Björn Baumbach [Thu, 1 Jun 2023 09:28:00 +0000 (11:28 +0200)]
docs: fix a typo in history file
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Thu, 22 Sep 2022 13:49:41 +0000 (15:49 +0200)]
s4:torture/smb2: add smb2.bench.read test
This test opens one file for each loop (for nprocs * qdepth loops)
and for each file it loops in read requests for the first
io_size bytes.
time smbtorture //127.0.0.1/m -Uroot%test smb2.bench.read \
--option="torture:timelimit=600" \
--option="torture:nprocs=1" \
--option="torture:qdepth=4" \
--option="torture:io_size=4096"
In order to generate constant load for profiles
--option="torture:looplimit=150000" can be used to stop
after the given number of loops before the timelimit hits.
Sometimes the bottleneck is the smbtorture process.
In order to bring the smbd process to 100% cpu, you can use
'--option="libsmb:client_guid=
6112f7d3-9528-4a2a-8861-
0ca129aae6c4"'
and run multiple instances of the test at the same time,
which both talk to the same smbd process.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 1 08:14:23 UTC 2023 on atb-devel-224
Stefan Metzmacher [Fri, 28 Apr 2023 08:02:39 +0000 (08:02 +0000)]
s4:torture/smb2: add --option="torture:looplimit=150000" to smb2.bench.echo
Also see the commit message of
23988f19e7cc2823d6c0c0f40af0195d0a3b81bf
for other examples...
This test calls SMB2_Echo in a loop per connection.
time smbtorture //127.0.0.1/m -Uroot%test smb2.bench.echo \
--option="torture:timelimit=600" \
--option="torture:looplimit=150000" \
--option="torture:nprocs=1" \
--option="torture:qdepth=1"
This is a very useful test to show how many requests are possible
at the raw SMB2 layer.
In order to do profiling and being able to compare the
profiles between runs, it is important to produce the
exact same load in each run, which is not possible
with the typical --option="torture:timelimit=600".
E.g. when the server runs under 'valgrind --tool=callgrind bin/smbd'
I typically run without "torture:looplimit" first in order to
see, which rate is possible per second, then I'll add a
"torture:looplimit" in order to run about half of the timelimit.
Then the looplimit should run for some time, but finish
before the timelimit.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Thu, 22 Sep 2022 13:02:04 +0000 (15:02 +0200)]
s4:torture/smb2: move benchmarking tests to bench.c
I'll add more tests there soon
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Tue, 25 Apr 2023 15:38:30 +0000 (15:38 +0000)]
smb2_negprot: add CALLGRIND_START_INSTRUMENTATION after SMB2 negprot
This allows us to support starting smbd under callgrind and only start
the overhead and instrumentation after the SMB2 negprot, this allows us
to profile only useful stuff and not all the smbd startup, forking and
multichannel handling.
This will do the trick:
valgrind --tool=callgrind --instr-atstart=no smbd
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Wed, 31 May 2023 10:59:47 +0000 (12:59 +0200)]
lib/replace: check for valgrind/callgrind.h
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Wed, 31 May 2023 10:09:09 +0000 (12:09 +0200)]
lib/util: use RUNNING_ON_VALGRIND to check if valgrind is used
We should not skip all of close_low_fd() just because we
detected valgrind headers at build time.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Wed, 30 Sep 2020 21:43:37 +0000 (23:43 +0200)]
smb2_server: use MSG_DONTWAIT to get non-blocking send/recvmsg
It means we can make the fd blocking, which will help
with io_uring support.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Wed, 26 Apr 2023 15:22:01 +0000 (17:22 +0200)]
s3:smbd: only do profiling overhead in smbd_tevent_trace_callback() when needed
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Wed, 26 Apr 2023 15:21:38 +0000 (17:21 +0200)]
smbprofile: add smbprofile_active() helper
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Tue, 14 Feb 2023 13:45:26 +0000 (13:45 +0000)]
smb2_server: optimize SMB2_OP_KEEPALIVE (SMB2 Echo)
This is not strictly needed, but it helps profiling
the core smb2_server.c code with the 'smb2.bench.echo'
test.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andrew Bartlett [Tue, 30 May 2023 06:03:13 +0000 (18:03 +1200)]
s4-rpc_server: Filter via dsdb_dc_functional_level() before we are returning a lookup directly
Otherwise, punt to winbindd to see if another DC has this capability.
This allows a FL2008-emulating DC to forward a request to a
2012R2-emlating DC, particularly in another domain.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 31 04:59:01 UTC 2023 on atb-devel-224
Andrew Bartlett [Tue, 30 May 2023 04:38:22 +0000 (16:38 +1200)]
s3-libads: Also handle the DS_WEB_SERVICE_REQUIRED flag in check_cldap_reply_required_flags()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Tue, 30 May 2023 02:28:42 +0000 (14:28 +1200)]
s4-libads: Confirm newer functional levels in check_cldap_reply_required_flags()
This will allow us to require that the target DC has FL 2008,
2012, 2012R2 or 2016.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Tue, 30 May 2023 02:08:47 +0000 (14:08 +1200)]
librpc: No longer consider the DS_DIRECTORY_SERVICE_{8,9,10}_REQUIRED bits as invalid
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Tue, 30 May 2023 04:06:04 +0000 (16:06 +1200)]
sefltest: Improve getdcname test by confirming the _REQUIRED flag behaviours
We do this by checking what the underlying CLDAP netlogon call returns.
This also validates that behaviour.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Tue, 30 May 2023 03:11:31 +0000 (15:11 +1200)]
selftest: Fix remaining incorrect references to 2012 -> 2012R2 FL in GetDCNameEx test
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Tue, 30 May 2023 21:08:59 +0000 (09:08 +1200)]
selftest: Change self.assertTrue(x is not None) -> self.assertIsNotNone(x)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Thu, 25 May 2023 04:59:52 +0000 (16:59 +1200)]
selftest: Confirm that the flags like DS_DIRECTORY_SERVICE_9_REQUIRED work
We need to confirm this both for forwarded requests, and also for requests
direct to the possible DC.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon May 29 23:29:50 UTC 2023 on atb-devel-224
Andrew Bartlett [Thu, 25 May 2023 04:57:55 +0000 (16:57 +1200)]
selftest: Rework samba.tests.getdcname not to use ncalrpc
This test is able to operate over the network, which aids testing against
a comparative windows DC.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Andrew Bartlett [Wed, 24 May 2023 04:28:20 +0000 (16:28 +1200)]
selftest: Assert that we have a trust in samba.tests.getdcname
We must ensure this test cannot became inoperative because the
environment it was run against has no trust.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Joseph Sutton [Fri, 26 May 2023 04:05:43 +0000 (16:05 +1200)]
libcli: Don’t call memcpy() with a NULL pointer
Doing so is undefined behaviour.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 05:03:48 +0000 (17:03 +1200)]
python:tests: Ensure that we don’t overwrite tests
If the file iterator returns two entries with the same name, one may
overwrite the other.
script_iterator() currently ensures this won’t happen, but it pays to be
safe.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 04:28:45 +0000 (16:28 +1200)]
python:tests: Make script executable
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 04:28:29 +0000 (16:28 +1200)]
python:tests: Initialize global variable
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 04:57:36 +0000 (16:57 +1200)]
python:tests: Remove unused imports
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 04:58:30 +0000 (16:58 +1200)]
python:tests: Exclude Python test directories
Practically all of our Kerberos tests are excluded already. Many of our
tests aren’t marked as executable, and so aren’t being checked anyway.
Rather than having a large list of exclusions which one may easily
forget to update, just exclude the test directories.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 02:14:11 +0000 (14:14 +1200)]
python:tests: Fix f-strings
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 00:58:09 +0000 (12:58 +1200)]
s4:rpc_server/samr: Log correct authentication description for samr_ChangePasswordUser2()
We would unconditionally log "samr_ChangePasswordUser3", which was
misleading.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 21:55:19 +0000 (09:55 +1200)]
s4:torture: Consistently use NBT_SERVER_* flags
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 21:54:58 +0000 (09:54 +1200)]
s4:torture: Handle new NBT_SERVER_* flags
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 21:48:19 +0000 (09:48 +1200)]
net_ads: Handle new NBT_SERVER_* flags
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 21:33:38 +0000 (09:33 +1200)]
samba-tool domain: Handle new NBT_SERVER_* flags
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 21:30:03 +0000 (09:30 +1200)]
librpc/idl: Fix indentation
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 26 May 2023 03:42:27 +0000 (15:42 +1200)]
tests/auth_log: Remove debugging code
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 23:50:35 +0000 (11:50 +1200)]
tests/auth_log: Add missing call to tearDownClass()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 23:50:21 +0000 (11:50 +1200)]
tests/audit_log: Add missing call to tearDown()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 00:22:11 +0000 (12:22 +1200)]
tests/auth_log: Remove unnecessary check
This attribute is always truthy.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 00:20:06 +0000 (12:20 +1200)]
tests/audit_log: Remove unnecessary checks
These attributes are always truthy.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 00:16:32 +0000 (12:16 +1200)]
tests/auth_log: Call discardMessages() on class
This makes it clearer that discardMessages() operates on the class.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 00:15:07 +0000 (12:15 +1200)]
tests/auth_log: Make discardMessages() more reliable
It can take two or three calls to msg_ctx.loop_once() before a message
comes in. Make sure we get all of the messages.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 26 May 2023 04:00:50 +0000 (16:00 +1200)]
tests/auth_log: Expect no messages when changing a non-existent user’s password
These log messages come from setUp(), and the fact that we are getting
them is merely a side-effect of the unreliability of discardMessages().
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 25 May 2023 00:13:28 +0000 (12:13 +1200)]
tests/audit_log: Make discardMessages() more reliable
It can take two or three calls to msg_ctx.loop_once() before a message
comes in. Make sure we get all of the messages.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 24 May 2023 02:55:35 +0000 (14:55 +1200)]
tests/auth_log: Correctly get lp_ctx
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 23:11:20 +0000 (11:11 +1200)]
tests/auth_log: Remove unneeded len() call
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 23:11:01 +0000 (11:11 +1200)]
tests/audit_log: Remove unneeded len() call
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 22:13:07 +0000 (10:13 +1200)]
tests/auth_log: Rename ‘self’ parameter to ‘cls’
This method operates on the class, not on an instance of that class.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 04:45:28 +0000 (16:45 +1200)]
tests/auth_log: Rename ‘self’ parameter to ‘cls’
This method operates on the class, not on an instance of that class.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 04:43:10 +0000 (16:43 +1200)]
tests/auth_log: Correctly check for GUID
Pattern.match() only checks the starting portion of the string.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 04:42:54 +0000 (16:42 +1200)]
tests/audit_log: Correctly check for GUID
Pattern.match() only checks the starting portion of the string.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 04:37:30 +0000 (16:37 +1200)]
tests/auth_log: Pre-compile GUID regex
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 26 May 2023 00:07:42 +0000 (12:07 +1200)]
tests/krb5: Don’t cache accounts with an assigned policy or silo
Such accounts are virtually never reused. Not caching them (thus
deleting them early) grants significant time savings.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 02:47:52 +0000 (14:47 +1200)]
tests/krb5: Move TestCaseInTempDir to more appropriate place in class hierarchy
KDCBaseTest is the only class that makes use of it.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Ralph Boehme [Mon, 22 May 2023 10:32:00 +0000 (12:32 +0200)]
vfs_fruit: add fruit:convert_adouble parameter
https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 26 00:52:29 UTC 2023 on atb-devel-224
Ralph Boehme [Mon, 22 May 2023 10:25:04 +0000 (12:25 +0200)]
vfs_fruit: just log failing AppleDouble conversion
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 23 May 2023 15:28:33 +0000 (17:28 +0200)]
libadouble: allow FILE_SHARE_DELETE in ad_convert_xattr()
Not specifying FILE_SHARE_DELETE wasn't done intentionally. Not setting the flag
triggers the following problem:
* client sends a CREATE with delete access
* this triggers a call to open_streams_for_delete() where we check for
conflicting opens on any of the streams of the file or directory
* if the file (or directory) has a stream like ":com.apple.quarantine" the
stream is opened with DELETE_ACCESS and kept open when the next step might:
* if the file (or directory) has a Mac specific :AFP_AfpInfo stream, the
ad_convert() routine in fruit_create_file() is triggered
* ad_convert() checks if the file (or ...) has a sidecar ._ AppleDouble file, if
it has:
* in ad_convert_xattr() we unpack any set of xattrs encoded in the AppleDouble
file and recreate them as streams with the VFS. Now, if any of these xattrs
happens to be converted to a stream that we still have open in
open_streams_for_delete() (see above) we get a NT_STATUS_SHARING_VIOLATION
This error gets passed up the stack back to open_streams_for_delete() so the
client CREATE request fails and the client is unhappy.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 22 May 2023 17:37:17 +0000 (19:37 +0200)]
vfs_fruit: never return AFP_Resource stream for directories
The macOS client creates ._ AppleDouble files for directories that do contain
an (empty) resource fork AppleDouble entry. So when going from a Samba server
config without streams module (or when migrating data from another server
without streams support), to a Samba config with a streams module and vfs_fruit,
fruit_streaminfo() will wrongly return the AFP_Resource from the AppleDouble
file as stream to the client.
To address this, just never return an AFP_Resource stream for directories when
listing streams in fruit_streaminfo(). ad_convert(), when configured with
fruit:delete_empty_adfiles = true
fruit:wipe_intentionally_left_blank_rfork = true
will happily discard the AFP_Resource from the AppleDouble file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 22 May 2023 17:35:33 +0000 (19:35 +0200)]
vfs_fruit: return ENOENT instead of EISDIR when trying to open AFP_Resource for a directory
Translates to NT_STATUS_OBJECT_NAME_NOT_FOUND which is the same error macOS
returns in this case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 24 May 2023 19:28:48 +0000 (21:28 +0200)]
CI: add a test for fruit AppleDouble conversion when deletion triggers conversion
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 23 May 2023 15:26:03 +0000 (17:26 +0200)]
smbd: also reset struct stat_ex.cached_dos_attributes in SET_STAT_INVALID()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 24 21:42:50 UTC 2023 on atb-devel-224
Ralph Boehme [Tue, 23 May 2023 15:23:28 +0000 (17:23 +0200)]
smbd: zero intialize SMB_STRUCT_STAT in vfswrap_readdir()
Avoid returning an uninitialized st.cached_dos_attributes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 24 May 2023 11:13:19 +0000 (13:13 +0200)]
CI: add a test that checks the dosmode of symlinks
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andrew Bartlett [Tue, 23 May 2023 03:22:49 +0000 (15:22 +1200)]
librpc/idl: Alias the DS_ constants in netlogon.idl to the NBT_SERVER equivilants
Both the NBT_SERVER versions (in python scripts) and DS_ constants are
in use in freeIPA so we can not just drop one for the other without
discussion.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 24 01:52:28 UTC 2023 on atb-devel-224
Andrew Bartlett [Tue, 23 May 2023 02:57:07 +0000 (14:57 +1200)]
librpc/idl: Use nbt_server_type instead of netr_DsR_DcFlags netlogon.idl
We should not keep two idential bitfield tables in two nearby IDL files.
However a number of python files in Samba and in freeIPA use the nbt.NBT_SERVER_*
constants, so these are the better names to keep.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Andrew Bartlett [Tue, 23 May 2023 02:45:39 +0000 (14:45 +1200)]
librpc/idl: Merge missing bits into nbt_server_type in nbt.idl
These bits are defined in netr_DsR_DcFlags in netlogon.idl already.
We need these new bits to announce FL 2012R2 and 2016 support.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Joseph Sutton [Tue, 23 May 2023 02:59:24 +0000 (14:59 +1200)]
s4-dsdb:large_ldap: Call setUpClass() method of base class
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 02:58:44 +0000 (14:58 +1200)]
pytest: dcerpc/dnsserver: Call setUpClass() method of base class
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 02:58:35 +0000 (14:58 +1200)]
pytest: dcerpc/dnsserver: Remove unused import
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 02:07:08 +0000 (14:07 +1200)]
pyldb: Fix leak
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 02:20:30 +0000 (14:20 +1200)]
tests/auth_log: Simplify isRemote()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 02:57:47 +0000 (14:57 +1200)]
tests/auth_log: Rename ‘self’ parameter to ‘cls’
This method operates on the class, not on an instance of the class.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 02:57:03 +0000 (14:57 +1200)]
tests/auth_log: Call setUpClass() method of base class
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 01:07:07 +0000 (13:07 +1200)]
tests/auth_log: Don’t silently override remoteAddress
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 02:04:19 +0000 (14:04 +1200)]
tests/auth_log_winbind: Expect an empty remote address
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 19 May 2023 02:54:00 +0000 (14:54 +1200)]
tests/audit_log: Pre-compile GUID regex
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 19 May 2023 01:15:45 +0000 (13:15 +1200)]
s4:kdc: Move parameter comments adjacent to parameters
This is more consistent with the non-NULL parameters, and makes it
easier to swap in the real values when we get them.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 22 May 2023 23:17:22 +0000 (11:17 +1200)]
audit_tests: Check return value of json_new_array()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 22 May 2023 23:16:56 +0000 (11:16 +1200)]
s3:utils: Check return value of json_new_object()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 22 May 2023 23:15:50 +0000 (11:15 +1200)]
lib:audit_logging:tests: Check return value of json_new_{object,array}()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 22 May 2023 23:15:17 +0000 (11:15 +1200)]
lib:audit_logging: Check return value of json_new_object()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 22 May 2023 22:05:10 +0000 (10:05 +1200)]
s4:kdc: Use talloc_steal() rather than talloc_reference()
This is consistent with the other uses in this file (in
authn_policy_ntlm_client() and authn_policy_server()).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 22 May 2023 22:01:27 +0000 (10:01 +1200)]
s4:kdc: Make parameters const
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 22 May 2023 21:59:33 +0000 (09:59 +1200)]
s4:kdc: Make functions static
These functions are used only internally.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 22 May 2023 21:42:46 +0000 (09:42 +1200)]
s4:auth: Allocate user_info_dc->sids on correct talloc context
‘user_info_dc->sids’ must live for at least as long as ‘user_info_dc’,
or a use-after-free may result.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 22 May 2023 21:21:17 +0000 (09:21 +1200)]
s4:kdc: Allocate user_info_dc->sids on correct talloc context
‘user_info_dc->sids’ must live for at least as long as ‘user_info_dc’,
or a use-after-free may result.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 16 May 2023 00:04:49 +0000 (12:04 +1200)]
selftest: Report better error message if environment is unknown
Now we get the error “environment [...] is unknown” rather than “samba
can't start up known environment”.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 02:30:22 +0000 (14:30 +1200)]
s4/messaging/py: Fix typo
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 00:52:17 +0000 (12:52 +1200)]
s4/messaging/py: Fix leaks
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 00:49:28 +0000 (12:49 +1200)]
s4/messaging/py: Fix leak of p_server_id
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 00:48:56 +0000 (12:48 +1200)]
s4/messaging/py: Check py_return_ndr_struct() return value
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 00:47:54 +0000 (12:47 +1200)]
s4/messaging/py: Fix callback return value leak
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 00:46:56 +0000 (12:46 +1200)]
s4/messaging/py: Fix leak
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 00:32:02 +0000 (12:32 +1200)]
s4/messaging/py: Fix leaks
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 00:30:12 +0000 (12:30 +1200)]
s4/messaging: Return the number of previously-registered functions that are removed
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 23 May 2023 00:00:07 +0000 (12:00 +1200)]
s4/messaging/py: Fix typo
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 19 May 2023 00:54:11 +0000 (12:54 +1200)]
s4/messaging/py: Add more helpful error message for a wrongly-sized tuple
>>> m = Messaging((1,2,3,4,5))
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
TypeError: function takes exactly 1 argument (5 given)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 19 May 2023 00:41:21 +0000 (12:41 +1200)]
s4/messaging/py: Document lp_ctx parameter of messaging.Messaging()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Fri, 19 May 2023 00:39:52 +0000 (12:39 +1200)]
s4/messaging/py: Remove incorrect function names in messaging.Messaging()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 9 May 2023 03:31:43 +0000 (15:31 +1200)]
pyglue: Raise an exception on error
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 9 May 2023 03:30:58 +0000 (15:30 +1200)]
pyglue: Check generate_random_str() return value
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>