git.samba.org - samba.git/log

lib/param: handle (ignore) substitution variable in smb.conf

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10722

The function handle_include returns false when trying to include
files that have a substitution variable in filename (like %U),
this patch makes handle_include to ignore this case, to make
samba-tool work when there is such include in samba's configuration.

Error was :
root@ubuntu:/usr/local/samba# grep 'include.*%U' etc/smb.conf
include = %U.conf
root@ubuntu:/usr/local/samba# ./bin/samba-tool user list
Can't find include file %U.conf
ERROR(runtime): uncaught exception - Unable to load default file

Signed-off-by: Quentin Gibeaux <qgibeaux@iris-tech.fr>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Dec 9 02:05:30 CET 2015 on sn-devel-104

libdns: Small cleanup

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libdns: Convert dns_udp_request to 0/errno

Replaces 5 calls to unix_to_werror with just one

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libdns: Properly set ENOMEM

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libdns: tsocket returns -1 and sets errno

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Use GUID_buf_string in discover_dc_dns

One talloc call less..

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Lift lp_disable_netbios one level

This should fix an error code when neither DS_IS_FLAT_NAME nor
DS_IS_DNS_NAME are specified. If netbios is disabled and the DC
can't be found via DNS we should not return NOT_SUPPORTED but
DOMAIN_CONTROLLER_NOT_FOUND.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: make debug_dsdcinfo_flags static

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Avoid a includes.h

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Revert "s3: smbd: Tear down global_smbXsrv_client in the correct order."

Wrong fix for the problem that was actually fixed in the dbwrap_rbt
code with commits:

590507951fc514a679f44b8bfdd03c721189c3fa
0f46da08e160e6712e5282af14e1ec4012614fc7

This reverts commit 8024e19b70047865249305bceddd4473d6e60051.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Dec 7 21:09:04 CET 2015 on sn-devel-104

samba-tool: user create examples show 'add' instead of 'create'

Signed-off-by: Rowland Penny <repenny241155@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

samba-tool: fsmo.py throws an uncaught exception if no

fSMORoleOwner attribute

This will fix bug 11613 where a user got the uncaught exception when trying
to seize an FSMO role that didn't have the required attribute.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11613

Signed-off-by: Rowland Penny <repenny241155@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Sun Dec 6 00:33:10 CET 2015 on sn-devel-104

ntlm_auth: Add --offline-logon

Signed-off-by: Wolfgang Ocker <weo@recco.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Dec 5 01:24:56 CET 2015 on sn-devel-104

docs-xml: Document range parameter for idmap_autorid

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Fri Dec 4 22:09:09 CET 2015 on sn-devel-104

ctdb-ipalloc: Rename top level IP allocation algorithm functions

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Dec 4 12:25:14 CET 2015 on sn-devel-104

ctdb-ipalloc: Rename ctdb_takeover_run_core() to ipalloc()

It just does IP allocation...

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-ipalloc: Fold force_rebalance_candidates into IP allocation state

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-ipalloc: Fold all IPs list into IP allocation state

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-ipalloc: Tidy up some of the IP allocation functions

Shorter temporary variables for compactness/readability.  "tmp_ip" is
5 characters longer than "t".  In each for statement it is used 4
times, so costs 20 characters.  Save those extra characters so that
future edits will avoid going over 80 columns.

Tweak whitespace for readability, rewrap some code.

No functional changes.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Don't delete connection information for released IP

As per the comment:

  If the IP address is hosted on this node then remove the connection.

  Otherwise this function has been called because the server IP
  address has been released to another node and the client has exited.
  This means that we should not delete the connection information.
  The takeover node processes connections too.

This doesn't matter at the moment, since the empty connection list for
an IP address that has been released will never be pushed to another
node.  However, it matters if the connection information is stored in
a real replicated database.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Move VNN lookup out of ctdb_remove_tcp_connection()

In a subsequent commit ctdb_takeover_client_destructor_hook() needs to
know the VNN. So just have both callers of
ctdb_remove_tcp_connection() do the lookup and pass in the VNN.

This should cause no change in behaviour.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Do not process tickle updates for hosted IP addresses

Tickle list updates are broadcast to all connected nodes and are
accepted even when received on the same node that sent them. This
could actually lead to lost connection information when information
about new connections is received while an update is in-flight.

Instead, return early when the IP is hosted on the current node, since
it is the only one that could have sent the update.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-docs: Rewrite event script documentation

Move information about TCP connection tracking and resetting into
ctdb.7.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-scripts: Add exportfs cache to NFS Linux kernel callout

exportfs can hang when, for example, DNS is flakey. Given that
exports don't change much, it makes sense to cache them.

Don't try to add error handling when exportfs fails but do print a
warning. Proper error handling can be added separately.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-recoverd: Drop function unban_all_nodes()

It hasn't worked since commit cda5f02c7c3491917d831ee23b93278dfaa5c82b
in 2009, which reworked the banning code.  Since then
ctdb_control_modflags() has contained a comment saying:

  /* we don't let other nodes modify our BANNED status */

Unbanning all nodes originally occurred here when the recovery master
role moved to a new node.  The logic could have been meant for the
case when the old recovery master was malfunctioning, so got banned.
If any other nodes had been banned by this recovery master then they
would be unbanned.  However, this would also unban the old recovery
master, which is probably suboptimal.  The logic would also trigger if
a node was banned for a good reason and then the recovery master was
stopped.  So, apart from doing nothing, the logic is too simplistic so
might as well be removed.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Drop handling of ban control sent to unexpected node

The banning code caters for the case where the node specified in the
bantime data is not the node receiving the control.  This never
happens.  There are 2 places where ctdb_ctrl_set_ban() is called: the
ctdb CLI tool and the recovery daemon.  Both pass the same node in the
bantime data that they are sending the control to.  There are no plans
to do anything more elaborate, so just delete the handling of this
special case.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ldb torture: Test ldb unpacking and printing

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11602
Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Fri Dec 4 09:16:22 CET 2015 on sn-devel-104

ldb: Move ldb_(un)pack_data into ldb_module.h for testing

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11602
Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

ldb: Fix installation of _ldb_text.py

_ldb_text.py is installed as part of the ldb package and also if you
compile Samba with the system ldb version. This way we have have the
file twice in the same location and run into file confilcts.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Fix little typo in README file

Reviewed-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Fix propagation of LDB errors through TDB.

Returning a non-zero value from a tdb_traverse callback indicates that tdb_traverse
should stop traversing the database. This error code IS NOT propagated back to the
caller, so LTDB must record the error otherwise. This patch corrects LTDB for this
misunderstanding.

Naturally exposing these errors changes the behaviour of some tests. This commit fixes
that as well.

Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

ldb: Fix bug triggered by having an empty message in database during search.

Previously if the message had 0 elements, Talloc would reallocate the projected
array to NULL, fooling LDB into thinking that it failed to reallocate. This fix
corrects LDB to be able to handle the case where the message has no attributes
in common with the filter.

Also the realloc call resized the array to the number of elements in the message,
not the number of elements in common with the filter -- it essentially did nothing.

Unlike talloc_realloc, talloc_array always returns a non-null pointer. This would
help protect against possible errors.

Signed-off-by: Adrian Cochrane <adrianc@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

clitar: cope with functions of older versions of libarchive

the feature of automatic decompression in extract mode is only supported in
libarchive 3, so we use this only when available now.

The changed config checks for that also fix this bug:

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11296

Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Thu Dec 3 16:09:08 CET 2015 on sn-devel-104

selftest: fix tar test with Pax format archives

we need to skip PaxHeader pseudo files

Signed-off-by: Bjoern Jacke <bj@sernet.de>

client: Fix parameter mixup

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11628

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Dec 2 21:01:14 CET 2015 on sn-devel-104

vfs: remove posix_flags hack, bump interface version to 34

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec 1 23:48:37 CET 2015 on sn-devel-104

s4:torture:vfs_fruit: add a test for POSIX rename

Signed-off-by: Ralph Boehme <slow@samba.org>

vfs_fruit: enable POSIX directory rename semantics

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11065

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_fruit: add a flag that tracks whether use of AAPL was negotiated

Add a flag that tracks whether use of AAPL was negotiated, ensuring we
don't enable AAPL features for clients that didn't negotiate it.

Torture test that need AAPL must call the new function enable_aapl().

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11065

Signed-off-by: Ralph Boehme <slow@samba.org>

s3:smbd: file_struct: seperate POSIX directory rename cap from POSIX open

We need more fine grained control over which POSIX semantics we'd like
to enable per file handle. Currently POSIX_FLAGS_OPEN is a kitchensink
for all kinds of stuff like:

- POSIX unlink
- POSIX byte-range locks
- POSIX rename
- delayed writetime update
- more...

For CIFS UNIX extensions we use POSIX_FLAGS_ALL so semantics are
preserved. OS X clients will enable POSIX rename via AAPL.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11065

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: convert file_struct.posix_open to a bitmap with flags

This is in preperation of a more fine grained control of POSIX behaviour
in the SMB and VFS layers.

Inititally we use an uint8_t for the flags bitmap and add a define
posix_flags as posix_open in order to avoid breaking the VFS ABI.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11065

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:torture/basic: Fix misleading test case names in aliases test

Previously, "QFILEINFO aliases" was running qfsinfo_aliases and
"QFSINFO aliases" was running qfileinfo_aliases. This change
is to make sure that each of them point towards correct test cases.

Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Dec 1 20:44:54 CET 2015 on sn-devel-104

lib/async_req: do not install async_connect_send_test.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

libcli/smb: fix BUFFER_OVERFLOW handling in tstream_smbXcli_np

The special error is not NT_STATUS_BUFFER_TOO_SMALL, but STATUS_BUFFER_OVERFLOW.

Tested using TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE == 20 and running
the following commands against a Windows 2012R2 server:

bin/smbtorture ncacn_np:SERVER[] rpc.lsa-getuser
bin/smbtorture ncacn_np:SERVER[smb2] rpc.lsa-getuser

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec 1 03:42:52 CET 2015 on sn-devel-104

libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb1cli_readx*

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb2cli_query_info*

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb2cli_read*

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11623

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: make sure we have a body size of 0x31 before dereferencing an ioctl response

Found by valgrind, reported by Noel Power <nopower@suse.com>:

==7913== Invalid read of size 1
==7913==    at 0xC4F23EE: smb2cli_ioctl_done (smb2cli_ioctl.c:245)
==7913==    by 0x747A744: _tevent_req_notify_callback (tevent_req.c:112)
==7913==    by 0x747A817: tevent_req_finish (tevent_req.c:149)
==7913==    by 0x747A93C: tevent_req_trigger (tevent_req.c:206)
==7913==    by 0x7479B2B: tevent_common_loop_immediate
(tevent_immediate.c:135)
==7913==    by 0xA9CB4BE: run_events_poll (events.c:192)
==7913==    by 0xA9CBB32: s3_event_loop_once (events.c:303)
==7913==    by 0x7478C72: _tevent_loop_once (tevent.c:533)
==7913==    by 0x747AACD: tevent_req_poll (tevent_req.c:256)
==7913==    by 0x505315D: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==7913==    by 0xA7201F2: cli_tree_connect (cliconnect.c:2764)
==7913==    by 0x165FF7: cm_prepare_connection (winbindd_cm.c:1276)
==7913==  Address 0x16ce24ec is 764 bytes inside a block of size 813 alloc'd
==7913==    at 0x4C29110: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==7913==    by 0x768A0C1: __talloc_with_prefix (talloc.c:668)
==7913==    by 0x768A27E: _talloc_pool (talloc.c:721)
==7913==    by 0x768A41E: _talloc_pooled_object (talloc.c:790)
==7913==    by 0x747A594: _tevent_req_create (tevent_req.c:66)
==7913==    by 0xCF6E2FA: read_packet_send (async_sock.c:414)
==7913==    by 0xCF6EB54: read_smb_send (read_smb.c:54)
==7913==    by 0xC4DA146: smbXcli_conn_receive_next (smbXcli_base.c:1027)
==7913==    by 0xC4DA02D: smbXcli_req_set_pending (smbXcli_base.c:978)
==7913==    by 0xC4DF776: smb2cli_req_compound_submit (smbXcli_base.c:3166)
==7913==    by 0xC4DFC1D: smb2cli_req_send (smbXcli_base.c:3268)
==7913==    by 0xC4F2210: smb2cli_ioctl_send (smb2cli_ioctl.c:149)
==7913==

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11622

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: Fix a comment

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: Simplify a boolean expression

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

librpc: Fix a possible array out of bounds access

Reported by gcc 5.1.1.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib: Fix an array subscript is above array bounds error

gcc 5.1.1 complains with:
lib/util/idtree.c:184:15: error: array subscript is above array bounds

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:talloc_dict: fix a SIGBUS when dereferencing unaligned pointers

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Nov 30 22:31:16 CET 2015 on sn-devel-104

lib/param: add a fixed unified lpcfg_string_{free,set,set_upper}() infrastructure

This reduces the memory footprint of empty string options.

smbd -d1 -i with 1400 shares in smb.conf under x64 valgrind massif before this
patch has 7,703,392 bytes peak memory consumption and after this patch
3,321,200 bytes.

This fixes a regression introduced by commit
2dd7c890792cf12049ec13b88aa4e9de23035f9d.

BUG:

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11625
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Nov 30 17:41:28 CET 2015 on sn-devel-104

docs: change pdbedit --set-nt-hash to be consistent

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Nov 30 06:54:11 CET 2015 on sn-devel-104

passdb: Change ABI version to 0.24.2

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

pdb: add a blackbox test for setting password with hash

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Add --set-nt-hash option to pdbedit to update user password from nt-hash hexstring.

Useful to take in sync password from other repository.
(Modify MASK_USER_GOOD to include new flag  BIT_PWSETNTHASH)

pdbedit -vw show also  password hashes .

Split pdb_set_plaintext_passwd  in two function:
pdb_set_plaintext_passwd and pdb_update_history.
pdb_update_history update password history and is call from
pdb_set_plaintext_passwd.

Signed-off-by: Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:torture: add traverse testing to LOCAL-RBTREE

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11375
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11394

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 27 13:16:59 CET 2015 on sn-devel-104

dbwrap_rbt: fix modifying the db during traverse

We delete and add of records rebalace the tree, but our
traverse code doesn't handle that and skips records
randomly.

We maintain records in a linked list for now
in addition to the rbtree and use that list during
traverse.

This add a bit overhead, but at least it works reliable.
If someone finds a way to do reliable traverse with the
rebalanced tree, we can replace this commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11375
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11394

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

dbwrap_rbt: add nested traverse protection

Multiple dbwrap_traverse_read() calls are possible.

store() and delete() on a fetch locked record
are rejected during dbwrap_traverse_read().

A dbwrap_traverse() within a dbwrap_traverse_read()
behaves like a dbwrap_traverse_read().

Nested dbwrap_traverse() calls are not possible.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11375
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11394

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

dbwrap_rbt: use talloc_zero_size() instead of a partial ZERO_STRUCT()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11375
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11394

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

docs: Fix some typos in the idmap backend section.

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Nov 26 14:47:17 CET 2015 on sn-devel-104

ctdb-protocol: Fix marshalling for struct ctdb_rec_data

If the header is specified, then the datalen should be incremented.

There are two ways of marshalling ctdb_rec_data:

1. ctdb_rec_data->header is NULL and ctdb_rec_data->data embeds both
   the header and the value. Used in recovery for push/pull of records.

2. ctdb_rec_data->header is not NULL and ctdb_rec_data->data embeds
   only the value.  Used everywhere else.

In both cases, the wire format includes the header and the value.
There is nothing in the wire format to inform the unmarshalling code
whether to extract the header separately or not.

In the current code the header is extracted depending on whether the
header argument to the extractor routine is NULL or not.  This is insane
and highly error-prone.

So in the new API, unmarshalling code never extracts the header.  If the
caller requires the header, then it can be extracted separately using
special function ctdb_ltdb_header_extract().

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Nov 25 13:21:48 CET 2015 on sn-devel-104

ctdb-protocol: Add API to extract ctdb_ltdb_header from TDB_DATA

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb-protocol: Fix marshalling of struct ctdb_public_ip_list

There can be 0 public addresses.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb-protocol: Fix marshalling of struct ctdb_addr_info

ctdb_addr_info->iface can be NULL.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb-protocol: Do not expect a reply for SHUTDOWN control

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb-protocol: Add marshalling for TDB_DATA

This is required when ctdb client wants to send arbitrary data as part
of CTDB_REQ_MESSAGE.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb-protocol: Add utility function ctdb_sock_addr_to_string

This is a duplicate function to ctdb_addr_to_str, but ctdb-util cannot
be linked with the code using new API mainly because it code in ctdb-util
requires struct ctdb_context.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb-system: Use protocol/protocol.h instead of ctdb_private.h

Since this code does not need any private structures defined in
ctdb_private.h, protocol/protocol.h should suffice.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb-include: Make client header self contained

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

ctdb-include: Make protocol headers self contained

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3: smbd: Tear down global_smbXsrv_client in the correct order.

The talloc heirarchy looks like this:

global_smbXsrv_client
    |                 |
    V                 V
    session_table    sconn
       |
       V
      session (destructor references global_smbXsrv_client->sconn)

So don't free global_smbXsrv_client->sconn before the
session destructor fires.

------------------------------------------------
6 <signal handler called>
7 0x00007f47ba82da1a in file_close_user (sconn=0x0, vuid=1584077283) at ../source3/smbd/files.c:250
8 0x00007f47ba922a74 in smbXsrv_session_logoff (session=0x7f47be8bbf80) at ../source3/smbd/smbXsrv_session.c:1404
9 0x00007f47ba921912 in smbXsrv_session_destructor (session=0x7f47be8bbf80) at ../source3/smbd/smbXsrv_session.c:1068
10 0x00007f47b784e2fc in _talloc_free_internal () from /usr/lib/libtalloc.so.2
11 0x00007f47b784f495 in _talloc_free_children_internal () from /usr/lib/libtalloc.so.2
12 0x00007f47b784e49f in _talloc_free_internal () from /usr/lib/libtalloc.so.2
13 0x00007f47b784f495 in _talloc_free_children_internal () from /usr/lib/libtalloc.so.2
14 0x00007f47b784e49f in _talloc_free_internal () from /usr/lib/libtalloc.so.2
15 0x00007f47b784f88e in _talloc_free () from /usr/lib/libtalloc.so.2
16 0x00007f47ba92b2f1 in exit_server_common (how=SERVER_EXIT_NORMAL, reason=0x0) at ../source3/smbd/server_exit.c:234
------------------------------------------------

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11375

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 25 03:40:46 CET 2015 on sn-devel-104

s3: docs: Fix "strict rename" doc to match code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11065

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 24 23:47:19 CET 2015 on sn-devel-104

s3: smbd: Change semantics of strict rename to search the file open db.

Without strict rename just look in local process. POSIX renames are
already dealt with above.

Documentation change to follow.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11065

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

s3: smbd: have_file_open_below() fails to enumerate open files below an open directory handle.

There are three issues:

1). The memcmp checking that the open file path has the open
directory path as its parent compares using the wrong length
(it uses the full open file path which will never compare as
the same).

2). The files_below_forall() function doesn't fill in the
callback function or callback data when calling share_mode_forall(),
leading to a crash (which we never saw, as the previous issue (1)
meant the callback function would never be invoked).

3). When invoking the callback function from files_below_forall_fn()
we were passing in the wrong private_data pointer (needs to be
the one from the state, not the private_data passed into
files_below_forall_fn()).

Found when running the torture test smb2.rename.rename_dir_openfile
when fixing bug #11065.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11615

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Nov 24 19:36:20 CET 2015 on sn-devel-104

smbd:dir: remove an extra empty line in files_below_forall()

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Nov 24 15:59:47 CET 2015 on sn-devel-104

build:wafsamba: Ensure that check_group_ordering can be overridden

Group ordering verifications are performed by default in Waf 1.8,
so this method will be redundant. The purpose of this change is
to make it easier to disable check_group_ordering as it contains
code that is very specific to Waf 1.5.

Signed-off-by: Thomas Nagy <tnagy@waf.io>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov 24 08:03:29 CET 2015 on sn-devel-104

build:wafsamba: Ensure that target clones get a different name

Changing the 'target' attribute results in a different file name,
which is visibly necessary. Yet the 'name' attribute should also
be modified even if invisible as it is used to query targets
(uselib for example). Failing to do so results in errors in Waf 1.8.

Signed-off-by: Thomas Nagy <tnagy@waf.io>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

build:wafsamba: Specify whether node objects or flat lists in ant_glob

The changes enable the ant_glob declaration to be compatible with
more recent versions of Waf.

Signed-off-by: Thomas Nagy <tnagy@waf.io>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

samba-tool: replace use of os.popen

The netcmd/domain.py module uses os.popen() on user-supplied
parameters. This opens up the way to code injection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11601

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Nov 23 22:19:34 CET 2015 on sn-devel-104

libads: Fix picky const warning with krb5_set_password_using_ccache

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Nov 23 18:20:31 CET 2015 on sn-devel-104

gensec: Fix picky unused variable errors

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

auth: Fix picky const warnings in gssapi_pac

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s4-auth: Fix picky unused variable warning

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

krb5_wrap: Fix picky const compiler warnings

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

selftest: Fix Samba::bindir_path() with a valid directory.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

dbwrap_tdb: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Nov 23 15:16:19 CET 2015 on sn-devel-104

ctdb-ipalloc: Drop unnecessary struct ctdb_ipflags

This can be easily decomposed into 2 separate arrays.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Mon Nov 23 05:34:55 CET 2015 on sn-devel-104

ctdb-ipalloc: Move memory allocation into ipalloc_state_init()

This puts all of the memory allocation for ipalloc_state into its init
function. This also simplifies the code because
set_ipflags_internal() can no longer fail because it no longer
allocates memory.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-ipalloc: Have set_ipflags_internal() set ipalloc_state->ipflags

This is cleaner than returning ipflags and assigning them into
ipalloc_state afterwards.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-ipalloc: Fold IP flags into IP allocation state

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-ipalloc: Use number of nodes from IP allocation state

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-ipalloc: Allocate memory off IP allocation state

Instead of local or passed temporary contexts.

This has the side effect of making ipalloc_state available inside the
modified functions, making future use of ipalloc_state simpler.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-ipalloc: Add error handling to IP allocation

The only likely failure is out of memory, so just return boolean
value.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-ipalloc: Drop CTDB context argument from set_ipflags_internal()

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

samba-tool:provision: fix bug 11600

If you join a second DC after changing the name of
the 'Default Domain Policy' or 'Default Domain Controllers
Policy' the join will fail as the search is hardcoded to
these names, this fix changes the search to the objects name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11600

Signed-off-by: Rowland Penny <repenny241155@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Sat Nov 21 04:44:58 CET 2015 on sn-devel-104