samba.git
2 years agopython/samba: use an explicit .encode('utf-8') where we expect utf8 passwords
Stefan Metzmacher [Mon, 13 Feb 2017 21:34:06 +0000 (22:34 +0100)]
python/samba: use an explicit .encode('utf-8') where we expect utf8 passwords

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agopython/samba: provision_dns_add_samba.ldif expects utf-16-le passwords
Stefan Metzmacher [Thu, 16 Feb 2017 23:10:12 +0000 (00:10 +0100)]
python/samba: provision_dns_add_samba.ldif expects utf-16-le passwords

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos4:dsdb: autogenerate a random utf16 buffer for krbtgt password resets.
Stefan Metzmacher [Mon, 13 Feb 2017 18:01:21 +0000 (19:01 +0100)]
s4:dsdb: autogenerate a random utf16 buffer for krbtgt password resets.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos4:libnet: make use of generate_random_machine_password()
Stefan Metzmacher [Mon, 13 Feb 2017 18:35:54 +0000 (19:35 +0100)]
s4:libnet: make use of generate_random_machine_password()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2 years agos4:libcli/raw: remove unused DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH
Stefan Metzmacher [Tue, 23 Aug 2016 10:41:48 +0000 (12:41 +0200)]
s4:libcli/raw: remove unused DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos3:include: remove unused DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH
Stefan Metzmacher [Tue, 23 Aug 2016 10:41:48 +0000 (12:41 +0200)]
s3:include: remove unused DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos3:net_rpc_trust: make use of trust_pw_new_value()
Stefan Metzmacher [Tue, 23 Aug 2016 08:42:30 +0000 (10:42 +0200)]
s3:net_rpc_trust: make use of trust_pw_new_value()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos3:libnet_join: make use of trust_pw_new_value()
Stefan Metzmacher [Tue, 23 Aug 2016 10:09:57 +0000 (12:09 +0200)]
s3:libnet_join: make use of trust_pw_new_value()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos3:libads: use trust_pw_new_value() for krb5 machine passwords
Stefan Metzmacher [Tue, 23 Aug 2016 08:38:58 +0000 (10:38 +0200)]
s3:libads: use trust_pw_new_value() for krb5 machine passwords

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos3:libsmb: use trust_pw_new_value() in trust_pw_change()
Stefan Metzmacher [Tue, 23 Aug 2016 10:12:35 +0000 (12:12 +0200)]
s3:libsmb: use trust_pw_new_value() in trust_pw_change()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos3:libsmb: add trust_pw_new_value() helper function
Stefan Metzmacher [Tue, 23 Aug 2016 10:12:35 +0000 (12:12 +0200)]
s3:libsmb: add trust_pw_new_value() helper function

This generates a new trust password based on the secure channel type
and lp_security().

NT4 really has a limit of 28 UTF16 bytes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos3:libsmb: let trust_pw_change() verify the new password at the end.
Stefan Metzmacher [Thu, 9 Feb 2017 21:53:52 +0000 (22:53 +0100)]
s3:libsmb: let trust_pw_change() verify the new password at the end.

We should notice problems as early as possible, it makes no
sense to keep things working for a while and later find out
the we lost our trust relationship with our domain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos3:libsmb: let trust_pw_change() debug more verbose information
Stefan Metzmacher [Wed, 18 Jan 2017 18:57:30 +0000 (19:57 +0100)]
s3:libsmb: let trust_pw_change() debug more verbose information

Password changes caused much trouble in the past, so we better debug
them at log level 0 and may see them also in the syslog.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agolib/util: add generate_random_machine_password() function
Stefan Metzmacher [Tue, 23 Aug 2016 07:30:05 +0000 (09:30 +0200)]
lib/util: add generate_random_machine_password() function

It generates more random password for the use as machine password,
restricted to codepoints <= 0xFFFF in order to be compatible
with MIT krb5 and Heimdal.

Note: the fallback to ascii if 'unix charset' is not 'utf8'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agolibcli/auth: add netlogon_creds_cli_debug_string()
Stefan Metzmacher [Thu, 9 Feb 2017 20:47:52 +0000 (21:47 +0100)]
libcli/auth: add netlogon_creds_cli_debug_string()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agolibcli/auth: check E_md4hash() result in netlogon_creds_cli_ServerPasswordSet_send()
Stefan Metzmacher [Wed, 18 Jan 2017 19:02:21 +0000 (19:02 +0000)]
libcli/auth: check E_md4hash() result in netlogon_creds_cli_ServerPasswordSet_send()

We need to make sure we can convert the given string to an nthash.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agolibcli/auth: use the correct creds value against servers without LogonSamLogonEx
Stefan Metzmacher [Wed, 15 Feb 2017 07:58:20 +0000 (08:58 +0100)]
libcli/auth: use the correct creds value against servers without LogonSamLogonEx

If we use the credential chain we need to use the value from
netlogon_creds_client_authenticator() to make sure we have the current
value to encrypt in logon info.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12586

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agos3:winbindd: make sure cm_prepare_connection() only returns OK with a valid tree...
Stefan Metzmacher [Tue, 31 Jan 2017 14:19:00 +0000 (15:19 +0100)]
s3:winbindd: make sure cm_prepare_connection() only returns OK with a valid tree connect

If cm_get_ipc_credentials() returned anonymous creds and signing is required
we were returning the result of cm_get_ipc_credentials() instead of
the original error.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12588

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agolibrpc/rpc: fix regression in NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE error mapping
Stefan Metzmacher [Wed, 15 Feb 2017 07:07:06 +0000 (08:07 +0100)]
librpc/rpc: fix regression in NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE error mapping

Commit 1eef70872930fa4f9d3dedd23476b34cae638428 changed the mapping for
DCERPC_NCA_S_FAULT_INVALID_TAG from NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE
to NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12585

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agobuild:wafsamba: Remove ambiguous 'if x in conf.env' constructs
Thomas Nagy [Sat, 26 Mar 2016 13:35:52 +0000 (14:35 +0100)]
build:wafsamba: Remove ambiguous 'if x in conf.env' constructs

Configuration values such as HAVE_STDDEF_H can be set to 0
to indicate a test failure. Waf 1.5 has a few bugs that
prevent configuration tests from setting such values
consistently on failures.

Consequently, conditions such as 'if conf.env.VARNAME' must be
used to indicate that config test successes are expected.
Note that conf.env.VARNAME always returns an empty list (False value)
when no variable is defined so there are no risk of raising
AttributeError/KeyError exceptions.

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Tue Feb 21 13:47:07 CET 2017 on sn-devel-144

2 years agoAdd missing import of sys in ms_schema.py
Andrej [Thu, 19 Jan 2017 15:24:34 +0000 (16:24 +0100)]
Add missing import of sys in ms_schema.py

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2 years agodocs: Fix typo in man smb.conf.
Karolin Seeger [Mon, 20 Feb 2017 08:35:26 +0000 (09:35 +0100)]
docs: Fix typo in man smb.conf.

charactar -> character

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Feb 20 15:30:29 CET 2017 on sn-devel-144

2 years agoctdb: Do not leak fd handle in control_restoredb()
Andreas Schneider [Thu, 16 Feb 2017 15:55:35 +0000 (16:55 +0100)]
ctdb: Do not leak fd handle in control_restoredb()

Found by covscan.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12592

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Feb 17 18:43:16 CET 2017 on sn-devel-144

2 years agoctdb-daemon: Use sock_clean() to remove stale sockets
Amitay Isaacs [Mon, 30 Jan 2017 03:34:12 +0000 (14:34 +1100)]
ctdb-daemon: Use sock_clean() to remove stale sockets

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Feb 17 14:45:10 CET 2017 on sn-devel-144

2 years agoctdb-common: Refactor code to remove a stale socket
Amitay Isaacs [Mon, 30 Jan 2017 03:30:51 +0000 (14:30 +1100)]
ctdb-common: Refactor code to remove a stale socket

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2 years agoctdb-locking: Remove unnecessary global variable
Amitay Isaacs [Wed, 15 Feb 2017 00:56:01 +0000 (11:56 +1100)]
ctdb-locking: Remove unnecessary global variable

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2 years agoModify smbspool_krb5_wrapper to just fall through to smbspool if AUTH_INFO_REQUIRED...
Bryan Mason [Thu, 16 Feb 2017 06:57:42 +0000 (22:57 -0800)]
Modify smbspool_krb5_wrapper to just fall through to smbspool if AUTH_INFO_REQUIRED is not set or is not "negotiate".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12575

Signed-off-by: Bryan Mason <bmason@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 17 04:27:26 CET 2017 on sn-devel-144

2 years agos3: torture: Regression test for smbd trying to open an invalid symlink.
Jeremy Allison [Tue, 14 Feb 2017 20:59:58 +0000 (12:59 -0800)]
s3: torture: Regression test for smbd trying to open an invalid symlink.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12572

Pair-programmed-with: Ralph Boehme <slow@samba.org>

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 16 22:06:51 CET 2017 on sn-devel-144

2 years agos3: smbd: Don't loop infinitely on bad-symlink resolution.
Jeremy Allison [Wed, 15 Feb 2017 23:42:52 +0000 (15:42 -0800)]
s3: smbd: Don't loop infinitely on bad-symlink resolution.

In the FILE_OPEN_IF case we have O_CREAT, but not
O_EXCL. Previously we went into a loop trying first
~(O_CREAT|O_EXCL), and if that returned ENOENT
try (O_CREAT|O_EXCL). We kept looping indefinately
until we got an error, or the file was created or
opened.

The big problem here is dangling symlinks. Opening
without O_NOFOLLOW means both bad symlink
and missing path return -1, ENOENT from open(). As POSIX
is pathname based it's not possible to tell
the difference between these two cases in a
non-racy way, so change to try only two attempts before
giving up.

We don't have this problem for the O_NOFOLLOW
case as we just return NT_STATUS_OBJECT_PATH_NOT_FOUND
mapped from the ELOOP POSIX error and immediately
returned.

Unroll the loop logic to two tries instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12572

Pair-programmed-with: Ralph Boehme <slow@samba.org>

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agoWHATSNEW: Add link to known issues.
Karolin Seeger [Thu, 16 Feb 2017 09:28:40 +0000 (10:28 +0100)]
WHATSNEW: Add link to known issues.

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Feb 16 14:37:11 CET 2017 on sn-devel-144

2 years agoctdb-scripts: Initialise CTDB_NFS_CALLOUT in statd-callout
Martin Schwenke [Mon, 13 Feb 2017 22:04:41 +0000 (09:04 +1100)]
ctdb-scripts: Initialise CTDB_NFS_CALLOUT in statd-callout

Some configurations may set CTDB_NFS_CALLOUT to the empty string.
They may do this if they allow a choice of NFS implementations.  In
this case the default call-out for Linux kernel NFS should be used.
However, statd-callout does not call nfs_callout_init() to set the
default.  Therefore, statd-callout is unable to restart the lock
manager, so the grace period is never entered.

statd-callout must call nfs_callout_init() before trying to restart
the lock manager.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12589

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Thu Feb 16 09:21:03 CET 2017 on sn-devel-144

2 years agoctdb-tests: Add more comm tests
Amitay Isaacs [Tue, 7 Feb 2017 04:18:02 +0000 (15:18 +1100)]
ctdb-tests: Add more comm tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12580

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2 years agoctdb-common: Fix use-after-free error in comm_fd_handler()
Amitay Isaacs [Mon, 6 Feb 2017 04:54:55 +0000 (15:54 +1100)]
ctdb-common: Fix use-after-free error in comm_fd_handler()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12580

comm_write_send() creates a new tevent_req and adds it to the queue
of requests to be processed.  If this tevent_req is freed, then the
queue entry is not removed causing use-after-free error.

If the tevent_req returned by comm_write_send() is freed, then that
request should be removed from the queue and any pending actions based
on that request should also be removed.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2 years agodocs/vfs_ceph: document user_id parameter
David Disseldorp [Wed, 8 Feb 2017 16:49:43 +0000 (17:49 +0100)]
docs/vfs_ceph: document user_id parameter

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Feb 15 21:00:53 CET 2017 on sn-devel-144

2 years agovfs_ceph: add user_id smb.conf parameter
David Disseldorp [Wed, 8 Feb 2017 16:26:14 +0000 (17:26 +0100)]
vfs_ceph: add user_id smb.conf parameter

The "ceph: user_id" parameter can be specified in smb.conf to explicitly
set the Ceph client ID used when creating the mount handle.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agovfs_ceph: replace deprecated ceph_shutdown() call
David Disseldorp [Wed, 8 Feb 2017 16:51:32 +0000 (17:51 +0100)]
vfs_ceph: replace deprecated ceph_shutdown() call

ceph_shutdown() is the equivalent to ceph_unmount() + ceph_release()
without error handling.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agovfs_ceph: cleanup mount handle on failure
David Disseldorp [Wed, 8 Feb 2017 16:11:30 +0000 (17:11 +0100)]
vfs_ceph: cleanup mount handle on failure

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agolib: Fix "is_case_sensitive" in "ms_fnmatch_protocol"' callers
Volker Lendecke [Sun, 12 Feb 2017 19:12:10 +0000 (20:12 +0100)]
lib: Fix "is_case_sensitive" in "ms_fnmatch_protocol"' callers

In the optimization in f969be54417 I got the boolean flag "is_case_sensitive"
wrong. The behaviour was case *insensitive*, so all the flags should have been
"false", keeping the old behaviour.  While there, simplify "mask_match" in
source4 client.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Feb 15 11:40:32 CET 2017 on sn-devel-144

2 years agos3/rpc_server/mdssvc: add attribute "kMDItemContentType"
Ralph Boehme [Tue, 31 Jan 2017 15:09:55 +0000 (16:09 +0100)]
s3/rpc_server/mdssvc: add attribute "kMDItemContentType"

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12545

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Feb 15 06:20:52 CET 2017 on sn-devel-144

2 years agolib: Avoid an "includes.h"
Volker Lendecke [Fri, 20 Jan 2017 15:57:11 +0000 (16:57 +0100)]
lib: Avoid an "includes.h"

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowinbind: Fix a signed/unsigned mixup
Volker Lendecke [Tue, 24 Jan 2017 15:17:31 +0000 (16:17 +0100)]
winbind: Fix a signed/unsigned mixup

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolibsmb: Fix whitespace
Volker Lendecke [Tue, 24 Jan 2017 20:17:38 +0000 (21:17 +0100)]
libsmb: Fix whitespace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolib: Fix some whitespace
Volker Lendecke [Thu, 26 Jan 2017 11:51:24 +0000 (12:51 +0100)]
lib: Fix some whitespace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agosmbd: Fix some whitespace
Volker Lendecke [Thu, 9 Feb 2017 17:43:46 +0000 (18:43 +0100)]
smbd: Fix some whitespace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoauth3: Use NT_STATUS_EQUAL
Volker Lendecke [Sat, 11 Feb 2017 09:38:21 +0000 (10:38 +0100)]
auth3: Use NT_STATUS_EQUAL

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowinbind: Fix a typo
Volker Lendecke [Mon, 13 Feb 2017 09:14:24 +0000 (10:14 +0100)]
winbind: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoctdb: Only build test_mutex_raw.c on Linux
Volker Lendecke [Wed, 18 Jan 2017 11:58:19 +0000 (12:58 +0100)]
ctdb: Only build test_mutex_raw.c on Linux

This is pretty glibc on Linux specific. FreeBSD 11 also has
robust mutexes and can't build this.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agosmbd: Fix some whitespace
Volker Lendecke [Thu, 9 Feb 2017 18:13:21 +0000 (19:13 +0100)]
smbd: Fix some whitespace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agosmbd: Make "create_file_sids" static
Volker Lendecke [Wed, 8 Feb 2017 14:19:54 +0000 (15:19 +0100)]
smbd: Make "create_file_sids" static

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agorpc_server: Fix a typo
Volker Lendecke [Sun, 29 Jan 2017 11:05:12 +0000 (11:05 +0000)]
rpc_server: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agopython/tests: improve samba-tool replicate --local test
Bob Campbell [Fri, 27 Jan 2017 02:22:27 +0000 (15:22 +1300)]
python/tests: improve samba-tool replicate --local test

It now makes sure that we only replicate incremental changes.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 15 01:21:06 CET 2017 on sn-devel-144

2 years agopython/tests: move samba_tool_drs test to proper place
Bob Campbell [Fri, 27 Jan 2017 01:46:36 +0000 (14:46 +1300)]
python/tests: move samba_tool_drs test to proper place

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agosamba-tool/drs: do partial replication when --local is given by default
Bob Campbell [Thu, 26 Jan 2017 21:40:59 +0000 (10:40 +1300)]
samba-tool/drs: do partial replication when --local is given by default

The samba-tool drs replicate --local command would previously always do
a full replication. This changes it to only replicate changes it doesn't
have according to appropriate highwatermark if the appropriate repsFrom
attribute exists in the local database, or an uptodateness_vector if one
exists.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>

2 years agopydsdb: Add python binding for dsdb_load_udv_v2
Bob Campbell [Wed, 8 Feb 2017 22:22:08 +0000 (11:22 +1300)]
pydsdb: Add python binding for dsdb_load_udv_v2

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agodrs_utils: use a given highwatermark and uptodateness_vector in replicate()
Bob Campbell [Thu, 26 Jan 2017 21:40:19 +0000 (10:40 +1300)]
drs_utils: use a given highwatermark and uptodateness_vector in replicate()

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>

2 years agodrs_utils: return number of replicated objects and links in replicate()
Bob Campbell [Thu, 26 Jan 2017 21:18:21 +0000 (10:18 +1300)]
drs_utils: return number of replicated objects and links in replicate()

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>

2 years agovfs_fruit: fix resource fork xattr name
Ralph Boehme [Sun, 12 Feb 2017 08:05:50 +0000 (09:05 +0100)]
vfs_fruit: fix resource fork xattr name

Fix resource fork xattr name broken in
e4d1f8354f97ab9007e4c5f7d164937bdc5cd6f1.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Feb 14 21:26:01 CET 2017 on sn-devel-144

2 years agos3-waf: remove duplicate ctags definition
Günther Deschner [Mon, 23 Jan 2017 15:45:53 +0000 (16:45 +0100)]
s3-waf: remove duplicate ctags definition

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Feb 14 17:38:34 CET 2017 on sn-devel-144

2 years agotests/ndrdump: Add a test for --hex-input
Garming Sam [Thu, 8 Dec 2016 21:50:38 +0000 (10:50 +1300)]
tests/ndrdump: Add a test for --hex-input

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 14 13:39:01 CET 2017 on sn-devel-144

2 years agondrdump: Add the option --hex-input for hexdump parsing
Cody Harrington [Sat, 27 Aug 2016 15:01:18 +0000 (03:01 +1200)]
ndrdump: Add the option --hex-input for hexdump parsing

This allows the user to input a hexdump that has been generated by the dump option.

Signed-off-by: Cody Harrington <cody@harringtonca.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agojoin.py: Correctly print an error in DsAddEntry when .info is None
Andrew Bartlett [Sat, 11 Feb 2017 06:34:09 +0000 (19:34 +1300)]
join.py: Correctly print an error in DsAddEntry when .info is None

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agopython: Use generated WERROR definitions
Bob Campbell [Sun, 12 Feb 2017 22:12:54 +0000 (11:12 +1300)]
python: Use generated WERROR definitions

Previously we either defined WERRORs locally or compared them against
strings where we needed to use them.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agoerrors: add WERROR generation to build system
Bob Campbell [Thu, 19 Jan 2017 23:24:53 +0000 (12:24 +1300)]
errors: add WERROR generation to build system

Parts of doserr.c and werror.h are now generated into werror_gen.c and
werror_gen.h, respectively. Also, py_werror.c is now generated.

Some errors were not included in the list which we now generate WERRORs
from. These errors have been manually included.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agoerrors: add table to generate WERRORs from
Bob Campbell [Thu, 12 Jan 2017 21:58:09 +0000 (10:58 +1300)]
errors: add table to generate WERRORs from

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agoerrors: generate error codes for WERROR
Bob Campbell [Thu, 12 Jan 2017 21:22:16 +0000 (10:22 +1300)]
errors: generate error codes for WERROR

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agoerrors: pull out code into common file
Bob Campbell [Thu, 19 Jan 2017 23:11:30 +0000 (12:11 +1300)]
errors: pull out code into common file

This is a precursor to generating other types of errors.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agosamba-tool/domain: catch NTSTATUSError rather than RuntimeError
Bob Campbell [Thu, 12 Jan 2017 23:10:15 +0000 (12:10 +1300)]
samba-tool/domain: catch NTSTATUSError rather than RuntimeError

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agosamba-tool/domain: use generated ntstatus rather than from local file
Bob Campbell [Thu, 12 Jan 2017 23:20:30 +0000 (12:20 +1300)]
samba-tool/domain: use generated ntstatus rather than from local file

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agosamba-tool/domain: change incorrect NT_STATUS to WERR
Bob Campbell [Thu, 12 Jan 2017 23:21:42 +0000 (12:21 +1300)]
samba-tool/domain: change incorrect NT_STATUS to WERR

Since the called functions here return a WERR rather than an NTSTATUS,
the checked for errors were incorrect.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agopython: Add python module with NTSTATUS constants
Bob Campbell [Thu, 12 Jan 2017 02:33:45 +0000 (15:33 +1300)]
python: Add python module with NTSTATUS constants

This has been generated by gen_ntstatus.py

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agoerrors: add gen_ntstatus.py to build system
Bob Campbell [Thu, 12 Jan 2017 02:33:45 +0000 (15:33 +1300)]
errors: add gen_ntstatus.py to build system

nterr_gen.c, ntstatus_gen.h and py_ntstatus.c are now generated files.
Errors which are now generated have been removed from nterr.c and
ntstatus.h. Errors which existed previously but are not in the table we
generated from have been manually added.

Some errors are incorrectly named; e.g. STATUS_MORE_ENTRIES should be
NT_STATUS_MORE_ENTRIES. These are simply remapped to the correct names.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agoerrors/gen_ntstatus: add error table for generation script
Bob Campbell [Thu, 12 Jan 2017 01:58:28 +0000 (14:58 +1300)]
errors/gen_ntstatus: add error table for generation script

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agoerrors/gen_ntstatus: generate error codes in specified files
Bob Campbell [Thu, 12 Jan 2017 00:20:37 +0000 (13:20 +1300)]
errors/gen_ntstatus: generate error codes in specified files

Previously, we would append new errors on to the existing ntstatus.h and
nterr.c. We can now specify which files to write to, and it will write
all errors to those files.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agogen_ntstatus.py: Add prototype to generated py_ntstatus.c
Andrew Bartlett [Tue, 31 Jan 2017 22:55:39 +0000 (11:55 +1300)]
gen_ntstatus.py: Add prototype to generated py_ntstatus.c

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agoerrors: fix "generate python error codes for NTSTATUS"
Bob Campbell [Thu, 12 Jan 2017 01:39:52 +0000 (14:39 +1300)]
errors: fix "generate python error codes for NTSTATUS"

Fixups according to feedback on the list.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agoerrors: generate python error codes for NTSTATUS
Günther Deschner [Tue, 27 Sep 2016 18:31:58 +0000 (20:31 +0200)]
errors: generate python error codes for NTSTATUS

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agorepl_meta_data: Remove the correct forward link for dn+binary attributes
Andrew Bartlett [Mon, 12 Oct 2015 02:51:37 +0000 (15:51 +1300)]
repl_meta_data: Remove the correct forward link for dn+binary attributes

The previous code assumed that only plain DNs could be linked attributes.

We need to look over the list of attribute values and find the value
that causes this particular backlink to exist, so we can remove it.

We do not know (until we search) of the binary portion, so we must
search over all the attribute values at this layer, using the
parsed_dn_find() routine used elsewhere in this code.

Found attempting to demote an RODC in a clone of a Windows 2012R2
domain, due to the msDS-RevealedUsers attribute.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 14 06:14:35 CET 2017 on sn-devel-144

2 years agorepl_meta_data: Add comment with some future improvements
Andrew Bartlett [Mon, 13 Feb 2017 23:11:19 +0000 (12:11 +1300)]
repl_meta_data: Add comment with some future improvements

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agorepl_meta_data: Always sort the links when upgrading them
Andrew Bartlett [Mon, 13 Feb 2017 23:08:35 +0000 (12:08 +1300)]
repl_meta_data: Always sort the links when upgrading them

This allows us to know that the output of get_parsed_dns_trusted() is sorted, as an
upgraded attribute of FL2000 links would not otherwise be sorted in the DB

This allows us to delete linked objects that have a forward link from a
FL2000 style linked attribute once the DN+Binary patches land.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agorepl_meta_data: Bring replmd_check_upgrade_links() into get_parsed_dns_trusted()
Andrew Bartlett [Mon, 13 Feb 2017 22:59:13 +0000 (11:59 +1300)]
repl_meta_data: Bring replmd_check_upgrade_links() into get_parsed_dns_trusted()

This eliminates a lot of duplicate code and allows us to know that we will
have a set of FL2003 style links in the parsed DNs to operate on

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agopython/tests: Add test for generated and duplicate mAPIIDs
Bob Campbell [Tue, 7 Feb 2017 22:55:32 +0000 (11:55 +1300)]
python/tests: Add test for generated and duplicate mAPIIDs

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agosamldb: Allow automatic generation of mAPIIDs
Bob Campbell [Tue, 7 Feb 2017 22:40:32 +0000 (11:40 +1300)]
samldb: Allow automatic generation of mAPIIDs

This allows us to conform to MS-ADTS 3.1.1.2.3.2, where the OID
1.2.840.113556.1.2.49 can be specified as the mAPIID of a new attribute
in the schema in order to automatically assign it an unused mAPIID.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agotorture/drs: Add a test for dn+binary linked attributes
Bob Campbell [Thu, 2 Feb 2017 21:34:14 +0000 (10:34 +1300)]
torture/drs: Add a test for dn+binary linked attributes

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139

2 years agotorture/drs: run repl_schema in vampire_2000_dc environment as well
Bob Campbell [Thu, 2 Feb 2017 21:33:54 +0000 (10:33 +1300)]
torture/drs: run repl_schema in vampire_2000_dc environment as well

This will be necessary as linked attributes are handled differently in
Windows 2000.

We also only check msDS-IntId if we have a functional level of > Windows
2000, as this attribute is not present on lower domain function levels.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139

2 years agoselftest: add vampire_2000_dc environment
Bob Campbell [Tue, 7 Feb 2017 20:16:41 +0000 (09:16 +1300)]
selftest: add vampire_2000_dc environment

This is the equivalent of vampire_dc, but using a domain functional
level of DS_DOMAIN_FUNCTION_2000.

Using this functional level is useful for tests involving replication
and linked attributes, as they behave differently at it.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>

2 years agopython/tests: add test for generated and duplicate linkIDs
Bob Campbell [Wed, 1 Feb 2017 20:46:26 +0000 (09:46 +1300)]
python/tests: add test for generated and duplicate linkIDs

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139

2 years agotorture/drs: generate linkID for test rather than specifying
Bob Campbell [Tue, 7 Feb 2017 02:42:29 +0000 (15:42 +1300)]
torture/drs: generate linkID for test rather than specifying

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139

2 years agosamldb: Allow automatic generation of linkIDs and prevent duplicates
Bob Campbell [Tue, 31 Jan 2017 22:54:40 +0000 (11:54 +1300)]
samldb: Allow automatic generation of linkIDs and prevent duplicates

As per MS-ADTS 3.1.1.2.3.1, this allows specifying the OID
1.2.840.113556.1.2.50 as the linkID of a new linked attribute in the
schema in order to automatically assign it an unused even linkID.

Specifying the attributeID or ldapDisplayName of an existing forward
link will now also add the new linked attribute as the backlink of that
existing link.

This also prevents adding duplicate linkIDs. Previously, we could run
into issues when trying to delete backlinks with duplicate linkIDs.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11139

2 years agowaf: Do not install the unit test binary for krb5samba
Andreas Schneider [Wed, 1 Feb 2017 14:53:44 +0000 (15:53 +0100)]
waf: Do not install the unit test binary for krb5samba

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12552

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Feb 13 14:17:39 CET 2017 on sn-devel-144

2 years agodbcheck-links: Test that dbcheck against one-way links does not error
Garming Sam [Wed, 8 Feb 2017 02:24:14 +0000 (15:24 +1300)]
dbcheck-links: Test that dbcheck against one-way links does not error

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12577
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb 13 07:33:08 CET 2017 on sn-devel-144

2 years agodbcheck: Do not regard old one-way-links as errors
Andrew Bartlett [Thu, 2 Feb 2017 03:27:35 +0000 (16:27 +1300)]
dbcheck: Do not regard old one-way-links as errors

Samba does not maintain one way links when the target is deleted or renamed
so do not fail dbcheck because of such links, but allow them to be updated.

This matters because administrators and make test expect that normal Samba
operation do NOT cause the database to become corrupt, and any error from
dbcheck tends to trigger alarms (or test failures).

If an object pointed at by a one way link is renamed or deleted in normal
operations (such as intersiteTopologyGenerator pointing at a demoted DC),
or make test, then this could trigger.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12577

2 years agolib/util: Remove ntstatus.h and string_wrappers.h include from samba_util.h
Andrew Bartlett [Wed, 1 Feb 2017 01:13:28 +0000 (14:13 +1300)]
lib/util: Remove ntstatus.h and string_wrappers.h include from samba_util.h

These are not low-level headers that we need everywhere.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Feb 11 11:40:45 CET 2017 on sn-devel-144

2 years agodebug: Do not depend on the whole of samba_util.h
Andrew Bartlett [Wed, 1 Feb 2017 00:58:46 +0000 (13:58 +1300)]
debug: Do not depend on the whole of samba_util.h

By depending only on util_strlist.h and blocking.h we avoid pulling in the
generated NTSTATUS list for this low-level subsystem

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agotorture/ntlm_auth: do not assume a line is less than 2047 bytes
Bob Campbell [Wed, 18 Jan 2017 02:55:49 +0000 (15:55 +1300)]
torture/ntlm_auth: do not assume a line is less than 2047 bytes

These tests would fail when ran in our cloud. This was due to lines that
were more than 2047 bytes in length, causing us to fail readLine with a
ReadChildError. This fix lets it read lines of any length, but in 2047
byte segments.

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agosamba-tool: Correct handling of default value for use_ntvfs and use_xattrs
Andrew Bartlett [Mon, 30 Jan 2017 02:34:09 +0000 (15:34 +1300)]
samba-tool: Correct handling of default value for use_ntvfs and use_xattrs

Because these options are optional based on build-time rules, we need to encode the
default value from the additonal Option() blocks in the run() declaration.

Then we can correctly check only for the expected options, and not inconsistently for
None (causing classicupgrade to fail).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12543
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2 years agos3/util: mvxattr, a tool to rename extended attributes
Ralph Boehme [Fri, 3 Feb 2017 13:57:45 +0000 (14:57 +0100)]
s3/util: mvxattr, a tool to rename extended attributes

Usage: mvxattr -s STRING -d STRING PATH [PATH ...]
  -s, --from=STRING         xattr source name
  -d, --to=STRING           xattr destination name
  -l, --follow-symlinks     follow symlinks, the default is to ignore them
  -p, --print               print files where the xattr got renamed
  -v, --verbose             print files as they are checked
  -f, --force               force overwriting of destination xattr

Help options:
  -?, --help            Show this help message
  --usage               Display brief usage message

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 10 22:24:59 CET 2017 on sn-devel-144

2 years agolib/replace: validate xattr namespace prefix on FreeBSD
Ralph Boehme [Fri, 3 Feb 2017 17:08:12 +0000 (18:08 +0100)]
lib/replace: validate xattr namespace prefix on FreeBSD

We should validate the xattr name string ensuring it either begins with
"sytem." or "user.". If it doesn't, we should fail the request with
EINVAL.

The FreeBSD xattr API uses namespaces but doesn't put the namespace name
as a string prefix at the beginning of the xattr name. It gets passed as
an additional int arg instead.

On the other hand, our libreplace xattr API expects the caller to put a
namespace prefix into the xattr name.

Unfortunately the conversion and stripping of the namespace string prefix
from the xattr name gives the following unexpected result on FreeBSD:

rep_setxattr("foo.bar", ...) => xattr with name "bar"

The code checks if the name begins with "system.", if it doesn't find
it, it defaults to the user namespace and then does a strchr(name, '.')
which skips *any* leading string before the first dot.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agovfs_fruit: cleanup metadata and resource xattr name defines
Ralph Boehme [Fri, 3 Feb 2017 15:43:26 +0000 (16:43 +0100)]
vfs_fruit: cleanup metadata and resource xattr name defines

Just some cleanup, no change in behaviour. This also removes the hokey
tag. :)

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agovfs_fruit: correct Netatalk metadata xattr on FreeBSD
Ralph Boehme [Fri, 3 Feb 2017 15:33:00 +0000 (16:33 +0100)]
vfs_fruit: correct Netatalk metadata xattr on FreeBSD

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12490

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agomessaging_dgm: avoid GCC snprintf warnings in messaging_dgm_out_create
Andrew Bartlett [Thu, 9 Feb 2017 01:03:33 +0000 (14:03 +1300)]
messaging_dgm: avoid GCC snprintf warnings in messaging_dgm_out_create

We are trying to put something that (in theory) could be 109 bytes
long, into the sockaddr_un.sun_path field which has a fixed size of
108 bytes. The "in theory" part is that one of the components is a
pid, which although stored as 32 bits is in practice 16 bits, so the
maximum size is not actually hit.

This is all very annoying, because the length is checked anyway and
all this achieves is silencing a warning.

Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Feb 10 09:05:31 CET 2017 on sn-devel-144