Michael Adam [Sat, 25 Oct 2014 16:01:30 +0000 (18:01 +0200)]
autobuild: check whether ctdbd has been installed in the samba-ctdb target
An intermediate test until we have full runtime-tests.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Oct 28 08:05:40 CET 2014 on sn-devel-104
Michael Adam [Fri, 24 Oct 2014 15:55:17 +0000 (17:55 +0200)]
build: adapt comments for the clustering choice
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Michael Adam [Fri, 24 Oct 2014 15:53:08 +0000 (17:53 +0200)]
build: further simplify --with-cluster-support case in configure
includes were only built for the ctdb checks and they are now
gone because we are building against included ctdb.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Michael Adam [Fri, 24 Oct 2014 15:42:51 +0000 (17:42 +0200)]
autobuild: adapt samba-ctdb target does not need a separate ctdb build any more
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Amitay Isaacs [Tue, 21 Oct 2014 00:53:29 +0000 (11:53 +1100)]
ctdb: Rename CTDB_VERSION to CTDB_PROTOCOL
CTDB_VERSION really is the ctdb protocol version.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Fri, 10 Oct 2014 03:29:51 +0000 (14:29 +1100)]
build: Simplify check for building with ctdb
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Fri, 10 Oct 2014 03:25:34 +0000 (14:25 +1100)]
build: Remove configure checks for ctdb headers
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Fri, 10 Oct 2014 01:02:26 +0000 (12:02 +1100)]
ctdb: Rename ctdb socket variable from CTDB_PATH to CTDB_SOCKET
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Fri, 10 Oct 2014 00:42:05 +0000 (11:42 +1100)]
build: Remove configure option --with-ctdb-dir
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Thu, 9 Oct 2014 23:54:15 +0000 (10:54 +1100)]
build: Remove checks for ctdb features
Since we are always building with integrated CTDB, there is no need for
these checks.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Thu, 9 Oct 2014 23:59:06 +0000 (10:59 +1100)]
build: Remove configure option --enable-old-ctdb
CTDB source is now part of Samba tree and to enable clustering smbd
should be built against included CTDB.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Martin Schwenke [Fri, 8 Aug 2014 10:59:21 +0000 (20:59 +1000)]
ctdb-logging: Add logging via UDP logging using RFC5424
Some implementations may not understand RC3164 format messages on the
UDP socket, so add support for RFC5424 message format.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 Aug 2014 10:59:21 +0000 (20:59 +1000)]
ctdb-logging: Add logging via UDP to 127.0.0.1:514 to syslog backend
This has most of the advantages of the old logd with none of the
complexity of the extra process. There are several good syslog
implementations that can listen on the UDP port.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 18 Oct 2014 03:39:30 +0000 (14:39 +1100)]
ctdb-logging: Add non-blocking Unix domain logging to syslog backend
Format messages as per RFC3164.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 11 Aug 2014 07:07:41 +0000 (17:07 +1000)]
ctdb-logging: New option CTDB_LOGGING, remove CTDB_LOGFILE, CTDB_SYSLOG
Remove --logfile and --syslog daemon options and replace with
--logging.
Modularise and clean up logging initialisation code. The
initialisation API includes an app_name argument that is currently
unused - this will be used in extensions to the syslog backend.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 Aug 2014 10:57:05 +0000 (20:57 +1000)]
ctdb-logging: Replace logd code with a basic syslog(3) implementation
It is much simpler for most cases to have a syslog backend that
doesn't need a separate CTDB-specific logging daemon. This loses the
lossy, non-blocking mode provided by logd. However, a corresponding
feature with a completely different implemention (not requiring an
extra daemon) will be re-added into the syslog backend. In an ideal
world the new implementation would be added first but unfortunately
that is hard to do because the logd code is hooked in at more than one
place.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 16 Oct 2014 08:46:43 +0000 (19:46 +1100)]
ctdb-logging: Simplify file logging timestamping with timeval_str_buf()
If nothing else, this is slightly more portable.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 Aug 2014 10:54:54 +0000 (20:54 +1000)]
ctdb-logging: Separate out syslog and file logging backends
This makes the code cleaner and allows the syslog backend to be easily
modified without affecting other code. Also do some extra clean-up,
including whitespace fixups.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 Aug 2014 03:36:00 +0000 (13:36 +1000)]
ctdb-logging: Rework debug level parsing
Put declarations into ctdb_logging.h, factor out some common code,
clean up #includes.
Remove the check so see if the 1st character of the debug level is
'-'. This is wrong, since it is trying to check for a negative
numeric debug level (which is no longer supported) and would need to
be handled in the else anyway.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 16 Oct 2014 09:03:51 +0000 (20:03 +1100)]
ctdb-logging: Remove ctdb element from struct ctdb_log_state
This is set but otherwise not used. This allows the 1st argument to
ctdb_set_logfile() to be generalised to a TALLOC_CTX.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 Aug 2014 01:50:37 +0000 (11:50 +1000)]
ctdb-logging: Remove log member from struct ctdb_context
This is only used by logging code and there is already a file-level
variable for this. struct ctdb_context already contains too many
things.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 Aug 2014 01:42:51 +0000 (11:42 +1000)]
ctdb-logging: Rename ctdb_log_handler() to ctdb_child_log_handler()
Now it is obvious that it has something to do with child processes.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 8 Oct 2014 03:22:53 +0000 (14:22 +1100)]
ctdb-logging: Remove debug levels DEBUG_ALERT and DEBUG_CRIT
Internally map them to DEBUG_ERR to limit code churn.
This reduces the unwieldy number of debug levels used by CTDB. ALERT
and CRIT aren't of much use as separate errors, since everything from
ERR up should always be logged. In future just ERR can be used.
This also improves compatibility with Samba's debug.c system priority
mapping.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 8 Oct 2014 03:19:22 +0000 (14:19 +1100)]
ctdb-logging: Remove DEBUG_EMERG
It isn't used and shouldn't be. CTDB can't make the system unusable.
Update associated test to ensure that EMERG isn't attempted. Actually
test all remaining debug levels and modernise the test a bit.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 12 Aug 2014 04:29:34 +0000 (14:29 +1000)]
ctdb-test: Remove unused function check_ctdb_logfile()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 15 Oct 2014 09:04:45 +0000 (20:04 +1100)]
ctdb-logging: Add missing newline when logging to file
This got lost with the transition to the new Samba debug code.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
David Disseldorp [Mon, 27 Oct 2014 19:13:59 +0000 (20:13 +0100)]
spoolss: fix handling of bad EnumJobs levels
Currently Samba is inconsistent when returning WERR_UNKNOWN_LEVEL
errors for spoolss EnumJobs requests - if no print jobs are present,
then WERR_OK will be returned, regardless of whether the EnumJobs level
is supported or not.
This change fixes this behaviour, by catching invalid or unsupported
levels prior to the no-jobs response fast-path.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10898
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 28 03:05:35 CET 2014 on sn-devel-104
David Disseldorp [Mon, 27 Oct 2014 19:13:58 +0000 (20:13 +0100)]
torture/spoolss: test EnumJobs with an invalid level
This test confirms that EnumJobs WERR_INVALID_LEVEL responses remain
consistent with and without the presence of outstanding print jobs.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Mon, 27 Oct 2014 19:13:57 +0000 (20:13 +0100)]
torture/spoolss: add werr_expected arg to EnumJobs helper
This will allow for the future testing of specific EnumJobs failure
cases.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Amitay Isaacs [Mon, 20 Oct 2014 05:32:42 +0000 (16:32 +1100)]
s4-dns: Add support for BIND 9.10
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Matthieu Patou <mat@matws.net>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Sat Oct 25 05:42:19 CEST 2014 on sn-devel-104
Amitay Isaacs [Mon, 20 Oct 2014 04:31:30 +0000 (15:31 +1100)]
s4-dns: Update dlz_minimal.h based on BIND release 9.10
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Matthieu Patou <mat@matws.net>
Amitay Isaacs [Sun, 19 Oct 2014 01:57:55 +0000 (12:57 +1100)]
s4-dns: Check DLZ_DLOPEN_VERSION for different BIND versions
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Matthieu Patou <mat@matws.net>
Amitay Isaacs [Mon, 20 Oct 2014 05:40:05 +0000 (16:40 +1100)]
s4-dns: Update template variables, change BIND98 --> BIND9_8
This makes it easier to add suport for BIND 9.10.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Matthieu Patou <mat@matws.net>
Günther Deschner [Thu, 3 Jan 2013 14:40:49 +0000 (15:40 +0100)]
s4-libnet: make it possible to join "off-site".
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Oct 24 13:50:30 CEST 2014 on sn-devel-104
Günther Deschner [Thu, 23 Oct 2014 12:05:40 +0000 (14:05 +0200)]
s3-netapi: add DS_8 and WS flags to libnetapi and nltest.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Thu, 23 Oct 2014 12:04:35 +0000 (14:04 +0200)]
nbt-cli: display all known NBT_SERVER flags.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Thu, 23 Oct 2014 12:03:33 +0000 (14:03 +0200)]
nbt: the DS_8 flag also shows up in netlogon cldap/mailslot replies.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Thu, 23 Oct 2014 11:19:48 +0000 (13:19 +0200)]
netlogon: add new DS_SERVER_DS_8 flag.
This flag indicates the DC runs Windows 2012 or above.
See MS-NRPC 2.2.1.2.1 for details.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Wed, 22 Oct 2014 15:11:43 +0000 (15:11 +0000)]
messaging3: Fix running down a messaging_context
When you do a talloc_free(msg_ctx), existing waiters can't and don't have to
clean up behind themselves properly anymore. The msg_ctx the cleanup function
refers to is just gone.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 24 04:01:32 CEST 2014 on sn-devel-104
Volker Lendecke [Wed, 22 Oct 2014 15:02:49 +0000 (15:02 +0000)]
poll_funcs_tevent: Fix a valgrind error
The valgrind error happened in poll_funcs_tevent_handle_destructor in
if (handle->ctx->refcount == 0)
handle->ctx was already gone at the time this destructor
was called. It happened because during messaging_init the
messaging_dgm subsystem was free'ed. The unix_msg context and the
poll_funcs_tevent_context are children of messaging_dgm_context. How
was poll_funcs_tevent_handle_destructor still called? While working
on the new notify subsystem I've added some messaging_read_send
tevent_reqs, which register themselves with the dgm_context via
messaging_dgm_register_tevent_context. They were not gone yet. When
later these were also run down due to another talloc_free somewhere else,
this destructor referenced dead memory.
This code now protects the poll_funcs_tevent_handle against the
poll_funcs_tevent_context going away first with the loop
for (h = ctx->handles; h != NULL; h = h->next) {
h->ctx = NULL;
}
in poll_funcs_tevent_context_destructor together with
if (handle->ctx == NULL) {
return 0;
}
in poll_funcs_tevent_handle_destructor.
A side-effect of this code is that messaging_read_send request won't be
satisfied anymore after a reinit_after_fork kicked in. But I think this is the
right thing anyway: Every process should register its own message handlers
explicitly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Matthieu Patou [Tue, 1 Oct 2013 19:10:18 +0000 (12:10 -0700)]
pidl-wireshark: SWITCH_TYPE is not always defined, SwitchType() will try to find a fallback
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Matthieu Patou <mat@matws.net>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Oct 24 01:39:16 CEST 2014 on sn-devel-104
Matthieu Patou [Fri, 18 Oct 2013 07:04:28 +0000 (00:04 -0700)]
pidl-wireshark: generate ALIGN_TO_x_BYTES instructions if the element has the align_x flag
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Fri, 11 Oct 2013 20:18:37 +0000 (13:18 -0700)]
pidl-wireshark: if the structure has the flag no_align then set also no_align in the dceprc_info structure
Some dissection function will try to do alignment if the no_align flag
is not set.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Matthieu Patou <mat@matws.net>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Mon, 6 Oct 2014 01:25:27 +0000 (18:25 -0700)]
pidl-wireshark: handle 8 bits enum and change the signature of enum function to pass the exact type
Instead of passing a uint32 in all cases we pass the exact type
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Change-Id: Ib79f1fa56d5aeb30c6e57eea8f0a48db60f6484d
Signed-off-by: Matthieu Patou <mat@matws.net>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Sat, 26 Oct 2013 06:11:37 +0000 (23:11 -0700)]
pidl-wireshark: add definition for IPV4/IPV6 types
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Matthieu Patou [Sun, 5 Oct 2014 07:06:49 +0000 (00:06 -0700)]
pidl-wireshark: adapt to the new comments in the headers of wireshark dissectors
Change-Id: I4fc398c4d50230d1f0a083827493c1b193c045b9
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 21 Oct 2014 08:46:56 +0000 (10:46 +0200)]
s3:vfs:aio_pthread: use smbXsrv_connection for schedule_deferred_open_message_smb
This fixes an incompatible pointer warning which uncovered
a real bug. This caller was missed when converting the function.
This fix is only temporary, since we use fsp->sconn->client->connections
which is supposed to be the start of the list of transport connections
by a given client treated by this smbd process. Currently there is only
one such connection, but with multi-channel there might be more. So
we will need to improve this in the future.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Oct 23 23:10:35 CEST 2014 on sn-devel-104
Jeremy Allison [Tue, 21 Oct 2014 21:41:32 +0000 (14:41 -0700)]
s3: libsmbclient - smb2. MacOSX 10 SMB2 server doesn't set STATUS_NO_MORE_FILES when handed a non-wildcard path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Steve French <smfrench@gmail.com>
Tested-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Steve French <sfrench@samba.org>
Autobuild-Date(master): Thu Oct 23 20:44:31 CEST 2014 on sn-devel-104
Marc Muehlfeld [Fri, 17 Oct 2014 22:34:35 +0000 (00:34 +0200)]
samba-tool group add: Add option --nis-domain and --gid
This allows creating RFC2307 enabled groups via samba-tool
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Oct 23 18:19:35 CEST 2014 on sn-devel-104
Marc Muehlfeld [Sun, 12 Oct 2014 14:32:08 +0000 (16:32 +0200)]
samba-tool: Add exception when trying to add/remove none existent users from a group.
This allows a better scripting around samba-tool for adding/removing users
to/from groups. Before the output and the return code had indicated that
everything was successul.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10871
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Marc Muehlfeld [Sat, 18 Oct 2014 00:17:22 +0000 (02:17 +0200)]
selftest: Fix test samba4.blackbox.group.py
The test created two users and in later steps it tried adding two
non-existend users to groups. This fix adds now the two created
accounts to the groups instead.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10871
Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Fri, 17 Oct 2014 09:17:53 +0000 (11:17 +0200)]
subunit: report [X/Y at Zs] instead of [X/Y in Zs]
when running test X out of Y after Z secons have passed
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>
Michael Brown [Thu, 21 Nov 2013 15:48:33 +0000 (10:48 -0500)]
Add missing parameters to drs_Replicate in rodc.py
* rodc.py: destination_dsa_guid parameter was neglected
in drs_Replicate call
* rodc.py: cancel the local_samdb transaction on error
Change-Id: I962315a26ec48dc8774bb41db760387a3469c919
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu Oct 23 03:05:00 CEST 2014 on sn-devel-104
Volker Lendecke [Mon, 20 Oct 2014 19:38:09 +0000 (19:38 +0000)]
vfs: fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 21 04:58:44 CEST 2014 on sn-devel-104
Samuel Cabrero [Mon, 20 Oct 2014 12:31:01 +0000 (14:31 +0200)]
Initialize dwFlags field of DNS_RPC_NODE structure
This fixes issue #9791, where the MMC shows random data
listing the zone contents.
Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 11 Oct 2014 18:50:46 +0000 (20:50 +0200)]
build: lib/util/string_wrappers.h: fix optimisation check for clang
Building with clang resulted in an error with undefined symbols
___unsafe_string_function_usage_here_size_t__ etc. Turns out the
existing check whether the compiler optimizes out functions doesn't
match the use case, ie the check said yes, but the functions were not
optimized out.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Oct 20 14:41:09 CEST 2014 on sn-devel-104
Björn Jacke [Sun, 19 Oct 2014 13:48:45 +0000 (15:48 +0200)]
nss_winbind: add getgroupmembership for FreeBSD
The getgroupmembership call on FreeBSD is needed for "winbind expand groups=0"
(the new default in 4.2) to work.
Thanks to Timur I. Bakeyev for the enhancement patch.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10835
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
Michael Adam [Thu, 16 Oct 2014 22:41:24 +0000 (00:41 +0200)]
pam_winbind: fix comment typos
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sat Oct 18 12:41:07 CEST 2014 on sn-devel-104
Matthieu Patou [Mon, 13 Oct 2014 03:59:02 +0000 (20:59 -0700)]
selftest: add documentation for options --exclude and --include that weren't documented before
Change-Id: Ibf0fa1c548d376dc8d68ab8136e2532f67dd1d8a
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Oct 17 20:20:12 CEST 2014 on sn-devel-104
Matthieu Patou [Mon, 13 Oct 2014 00:57:20 +0000 (17:57 -0700)]
selftest: report the 10 slowest tests (by default) make the number configurable
Change-Id: Ib1cf50199d110827a25cf198b40738f3c72cbe17
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Matthieu Patou [Mon, 13 Oct 2014 00:56:10 +0000 (17:56 -0700)]
scripts: Allow to specify a limit on the number of tests reported
This allows to report the 10 most slowest for instance.
Change-Id: I987520dbc28f598221c47df314d823f916312aab
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andrew Bartlett [Mon, 13 Oct 2014 00:13:15 +0000 (13:13 +1300)]
ntlm_auth: Allow the --option parameter to work against ntlm_auth
Change-Id: Iee386624359c2bf8437719f286e306cdfbb628c6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Oct 17 15:20:59 CEST 2014 on sn-devel-104
Andrew Bartlett [Sun, 12 Oct 2014 20:42:25 +0000 (09:42 +1300)]
ntlm_auth: Allow us to use kerberos when we are an AD DC
Change-Id: I88caff9ded915d914cb7fda8829ccbcd3ad64af1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 1 Oct 2014 07:49:23 +0000 (20:49 +1300)]
docs: Explain that winbindd enforces smb signing by default.
Change-Id: I9341fa3bd7480836ac5e0c18e28458175b42d44a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 26 Sep 2014 01:39:13 +0000 (03:39 +0200)]
s3:libsmb: remove unused cli_set_username() function
Change-Id: Ib432b4ff66f966de9e733e01de6de2f486c0c728
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 26 Sep 2014 01:35:30 +0000 (03:35 +0200)]
s3:libsmb: avoid calling cli_set_username() cliconnect.c
Change-Id: I45e44405ea51ecb1aa38c72f4fc6243a1d3d531a
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 26 Sep 2014 01:33:45 +0000 (03:33 +0200)]
s3:libsmb: avoid calling cli_set_username() in clidfs
Change-Id: I8b32be8a10d2bff33bb468cc68c98e555b220bde
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 26 Sep 2014 01:17:08 +0000 (03:17 +0200)]
s3:libsmb: avoid cli_set_username() in SMBC_server_internal()
Change-Id: I32e19078a4d4948e405f39dc2a479ff925ad3684
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 26 Sep 2014 01:14:53 +0000 (03:14 +0200)]
s3:lib/netapi: avoid calling cli_set_username()
Change-Id: I3ab768d2df06749187555a16d7b930f7cc8f8b9f
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 26 Sep 2014 01:13:28 +0000 (03:13 +0200)]
s3:torture: avoid unused cli_set_username()
Change-Id: Ia774b256093aff5f2b3338e7827e2d798fb06a96
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Fri, 26 Sep 2014 01:10:19 +0000 (03:10 +0200)]
s3:libsmb: Remove unused domain copy stored in cli_state
Change-Id: I7333140906bb3a487205b5760396dcc00a9f49b0
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 23 Sep 2014 21:19:35 +0000 (14:19 -0700)]
s3:libsmb: Remove unused password copy stored in cli_state
Change-Id: Ia6b33a25628ae08be8a8c6baeb71ce390315cb45
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 23 Sep 2014 16:12:20 +0000 (09:12 -0700)]
s3-winbindd: use cli_rpc_pipe_open_with_creds()
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 23 Sep 2014 16:12:20 +0000 (09:12 -0700)]
s3-librpc: Add cli_rpc_pipe_open_with_creds()
This provides a credentials-based interface. In the long term, we
will want to change this not to reference the credentials, but for now
this suits the caller in winbindd_cm.c
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 11 Dec 2013 02:10:39 +0000 (15:10 +1300)]
s3-winbindd: Use own machine account to connect to trusted domains as well
This relies on a two-way trust, which we may not have, but is the only
secure way to do this. To do this correctly we need to split NETLOGON
from normal authentication, as we need to use the machine account for
the SMB level, but the inter-domain trust account for the NETLOGON
level.
Change-Id: Ib93eb6a4d704ef26df8234be7cb71c47ad519c8a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 8 Aug 2013 11:58:34 +0000 (13:58 +0200)]
s3-winbindd: use a cli_credentials structure to hold the trust credentials
Later we can pass this down directly and have a much more sane
handling of credentials and the spnego handshake.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Change-Id: If12ef0b105d8c7af60190d4eed3c8c07849da2ca
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 3 Oct 2014 18:06:35 +0000 (07:06 +1300)]
libsmb: Print the principal name that we failed to kinit for.
This should aid debugging when this is called from an automated process.
Andrew Bartlett
Change-Id: I2c7291ab3f67f9f7462d7c52c8c9a4b042f7ec5a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 2 Oct 2014 17:35:28 +0000 (06:35 +1300)]
passdb: Use common code in cli_credentials_set_machine_account_db_ctx()
This avoids some duplication in setting the machine account passsword
for the domain member and DC case.
This does not yet remove the duplication, that requires a bigger
restructure of the various routines used here to obtain the machine
and domain trust secrets.
Also no longer used is the timeout/2 code to not set the previous
password. It is now always passed to the caller.
Andrew Bartlett
Change-Id: Idd5bafedf4cbac30b174955d743ec4128a6902ee
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 6 Oct 2014 00:51:25 +0000 (13:51 +1300)]
auth/credentials: Ensure that we set the realm when reading secrets.tdb
Otherwise, we try and kinit as host$@DOMAIN and that will not work.
Andrew Bartlett
Change-Id: Id2fde673423e74dfa1e6ac48f47f49c61ee59779
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 2 Oct 2014 17:32:39 +0000 (06:32 +1300)]
credentials: Allow the secret.tdb handle to be passed in to cli_credentials_set_machine_account()
This adds a new wrapper, cli_credentials_set_machine_account_db_ctx()
Andrew Bartlett
Change-Id: Ia2cceefede4ba9cf7f8de41986daf9372c19d997
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 2 Oct 2014 16:14:56 +0000 (05:14 +1300)]
credentials: Improve error message on failure to set machine account password
Change-Id: I4136067d6d0e5cfe92770a2e7efa39f4ebcb2aca
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Thu, 2 Oct 2014 16:14:21 +0000 (05:14 +1300)]
credentials: Set secure_channel_type from secrets.tdb in cli_credentials_set_machine_account
This should ensure more parts of the source4 code can work with a
password set in secrets.tdb.
Andrew Bartlett
Change-Id: I4a890a719246b073898333d2e04841904c6e1a5d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 7 Oct 2014 21:58:54 +0000 (10:58 +1300)]
selftest: Run samba.tests.messaging in an environment where it has servers to list
The previous code would run on empty databases.
Andrew Bartlett
Change-Id: I8f8e736b9ad475b5b3d10e32834450c76edc5ca2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 7 Oct 2014 21:43:41 +0000 (10:43 +1300)]
tests: Allow "max open files" to differ from the documentation
It is system-dependent.
Andrew Bartlett
Change-Id: Icf21476c00295a428ad808bc56ab8153f109627f
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Amitay Isaacs [Tue, 14 Oct 2014 06:52:55 +0000 (17:52 +1100)]
ctdb-tools: Fix heap-use-after-free problem
Found by address sanitizer.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Oct 17 12:56:02 CEST 2014 on sn-devel-104
Stefan Metzmacher [Tue, 7 Oct 2014 13:59:48 +0000 (15:59 +0200)]
libcli/smb: try to negotiate SMB2_ENCRYPTION_AES128_GCM
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 16 21:53:32 CEST 2014 on sn-devel-104
Stefan Metzmacher [Mon, 13 Oct 2014 07:53:12 +0000 (09:53 +0200)]
libcli/smb: support SMB2_ENCRYPTION_AES128_GCM in smb2_signing_[de|en]crypt_pdu()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 7 Oct 2014 12:48:26 +0000 (14:48 +0200)]
lib/crypto: add aes_gcm_128 support.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 7 Oct 2014 07:56:00 +0000 (09:56 +0200)]
libcli/smb: prepare smb2_signing_[de|en]crypt_pdu() to support multiple ciphers
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 7 Oct 2014 07:54:35 +0000 (09:54 +0200)]
s3:smb2_server: pass xconn->smb2.server.cipher to smb2_signing_[de|en]ncrypt_pdu()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 13 Oct 2014 09:07:01 +0000 (11:07 +0200)]
s3:smb2_server: check xconn->smb2.server.cipher instead of xconn->smb2.server.capabilities
SMB 3.10 and later won't have SMB2_CAP_ENCRYPTION anymore.
xconn->smb2.server.cipher == 0 is the indication that we don't support encryption on the connection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 13 Oct 2014 09:07:01 +0000 (11:07 +0200)]
s3:smb2_negprot: remember xconn->smb2.server.cipher
For now we always use SMB2_ENCRYPTION_AES128_CCM or 0.
0 is the indication that we don't support encryption on the connection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 7 Oct 2014 07:54:35 +0000 (09:54 +0200)]
libcli/smb: pass the negotiated cipher to smb2_signing_[de|en]ncrypt_pdu()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Tue, 7 Oct 2014 07:51:58 +0000 (09:51 +0200)]
libcli/smb: pass 'uint16_t cipher_id' to smb2_signing_[de|en]crypt_pdu()
enum protocol_types protocol was unused before
and cipher_id is unused as well for now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Mon, 13 Oct 2014 08:39:45 +0000 (10:39 +0200)]
libcli/smb: use conn->smb2.server.cipher != 0 instead of conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION
SMB 3.10 servers don't report SMB2_CAP_ENCRYPTION anymore.
So using conn->smb2.server.cipher != 0 is a more consistent way to decide if
encryption is supported on the connection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Martin Schwenke [Thu, 16 Oct 2014 08:50:56 +0000 (19:50 +1100)]
lib/util: Protect time_basic.h against multiple inclusion
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Oct 16 16:35:59 CEST 2014 on sn-devel-104
Jelmer Vernooij [Sat, 27 Sep 2014 13:05:54 +0000 (15:05 +0200)]
update-external.sh: Update upstream URLs for testtools and subunit.
Change-Id: Iaba422aa5dec30c3a4953907d9d73e018206e0e6
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 16 01:35:19 CEST 2014 on sn-devel-104
Jelmer Vernooij [Sat, 27 Sep 2014 13:01:16 +0000 (15:01 +0200)]
Fix path to zlib in update-external.sh.
Change-Id: I25f308d037cc47bacd3a371cafca9c3e22f4a92d
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Jelmer Vernooij [Wed, 16 Jul 2014 23:20:35 +0000 (01:20 +0200)]
Update zlib using update-external.sh.
Change-Id: I9465ef84084a70187f693fea4762f3d68274fe99
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 15 Oct 2014 09:29:12 +0000 (11:29 +0200)]
nss_wrapper: check for nss.h
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 15 14:06:11 CEST 2014 on sn-devel-104