Andreas Schneider [Mon, 23 Sep 2019 15:21:51 +0000 (17:21 +0200)]
waf: Use waf function to add for -Wl,--as-needed
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Sep 25 16:56:40 UTC 2019 on sn-devel-184
Andreas Schneider [Mon, 23 Sep 2019 14:53:12 +0000 (16:53 +0200)]
waf:replace: Do not link against libpthread if not necessary
On Linux we should avoid linking everything against libpthread. Symbols
used my most application are provided by glibc and code which deals with
threads has to explicitly link against libpthread. This avoids setting
LDFLAGS=-pthread globally.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Mon, 23 Sep 2019 15:40:13 +0000 (17:40 +0200)]
third_party: Link uid_wrapper against pthread
uid_wrapper uses pthread_atfork() which is only provided by libpthread. │····················
So we need an explicit dependency.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Mon, 23 Sep 2019 15:39:29 +0000 (17:39 +0200)]
third_party: Link nss_wrapper against pthread
nss_wrapper uses pthread_atfork() which is only provided by libpthread.
So we need an explicit dependency.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Mon, 23 Sep 2019 15:04:57 +0000 (17:04 +0200)]
third_party: Only link cmocka against librt if really needed
cmocka also uses clock_gettime().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Mon, 23 Sep 2019 14:10:35 +0000 (16:10 +0200)]
pthreadpool: Only link pthreadpool against librt if we have to
This calls clock_gettime() which is available in glibc on Linux. If the
wscript in libreplace detected that librt is needed for clock_gettime()
we have to link against it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Mon, 23 Sep 2019 13:14:24 +0000 (15:14 +0200)]
replace: Only link against librt if really needed
fdatasync() and clock_gettime() are provided by glibc on Linux, so there
is no need to link against librt. Checks have been added so if there are
platforms which require it are still functional.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Mon, 23 Sep 2019 13:18:55 +0000 (15:18 +0200)]
s3:waf: Do not check for nanosleep() as we don't use it anywhere
We use usleep() in the meantime.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Philipp Gesang [Thu, 19 Sep 2019 07:03:45 +0000 (09:03 +0200)]
s4:scripting: make samba-gpupdate heed --disable-python
Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power<npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Wed Sep 25 11:06:04 UTC 2019 on sn-devel-184
Noel Power [Thu, 8 Aug 2019 13:15:14 +0000 (13:15 +0000)]
s3/librpc/crypto: clang: Fixes Value stored to 'ret' is never read
Fixes:
source3/librpc/crypto/gse_krb5.c:63:3: warning: Value stored to 'ret' is never read <--[clang]
ret = smb_krb5_kt_free_entry(krbctx, &kt_entry);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Thu, 8 Aug 2019 13:12:39 +0000 (13:12 +0000)]
s3/libads: clang: Fix Array access results in a null pointer dereference
Fixes:
source3/libads/cldap.c:400:6: warning: Array access (from variable 'responses') results in a null pointer dereference <--[clang]
if (responses[0] == NULL) {
^
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 2 Aug 2019 10:45:48 +0000 (10:45 +0000)]
s3/librpc/crypto: clang: warning: Value stored to 'gss_maj' is never read
Fixes: Value stored to 'gss_maj' is never read
source3/librpc/crypto/gse.c:562:3: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer(&gss_min, &out_data);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source3/librpc/crypto/gse.c:687:3: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer(&gss_min, &out_data);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source3/librpc/crypto/gse.c:739:3: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer(&gss_min, &msg_min);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source3/librpc/crypto/gse.c:742:3: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer(&gss_min, &msg_maj);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4 warnings generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Thu, 8 Aug 2019 14:10:30 +0000 (15:10 +0100)]
s4/libcli/clideltree.c: clang: Value stored to 'status' is never read
Fixes:
source4/libcli/clideltree.c:113:3: warning: Value stored to 'status' is never read <--[clang]
status = smbcli_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/clideltree.c:131:3: warning: Value stored to 'status' is never read <--[clang]
status = smbcli_setatr(dstate.tree, dname, FILE_ATTRIBUTE_NORMAL, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Mon, 29 Jul 2019 11:44:26 +0000 (11:44 +0000)]
s4/libcli/smb2: clang: Fix 'value stored to 'status' is never read'
Fixes:
source4/libcli/smb2/util.c:134:3: warning: Value stored to 'status' is never read <--[clang]
status = smb2_util_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/smb2/util.c:187:5: warning: Value stored to 'status' is never read <--[clang]
status = smb2_util_setatr(tree, name, FILE_ATTRIBUTE_NORMAL);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/smb2/util.c:209:3: warning: Value stored to 'status' is never read <--[clang]
status = smb2_util_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3 warnings generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Mon, 29 Jul 2019 11:22:29 +0000 (11:22 +0000)]
s4/libcli/smb2: clang: Fix Passed-by-value arg contains uninitialized data
Fixes:
source4/libcli/smb2/getinfo.c:222:11: warning: Passed-by-value struct argument contains uninitialized data (e.g., field: 'data') <--[clang]
status = smb_raw_fsinfo_passthru_parse(b.out.blob, mem_ctx, io->generic.level, io);
^
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 26 Jul 2019 16:23:45 +0000 (16:23 +0000)]
s4/libcli/raw: clang: Fix 'Value stored to 'p' is never read'
Fixes:
source4/libcli/raw/clisession.c:198:4: warning: Value stored to 'p' is never read <--[clang]
p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->old.out.domain, p, -1, STR_TERMINATE);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/raw/clisession.c:212:5: warning: Value stored to 'p' is never read <--[clang]
p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->nt1.out.domain, p, -1, STR_TERMINATE);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/raw/clisession.c:232:3: warning: Value stored to 'p' is never read <--[clang]
p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->spnego.out.workgroup, p, -1, STR_TERMINATE);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 26 Jul 2019 16:18:49 +0000 (16:18 +0000)]
s4/libcli/raw: clang: Fix 'Dereference of null pointer'
Fixes:
source4/libcli/raw/rawfileinfo.c:597:2: warning: Dereference of null pointer <--[clang]
SMBCLI_CHECK_WCT(req, 10);
^
source4/libcli/raw/rawfileinfo.c:639:2: warning: Dereference of null pointer <--[clang]
SMBCLI_CHECK_WCT(req, 11);
^
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Noel Power [Fri, 26 Jul 2019 15:06:54 +0000 (15:06 +0000)]
s4/libcli/raw: clang: Fix 'Access to field results in a deref of a null ptr
Fixes:
source4/libcli/raw/rawfileinfo.c:301:56: warning: Access to field 'transport' results in a dereference of a null pointer (loaded from variable 'session') <--[clang]
parms->standard.out.create_time = raw_pull_dos_date2(session->transport,
^
source4/libcli/raw/rawfileinfo.c:314:55: warning: Access to field 'transport' results in a dereference of a null pointer (loaded from variable 'session') <--[clang]
parms->ea_size.out.create_time = raw_pull_dos_date2(session->transport,
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Ralph Boehme [Tue, 3 Sep 2019 13:33:42 +0000 (15:33 +0200)]
vfs_fileid: add "fsname_norootdir_ext" option
This can be used to deliberately break lock coherency between all smbd processes
in the whole cluster for the root directory of a share.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Sep 25 00:48:45 UTC 2019 on sn-devel-184
Ralph Boehme [Thu, 12 Sep 2019 12:36:17 +0000 (14:36 +0200)]
vfs_fileid: add extid mapping hooks
For this always ends up calling fileid_extid_mapping_zero(), so no change in
behaviour. This will change in a subsequent commit.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 06:10:26 +0000 (08:10 +0200)]
selftest/Samba3.pm: use "winbind use krb5 enterprise principals = yes" for ad_member
This demonstrates that can do krb5_auth in winbindd without knowning about trusted domains.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Sep 24 19:51:29 UTC 2019 on sn-devel-184
Stefan Metzmacher [Wed, 18 Sep 2019 06:02:38 +0000 (08:02 +0200)]
selftest/Samba3.pm: use "winbind scan trusted domains = no" for ad_member
This demonstrates that we rely on knowning about trusted domains before
we can do krb5_auth in winbindd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Sat, 10 Jun 2017 12:38:40 +0000 (14:38 +0200)]
selftest/tests.py: test pam_winbind for trusts domains
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Mon, 20 Mar 2017 10:39:41 +0000 (11:39 +0100)]
selftest: Export TRUST information in the ad_member target environment
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 12:03:34 +0000 (14:03 +0200)]
selftest/tests.py: test pam_winbind with a lot of username variations
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 06:08:57 +0000 (08:08 +0200)]
selftest/tests.py: test pam_winbind with krb5_auth
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 23:25:23 +0000 (01:25 +0200)]
selftest/tests.py: prepare looping over pam_winbindd tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 23:25:58 +0000 (01:25 +0200)]
test_pam_winbind.sh: allow different pam_winbindd config options to be specified
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 20 Sep 2019 06:13:28 +0000 (08:13 +0200)]
tests/pam_winbind.py: allow upn names to be used in USERNAME with an empty DOMAIN value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 06:04:42 +0000 (08:04 +0200)]
tests/pam_winbind.py: turn pypamtest.PamTestError into a failure
A failure generated by the AssertionError() checks can be added
to selftest/knownfail.d/*.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 19 Jul 2019 15:10:09 +0000 (15:10 +0000)]
s3:winbindd: implement the "winbind use krb5 enterprise principals" logic
We can use enterprise principals (e.g. upnfromB@B.EXAMPLE.COM@PRIMARY.A.EXAMPLE.COM)
and delegate the routing decisions to the KDCs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 11 Sep 2019 14:44:43 +0000 (16:44 +0200)]
docs-xml: add "winbind use krb5 enterprise principals" option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 13:52:25 +0000 (15:52 +0200)]
krb5_wrap: let smb_krb5_parse_name() accept enterprise principals
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 14:04:30 +0000 (16:04 +0200)]
s3:libads: ads_krb5_chg_password() should always use the canonicalized principal
We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.
There's no reason to have a different logic between MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 14:04:30 +0000 (16:04 +0200)]
s4:auth: kinit_to_ccache() should always use the canonicalized principal
We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.
There's no reason to have a different logic between MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 14:04:30 +0000 (16:04 +0200)]
krb5_wrap: smb_krb5_kinit_password_ccache() should always use the canonicalized principal
We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.
There's no reason to have a different logic between MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 13 Sep 2019 14:04:30 +0000 (16:04 +0200)]
s3:libads/kerberos: always use the canonicalized principal after kinit
We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.
There's no reason to have a different logic between MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 06:49:13 +0000 (08:49 +0200)]
s3:libsmb: let cli_session_creds_prepare_krb5() update the canonicalized principal to cli_credentials
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 08:08:10 +0000 (10:08 +0200)]
s3:libsmb: avoid wrong debug message in cli_session_creds_prepare_krb5()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 16 Sep 2019 15:14:11 +0000 (17:14 +0200)]
s3:libads: let kerberos_kinit_password_ext() return the canonicalized principal/realm
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 17 Sep 2019 06:05:09 +0000 (08:05 +0200)]
s4:auth: use the correct client realm in gensec_gssapi_update_internal()
The function gensec_gssapi_client_creds() may call kinit and gets
a TGT for the user. The principal provided by the user may not
be canonicalized. The user may use 'given.last@example.com'
but that may be mapped to glast@AD.EXAMPLE.PRIVATE in the background.
It means we should use client_realm = AD.EXAMPLE.PRIVATE
instead of client_realm = EXAMPLE.COM
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 18 Sep 2019 11:58:46 +0000 (13:58 +0200)]
nsswitch: add logging to wbc_auth_error_to_pam_error() for non auth errors
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Björn Jacke [Fri, 23 Aug 2019 00:19:20 +0000 (02:19 +0200)]
wscript_build: string concatenation efficiency cleanup
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Tue Sep 24 13:40:21 UTC 2019 on sn-devel-184
Björn Jacke [Fri, 23 Aug 2019 00:21:17 +0000 (02:21 +0200)]
pfm_verif: string concatenation efficiency cleanup
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:10:19 +0000 (23:10 +0200)]
scripting: avoid inefficient string redefinition
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:09:19 +0000 (23:09 +0200)]
wscript: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:08:18 +0000 (23:08 +0200)]
s3/wscript: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:07:48 +0000 (23:07 +0200)]
posixacl.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:07:13 +0000 (23:07 +0200)]
auth_log_winbind.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:06:19 +0000 (23:06 +0200)]
schema.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:06:00 +0000 (23:06 +0200)]
user.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:05:31 +0000 (23:05 +0200)]
gpo.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:05:10 +0000 (23:05 +0200)]
kcc_utils.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:04:25 +0000 (23:04 +0200)]
traffic.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Martin Schwenke [Mon, 9 Sep 2019 07:59:15 +0000 (17:59 +1000)]
ctdb-tests: Switch TEST_VAR_DIR to a local script variable
This is now local to run_tests.sh.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Sep 24 03:46:59 UTC 2019 on sn-devel-184
Martin Schwenke [Mon, 9 Sep 2019 06:13:45 +0000 (16:13 +1000)]
ctdb-tests: Use CTDB_TEST_TMP_DIR in integration.bash
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 5 Sep 2019 03:57:35 +0000 (13:57 +1000)]
ctdb-tests: Switch simple tests to use CTDB_TEST_TMP_DIR
CTDB_TEST_TMP_DIR repaces SIMPLE_TESTS_VAR_DIR. local.bash no longer
needs to ensure that TEST_VAR_DIR is set, since it longer uses this
variable. Drop the comment because state has not been maintained
between tests for some time.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 11:35:39 +0000 (21:35 +1000)]
ctdb-tests: Switch takeover helper unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 11:35:16 +0000 (21:35 +1000)]
ctdb-tests: Switch tool unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 09:58:46 +0000 (19:58 +1000)]
ctdb-tests: Switch onnode unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 10:13:19 +0000 (20:13 +1000)]
ctdb-tests: Switch eventscript unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 11:35:54 +0000 (21:35 +1000)]
ctdb-tests: Switch eventd unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 11:47:52 +0000 (21:47 +1000)]
ctdb-tests: Switch cunit unit tests to use CTDB_TEST_TMP_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 5 Sep 2019 03:42:26 +0000 (13:42 +1000)]
ctdb-tests: Add new variable CTDB_TEST_TMP_DIR
This is a subdirectory of TEST_VAR_DIR that is unique to the current
test suite. It is recreated for each individual test.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 9 Sep 2019 06:19:52 +0000 (16:19 +1000)]
ctdb-tests: Move setting of CTDB_TEST_SUITE_DIR to run_tests.sh
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 6 Sep 2019 10:54:37 +0000 (20:54 +1000)]
ctdb-tests: Rename variable TEST_SUBDIR -> CTDB_TEST_SUITE_DIR
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 5 Sep 2019 05:47:13 +0000 (15:47 +1000)]
ctdb-tests: Use local_daemons.sh onnode for local daemons tests
With some upcoming changes, the setting of CTDB_BASE becomes
problematic because it will be included unconditionally whereas it is
currently being conveniently and almost accidentally not include in
some contexts.
So, instead of trying to coerce onnode into behaving as desired, have
the local daemons tests use local_daemons.sh onnode directly.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 Sep 2019 06:57:36 +0000 (16:57 +1000)]
ctdb-tests: Use local $ctdb_base instead of $CTDB_BASE
The latter might not be defined in a test.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 23 Sep 2019 06:13:05 +0000 (16:13 +1000)]
ctdb-tests: Generalise pattern for matching valgrind memcheck executable
On my laptop this is "memcheck-amd64-linux instead of just "memcheck".
Alternatively, this part of the test could simply be skipped if
$VALGRIND is set.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Volker Lendecke [Fri, 20 Sep 2019 15:37:28 +0000 (08:37 -0700)]
smbd: Add an error return END_PROFILE call
All other return; statements in reply_tcon_and_X have this
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Sep 23 17:06:25 UTC 2019 on sn-devel-184
Björn Jacke [Sat, 21 Sep 2019 11:24:59 +0000 (13:24 +0200)]
classicupgrade: fix a a bytes-like object is required, not 'str' error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14136
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Björn Baumbach <bb@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Mon Sep 23 12:58:20 UTC 2019 on sn-devel-184
Björn Jacke [Mon, 23 Sep 2019 06:57:33 +0000 (08:57 +0200)]
fault.c: improve fault_report message text pointing to our wiki
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14139
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:03:54 +0000 (23:03 +0200)]
samba_version.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Sep 21 20:50:17 UTC 2019 on sn-devel-184
Björn Jacke [Sun, 25 Aug 2019 21:02:37 +0000 (23:02 +0200)]
samba_deps.py avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:02:00 +0000 (23:02 +0200)]
samba_bundled.py avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 21:01:22 +0000 (23:01 +0200)]
samba_autoconf.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 20:53:59 +0000 (22:53 +0200)]
samba_abi.py: avoid inefficient string concatenations
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Björn Jacke [Sun, 25 Aug 2019 22:50:29 +0000 (00:50 +0200)]
user.py: import tempfile module only where needed
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Günther Deschner [Sat, 28 Oct 2017 08:44:11 +0000 (10:44 +0200)]
spoolss: Add PRINTER_DRIVER_CATEGORY_3D driver define
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Sep 20 12:58:49 UTC 2019 on sn-devel-184
Günther Deschner [Wed, 18 Sep 2019 17:41:50 +0000 (19:41 +0200)]
s4-torture: add netr_LogonGetDomainInfo NDR(64) tests
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Sep 20 02:32:44 UTC 2019 on sn-devel-184
Günther Deschner [Wed, 18 Sep 2019 23:55:09 +0000 (01:55 +0200)]
s4-torture: reformat test table in ndr test
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Wed, 18 Sep 2019 17:48:40 +0000 (19:48 +0200)]
torture: add torture_suite_add_ndr_pull_io_test_flags()
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Wed, 18 Sep 2019 02:11:33 +0000 (04:11 +0200)]
s3-rpcclient: add logongetdomaininfo command
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Mon, 20 Jul 2015 12:00:05 +0000 (14:00 +0200)]
libcli/auth: add netlogon_creds_cli_LogonGetDomainInfo()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 15 Aug 2019 11:22:43 +0000 (13:22 +0200)]
netlogon.idl: fix the marshalling of netr_trust_extension_container for NDR64
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 15 Aug 2019 11:22:43 +0000 (13:22 +0200)]
netlogon.idl: fix the marshalling of netr_OsVersion for NDR64
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 20 Mar 2018 11:40:25 +0000 (12:40 +0100)]
security.idl: add SE_GROUP_INTEGRITY[_ENABLED] to security_GroupAttrs
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 20 Mar 2018 11:39:02 +0000 (12:39 +0100)]
librpc/idl: change from samr_GroupAttrs in samr.idl to security_GroupAttrs in security.idl
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 22:44:33 +0000 (23:44 +0100)]
security.idl: add GUID_DRS_ALLOWED_TO_AUTHENTICATE
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Günther Deschner [Thu, 12 Sep 2019 21:27:13 +0000 (23:27 +0200)]
misc: fix AD trust attributes in adssearch
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Thu, 12 Sep 2019 14:36:20 +0000 (16:36 +0200)]
lsa: document new LSA trust attributes
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Günther Deschner [Thu, 12 Sep 2019 14:39:10 +0000 (16:39 +0200)]
s3-winbindd: fix forest trusts with additional trust attributes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14130
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Mon, 16 Sep 2019 23:50:33 +0000 (01:50 +0200)]
s3-libads: adapt to coding standards, no code changes
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Sep 19 20:48:45 UTC 2019 on sn-devel-184
Karolin Seeger [Thu, 19 Sep 2019 07:19:40 +0000 (09:19 +0200)]
s3/vfs_shadow_copy2.c: Fix typo in comment.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Thu Sep 19 14:09:44 UTC 2019 on sn-devel-184
Karolin Seeger [Thu, 19 Sep 2019 07:18:44 +0000 (09:18 +0200)]
docs: Fix typo in vfs_ceph_snapshots man page.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Andrew Bartlett [Fri, 16 Aug 2019 08:54:03 +0000 (20:54 +1200)]
replace: Remove crypt() reimplementation
Use of Samba with plaintext authenticaiton is incredibly rare, even more
rare is plaintext authentication on systems without a crypt() call and
where DES based crypt() would be the right thing to do.
Remove this additional cryptographic code per our current efforts
to rely entirely on external libraries instead.
Similar to the arguments in this thread about zlib discussed on
samba-technical here:
https://lists.samba.org/archive/samba-technical/2019-May/133476.html
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Sep 19 09:28:21 UTC 2019 on sn-devel-184
Volker Lendecke [Fri, 30 Aug 2019 13:08:40 +0000 (15:08 +0200)]
messaging: Do POOL_USAGE via a socket
This makes debugging run-away processes much more efficient and even
possible at all: If the pool-usage output is more than 256MB, the
previous code could not realloc it and threw it away. Also, it is not
helpful for an already huge process to allocate even more.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 18 21:27:30 UTC 2019 on sn-devel-184
Volker Lendecke [Fri, 30 Aug 2019 15:09:20 +0000 (17:09 +0200)]
lib: Add talloc_full_report_printf()
Print the talloc full report into a FILE*. talloc itself provides a
very similar function, talloc_report_full(). However, that has a
slightly different output, in particular it does not print the
contents of strings, which is very handy for debugging.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 2 Sep 2019 09:41:05 +0000 (11:41 +0200)]
lib: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 18 Sep 2019 16:19:37 +0000 (09:19 -0700)]
messaging4: Pass fds to messaging handlers
Boiler-plate replacement moving the (num_fds!=0) check down
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>