]
testprogs: use texpect in passwords test file instead of rkpty.
Guenther
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Günther Deschner [Mon, 25 Aug 2014 17:38:12 +0000 (19:38 +0200)]
lib/texpect: add texpect binary based on heimdals rkpty.
Guenther
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Günther Deschner [Tue, 26 Aug 2014 12:28:01 +0000 (14:28 +0200)]
s3-kpasswd: send a netbios krb5 address to avoid invalid net address errors from
heimdal.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Simo Sorce [Sat, 2 Aug 2014 14:31:20 +0000 (10:31 -0400)]
Remove custom password change code in libads
Use standard libkrb5 calls instead.
Signed-off-by: Simo Sorce <idra@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Simo Sorce [Sat, 2 Aug 2014 13:39:20 +0000 (09:39 -0400)]
Remove duplicate definitions
Thee are already defined both in Heimdal and MIT public headers
Signed-off-by: Simo Sorce <idra@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Günther Deschner [Mon, 25 Aug 2014 14:35:23 +0000 (16:35 +0200)]
testprogs: allow to run passwords test with MIT and Heimdal kinit.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Andreas Schneider [Mon, 12 May 2014 14:56:29 +0000 (16:56 +0200)]
testprogs: Use the system binaries for KRB5 if we don't build in-tree heimdal.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Andreas Schneider [Mon, 1 Sep 2014 12:45:26 +0000 (14:45 +0200)]
selftest: Use the dns domain in the hosts file.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Fri, 22 Aug 2014 05:49:32 +0000 (17:49 +1200)]
s4-netlogond: Give a better error if we do not have a flatname attribute
Change-Id: I3bc283b6fab4326131084d1abb89cb486af7b35a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Sep 1 02:58:46 CEST 2014 on sn-devel-104
Andrew Bartlett [Fri, 22 Aug 2014 05:49:06 +0000 (17:49 +1200)]
join.py: Ensure to fill in samAccountName so we get the domain$ account
Otherwise, we get a random samAccountName
Andrew Bartlett
Change-Id: I87ea532fe22c1b2d2effd52859da3b357f692b5a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 18 Aug 2014 02:13:39 +0000 (14:13 +1200)]
s3-rpc_client: Do not give NT_STATUS_NO_MEMORY when the source string was NULL
Change-Id: I25a4dcc2239267ee7c219e965693027ca2981983
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Mon, 18 Aug 2014 01:14:04 +0000 (13:14 +1200)]
set_dc_type_and_flags_trustinfo: Use init_dc_connection and wb_open_internal_pipe
This means we call this code, and mark trusted domains as active directory, when we are an AD DC.
Otherwise, in the previous case we would not have domain->active_directory set, and would fail on
connection_ok() due to not having a full connection to our internal DC
Change-Id: I7ccee569d69d6c5466334540db8920e57aafa991
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 17 Aug 2014 22:08:24 +0000 (10:08 +1200)]
dsdb: improve debugging in DsCrackNameOneFilter
Change-Id: I64d8e1eb94d833dc8ebf18fecdf32a83470a087e
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
1
Andrew Bartlett [Sun, 17 Aug 2014 22:07:03 +0000 (10:07 +1200)]
winbindd: Add debugging to assist in locating errors creating NETLOGON pipes
Change-Id: If15483c37ed43267c6474ce8b5e9d96254745bca
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Fri, 15 Aug 2014 03:01:31 +0000 (15:01 +1200)]
passdb: Use sam_get_results_trust() and implement pdb_samba_dsdb_get_trusteddom_pw
We now return the plaintext passwords for trusted domains so winbindd can use them.
Change-Id: Ifcd59b0be815d25b73bdbc41db7477895461c7b6
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Fri, 15 Aug 2014 03:00:25 +0000 (15:00 +1200)]
auth: Split out fetching trusted domain into sam_get_results_trust()
This new helper function will also be used by pdb_samba_dsdb.
Change-Id: I008af94a0822012c211cfcc6108a8b1285f4d7c7
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 14 Aug 2014 02:47:38 +0000 (14:47 +1200)]
provision: Only create hard links for ForestDnsZones if it exists on this DC
We might be a subdomain, and not host this partition.
Andrew Bartlett
Change-Id: I9aa32c5692cd9fd0a6bced8bea37cd8593b31906
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Mon, 11 Aug 2014 05:30:51 +0000 (17:30 +1200)]
selftest: Improve connection between primary domain and subdomain for krb5
Two things help here: The join is done on the lower case name, so we
can match it in the krb5.conf, and we share the krb5.conf between the
"dc" environment and the "subdom_dc" environment. Between these two
measures, this means we can get tickets using the domain trust.
If we used cwrap for DNS queries and we had our internal DNS set up correctly,
we could avoid this (because that is not case sensitive),
but otherwise we need to get SUB.samba.example.org into the krb5.conf,
and this is harder to do an a generic way.
Andrew Bartlett
Change-Id: If378915112728aaf47aa68ce0b071a7e09d756ad
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Mon, 11 Aug 2014 03:53:44 +0000 (15:53 +1200)]
dsdb: Make log message more clear
Change-Id: Ibf3c55748e755d2f6dae57293bfde11cdf7ba3ae
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Mon, 11 Aug 2014 01:36:09 +0000 (13:36 +1200)]
selftest: Set admin password on subdom_dc environment
Change-Id: Ib9edae20004ea6f5a500efcfcd7bbd9fc8015c25
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Sun, 10 Aug 2014 23:47:54 +0000 (11:47 +1200)]
winbindd: Do not segfault if the trusted domain has no SID
Currently we abort, as skipping the domain would make the loop much more complex for a situation not yet seen in the real world.
Andrew Bartlett
Change-Id: Ie1e269eb25047d662d8fd0f771ee20de1d48706b
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Sun, 10 Aug 2014 23:46:51 +0000 (11:46 +1200)]
join.py: Ensure we set the SID of the parent domain on the trust record
Change-Id: Ifaf3f2d1240d983a48ee1874fdc9c266354f6754
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Sun, 10 Aug 2014 23:23:57 +0000 (11:23 +1200)]
python: Use the security.dom_sid type for ctx.domsid in join.py and provision
Change-Id: I1266f77184d68aae6a39a73bac8a432fdd707b2e
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Fri, 8 Aug 2014 07:26:46 +0000 (19:26 +1200)]
dsdb: Permit creation of partitions of type INSTANCE_TYPE_UNINSTANT
This is only allowed when we are creating the objects from a DsAddEntry call, not over LDAP.
Change-Id: Ieec6b07556d58741ec04fede8bf9940811f12a62
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Fri, 8 Aug 2014 06:43:47 +0000 (18:43 +1200)]
provision: Use names.domainsid and names.domainguid
This is better than passing around parameters to functions all over
the provision stack and makes it easier to pass in a seperate forest
SID when we start to support subdomains.
Change-Id: I3787f4f3433ca04628f888135c7c0c8195379542
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Wed, 16 Oct 2013 02:36:46 +0000 (15:36 +1300)]
s4-gensec: Fix spelling in debug message
Change-Id: Ia0218c4b1f714d1b829ab0ce5851a4d02a1bf5df
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Wed, 16 Oct 2013 01:43:39 +0000 (14:43 +1300)]
provision: Only calculate ForestDNSZone GUID if we need it
Change-Id: Ie33812627ce7ececda681c2d784b1ca97b1b73c4
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Wed, 16 Oct 2013 01:34:43 +0000 (14:34 +1300)]
join.py: Reinstate full_nc_list and make creation of NTDS-DSA object common
The new function join_ntdsdsa_obj() returns the object, to be added over LDAP or DsAddEntry().
Andrew Bartlett
Change-Id: I41ac256fb3d4edffc617af4ae580acd941b4de83
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Mon, 9 Sep 2013 05:14:45 +0000 (17:14 +1200)]
selftest: Pass DC_REALM to the subdom_dc environment
This allows 'samba-tool drs kcc' to be run during the environment setup.
Andrew Bartlett
Change-Id: I5d25470f1530b28be0a9413d13c48442fabb1a84
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Andrew Bartlett [Fri, 6 Sep 2013 03:48:29 +0000 (15:48 +1200)]
dsdb: Change acl module to look for instanceType flag rather than list of NCs
This avoids any DNs being a free pass beyond the ACL code, instead it is based on the CN=Partitions ACL.
Andrew Bartlett
Change-Id: Ib2f4abe0165e47fa4a71925d126c2eeec68df119
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:59:26 +0000 (01:59 +0200)]
Various updates to the pidl README file.
Remove samba3/samba4-specific comments, add comments about backends and files.
Change-Id: Id2253ce85eab7a684b2c50d25f6f2604dc146a8e
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Sun Aug 31 23:47:49 CEST 2014 on sn-devel-104
Jelmer Vernooij [Fri, 29 Aug 2014 23:59:25 +0000 (01:59 +0200)]
Remove trailing whitespace.
Change-Id: I1e0948da34bac278edc62cd63dedd08112426e7a
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:57:29 +0000 (01:57 +0200)]
samba.netcmd.domain: desactivating -> deactivating.
Change-Id: I463823589049e81bcd4032f3e7bc6b5f2fb0d28d
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:57:28 +0000 (01:57 +0200)]
samba.netcmd.domain: Fix incorrect variable names, causing NameErrors.
Change-Id: I1c78f07f942a8b03ac88de98b18ac636b7124e22
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:57:27 +0000 (01:57 +0200)]
samba.netcmd.domain: Remove unused import.
Change-Id: I33f3ba55540be01fd15bfc3d75ebb73cbf5ead9e
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:57:26 +0000 (01:57 +0200)]
samba.netcmd.domain: Just catch ImportError, not any parsing errors in cmd_domain_export_keytab.
Change-Id: If5710565c74e87fe218a83f31cddcf64605e522e
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:54:44 +0000 (01:54 +0200)]
Look for system setproctitle before trying -lbsd.
Change-Id: I390c186d7c1400287c6a18909a5d6587f2052243
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:54:43 +0000 (01:54 +0200)]
replace: remove tabs.
Change-Id: Ie87f3c8a60f6292b7d2302425c946f5befaf5fcc
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:54:42 +0000 (01:54 +0200)]
replace: remove unused and duplicate imports.
Change-Id: I6cfd2cf80efe19fa31bcd6b3881a1eb01f05d1b4
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:50:37 +0000 (01:50 +0200)]
Remove mention of compatibility with Python 2.4.
Change-Id: I1f900e550f4fbed9d7b3ffdbf30aa5b54e799331
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:50:36 +0000 (01:50 +0200)]
find_unused_macros: Remove obsolete script that finds unused macros.
There are various static checkers that can do this nowadays, with
better accuracy.
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Jelmer Vernooij [Fri, 29 Aug 2014 23:50:35 +0000 (01:50 +0200)]
source4: Remove script to find unused makefile variables.
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Christof Schmitt [Thu, 28 Aug 2014 21:50:39 +0000 (14:50 -0700)]
s3-winbindd: Document parameters in ads_cached_connection_reuse
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 30 06:10:36 CEST 2014 on sn-devel-104
Christof Schmitt [Thu, 28 Aug 2014 21:44:59 +0000 (14:44 -0700)]
s3-winbindd: Use more descriptive parameter names in ads_cached_connection_connect
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Fri, 22 Aug 2014 16:15:59 +0000 (09:15 -0700)]
s3-winbindd: Use correct realm for trusted domains in idmap child
When authenticating users in a trusted domain, the idmap_ad module
always connects to a local DC instead of one in the trusted domain.
Fix this by passing the correct realm to connect to.
Also Comment parameters passed to ads_cached_connection_connect
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Thu, 7 Aug 2014 22:42:05 +0000 (15:42 -0700)]
torture: Also run raw.read against the aio share
This tests the changes in the aio code path.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug 30 02:51:46 CEST 2014 on sn-devel-104
Christof Schmitt [Thu, 7 Aug 2014 21:44:23 +0000 (14:44 -0700)]
torture: Use torture_assert macro for value check in raw.read
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Christof Schmitt [Thu, 7 Aug 2014 21:40:00 +0000 (14:40 -0700)]
torture: Use torture_assert macro for status check in raw.read
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Christof Schmitt [Thu, 7 Aug 2014 21:31:42 +0000 (14:31 -0700)]
torture: Use torture_fail macro in check_buffer for read requests
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>