ambi/samba-autobuild/.git
2 years agos3: smbd: inotify_map_mask_to_filter incorrectly indexes an array.
Doug Nazar [Thu, 27 Apr 2017 22:41:24 +0000 (15:41 -0700)]
s3: smbd: inotify_map_mask_to_filter incorrectly indexes an array.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12760

Signed-off-by: Doug Nazar <nazard@nazar.ca>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2 years agotdb: version 1.3.13 tdb-1.3.13
Stefan Metzmacher [Tue, 11 Apr 2017 15:27:33 +0000 (17:27 +0200)]
tdb: version 1.3.13

* documentation for the tdbbackup -n option
* correctly upgrade F_RDLCK to F_WRLCK locks
* tdbtool: Add "storehex" command
* fix robust mutex detection in threaded applications
  (bug #12593)
* improve debugging of transaction lock failures

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr 27 18:50:10 CEST 2017 on sn-devel-144

2 years agotdb: Improve debugging in _tdb_transaction_start
Andrew Bartlett [Fri, 31 Mar 2017 04:35:06 +0000 (17:35 +1300)]
tdb: Improve debugging in _tdb_transaction_start

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agotdb: Improve debugging when the allrecord lock fails to upgrade
Andrew Bartlett [Thu, 30 Mar 2017 06:11:06 +0000 (19:11 +1300)]
tdb: Improve debugging when the allrecord lock fails to upgrade

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agotdb: runtime check for robust mutexes may hang in threaded programs
Ralph Boehme [Tue, 14 Mar 2017 13:24:18 +0000 (14:24 +0100)]
tdb: runtime check for robust mutexes may hang in threaded programs

The current runtime check for robust mutexes in
tdb_runtime_check_for_robust_mutexes() is not thread-safe.

When called in a multi-threaded program where any another thread doesn't
have SIGCHLD blocked, we may end up hung in sigsuspend() waiting for a
SIGCHLD of a child procecss and the signal was delivered to another
thread.

Revert to the previous behaviour of waiting for the child instead of
waiting for the SIGCHLD signal.

Ensure the pid we wait for is not reset to -1 in a toctou race with the
signal handler.

Check whether waitpid() returns ECHILD which can happen if the signal
handler is run by more then one thread in parallel (yes, this can
happen) or if tdb_robust_mutex_wait_for_child() and the signal handler
are racing.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12593

Pair-programmed-with: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agonotify: Fix ordering of events in notifyd
Shilpa Krishnareddy [Tue, 25 Apr 2017 14:59:45 +0000 (16:59 +0200)]
notify: Fix ordering of events in notifyd

In notifyd_trigger_parser() while initializing notify_event_msg values from
notify_trigger_msg, 'when' value is ignored. So the smbd process does not get
correct 'when' value and this is causing issues during qsort in
notify_marshall_changes(). Because of this issue, smb2.notify.dir test was
failing.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12756
Signed-off-by: Shilpa Krishnareddy <skrishnareddy@panzura.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Apr 26 17:02:58 CEST 2017 on sn-devel-144

2 years agos4-messaging: Add helpful comments
Andrew Bartlett [Tue, 28 Mar 2017 08:55:47 +0000 (21:55 +1300)]
s4-messaging: Add helpful comments

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr 26 03:09:19 CEST 2017 on sn-devel-144

2 years agoprocess_standard: clean up messaging for children after exit()
Andrew Bartlett [Tue, 28 Mar 2017 08:04:23 +0000 (21:04 +1300)]
process_standard: clean up messaging for children after exit()

This makes sure we remove any messaging sockets if a child dies or calls exit()
without running the talloc destructor for messaging

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agolib: Fix CID 1405493 Error handling issues (CHECKED_RETURN)
Volker Lendecke [Tue, 25 Apr 2017 15:32:43 +0000 (17:32 +0200)]
lib: Fix CID 1405493 Error handling issues (CHECKED_RETURN)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 25 23:07:25 CEST 2017 on sn-devel-144

2 years agolib/util: fix a Coverity finding in tfork
Ralph Boehme [Tue, 25 Apr 2017 15:47:57 +0000 (17:47 +0200)]
lib/util: fix a Coverity finding in tfork

If dup2() fails, fd is -1 and is later used in sys_write().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos3-libgpo: Fix the build of the group policy CSEs
Günther Deschner [Mon, 24 Apr 2017 11:25:41 +0000 (13:25 +0200)]
s3-libgpo: Fix the build of the group policy CSEs

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Apr 24 23:19:44 CEST 2017 on sn-devel-144

2 years agotdbtool: Add "storehex" command
Volker Lendecke [Fri, 21 Apr 2017 12:10:33 +0000 (14:10 +0200)]
tdbtool: Add "storehex" command

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 22 09:16:16 CEST 2017 on sn-devel-144

2 years agosecrets: Protect against a non-0-terminated ldap password
Volker Lendecke [Fri, 21 Apr 2017 11:05:12 +0000 (13:05 +0200)]
secrets: Protect against a non-0-terminated ldap password

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agovfs_fruit: lp_case_sensitive() does not return a bool
Ralph Boehme [Wed, 19 Apr 2017 11:12:55 +0000 (13:12 +0200)]
vfs_fruit: lp_case_sensitive() does not return a bool

lp_case_sensitive() returns an int, not a bool, so with the default
setting of "Auto" by default we set the AAPL flag
SMB2_CRTCTX_AAPL_CASE_SENSITIVE.

This caused the client to believe the volume is case sensitive where it
wasn't, leading to an error when trying to rename files changing only
the case of the name.

Also fix the existing torture test that verifies AAPL context
negotiation and actually expected the server to return "case sensitive",
while the Samba default is really "case insensitive".

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12749

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoselftest: Do not enable inbound replication during replica_sync
Andrew Bartlett [Thu, 20 Apr 2017 02:08:20 +0000 (14:08 +1200)]
selftest: Do not enable inbound replication during replica_sync

Instead we should use the forced=True to only do a very specific
replication, and so avoid noise from any other DC also live
on the network.  This extra replication in turn causes (and this
patch fixes) flapping replica_sync tests.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12753

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Apr 22 05:19:11 CEST 2017 on sn-devel-144

2 years agolib: modules: Change XXX_init interface from XXX_init(void) to XXX_init(TALLOC_CTX *)
Jeremy Allison [Thu, 20 Apr 2017 19:24:43 +0000 (12:24 -0700)]
lib: modules: Change XXX_init interface from XXX_init(void) to XXX_init(TALLOC_CTX *)

Not currently used - no logic changes inside.

This will make it possible to pass down a long-lived talloc
context from the loading function for modules to use instead
of having them internally all use talloc_autofree_context()
which is a hidden global.

Updated all known module interface numbers, and added a
WHATSNEW.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 22 01:17:00 CEST 2017 on sn-devel-144

2 years agopyrpc: Fix segfault in ClientConnection
Gary Lockyer [Wed, 19 Apr 2017 04:13:20 +0000 (16:13 +1200)]
pyrpc: Fix segfault in ClientConnection

Fix segfault when connecting over TCP, the endpoints list in dummy_table
was not initialised this caused a segfault when attempting to connect
over TCP.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Apr 21 16:10:12 CEST 2017 on sn-devel-144

2 years agovfs_acl_xattr|tdb: ensure create mask is at least 0666 if ignore_system_acls is set
Ralph Boehme [Mon, 6 Feb 2017 11:47:41 +0000 (12:47 +0100)]
vfs_acl_xattr|tdb: ensure create mask is at least 0666 if ignore_system_acls is set

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12562

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Apr 20 20:50:10 CEST 2017 on sn-devel-144

2 years agocleanupdb: Fix a memory read error
Hanno Böck [Wed, 19 Apr 2017 12:00:21 +0000 (14:00 +0200)]
cleanupdb: Fix a memory read error

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12748

Signed-off-by: Hanno Böck <hanno@hboeck.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2 years agolib/util: add a test for samba_runcmd_send()
Ralph Boehme [Tue, 11 Apr 2017 18:00:05 +0000 (20:00 +0200)]
lib/util: add a test for samba_runcmd_send()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowafsamba: add source directory define SRCDIR to config.h
Ralph Boehme [Sat, 15 Apr 2017 07:09:21 +0000 (09:09 +0200)]
wafsamba: add source directory define SRCDIR to config.h

This will be used in the next commit to prepare the path to a test
script in a smbtorture test.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolib/util: make use of tfork in samba_runcmd_send()
Ralph Boehme [Tue, 11 Apr 2017 18:05:05 +0000 (20:05 +0200)]
lib/util: make use of tfork in samba_runcmd_send()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolib/util: add a test for tfork()
Ralph Boehme [Tue, 11 Apr 2017 15:32:01 +0000 (17:32 +0200)]
lib/util: add a test for tfork()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolib/util: add tfork()
Stefan Metzmacher [Thu, 23 Sep 2010 16:10:02 +0000 (18:10 +0200)]
lib/util: add tfork()

triple-fork to avoid handling SIGCHLD in the parent.

This function is a workaround for the problem of using fork() in
library code. In that case the library should avoid setting a global
signal handler for SIGCHLD, because the application may wants to use its
own handler.

status_fd can be used to wait for the child to exit and get its exit
status.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agosmbldap: Bump version number
Volker Lendecke [Wed, 19 Apr 2017 12:54:11 +0000 (14:54 +0200)]
smbldap: Bump version number

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Apr 20 14:23:14 CEST 2017 on sn-devel-144

2 years agosmbldap: Privatize struct smbldap_state
Volker Lendecke [Wed, 19 Apr 2017 11:43:39 +0000 (13:43 +0200)]
smbldap: Privatize struct smbldap_state

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agosmbldap: Introduce "smbldap_get_paged_results"
Volker Lendecke [Wed, 19 Apr 2017 11:39:25 +0000 (13:39 +0200)]
smbldap: Introduce "smbldap_get_paged_results"

This should be hidden inside smbldap.c, but this is a quick way to
get smbldap_state private to smbldap.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agosmbldap: Introduce "smbldap_get_paged_results"
Volker Lendecke [Wed, 19 Apr 2017 11:39:25 +0000 (13:39 +0200)]
smbldap: Introduce "smbldap_get_paged_results"

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agosmbldap: Introduce "smbldap_get_ldap"
Volker Lendecke [Wed, 19 Apr 2017 11:29:31 +0000 (13:29 +0200)]
smbldap: Introduce "smbldap_get_ldap"

This is a pretty big boiler-plate change. I've renamed the struct member
temporarily to find all accessors. Not sure where this leads in the end, but
the goal is to make struct smbldap_struct private to smbldap.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agosmbldap: Fix a typo
Volker Lendecke [Tue, 18 Apr 2017 18:49:12 +0000 (20:49 +0200)]
smbldap: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agoautobuild: Do not require cmocka to be installed for samba-libs to build
Andrew Bartlett [Wed, 19 Apr 2017 10:44:24 +0000 (22:44 +1200)]
autobuild: Do not require cmocka to be installed for samba-libs to build

cmocka does not have an install target, but is a depencency of ldb for the tests

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Apr 19 19:43:15 CEST 2017 on sn-devel-144

2 years agoldb:tests: Unit test the ldb_rename() operation
Jakub Hrozek [Wed, 7 Oct 2015 16:07:13 +0000 (18:07 +0200)]
ldb:tests: Unit test the ldb_rename() operation

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb:tests: Add tests for case insensitive searches
Jakub Hrozek [Tue, 24 Nov 2015 19:12:43 +0000 (20:12 +0100)]
ldb:tests: Add tests for case insensitive searches

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb:tests: unit test for ldb_search()
Jakub Hrozek [Thu, 14 May 2015 20:49:00 +0000 (22:49 +0200)]
ldb:tests: unit test for ldb_search()

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb:tests: Add a modify test
Jakub Hrozek [Sat, 3 Oct 2015 18:43:45 +0000 (20:43 +0200)]
ldb:tests: Add a modify test

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb:tests: Add a test for ldb transactions
Jakub Hrozek [Fri, 25 Sep 2015 05:02:12 +0000 (07:02 +0200)]
ldb:tests: Add a test for ldb transactions

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb:tests: Add a basic delete test
Jakub Hrozek [Tue, 20 Jan 2015 11:11:34 +0000 (12:11 +0100)]
ldb:tests: Add a basic delete test

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb:tests: Add a basic search test
Jakub Hrozek [Sat, 2 May 2015 13:01:13 +0000 (15:01 +0200)]
ldb:tests: Add a basic search test

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb:tests: A rudimentary ldb_add() test
Jakub Hrozek [Tue, 15 Sep 2015 20:39:08 +0000 (22:39 +0200)]
ldb:tests: A rudimentary ldb_add() test

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb:tests: Build a ldb test for the tdb backend
Andreas Schneider [Fri, 2 Oct 2015 09:36:50 +0000 (11:36 +0200)]
ldb:tests: Build a ldb test for the tdb backend

Pair-Programmed-With: Andrew Bartlet <abartlet@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb:tests: Add a simple cmocka test for ldb_connect()
Jakub Hrozek [Sat, 17 Jan 2015 17:06:09 +0000 (18:06 +0100)]
ldb:tests: Add a simple cmocka test for ldb_connect()

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb: Clarify LDB_MODULES_PATH is used
Jakub Hrozek [Fri, 16 Jan 2015 17:52:48 +0000 (18:52 +0100)]
ldb: Clarify LDB_MODULES_PATH is used

Make it (hopefully more) clear where modules are loaded from.

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb_tdb: Remove unused function parameter
Jakub Hrozek [Mon, 2 Feb 2015 14:48:47 +0000 (15:48 +0100)]
ldb_tdb: Remove unused function parameter

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb_tdb: Remove unused function parameter
Jakub Hrozek [Mon, 2 Feb 2015 14:33:24 +0000 (15:33 +0100)]
ldb_tdb: Remove unused function parameter

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agoldb_tdb: Remove unused function ltdb_add_attr_results
Jakub Hrozek [Mon, 11 May 2015 20:24:01 +0000 (22:24 +0200)]
ldb_tdb: Remove unused function ltdb_add_attr_results

Signed-off-by: Jakub Hrozek <jakub.hrozek@posteo.se>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2 years agos3-tests: assignement in shell shall have no spaces around equal sign
Alexander Bokovoy [Tue, 18 Apr 2017 15:28:29 +0000 (18:28 +0300)]
s3-tests: assignement in shell shall have no spaces around equal sign

When assigning value to 'failed', no spaces should be around '=' sign.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 19 02:53:25 CEST 2017 on sn-devel-144

2 years ago_netr_ServerPasswordSet2: use info level 26 to set plain text machine password
Alexander Bokovoy [Fri, 31 Mar 2017 09:44:58 +0000 (12:44 +0300)]
_netr_ServerPasswordSet2: use info level 26 to set plain text machine password

To support password change for machine or trusted domain accounts in Active
Directory environment we need to pass down actual plain text password
instead of NT hashes. This would allow a backend like ipasam to update
Kerberos keys as well as NT hashes.

By calling samr_SetUserInfo2 info level 26 we ensure PASSDB layer can
actually get the plain text password. If PASSDB backend implements
pdb_update_sam_account() callback, it then gets the plain text password
from samr_SetUserInfo2.

A plain text password is a data blob represented as up to 256 WCHARs. It
is UTF-16 coded on wire and we have its length from the buffer.
SetUserInfo2 SAMR call chain in decode_pw_buffer() does explicitly
expect 512+4 bytes in the buffer. It then calls convert_string_talloc()
to convert it to UNIX charset passing the correct value of the plaintext
password length. However, convert_string_talloc() expects the length of
input string *including* the terminating null and we pass just the
string length.

convert_string_talloc() then explicitly null-terminates the resulting
string by adding two nulls. In most cases UNIX charset is UTF-8, so we
get null-terminated UTF-8 string down to PASSDB layer.

MS-SAMR does not limit what does the password should contain.  It says
it is 'userPassword' value. Either 'userPassword' or 'unicodePwd' cannot
contain null characters according to MS-ADTS 3.1.1.3.1.5 because they
must be proper UTF-8 and UTF-16 strings accordingly.

We are talking to our own SAMR service here.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoselftest: also run smb2.compound_find against share with async delay set
Ralph Boehme [Thu, 23 Feb 2017 21:20:39 +0000 (22:20 +0100)]
selftest: also run smb2.compound_find against share with async delay set

Add a share with "smbd:find async delay usec" set to 10000 and run the
test smb2.compound_find added in the previous commit against this new
share as well.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agos4/torture: add a test for compound SMB2 FIND requests
Ralph Boehme [Wed, 11 Jan 2017 16:09:54 +0000 (17:09 +0100)]
s4/torture: add a test for compound SMB2 FIND requests

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agos3/smbd: add "smbd:find async delay usec" to SMB2 FIND
Ralph Boehme [Wed, 11 Jan 2017 14:36:38 +0000 (15:36 +0100)]
s3/smbd: add "smbd:find async delay usec" to SMB2 FIND

This is just a hack for selftest that will be used in subsequent commits
for torturing compound find requests.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agos3/smbd: make write time fetching async
Ralph Boehme [Sun, 18 Dec 2016 07:53:43 +0000 (08:53 +0100)]
s3/smbd: make write time fetching async

Finally use the new async dbwrap_parse_record_send/recv() functions
respectively the fetch_share_mode_send/recv wrappers for fetching the
write time from locking.tdb.

Previously for a directory with n files we would sit idle in the
directory enumeration loop fo n * m seconds waiting for responses from
ctdb, where m is the response time in seconds for a dbwrap request via
ctbd.

This is known to kill performance and we even have a parameter
"smbd:search ask sharemode" that can be used to disable fetching the
write time from locking.tdb.

Using fetch_write_time_send() works this way: in the directory
enumeration loop that calls smbd_dirptr_lanman2_entry() to marshall the
directory entries we

1. call fetch_write_time_send() after calling smbd_dirptr_lanman2_entry
   passing a pointer to the current position in the marshall buffer.

2. If fetch_write_time_send() has set the out parameter "stop", we exit
   the enumeration loop. This is necessary because we only send dbwrap
   requests but don't consume the results. This has the potential to
   deadlock so we must stop sending requests as soon as our ctdb send
   queue is full.

3. In the fetch_write_time_done() callback, if the recv function got a
   locking.tdb record, we push the write time into the marshall buffer
   at the offet saved in the request state.

This new feature is still off by default as it doesn't
give any improvement in the non-clustered usecase.
"smbd:async search ask sharemode" can be used to activate it,
which makes only sense with "clustering = yes" (execept for testing).

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agos3/smbd: enable processing SMB2 requests async internally
Ralph Boehme [Wed, 11 Jan 2017 14:00:24 +0000 (15:00 +0100)]
s3/smbd: enable processing SMB2 requests async internally

The idea is to allow the implementation of an SMB2 request to tell the
main SMB2 processing engine that it wants to handle a requests
asynchronously internally.

This has two use cases:

- it allows (internal) async processing of compound requests that would
  otherwise be rejected by the SMB2 processing engine

- it preserves sync semantics at the SMB layer, some clients might not
  expect arbitrary SMB2 requests going async

Not used for now, will be used in laters commit for async SMB2 FIND
requests.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agos3/smbd: ask_sharemode is not needed for info_level SMB_FIND_FILE_NAMES_INFO
Ralph Boehme [Fri, 23 Dec 2016 18:51:49 +0000 (19:51 +0100)]
s3/smbd: ask_sharemode is not needed for info_level SMB_FIND_FILE_NAMES_INFO

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agos3/smbd: add file_id return arg to smbd_dirptr_lanman2_entry
Ralph Boehme [Thu, 22 Dec 2016 13:53:17 +0000 (14:53 +0100)]
s3/smbd: add file_id return arg to smbd_dirptr_lanman2_entry

Not used for now, needed for async write_time updates in
smbd_smb2_query_directory_send().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agos3/locking: add fetch_share_mode_send/recv
Ralph Boehme [Wed, 4 Jan 2017 07:00:29 +0000 (08:00 +0100)]
s3/locking: add fetch_share_mode_send/recv

The boolean out parameter "queued" tells the caller whether the
async request is blocked in a full send queue:

false := request is dispatched
true  := send queue is full, request waiting to be dispatched

This is useful in a clustered Samba environment where the async dbwrap
request is sent over a socket to the local ctdbd.

If the send queue is full and the caller was issuing multiple async
dbwrap requests in a loop, the caller knows it's probably time to stop
sending requests for now and try again later.

This will be used in subsequent commits in
smbd_smb2_query_directory_send() when implementing async write time
updates. Directories may contain umpteen files so we send many requests
to ctdb without going through tevent and reading the responses which
has the potential to deadlock.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agodbwrap_watch: add parse_record_send/recv wrappers
Ralph Boehme [Mon, 26 Dec 2016 09:15:11 +0000 (10:15 +0100)]
dbwrap_watch: add parse_record_send/recv wrappers

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agodbwrap: add dbwrap_parse_record_send/recv
Ralph Boehme [Tue, 27 Dec 2016 08:13:37 +0000 (09:13 +0100)]
dbwrap: add dbwrap_parse_record_send/recv

The req_state parameter tells the caller whether the async request is
blocked in a full send queue:

req_state >= DBWRAP_REQ_DISPATCHED := request is dispatched
req_state < DBWRAP_REQ_DISPATCHED := send queue is full

This is useful in a clustered Samba environment where the async dbwrap
request is sent over a socket to the local ctdbd.

If the send queue is full and the caller was issuing multiple async
dbwrap requests in a loop, the caller knows it's probably time to stop
sending requests for now and try again later.

This will be used in subsequent commits in
smbd_smb2_query_directory_send() when implementing async write time
updates. Directories may contain umpteen files so we send many requests
to ctdb without going through tevent and reading the responses which has
the potential to deadlock.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agodbwrap_ctdb: implement parse_record_send()/recv()
Ralph Boehme [Wed, 21 Dec 2016 07:38:25 +0000 (08:38 +0100)]
dbwrap_ctdb: implement parse_record_send()/recv()

This mainly works like the sync version, but calls ctdbd_parse_send/recv
instead.

We use one global ctdb connection that is used exclusively for async
requests.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agodbwrap_ctdb: factor out a db_ctdb_try_parse_local_record() function
Ralph Boehme [Thu, 23 Feb 2017 17:28:32 +0000 (18:28 +0100)]
dbwrap_ctdb: factor out a db_ctdb_try_parse_local_record() function

Pair-programmed-with: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoctdb_conn: add ctdbd_parse_send/recv
Ralph Boehme [Mon, 9 Jan 2017 07:17:02 +0000 (08:17 +0100)]
ctdb_conn: add ctdbd_parse_send/recv

Implement the ctdb packet layer for async parse send/recv with tevent.

ctdbd_setup_fde() will is used to create an fde from the
connection fd and will be called from dbwrap_ctdb.

ctdbd_parse_send() and ctdbd_parse_recv() will be used by dbwrap_ctdb
for async packet sending and receiving.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agodbwrap: add parse_record_send/recv to struct db_context
Ralph Boehme [Tue, 10 Jan 2017 13:48:07 +0000 (14:48 +0100)]
dbwrap: add parse_record_send/recv to struct db_context

The implementation comes next.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agodbwrap: add enum dbwrap_req_state
Ralph Boehme [Tue, 10 Jan 2017 13:22:21 +0000 (14:22 +0100)]
dbwrap: add enum dbwrap_req_state

This will be used by async dwrap_parse_send() as an out argument, giving
the caller an indication about the state of the request.

This is can be useful for the caller if it is a sync function and sends
multiple async dbwrap requests. As it's a sync function it won't return
to the main tevent event loop and so the async dbwrap recv function are
not called.

As a result the function may deadlock: our receive queue may already be
full with results from a peer, the peer might be blocked in his send
queue (because we're not receiving), the peer therefor doesn't read from
his receive queue so our send queue will block as well.

To inform the caller of this situation "send queue full" we return this
state information to the caller of the dbwrap send function.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agolib/util: add and use iov_concat
Ralph Boehme [Wed, 22 Feb 2017 16:21:15 +0000 (17:21 +0100)]
lib/util: add and use iov_concat

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2 years agolib: param: Remove lpcfg_register_defaults_hook().
Jeremy Allison [Tue, 18 Apr 2017 17:21:50 +0000 (10:21 -0700)]
lib: param: Remove lpcfg_register_defaults_hook().

Completely unused functionality. Gets rid of another
talloc_autofree_context(). Updated WHATSNEW to make
this clear.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2 years agosmbldap: Move ldapsam_privates to pdb_ldap.h
Volker Lendecke [Mon, 17 Apr 2017 15:12:27 +0000 (17:12 +0200)]
smbldap: Move ldapsam_privates to pdb_ldap.h

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 18 22:52:03 CEST 2017 on sn-devel-144

2 years agosmbldap: pdb_ipa is gone
Volker Lendecke [Mon, 17 Apr 2017 15:04:07 +0000 (17:04 +0200)]
smbldap: pdb_ipa is gone

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agobuild: correct package dependencies
Jan Engelhardt [Thu, 5 Sep 2013 18:57:12 +0000 (20:57 +0200)]
build: correct package dependencies

The wscript_build files convey what header files belong to which
logical package. For example,

    # lib/util/wscript_build:
    bld.SAMBA_LIBRARY('samba-util',
                      public_headers='... data_blob.h ...'

    # auth/credentials/wscript_build:
    bld.SAMBA_LIBRARY('samba-credentials',
                      public_headers='credentials.h',

Now, credentials.h #includes <util/data_blob.h> and therefore,
samba-credentials.pc must have a Requires: samba-util.

Similarly for other parts.

Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agos3:smbd: Fix incorrect use of sys_getgroups()
Jeremy Allison [Mon, 17 Apr 2017 21:30:54 +0000 (14:30 -0700)]
s3:smbd: Fix incorrect use of sys_getgroups()

Second arg must be NULL when first arg is 0 (it is in all other places).

Bug report and patch from Hanno Böck <hanno@hboeck.de>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12747

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 18 15:43:02 CEST 2017 on sn-devel-144

2 years agos3:lib: Fix incorrect logic in sys_broken_getgroups()
Jeremy Allison [Mon, 17 Apr 2017 21:30:04 +0000 (14:30 -0700)]
s3:lib: Fix incorrect logic in sys_broken_getgroups()

If setlen == 0 then the second argument must be ignored.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12747

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agolib: debug: Avoid negative array access.
Jeremy Allison [Mon, 17 Apr 2017 21:09:24 +0000 (14:09 -0700)]
lib: debug: Avoid negative array access.

Report and patch from Hanno Böck <hanno@hboeck.de>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12746

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agolib:charset: Remove use of talloc_autofree_context() for global_iconv_handle
Jeremy Allison [Tue, 11 Apr 2017 23:06:08 +0000 (16:06 -0700)]
lib:charset: Remove use of talloc_autofree_context() for global_iconv_handle

All other callers use NULL here anyway, so there's no
need to use a special context for get_iconv_handle().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agolib:charset: Make global_iconv_handle private
Jeremy Allison [Tue, 11 Apr 2017 23:05:02 +0000 (16:05 -0700)]
lib:charset: Make global_iconv_handle private

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agolib: param: Remove the last external use of global_iconv_handle by calling the utilit...
Jeremy Allison [Tue, 11 Apr 2017 22:57:28 +0000 (15:57 -0700)]
lib: param: Remove the last external use of global_iconv_handle by calling the utility function reinit_iconv_handle().

Add an error check.

This *looks* like a logic change, but it is not.

The only change is the addition of the error return check.

The reason is that the changed function, reload_charcnv(),
is the *only* function that sets lp_ctx->iconv_handle. And
it does so just before setting global_iconv_handle = lp_ctx->iconv_handle.

Calling the utility function reinit_iconv_handle()
instead merely sets global_iconv_handle first, then
assigns it (as the return) to lp_ctx->iconv_handle.

So all this is doing is reversing the order of
setting global_iconv_handle and lp_ctx->iconv_handle
to the same thing.

Even the removal of the lines:

-       struct smb_iconv_handle *old_ic = lp_ctx->iconv_handle
-       if (old_ic == NULL) {
-               old_ic = global_iconv_handle;

has no effect, as remember that lp_ctx->iconv_handle
is only ever set to the same value as global_iconv_handle,
and once this function has been run once, lp_ctx->iconv_handle != NULL.

This allows us finally to make global_iconv_handle private
to the C source file that defines it.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agolib: param: Use utility functions to get rid of two more uses of global_iconv_handle.
Jeremy Allison [Tue, 11 Apr 2017 22:51:17 +0000 (15:51 -0700)]
lib: param: Use utility functions to get rid of two more uses of global_iconv_handle.

Add error return checking.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agos3:param: Use new utility function to hide use of global_iconv_handle
Jeremy Allison [Tue, 11 Apr 2017 22:47:17 +0000 (15:47 -0700)]
s3:param: Use new utility function to hide use of global_iconv_handle

Add error return check.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agos3:lib:charcnv: Remove use of global global_iconv_handle
Jeremy Allison [Tue, 11 Apr 2017 22:44:08 +0000 (15:44 -0700)]
s3:lib:charcnv: Remove use of global global_iconv_handle

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agolib:charset: Add utility functions reinit_iconv_handle() and free_iconv_handle(void)
Jeremy Allison [Tue, 11 Apr 2017 22:42:39 +0000 (15:42 -0700)]
lib:charset: Add utility functions reinit_iconv_handle() and free_iconv_handle(void)

Not yet used. Will enable us to make global_iconv_handle private.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agolib: Remove smb_iconv_handle_reinit_lp()
Jeremy Allison [Tue, 11 Apr 2017 22:31:17 +0000 (15:31 -0700)]
lib: Remove smb_iconv_handle_reinit_lp()

It's merely a wrapper for smb_iconv_handle_reinit(),
only used in one place and smb_iconv_handle_reinit()
is already called from lib/param/loadparm.c.

Removing this will make it easier to make global_iconv_handle
private state to lib/util/charset/codepoints.c later.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agovfs_acl_xattr: avoid needlessly supplying a large buffer to getxattr()
Uri Simchoni [Thu, 13 Apr 2017 09:44:58 +0000 (12:44 +0300)]
vfs_acl_xattr: avoid needlessly supplying a large buffer to getxattr()

When obtaining the security descriptor via getxattr(), first try
optimistically to supply a buffer of 4K, and if that turns out
to be too small, determine the correct buffer size.

The previous behavior of falling back to a 64K buffer encountered
problem with Linux prior to version 3.6, due to pyisical memory
fragmentation. With those kernels, as long as the buffer is 8K or
smaller, getting the xattr is much less prone to failure due to
memory fragmentation.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12737

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 18 04:41:16 CEST 2017 on sn-devel-144

2 years agovfs_acl_xattr: factor out fetching of an extended attribute
Uri Simchoni [Sat, 8 Apr 2017 21:40:44 +0000 (00:40 +0300)]
vfs_acl_xattr: factor out fetching of an extended attribute

Pure refactoring - add a function that fetches an extended attribute
based on either the file descriptor or the file name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12737

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agovfs_xattr_tdb: handle case of zero size.
Uri Simchoni [Thu, 13 Apr 2017 09:50:47 +0000 (12:50 +0300)]
vfs_xattr_tdb: handle case of zero size.

With getxattr(), passing a zero buffer size is a
way of obtaining actual xattr size.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12737

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoselftest: test fetching a large ACL from vfs_acl_xattr
Uri Simchoni [Sat, 8 Apr 2017 21:20:40 +0000 (00:20 +0300)]
selftest: test fetching a large ACL from vfs_acl_xattr

Add a test that fetches an ACL whose size is larger than 4K.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12737

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agodocs: Update idmap_rid manpage
Andreas Schneider [Wed, 12 Apr 2017 11:17:16 +0000 (13:17 +0200)]
docs: Update idmap_rid manpage

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos4: server: Use state as the talloc context for open_schannel_session_store.
Jeremy Allison [Mon, 3 Apr 2017 18:16:02 +0000 (18:16 +0000)]
s4: server: Use state as the talloc context for open_schannel_session_store.

Ensure it's freed on all error paths.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Apr 17 23:10:06 CEST 2017 on sn-devel-144

2 years agos4: server: Remove use of talloc_autofree_context as the parent of event_ctx.
Jeremy Allison [Mon, 3 Apr 2017 18:04:31 +0000 (18:04 +0000)]
s4: server: Remove use of talloc_autofree_context as the parent of event_ctx.

Use state->event_ctx as the parent of the initial imessaging context.

Now we control all exit paths, we can call TALLOC_FREE(state)
on all of them.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos4: messaging: When talloc_free()'ing an event context, only remove msg_dgm_ref's...
Jeremy Allison [Mon, 3 Apr 2017 17:58:24 +0000 (17:58 +0000)]
s4: messaging: When talloc_free()'ing an event context, only remove msg_dgm_ref's that point to *that* context.

Defensive programming change. Not strictly needed to prevent
any crash/error.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos4: server: Add a tevent signal handler for SIGTERM.
Jeremy Allison [Fri, 31 Mar 2017 19:38:14 +0000 (12:38 -0700)]
s4: server: Add a tevent signal handler for SIGTERM.

Simplify by removing global state we don't need now
we're called by tevent (and in the short window where
we're installed by CatchSignal but before we install
the tevent handler we don't need the complex global
state handling as we have no forked children).

We now have access to struct server_state on all
exit paths - next commits will stop using talloc autofree context.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos4: server: Add error return checks for tevent_add_fde, tevent_add_timer.
Jeremy Allison [Fri, 31 Mar 2017 19:29:03 +0000 (12:29 -0700)]
s4: server: Add error return checks for tevent_add_fde, tevent_add_timer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos4: server: Plumb server_state through the irpc messaging for samba_terminate().
Jeremy Allison [Fri, 31 Mar 2017 19:23:56 +0000 (12:23 -0700)]
s4: server: Plumb server_state through the irpc messaging for samba_terminate().

Use it in the message print to avoid a "unused variable" compile error.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos4: server: Use server_state as a parameter to max_runtime_handler, not just name.
Jeremy Allison [Fri, 31 Mar 2017 19:00:29 +0000 (12:00 -0700)]
s4: server: Use server_state as a parameter to max_runtime_handler, not just name.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos4: server: Use server_state as a parameter to stdin handler, not just name.
Jeremy Allison [Fri, 31 Mar 2017 18:59:13 +0000 (11:59 -0700)]
s4: server: Use server_state as a parameter to stdin handler, not just name.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos4: server: Create a server 'state' struct.
Jeremy Allison [Fri, 31 Mar 2017 18:54:45 +0000 (11:54 -0700)]
s4: server: Create a server 'state' struct.

No logic changes, will be used to move allocated
pointers off the talloc autofree context in a later commit.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos4: server. Whitespace and 80+ column cleanup.
Jeremy Allison [Fri, 31 Mar 2017 18:43:17 +0000 (11:43 -0700)]
s4: server. Whitespace and 80+ column cleanup.

No logic changes.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos4: messaging. Minor cleanup. Check for error returns on imessaging_register calls.
Jeremy Allison [Fri, 31 Mar 2017 18:07:35 +0000 (11:07 -0700)]
s4: messaging. Minor cleanup. Check for error returns on imessaging_register calls.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2 years agos3:tests: Add test for illegal value detection for 'name resolve order'
Noel Power [Tue, 11 Apr 2017 13:38:34 +0000 (14:38 +0100)]
s3:tests: Add test for illegal value detection for 'name resolve order'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12739

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Apr 13 15:20:04 CEST 2017 on sn-devel-144

2 years agoparam: Check for valid values of 'name resolve order' option
Noel Power [Tue, 11 Apr 2017 10:26:45 +0000 (11:26 +0100)]
param: Check for valid values of 'name resolve order' option

This variable is populated by a list of values where each value should
be a known option. This patch ensures that illegal values are detected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12739

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2 years agoupdaterefs: Do not open transaction even when unnecessary
Garming Sam [Wed, 29 Mar 2017 02:21:04 +0000 (15:21 +1300)]
updaterefs: Do not open transaction even when unnecessary

This can be called during GetNCChanges (a generally read-only call), it
is not wise to be blocking the database for no reason.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu Apr 13 11:25:06 CEST 2017 on sn-devel-144

2 years agodrepl_server: Allow refresh of partitions on UpdateRef
Garming Sam [Tue, 28 Mar 2017 22:24:50 +0000 (11:24 +1300)]
drepl_server: Allow refresh of partitions on UpdateRef

When we call UpdateRef, the push replication will not begin until the
drepl_server has done its periodic refresh. If UpdateRefs is called, we
should just send an IRPC message to call the refresh.

NOTE: This has the same dependencies and issues as repl_secrets in
auth_sam.c in terms of IRPC implementation.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agodns_update: RODC updates should use lower case realm
Garming Sam [Mon, 3 Apr 2017 03:31:14 +0000 (15:31 +1200)]
dns_update: RODC updates should use lower case realm

This is consistent with the standard update list we write.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agorodc/dns: Do not put a trailing dot at end of a DNS record
Garming Sam [Wed, 29 Mar 2017 00:16:48 +0000 (13:16 +1300)]
rodc/dns: Do not put a trailing dot at end of a DNS record

This causes RESOLV_WRAPPER to not detect the record correctly (while
also creating inconsistent and possibly breaking records).

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>