Richard Sharpe [Sun, 10 May 2015 02:58:40 +0000 (19:58 -0700)]
Convert uint32/16/8 to _t in source3/libnet.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sun, 10 May 2015 02:49:09 +0000 (19:49 -0700)]
Convert all uint32/16/8 to _t in source3/client.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sun, 10 May 2015 00:06:28 +0000 (17:06 -0700)]
Convert a couple of uint32s to _t that I missed in source3/utils.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sat, 9 May 2015 23:59:45 +0000 (16:59 -0700)]
Convert all uint32/16/8 to _t in source3/libsmb.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sat, 9 May 2015 23:33:10 +0000 (16:33 -0700)]
Convert all uint32/16/8 to _t in source3/lib.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sat, 9 May 2015 23:14:39 +0000 (16:14 -0700)]
Convert all uint32/16/8 to _t in source3/locking.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 13 May 2015 06:53:43 +0000 (08:53 +0200)]
namequery: namequery: suppress bogus warning "resolve_name: unknown name switch type"
Based on a patch by Uri Simchoni <urisimchoni@gmail.com>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Martin Schwenke [Tue, 12 May 2015 04:42:00 +0000 (14:42 +1000)]
ctdb-doc: Document externally managed public IP addresses
For use with DisableIPFailover=1.
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed May 13 09:27:36 CEST 2015 on sn-devel-104
Martin Schwenke [Tue, 12 May 2015 04:11:59 +0000 (14:11 +1000)]
ctdb-tests: Add tickle test for external public address handling
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 11 May 2015 05:29:34 +0000 (15:29 +1000)]
ctdb-scripts: New eventscript 10.external
This is an alternative to 10.interface and is installed as disabled by
default. It should only be used with DisableIPFailover=yes and when
IP failover is being handled externally. In this mode CTDB can be
informed of public IP address movements using "ctdb moveip".
During the "startup" event, this eventscript currently finds any
public IP addresses configured in $CTDB_PUBLIC_ADDRESSES and tells
CTDB which node they are on using "ctdb moveip". This allows CTDB to
send ARPs and tickle-ACKs.
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 May 2015 10:00:35 +0000 (20:00 +1000)]
ctdb-daemon: Move release of all IPs to startup
This means that DisableIPFailover will be set if it should be.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 May 2015 05:20:04 +0000 (15:20 +1000)]
ctdb-daemon: Never release all IPs when DisableIPFailover is set
If DisableIPFailover is set then something else may be managing public
IP addresses so CTDB should leave them alone.
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 May 2015 05:18:48 +0000 (15:18 +1000)]
ctdb-scripts: Drop all public IP addresses from 10.interface
00.ctdb should not know about public IP addresses.
Move related tests to operate on 10.interface.
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 May 2015 03:14:34 +0000 (13:14 +1000)]
ctdb-daemon: Don't update IP tree if DisableIPFailover is set
There won't be an IP tree. It is only ever initialised during a
takeover run.
The alternate to this would be to avoid sending
CTDB_SRVID_RECD_UPDATE_IP in "ctdb moveip". This logic is probably
best kept out of the CLI tool.
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 May 2015 07:11:24 +0000 (17:11 +1000)]
ctdb-daemon: Mark interfaces as "up" by default
The potential for public IP addresses to shuffle around during node
initialisation disappeared a while ago because IP addresses can only
be assigned to a node that is in CTDB_RUNSTATE_RUNNING. This means
that interfaces might as well just be initialised as "up". If any
interfaces are actually "down" then this will be rectified by the
"startup" event in 10.interfaces.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 7 May 2015 10:41:55 +0000 (20:41 +1000)]
ctdb-daemon: Skip "IP on interface" checks if DisableIPFailover is set
To support external failover of IP addresses if DisableIPFailover is
set. CTDB's idea of IP address assignment can be manipulated using
"ctdb moveip". Checking if the IP address is already held breaks
this in several places.
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 8 May 2015 02:34:43 +0000 (12:34 +1000)]
ctdb-daemon: Improve readability of code by nesting if-statements
ctdb_sys_have_ip() should only be run if if do_publicipcheck is set.
This is clearer if written as 2 nested if-statements rather than as a
lazy conjuction.
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Uri Simchoni [Sat, 9 May 2015 19:59:17 +0000 (22:59 +0300)]
libads: record service ticket endtime for sealed ldap connections
When a ticket is obtained for binding a signed/sealed ldap connection,
its liftime should be recorded in the ads struct, in order to enable
reuse of the connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11267
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <rb@sernet.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 13 04:32:16 CEST 2015 on sn-devel-104
Volker Lendecke [Fri, 8 May 2015 13:15:37 +0000 (13:15 +0000)]
dbwrap: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 8 May 2015 10:24:48 +0000 (10:24 +0000)]
lib: Remove unused hex_encode()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 8 May 2015 10:12:21 +0000 (10:12 +0000)]
ntlm_auth: Remove two uses of hex_encode()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 8 May 2015 10:06:23 +0000 (10:06 +0000)]
lib: Make sid_binstring_hex use TALLOC
talloc_tos() is better than plain malloc...
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 8 May 2015 07:06:53 +0000 (07:06 +0000)]
lib: Simplify sid_binstring_hex()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Holder [Tue, 12 May 2015 16:40:29 +0000 (17:40 +0100)]
Add IPv6 support for determining FQDN during ADS join.
Signed-off-by: David Holder <david.holder@erion.co.uk>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <rb@sernet.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 12 23:35:32 CEST 2015 on sn-devel-104
David Holder [Tue, 12 May 2015 15:09:54 +0000 (16:09 +0100)]
Add IPv6 support to ADS client side LDAP connects. Corrected format for IPv6 LDAP URI. Signed-off-by: David Holder <david.holder@erion.co.uk>
Signed-off-by: David Holder <david.holder@erion.co.uk>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <rb@sernet.de>
Richard Sharpe [Sat, 9 May 2015 22:35:21 +0000 (15:35 -0700)]
Convert all uint32/16/8 to _t in a couple of include files.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 12 04:22:55 CEST 2015 on sn-devel-104
Richard Sharpe [Sat, 9 May 2015 20:34:31 +0000 (13:34 -0700)]
Convert all uses of uint32/16/8 to _t in source3/passdb.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sat, 9 May 2015 19:33:40 +0000 (12:33 -0700)]
Convert all (remaining) uses of uint32/16/8 to _t in source3/printing.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sat, 9 May 2015 19:19:46 +0000 (12:19 -0700)]
Convert all uses of uint32/16/8 to _t in source3/registry.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sat, 9 May 2015 17:02:05 +0000 (10:02 -0700)]
Convert all uses of uint32/16/8 to _t in source3/rpc_server.
Signed-off-by: Richard Sharpe <rsharpe@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sat, 9 May 2015 16:49:04 +0000 (09:49 -0700)]
Convert all uses of uint32/16/8 to _t in source3/rpc_client.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sat, 9 May 2015 14:33:08 +0000 (07:33 -0700)]
Convert all uint32/16/8 to _t in source3/rpcclient.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Sat, 9 May 2015 03:10:12 +0000 (20:10 -0700)]
Convert all uses of uint32/16/8 to _t in source3/torture.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Richard Sharpe [Mon, 13 Apr 2015 23:56:09 +0000 (16:56 -0700)]
Change all uses of uint32 to uint32_t in vfs.h. This is part of a general cleanup if people approve. This time around get both vfs.h and vfs.c and all instances of uint8, uint16 and uint32.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Amitay Isaacs [Mon, 23 Mar 2015 06:06:31 +0000 (17:06 +1100)]
ctdb-daemon: Remove obsolete IPv4 only controls
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Amitay Isaacs [Mon, 23 Mar 2015 06:32:34 +0000 (17:32 +1100)]
ctdb-daemon: Remove older data structure that supports only IPv4 addresses
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Martin Schwenke [Sun, 12 Apr 2015 21:52:04 +0000 (07:52 +1000)]
ctdb-daemon: Fix typo in debug message
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Sun May 10 06:10:21 CEST 2015 on sn-devel-104
Martin Schwenke [Wed, 18 Mar 2015 09:46:46 +0000 (20:46 +1100)]
ctdb-daemon: Initialise eventscript status earlier
Don't initialise it after ctdb_event_script_callback_v() may have
short-circuited. This can stop ctdb_event_script_args() from ever
terminating.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 18 Mar 2015 09:27:45 +0000 (20:27 +1100)]
ctdb-daemon: Make ctdb_event_script_args() terminate if no scripts
status.done is never set to true unless event_script_callback() is
invoked. The short-circuit in ctdb_event_script_callback_v() means
that this doesn't happen. CTDB can't work very well without 00.ctdb
(for tunable initialisation and the like) but it shouldn't get stuck.
So call the callback when there are no scripts in
event_script_callback().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 17 Mar 2015 10:42:23 +0000 (21:42 +1100)]
ctdb-daemon: Drop interface monitoring
This is done by 10.interace where the monitor event fails when there
is a missing interface. The in-daemon interface checking adds no
value.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sat, 7 Mar 2015 05:15:01 +0000 (16:15 +1100)]
ctdb-common: Reimplement external tracing using ctdb_set_helper()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 30 Dec 2014 05:17:19 +0000 (16:17 +1100)]
ctdb-scripts: Drop update of public address configuration from config.tdb
This isn't used or documented anywhere.
2 differing points of view:
* This is a very good idea but it should probably be generalised to
cover more configuration items. This would end up like the Samba
registry configuration and would use a tool to support setting
configuration values.
* If people really want to update configuration while a node is down
then they should fix the configuration before bringing up that node.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 19 Dec 2014 04:08:40 +0000 (15:08 +1100)]
ctdb-recoverd: Short circuit takeover run if no nodes are RUNNING
If all nodes are still in, say, FIRST_RECOVERY runstate, then the logs
contain unfortunate noise like:
recoverd:Failed to find node to cover ip 10.0.2.131
This avoids that by adding an early exit that avoids running
takeover_run_core() when there are no nodes in the
CTDB_RUNSTATE_RUNNING.
To support this add the runstate to the ipflags structure. There are
clearly other ways of hacking this but this seems the simplest.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 31 Mar 2015 02:59:49 +0000 (13:59 +1100)]
ctdb-recoverd: Remove redundant condition when checking recovery lock
It isn't possible to hold the recovery lock without having a lock file
set.
This is part of a goal to generalise the recovery lock mechanism to
just use a helper program, which may use a lock file or may use
something else.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 31 Mar 2015 02:59:02 +0000 (13:59 +1100)]
ctdb-recoverd: Simplify using TALLOC_FREE()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 30 Mar 2015 11:01:52 +0000 (22:01 +1100)]
ctdb-recoverd: Drop redundant condition in election handler
Election packets from the current node are ignored at the beginning of
the function, so this does not need to be checked.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 30 Mar 2015 10:52:45 +0000 (21:52 +1100)]
ctdb-recoverd: Remove unused memory context variable
It is set, memory is allocated but it is never used.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 30 Mar 2015 09:51:51 +0000 (20:51 +1100)]
ctdb-daemon: Broadcast IP rellocation request from monitor code
No need to just send it to the recovery master.
This reduces the need for main daemon code to know which node is the
recovery master. The end goal is for the main daemon to not need to
know which node is the recovery master - this information would be
stored in the recovery daemon (and subsequently a separate cluster
management daemon).
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 31 Mar 2015 03:03:43 +0000 (14:03 +1100)]
ctdb-recoverd: Replace unnecessary use of ctdb->recovery_master
Databases are only pulled by the recovery master, so it can compare
with current node PNN.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 29 Mar 2015 08:20:55 +0000 (19:20 +1100)]
ctdb-recoverd: Rename some local variables to avoid conflict with convention
rec is always a (struct ctdb_recoverd *)
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 29 Mar 2015 09:00:17 +0000 (20:00 +1100)]
ctdb_recoverd: Move num_lmasters calculation to near where it is used
Unless this node is the recovery master then this is not needed.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 29 Mar 2015 06:49:02 +0000 (17:49 +1100)]
ctdb-recoverd: Make num_lmasters a local variable
It isn't used anywhere else and is always re-initialised to 0.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 29 Mar 2015 06:28:57 +0000 (17:28 +1100)]
ctdb-recoverd: Remove unused struct members num_active and num_connected
They are initialised and updated but the values are never used.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 24 Feb 2015 05:11:17 +0000 (16:11 +1100)]
ctdb-tests: Test stub for ctdb_get_capabilities()
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 31 Jul 2014 05:28:52 +0000 (15:28 +1000)]
ctdb-daemon: Remove unused capabilities field from struct ctdb_node
Update the ctdb tool test stub code to cope.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 31 Jul 2014 05:26:03 +0000 (15:26 +1000)]
ctdb-recoverd: Use capabilities API
Simplify update_capabilities() using the capabilities API and store
the capabilities in new field rec->caps rather than scattered around
ctdb->nodes.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 31 Jul 2014 05:06:19 +0000 (15:06 +1000)]
ctdb-client: Add API for retrieving and checking capabilities
ctdb_get_capabilities() gets capabilities from all connected nodes
into an array. ctdb_get_node_capabilities() gets capabilities for a
particular node from array. ctdb_node_has_capabilities() returns true
if given node has all of the given capabilities.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Ralph Boehme [Wed, 25 Mar 2015 11:56:07 +0000 (12:56 +0100)]
vfs_fruit: comment fix: the options are documented
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 8 21:27:45 CEST 2015 on sn-devel-104
Ralph Boehme [Wed, 25 Mar 2015 14:09:02 +0000 (15:09 +0100)]
vfs_fruit: add option "nfs_aces" that controls the NFS ACEs stuff
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11213
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 10 Oct 2014 13:24:55 +0000 (15:24 +0200)]
smbd: Offer SMB 3.1.1 by default.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri May 8 15:49:32 CEST 2015 on sn-devel-104
Stefan Metzmacher [Mon, 13 Oct 2014 09:01:59 +0000 (11:01 +0200)]
s3:smb2_negprot: add support for negotiating SMB 3.1.0 and SMB 3.1.1
Note: SMB 3.1.0 was used in a early preview versions of Windows 10.
Was later superseded by 3.1.1.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Fri, 10 Oct 2014 12:04:25 +0000 (14:04 +0200)]
s3:smb2_sesssetup.c: For SMB >= 3.1, derive crypto keys from preauth
This protects the full connection setup including
a posteriori verification of the negotiate messages,
by signing the final session setup response with a signing key
derived from the preauth hash and the authentication session key.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 8 Oct 2014 17:25:15 +0000 (19:25 +0200)]
s3:smb2_negprot.c: add support SMB 3.1 negotiate contexts
Used for:
- preauthentication validation
- negotiation of ciphers for sigingn and encryprtion
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 8 May 2015 08:17:00 +0000 (08:17 +0000)]
s3:smb2_server: allow SMB2_HDR_FLAG_PRIORITY_MASK for SMB >= 3.1.1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 6 May 2015 09:30:11 +0000 (11:30 +0200)]
smbd: offer SMB 3.0.2 by default.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Mon, 13 Oct 2014 09:01:59 +0000 (11:01 +0200)]
s3:smb2_negprot: add support for negotiating SMB 3.0.2
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 6 May 2015 08:52:57 +0000 (10:52 +0200)]
s3:smb2_read: pass in_flags to smbd_smb2_read_send()
For now we still ignore the flags.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 6 May 2015 08:42:29 +0000 (10:42 +0200)]
s3:smb2_write: add simplified support for SMB2_WRITEFLAG_WRITE_UNBUFFERED
TODO: we should add alignment checks.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 5 May 2015 22:38:55 +0000 (00:38 +0200)]
s3:smb2_create: treat the SVHDX_OPEN_DEVICE_CONTEXT in smb2_create (not supported)
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 5 May 2015 22:28:19 +0000 (00:28 +0200)]
libcli/smb: SMB 3.0.2: define SVHDX_OPEN_DEVICE_CONTEXT
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 5 May 2015 22:56:34 +0000 (00:56 +0200)]
libcli/smb: SMB 3.0.2: define FSCTL_QUERY_SHARED_VIRTUAL_DISK_SUPPORT
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 5 May 2015 22:55:27 +0000 (00:55 +0200)]
libcli/smb: SMB 3.0.2: define FSCTL_SVHDX_SYNC_TUNNEL_REQUEST
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 5 May 2015 22:18:16 +0000 (00:18 +0200)]
libcli/smb: SMB 3.0.2: define SMB2_WRITEFLAG_WRITE_UNBUFFERED
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Tue, 5 May 2015 22:16:34 +0000 (00:16 +0200)]
libcli/smb: SMB 3.0.2: define SMB2_READFLAG_READ_UNBUFFERED
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 4 Mar 2015 06:03:44 +0000 (07:03 +0100)]
s3:torture: handle PROTOCOL_SMB3_11
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Fri, 8 May 2015 10:52:23 +0000 (12:52 +0200)]
libcli/smb: add support for SMB >= 3.1.1 io priorities
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 8 May 2015 08:15:52 +0000 (08:15 +0000)]
libcli/smb: add define for SMB 3.1.1 SMB2_HDR_FLAG_PRIORITY_MASK and helper macros
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 4 Mar 2015 06:02:38 +0000 (07:02 +0100)]
libcli/smb: add PROTOCOL_SMB3_11 and SMB3_DIALECT_REVISION_311
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Fri, 8 May 2015 10:05:06 +0000 (12:05 +0200)]
libcli/smb: don't alter state->smb2.hdr when getting STATUS_PENDING
We need to make sure smb2cli_req_get_sent_iov() returns what was sent
over the wire. This is required in order to correctly perform
the preauth calculation for SMB >= 3.1.
We keep separate variables for the cancel information we got
from a STATUS_PENDING response.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 6 May 2015 09:40:45 +0000 (11:40 +0200)]
libcli: add new NTSTATUS codes from SMB 3.1
NT_STATUS_SMB_NO_PREAUTH_INTEGRITY_HASH_OVERLAP
NT_STATUS_SMB_BAD_CLUSTER_DIALECT
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 6 May 2015 09:40:04 +0000 (11:40 +0200)]
libcli: add missing printable form of NT_STATUS_VHD_SHARED
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 8 May 2015 06:52:16 +0000 (08:52 +0200)]
s4:torture/smb2: fix crash a crash bug in smb2.session.reconnect1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Wed, 6 May 2015 14:29:04 +0000 (16:29 +0200)]
vfs: Fix the O3 developer build
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 7 23:11:38 CEST 2015 on sn-devel-104
Volker Lendecke [Wed, 6 May 2015 14:25:51 +0000 (16:25 +0200)]
Fix a few printf format errors
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 6 May 2015 14:19:12 +0000 (16:19 +0200)]
heimdal: Fix the O3 developer build
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 3 May 2015 09:29:51 +0000 (09:29 +0000)]
heimdal: Fix CID 240793 Uninitialized scalar variable
tmp.data is uninitialized in the fwrite call
Hopefully I don't create a problem here: If tmp.data is supposed to be randomly
set, I think the right fix would have been to explicitly call a random function
initializing it.
<jra@samba.org>
------------------------------------------------------------
I have looked through the code carefully. Your fix is safe.
The first entry in the replay file created in krb5_rc_initialize()
is only used to store the 'krb5_deltat auth_lifespan' value, the
associated data[16] value is never looked at. (Look at the
code in krb5_rc_store() and krb5_rc_get_lifespan() to confirm).
Only subsequent data[16] values are checked with memcmp.
------------------------------------------------------------
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 30 Apr 2015 10:29:57 +0000 (12:29 +0200)]
vfs_gpfs: move failure label before END_PROFILE
The label was added in
5e65ae14ddb74c648f31b4dfbacd4af9c02ca058 as part
of fix for bug 11244, but was wrongly placed behind END_PROFILE.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11244
Signed-off-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu May 7 19:22:00 CEST 2015 on sn-devel-104
Michael Adam [Wed, 6 May 2015 15:20:55 +0000 (17:20 +0200)]
s3:smbXsrv: refactor duplicate code into smbXsrv_session_clear_and_logoff()
This replaces code in smbXsrv_session_logoff_all_callback()
and smbXsrv_session_clear_and_logoff().
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu May 7 10:43:29 CEST 2015 on sn-devel-104
Volker Lendecke [Mon, 27 Apr 2015 14:34:12 +0000 (14:34 +0000)]
libsmbconf:registry: Ignore keyless smb.conf regvalues
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Richard Sharpe [Thu, 7 May 2015 00:00:06 +0000 (17:00 -0700)]
s3: utils: Convert all uses of uint32/16/8 to _t.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 7 04:53:39 CEST 2015 on sn-devel-104
Volker Lendecke [Tue, 28 Apr 2015 08:28:52 +0000 (10:28 +0200)]
lib: Fix strv_next for the anchor NULL entry
I swear I have tested this somewhere....
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 1 May 2015 18:26:41 +0000 (20:26 +0200)]
s3:selftest: run smb2.notify with --signing=required
This reproduces a bug withe implicit canceled requests.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 7 01:21:44 CEST 2015 on sn-devel-104
Stefan Metzmacher [Fri, 1 May 2015 14:50:55 +0000 (16:50 +0200)]
s3:smb2_tcon: cancel pending requests on all connections on tdis
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Sat, 2 May 2015 14:29:03 +0000 (16:29 +0200)]
s3:smb2_sesssetup: remove unused smbd_smb2_session_setup_* destructors
The cleanup of a failing session setup is now handled in
smbd_smb2_session_setup_wrap_*().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Sat, 2 May 2015 14:21:25 +0000 (16:21 +0200)]
s3:smb2_sesssetup: add smbd_smb2_session_setup_wrap_send/recv()
The wrapper calls smbXsrv_session_shutdown_send/recv() in case of an error,
this makes sure a failing reauth shuts down the session like an explicit logoff.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Sat, 2 May 2015 14:27:26 +0000 (16:27 +0200)]
s3:smb2_sesssetup: always assign smb2req->session when a session was created.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Sat, 2 May 2015 14:20:06 +0000 (16:20 +0200)]
s3:smb2_sesssetup: let smbd_smb2_logoff_* use smbXsrv_session_shutdown_*
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Sat, 2 May 2015 14:13:27 +0000 (16:13 +0200)]
s3:smbXsrv_session: cancel pending requests when we logoff a previous session
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Sat, 2 May 2015 07:57:03 +0000 (09:57 +0200)]
s3:smbXsrv_session: add smb2srv_session_shutdown_send/recv helper functions
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Sat, 2 May 2015 14:17:34 +0000 (16:17 +0200)]
s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_logoff_all_callback()
smbXsrv_session_logoff_all_callback() is called when the last transport
connection is gone, which means we won't need to sign any response...
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>