samba.git
2 years agolib: Remove poll_funcs
Volker Lendecke [Wed, 28 Sep 2016 21:44:03 +0000 (14:44 -0700)]
lib: Remove poll_funcs

unix_msg was the only user

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolib: Remove unix_msg
Volker Lendecke [Wed, 28 Sep 2016 21:35:21 +0000 (14:35 -0700)]
lib: Remove unix_msg

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agomessages_dgm: Convert to pthreadpool_tevent
Volker Lendecke [Fri, 9 Sep 2016 14:51:00 +0000 (16:51 +0200)]
messages_dgm: Convert to pthreadpool_tevent

This itself adds a lot of code, however it removes the unix_msg library.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agopthreadpool: Add a small test for pthreadpool_tevent
Volker Lendecke [Fri, 9 Sep 2016 14:42:05 +0000 (16:42 +0200)]
pthreadpool: Add a small test for pthreadpool_tevent

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agopthreadpool_tevent: Drop running jobs on talloc_free
Volker Lendecke [Fri, 9 Sep 2016 11:28:51 +0000 (13:28 +0200)]
pthreadpool_tevent: Drop running jobs on talloc_free

Enable us to destroy a pthreadpool_tevent structure with active jobs

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agopthreadpool_tevent: Move the pthreadpool_tevent_job_state declaration
Volker Lendecke [Fri, 9 Sep 2016 11:27:13 +0000 (13:27 +0200)]
pthreadpool_tevent: Move the pthreadpool_tevent_job_state declaration

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agopthreadpool_pipe: Implement EBUSY for _destroy
Volker Lendecke [Fri, 9 Sep 2016 13:18:41 +0000 (15:18 +0200)]
pthreadpool_pipe: Implement EBUSY for _destroy

Restore EBUSY on pthreadpool_pipe_destroy.

We need to count jobs in pthreadpool_pipe so that pthreadpool can exit with
active jobs. Unfortunately this makes pthreadpool_pipe_add_job non-threadsafe.
We could add mutexes around "num_jobs", but this would mean another set of
pthread_atfork functions. As we don't use threaded pthreadpool_pipe_add_job
except in the tests, just remove the tests...

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agopthreadpool: Use detached threads
Volker Lendecke [Fri, 9 Sep 2016 11:07:57 +0000 (13:07 +0200)]
pthreadpool: Use detached threads

So far we used joinable threads. This prevented pthreadpool_destroy with
blocked threads. This patch converts pthreadpool to detached threads. Now
pthreadpool_destroy does not have to wait for the idle threads to finish, it
can immediately return. pthreadpool_destroy will tell all threads to exit, and
the last active thread will actually free(pthreadpool).

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agopthreadpool: Make "shutdown" a bool
Volker Lendecke [Wed, 7 Sep 2016 18:37:21 +0000 (20:37 +0200)]
pthreadpool: Make "shutdown" a bool

Just a small cleanup

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agotevent: Make talloc_free safe when threaded_contexts exist
Volker Lendecke [Wed, 7 Sep 2016 18:25:36 +0000 (20:25 +0200)]
tevent: Make talloc_free safe when threaded_contexts exist

I did not find a way to do this safely without a mutex per threaded_context.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agotevent: Add tevent_common_wakeup_fd()
Volker Lendecke [Wed, 7 Sep 2016 17:47:55 +0000 (19:47 +0200)]
tevent: Add tevent_common_wakeup_fd()

This prepares tevent run-down with active threads.

It has the advantage to not depend on talloc'ed structs. It is needed to make
talloc_free(tevent_context) safe when tevent_threaded_contexts are still
around.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agotevent: Rename wakeup fds
Volker Lendecke [Wed, 7 Sep 2016 17:17:21 +0000 (19:17 +0200)]
tevent: Rename wakeup fds

This makes the reading end of the signalling pipe special: If we have eventfd,
this is the same as the write fd. Without eventfd, it will have to be a
separate fd. This moves the requirement to #ifdef from the writing end to the
reading end. Why? We'll use the writing end somewhere else too soon, and this
patch avoids an #ifdef in that new place.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agotevent: Add tevent_update_timer()
Volker Lendecke [Wed, 31 Aug 2016 13:39:59 +0000 (15:39 +0200)]
tevent: Add tevent_update_timer()

This will be a quicker way to time out sending sockets in messaging_dgm. Right
now cleanup of out-sockets is a bit coarse. The ideal would be to kill a socket
after being idle n seconds. This would mean to free and re-install a timer on
every packet. tevent_update_timer will be quite a bit cheaper.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agotevent: Factor out tevent_common_insert_timer
Volker Lendecke [Wed, 31 Aug 2016 13:03:16 +0000 (15:03 +0200)]
tevent: Factor out tevent_common_insert_timer

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agomessaging4: Fix signed/unsigned hickups
Volker Lendecke [Sat, 24 Sep 2016 01:43:04 +0000 (18:43 -0700)]
messaging4: Fix signed/unsigned hickups

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoREADME.Coding: Add clang-format style file
Uri Simchoni [Sun, 2 Oct 2016 17:41:45 +0000 (20:41 +0300)]
README.Coding: Add clang-format style file

Add how the coding style is represented in clang-format directives.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct  4 05:43:18 CEST 2016 on sn-devel-144

2 years agoREADME.Coding: Add rule about function declaration indentation
Uri Simchoni [Sun, 2 Oct 2016 17:40:06 +0000 (20:40 +0300)]
README.Coding: Add rule about function declaration indentation

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoREADME.Coding: Remove an extra space
Uri Simchoni [Sun, 2 Oct 2016 17:37:37 +0000 (20:37 +0300)]
README.Coding: Remove an extra space

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agosmbcquotas: add -m option
Uri Simchoni [Tue, 20 Sep 2016 15:51:00 +0000 (18:51 +0300)]
smbcquotas: add -m option

Add the "standard" -m command line option that controls max
client protocol.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: support setting file system quota via SMB2
Uri Simchoni [Wed, 21 Sep 2016 22:03:41 +0000 (01:03 +0300)]
cliquota: support setting file system quota via SMB2

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: factor out building of FILE_FS_CONTROL_INFORMATION
Uri Simchoni [Wed, 21 Sep 2016 20:58:33 +0000 (23:58 +0300)]
cliquota: factor out building of FILE_FS_CONTROL_INFORMATION

add a service routine that builds FILE_FS_CONTROL_INFORMATION
with default quota and flags. This will be reused by SMB2 and
by server code.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: support setting user quota via SMB2
Uri Simchoni [Wed, 21 Sep 2016 16:35:39 +0000 (19:35 +0300)]
cliquota: support setting user quota via SMB2

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: factor out building of FILE_QUOTA_INFORMATION
Uri Simchoni [Wed, 21 Sep 2016 15:37:40 +0000 (18:37 +0300)]
cliquota: factor out building of FILE_QUOTA_INFORMATION

Add a function to build a FILE_QUOTA_INFORMATION buffer
out of a quota list, and a function that adds a record
to a quota list.

Some parameters of the new functions are unused by
client code, but will be used by server code.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: support getting fs quota by SMB2
Uri Simchoni [Tue, 20 Sep 2016 03:46:28 +0000 (06:46 +0300)]
cliquota: support getting fs quota by SMB2

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: factor out fs quota parsing
Uri Simchoni [Tue, 20 Sep 2016 03:45:03 +0000 (06:45 +0300)]
cliquota: factor out fs quota parsing

This code will be reused by SMB2 code.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: implement quota listing in SMB2
Uri Simchoni [Mon, 19 Sep 2016 19:17:10 +0000 (22:17 +0300)]
cliquota: implement quota listing in SMB2

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: factor out parsing of a quota record buffer
Uri Simchoni [Mon, 19 Sep 2016 18:14:01 +0000 (21:14 +0300)]
cliquota: factor out parsing of a quota record buffer

In preparation for SMB2 support, take parsing of the return
buffer into a separate function.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: some security hardening
Uri Simchoni [Mon, 19 Sep 2016 15:24:58 +0000 (18:24 +0300)]
cliquota: some security hardening

Add some checks for validity of the offset in
the return buffer.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: refactor and cleanup listing of user quotas
Uri Simchoni [Sun, 18 Sep 2016 08:13:16 +0000 (11:13 +0300)]
cliquota: refactor and cleanup listing of user quotas

Split cli_list_user_quota into an outer loop function and
an inner loop function.

This simplifies the code somewhat, paves the way for SMB2
support, and fixes a couple of memory leaks in error
conditions. No functional changes.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos3-libsmb: support getting user's quota in SMB2
Uri Simchoni [Mon, 12 Sep 2016 19:38:15 +0000 (22:38 +0300)]
s3-libsmb: support getting user's quota in SMB2

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos3-libsmb: make parse_user_quota_record() public
Uri Simchoni [Mon, 12 Sep 2016 19:33:12 +0000 (22:33 +0300)]
s3-libsmb: make parse_user_quota_record() public

For reuse by SMB2 client code.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos3-libsmb: Support getting fs attributes via SMB2
Uri Simchoni [Tue, 20 Sep 2016 11:32:06 +0000 (14:32 +0300)]
s3-libsmb: Support getting fs attributes via SMB2

Add a wrapper function arounf GET_INFO to obtain
file system attributes, and plumb it in.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agosmbd: free talloc context if no quota records are available
Uri Simchoni [Sun, 18 Sep 2016 08:05:23 +0000 (11:05 +0300)]
smbd: free talloc context if no quota records are available

When generating a list of user quota records, free the memory
context that controls this list if the list is empty. Otherwise,
the context remains unreferenced and memory is leaked.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12289

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocliquota: fix param count when setting fs quota
Uri Simchoni [Thu, 22 Sep 2016 13:06:12 +0000 (16:06 +0300)]
cliquota: fix param count when setting fs quota

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12288

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agontquotas: support "freeing" an empty quota list
Uri Simchoni [Sun, 18 Sep 2016 08:09:54 +0000 (11:09 +0300)]
ntquotas: support "freeing" an empty quota list

This avoids dereferencing a null pointer if there's
an attempt to free an empty list.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12307

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agosmbcquotas: fix error message listing quotas
Uri Simchoni [Fri, 16 Sep 2016 19:01:46 +0000 (22:01 +0300)]
smbcquotas: fix error message listing quotas

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12270

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos3-cliquota: correctly handle no-more-entries
Uri Simchoni [Fri, 16 Sep 2016 18:57:50 +0000 (21:57 +0300)]
s3-cliquota: correctly handle no-more-entries

When listing quota records, a Windows server would
return STATUS_SUCCESS until no more entries are available,
where it would return STATUS_NO_MORE_ENTRIES.

The fix keeps old behavior of empty answer also signifying
end of record, to maintain compatibility with Samba servers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12270

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos3/winbindd: using default domain with user@domain.com format fails
Noel Power [Tue, 20 Sep 2016 10:49:49 +0000 (11:49 +0100)]
s3/winbindd: using default domain with user@domain.com format fails

For example for samba client joined to a windows AD DC the following
commands fail if 'winbind use default domain = yes'
   getent passwd user@domain.com
   ssh -o user=user@domain.com localhost

The same commands succeed if the setting above has the default 'no' value

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12298

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Oct  3 23:37:44 CEST 2016 on sn-devel-144

2 years agoAdd a blackbox tests for id & getent to test domain@realm type credentials
Noel Power [Thu, 29 Sep 2016 15:50:58 +0000 (16:50 +0100)]
Add a blackbox tests for id & getent to test domain@realm type credentials

Using domain@realm credentials has been problematic when
global conf setting "winbind use default domain" is enabled, this patch
creates a new s4member_dflt_domain environment (where
"winbind use default domain" is enabled) and runs getent & id against the
normal s4member & and new s4member_dflt_domain environments

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12298

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agodbwrap_watch: Improve a debug message
Volker Lendecke [Tue, 20 Sep 2016 17:52:46 +0000 (10:52 -0700)]
dbwrap_watch: Improve a debug message

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoheimdal: revert 1f90983324b9f5804dc57f87c5f7695b0e53db8d
Uri Simchoni [Fri, 23 Sep 2016 16:28:10 +0000 (19:28 +0300)]
heimdal: revert 1f90983324b9f5804dc57f87c5f7695b0e53db8d

A different version has gone upstream, fixing the problem
elsewhere.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Oct  3 11:12:29 CEST 2016 on sn-devel-144

2 years agoheimdal-lib/krb5: keep a copy of config etypes in the context
Uri Simchoni [Fri, 30 Sep 2016 17:18:14 +0000 (20:18 +0300)]
heimdal-lib/krb5: keep a copy of config etypes in the context

When reading configuration file, keep an extra copy of
the encryption types, and use this when resetting the
encryption types to default.

GSSAPI always resets the enctypes to default before obtaining
a TGS, because the enctypes might have previously altered,
so this prevents changing the etypes from the configured ones
to the full set of supported etypes.

The same patch has gone into upstream heimdal as commit
a3bece1. It is a different solution to the problem fixed
here by commit 1f90983, so this commit will be reverted next
to keep compatibility with uptream.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agobug 12293: stop group.py throwing errors if group is unknown
Rowland Penny [Wed, 28 Sep 2016 18:28:23 +0000 (19:28 +0100)]
bug 12293: stop group.py throwing errors if group is unknown

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12293

Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Sep 30 05:53:17 CEST 2016 on sn-devel-144

2 years agobug 12292: stop user.py throwing errors if user is unknown
Rowland Penny [Wed, 28 Sep 2016 14:39:52 +0000 (15:39 +0100)]
bug 12292: stop user.py throwing errors if user is unknown

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12292

Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2 years agowinbind: Fix passing idmap failure from wb_sids2xids back to callers
Christof Schmitt [Mon, 26 Sep 2016 21:27:28 +0000 (14:27 -0700)]
winbind: Fix passing idmap failure from wb_sids2xids back to callers

If the idmap call in wb_sids2xids fails, the callers expect xid.type to
be set to ID_TYPE_NOT_SPECIFIED, not the internal type field that is
initialized from the lookupsids call.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12295

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 30 02:10:29 CEST 2016 on sn-devel-144

2 years agoidmap_ad: Fix retrieving credentials from clustered secrets.tdb
Christof Schmitt [Mon, 26 Sep 2016 21:40:28 +0000 (14:40 -0700)]
idmap_ad: Fix retrieving credentials from clustered secrets.tdb

cli_credentials_set_machine_account only reads from a local tdb. Change
that call to cli_credentials_set_machine_account_db_ctx to fix this for
clustered Samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12295

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos3: winbind: Trust name2sid mappings from the PAC.
Jeremy Allison [Wed, 28 Sep 2016 18:26:04 +0000 (11:26 -0700)]
s3: winbind: Trust name2sid mappings from the PAC.

Don't refresh sequence number in parent as the
mapping comes from a trusted DC.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2 years agos4-kdc: Fix Coverity ID #1373385 (OVERRUN)
Günther Deschner [Tue, 27 Sep 2016 16:34:38 +0000 (18:34 +0200)]
s4-kdc: Fix Coverity ID #1373385 (OVERRUN)

Guenther

Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Sep 29 22:16:52 CEST 2016 on sn-devel-144

2 years agos4-kdc: Fix Coverity ID #1373386 (Resource Leak)
Günther Deschner [Tue, 27 Sep 2016 16:30:29 +0000 (18:30 +0200)]
s4-kdc: Fix Coverity ID #1373386 (Resource Leak)

Guenther

Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
2 years agoautobuild: add system-mitkrb5 build environment.
Günther Deschner [Mon, 26 Sep 2016 00:46:56 +0000 (02:46 +0200)]
autobuild: add system-mitkrb5 build environment.

We finally need to make sure the build with MIT Kerberos does not break all the
time.

Guenther

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2 years agogensec_krb5: Implement smb_krb5_rd_req_decoded() with MIT Kerberos
Andreas Schneider [Thu, 11 Aug 2016 09:29:53 +0000 (11:29 +0200)]
gensec_krb5: Implement smb_krb5_rd_req_decoded() with MIT Kerberos

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Sep 29 11:56:41 CEST 2016 on sn-devel-144

2 years agogensec_krb5: Create a MIT Kerberos gensec_krb5_session_info()
Andreas Schneider [Fri, 12 Aug 2016 07:21:42 +0000 (09:21 +0200)]
gensec_krb5: Create a MIT Kerberos gensec_krb5_session_info()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2 years agos3: winbind: refresh_sequence_number is only ever called with 'false'.
Jeremy Allison [Wed, 28 Sep 2016 17:12:36 +0000 (10:12 -0700)]
s3: winbind: refresh_sequence_number is only ever called with 'false'.

Remove redundant parameter.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2 years agomit: make it possible to build with MIT kerberos and --picky-developer
Günther Deschner [Wed, 28 Sep 2016 17:19:06 +0000 (19:19 +0200)]
mit: make it possible to build with MIT kerberos and --picky-developer

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agolib: Annotate well known SID names
Steve French [Tue, 27 Sep 2016 02:12:07 +0000 (21:12 -0500)]
lib: Annotate well known SID names

Add Samba specific well known SIDs for
Unix UID and GID owner.

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
2 years agos3: auth: Use wbcAuthenticateUserEx to prime the caches.
Jeremy Allison [Tue, 27 Sep 2016 00:07:44 +0000 (17:07 -0700)]
s3: auth: Use wbcAuthenticateUserEx to prime the caches.

Idea by Volker - use WBC_AUTH_USER_LEVEL_PAC to pass
the PAC to winbind from smbd on auth, this allows
winbind to prime the user info via netsamlogon_cache_store()
and the name2sid cache *before* smbd looks up the user.

Note that as this is merely a cache prime having
winbind not available is not an error.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11259

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 28 22:45:27 CEST 2016 on sn-devel-144

2 years agos3: winbind: Make WBC_AUTH_USER_LEVEL_PAC prime the name2sid cache.
Jeremy Allison [Tue, 27 Sep 2016 22:04:49 +0000 (15:04 -0700)]
s3: winbind: Make WBC_AUTH_USER_LEVEL_PAC prime the name2sid cache.

In addition to priming the netsamlogon cache.

This prevents a winbind AD-DC lookup for something
the PAC already told us.

Note we only do this in the case where the PAC successfully
passed signature verification.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11259

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2 years agolib: Fix bug 12291
Volker Lendecke [Tue, 27 Sep 2016 17:08:18 +0000 (10:08 -0700)]
lib: Fix bug 12291

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12291
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Sep 28 19:01:02 CEST 2016 on sn-devel-144

2 years agolib: Fix CID 1373388 Uninitialized scalar variable
Volker Lendecke [Tue, 27 Sep 2016 16:28:51 +0000 (09:28 -0700)]
lib: Fix CID 1373388 Uninitialized scalar variable

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2 years agolib: Fix CID 1373389 Uninitialized scalar variable
Volker Lendecke [Tue, 27 Sep 2016 16:28:33 +0000 (09:28 -0700)]
lib: Fix CID 1373389 Uninitialized scalar variable

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2 years agomessaging: Add wrap check to messaging_rec_dup
Volker Lendecke [Fri, 22 Jul 2016 13:59:32 +0000 (15:59 +0200)]
messaging: Add wrap check to messaging_rec_dup

Just paranoia

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 28 03:58:22 CEST 2016 on sn-devel-144

2 years agowbclient: "ev" is no longer used in wbc_xids_to_sids
Volker Lendecke [Sun, 18 Sep 2016 12:06:24 +0000 (14:06 +0200)]
wbclient: "ev" is no longer used in wbc_xids_to_sids

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowbclient: "ev" is no longer used in wbc_sids_to_xids
Volker Lendecke [Sun, 18 Sep 2016 12:03:33 +0000 (14:03 +0200)]
wbclient: "ev" is no longer used in wbc_sids_to_xids

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolib: Only return "rec" on demand in messaging_filtered_read_recv
Volker Lendecke [Mon, 26 Sep 2016 15:16:15 +0000 (08:16 -0700)]
lib: Only return "rec" on demand in messaging_filtered_read_recv

The message could be just a trigger without contents.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_RPC_E_INVALID_HEADER (unused, already known as HRES_RPC_E_INVALI...
Günther Deschner [Fri, 11 Dec 2015 23:29:13 +0000 (00:29 +0100)]
werror: removed WERR_RPC_E_INVALID_HEADER (unused, already known as HRES_RPC_E_INVALID_HEADER)

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_RPC_E_REMOTE_DISABLED (replaced with HRES_RPC_E_REMOTE_DISABLED)
Günther Deschner [Fri, 11 Dec 2015 23:16:05 +0000 (00:16 +0100)]
werror: removed WERR_RPC_E_REMOTE_DISABLED (replaced with HRES_RPC_E_REMOTE_DISABLED)

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_RPC_E_REMOTE_DISABLED with HRES_RPC_E_REMOTE_DISABLED
Günther Deschner [Fri, 11 Dec 2015 23:15:45 +0000 (00:15 +0100)]
werror: replace WERR_RPC_E_REMOTE_DISABLED with HRES_RPC_E_REMOTE_DISABLED

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_SEC_E_ALGORITHM_MISMATCH (unused, already known as HRES_SEC_E_AL...
Günther Deschner [Wed, 9 Dec 2015 14:58:03 +0000 (15:58 +0100)]
werror: removed WERR_SEC_E_ALGORITHM_MISMATCH (unused, already known as HRES_SEC_E_ALGORITHM_MISMATCH)

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SEC_E_DECRYPT_FAILURE with HRES_SEC_E_DECRYPT_FAILURE
Günther Deschner [Wed, 9 Dec 2015 14:55:59 +0000 (15:55 +0100)]
werror: replace WERR_SEC_E_DECRYPT_FAILURE with HRES_SEC_E_DECRYPT_FAILURE

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: remove WERR_SEC_E_ENCRYPT_FAILURE (there is HRES_SEC_E_ENCRYPT_FAILURE)
Günther Deschner [Wed, 9 Dec 2015 14:53:22 +0000 (15:53 +0100)]
werror: remove WERR_SEC_E_ENCRYPT_FAILURE (there is HRES_SEC_E_ENCRYPT_FAILURE)

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_CLASS_NOT_REGISTERED with HRES_REGDB_E_CLASSNOTREG
Günther Deschner [Wed, 9 Dec 2015 14:12:49 +0000 (15:12 +0100)]
werror: replace WERR_CLASS_NOT_REGISTERED with HRES_REGDB_E_CLASSNOTREG

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: remove two duplicate error mappings.
Günther Deschner [Fri, 4 Dec 2015 08:39:13 +0000 (09:39 +0100)]
werror: remove two duplicate error mappings.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: use autogenerated error codes.
Günther Deschner [Thu, 3 Dec 2015 14:37:32 +0000 (15:37 +0100)]
werror: use autogenerated error codes.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_SHUTDOWN_ALREADY_IN_PROGRESS (unused, already known as WERR_SHUT...
Günther Deschner [Thu, 3 Dec 2015 14:24:43 +0000 (15:24 +0100)]
werror: removed WERR_SHUTDOWN_ALREADY_IN_PROGRESS (unused, already known as WERR_SHUTDOWN_IN_PROGRESS)

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_UNKNOWN_LEVEL
Günther Deschner [Thu, 3 Dec 2015 14:24:43 +0000 (15:24 +0100)]
werror: removed WERR_UNKNOWN_LEVEL

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source4/torture/rpc/
Günther Deschner [Thu, 3 Dec 2015 14:24:43 +0000 (15:24 +0100)]
werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source4/torture/rpc/

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source4/rpc_server/
Günther Deschner [Thu, 3 Dec 2015 14:24:42 +0000 (15:24 +0100)]
werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source4/rpc_server/

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source3/rpcclient/cmd_s...
Günther Deschner [Thu, 3 Dec 2015 14:24:42 +0000 (15:24 +0100)]
werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source3/rpcclient/cmd_spoolss.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source3/rpc_server/
Günther Deschner [Thu, 3 Dec 2015 14:24:42 +0000 (15:24 +0100)]
werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source3/rpc_server/

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source3/printing/nt_pri...
Günther Deschner [Thu, 3 Dec 2015 14:24:42 +0000 (15:24 +0100)]
werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source3/printing/nt_printing.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source3/lib/netapi/
Günther Deschner [Thu, 3 Dec 2015 14:24:41 +0000 (15:24 +0100)]
werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source3/lib/netapi/

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_FRS_INVALID_SERVICE_PARAMETER
Günther Deschner [Thu, 3 Dec 2015 14:24:41 +0000 (15:24 +0100)]
werror: removed WERR_FRS_INVALID_SERVICE_PARAMETER

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_FRS_INVALID_SERVICE_PARAMETER with WERR_FRS_ERR_INVALID_SERVICE_...
Günther Deschner [Thu, 3 Dec 2015 14:24:41 +0000 (15:24 +0100)]
werror: replace WERR_FRS_INVALID_SERVICE_PARAMETER with WERR_FRS_ERR_INVALID_SERVICE_PARAMETER in source4/torture/rpc/frsapi.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_FRS_SYSVOL_IS_BUSY (unused, already known as WERR_FRS_ERR_SYSVOL...
Günther Deschner [Thu, 3 Dec 2015 14:24:40 +0000 (15:24 +0100)]
werror: removed WERR_FRS_SYSVOL_IS_BUSY (unused, already known as WERR_FRS_ERR_SYSVOL_IS_BUSY)

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_FRS_INSUFFICIENT_PRIV (unused, already known as WERR_FRS_ERR_INS...
Günther Deschner [Thu, 3 Dec 2015 14:24:40 +0000 (15:24 +0100)]
werror: removed WERR_FRS_INSUFFICIENT_PRIV (unused, already known as WERR_FRS_ERR_INSUFFICIENT_PRIV)

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_DEFAULT_JOIN_REQUIRED
Günther Deschner [Thu, 3 Dec 2015 14:24:40 +0000 (15:24 +0100)]
werror: removed WERR_DEFAULT_JOIN_REQUIRED

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_DEFAULT_JOIN_REQUIRED with WERR_NERR_DEFAULTJOINREQUIRED in...
Günther Deschner [Thu, 3 Dec 2015 14:24:40 +0000 (15:24 +0100)]
werror: replace WERR_DEFAULT_JOIN_REQUIRED with WERR_NERR_DEFAULTJOINREQUIRED in source3/libnet/libnet_join.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_DEFAULT_JOIN_REQUIRED with WERR_NERR_DEFAULTJOINREQUIRED in...
Günther Deschner [Thu, 3 Dec 2015 14:24:40 +0000 (15:24 +0100)]
werror: replace WERR_DEFAULT_JOIN_REQUIRED with WERR_NERR_DEFAULTJOINREQUIRED in source3/lib/netapi/joindomain.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_SETUP_DOMAIN_CONTROLLER
Günther Deschner [Thu, 3 Dec 2015 14:24:39 +0000 (15:24 +0100)]
werror: removed WERR_SETUP_DOMAIN_CONTROLLER

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SETUP_DOMAIN_CONTROLLER with WERR_NERR_SETUPDOMAINCONTROLLER...
Günther Deschner [Thu, 3 Dec 2015 14:24:39 +0000 (15:24 +0100)]
werror: replace WERR_SETUP_DOMAIN_CONTROLLER with WERR_NERR_SETUPDOMAINCONTROLLER in source4/torture/rpc/wkssvc.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SETUP_DOMAIN_CONTROLLER with WERR_NERR_SETUPDOMAINCONTROLLER...
Günther Deschner [Thu, 3 Dec 2015 14:24:39 +0000 (15:24 +0100)]
werror: replace WERR_SETUP_DOMAIN_CONTROLLER with WERR_NERR_SETUPDOMAINCONTROLLER in source3/libnet/libnet_join.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SETUP_DOMAIN_CONTROLLER with WERR_NERR_SETUPDOMAINCONTROLLER...
Günther Deschner [Thu, 3 Dec 2015 14:24:39 +0000 (15:24 +0100)]
werror: replace WERR_SETUP_DOMAIN_CONTROLLER with WERR_NERR_SETUPDOMAINCONTROLLER in source3/lib/netapi/joindomain.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_SETUP_NOT_JOINED
Günther Deschner [Thu, 3 Dec 2015 14:24:39 +0000 (15:24 +0100)]
werror: removed WERR_SETUP_NOT_JOINED

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source4/tortur...
Günther Deschner [Thu, 3 Dec 2015 14:24:39 +0000 (15:24 +0100)]
werror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source4/torture/rpc/wkssvc.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source3/utils/
Günther Deschner [Thu, 3 Dec 2015 14:24:39 +0000 (15:24 +0100)]
werror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source3/utils/

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source3/libnet...
Günther Deschner [Thu, 3 Dec 2015 14:24:39 +0000 (15:24 +0100)]
werror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source3/libnet/libnet_join.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source3/lib...
Günther Deschner [Thu, 3 Dec 2015 14:24:39 +0000 (15:24 +0100)]
werror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source3/lib/netapi/joindomain.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: removed WERR_SETUP_ALREADY_JOINED
Günther Deschner [Thu, 3 Dec 2015 14:24:38 +0000 (15:24 +0100)]
werror: removed WERR_SETUP_ALREADY_JOINED

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SETUP_ALREADY_JOINED with WERR_NERR_SETUPALREADYJOINED in source...
Günther Deschner [Thu, 3 Dec 2015 14:24:38 +0000 (15:24 +0100)]
werror: replace WERR_SETUP_ALREADY_JOINED with WERR_NERR_SETUPALREADYJOINED in source4/torture/rpc/wkssvc.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowerror: replace WERR_SETUP_ALREADY_JOINED with WERR_NERR_SETUPALREADYJOINED in source...
Günther Deschner [Thu, 3 Dec 2015 14:24:38 +0000 (15:24 +0100)]
werror: replace WERR_SETUP_ALREADY_JOINED with WERR_NERR_SETUPALREADYJOINED in source3/libnet/libnet_join.c

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>