s3:tests: Reformat xattr-tdb-1/run.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat vfstest-catia/run.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat vfstest-acl/run.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat stream-depot/run.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat full_audit_segfault/run.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat wb_pad.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_zero_data.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_winbind_ignore_domains.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_wbinfo_sids2xids.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_wbinfo_lookuprids_cache.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_virus_scanner.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_veto_rmdir.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_valid_users.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_usernamemap.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_timestamps.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_tevent_glib_glue.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_testparm_s3.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

security.idl: add missing BUILTIN SIDs

see:
https://docs.microsoft.com/en-us/windows/win32/secauthz/well-known-sids
https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/active-directory-security-groups
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/security-identifiers-in-windows

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 20 18:18:15 UTC 2022 on sn-devel-184

s3: VFS: streams_xattr: Add the same accommodation to streams_xattr_unlinkat() as used in streams_xattr_renameat().

vfs_fruit passes a synthetic filename here where smb_fname->fsp==NULL
when configured to use "fruit:resource = stream" so we need to use
synthetic_pathref() to get an fsp on the smb_fname->base_name
in order to call SMB_VFS_FREMOVEXATTR().

This is the same change we already use in streams_xattr_renameat()
and streams_xattr_stat(), the other pathname operations we implement
here.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15099

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Jun 20 14:24:20 UTC 2022 on sn-devel-184

s3: tests: Add test that shows smbd crashes using vfs_fruit with fruit:resource = stream on deleting a file.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15099

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

s3/client: fix dfs deltree, resolve dfs path

since 4cc4938a2866738aaff4dc91550bb7a5ad05d7fb do_list seems
to deal with non dfs root path, hence we need to resolve the
path before calling cli_unlink.

Also remove the knownfail

We additionally have to also remove the fallback to remove 'file3'
int the smbcacls_dfs_propagate_inherit.teardown as the deltree
that happens in the baseclass now succeeds.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 17 17:12:07 UTC 2022 on sn-devel-184

Add test smbclient 'delree' of dir (on DFS share)

deltree of a file on a DFS share results in NT_STATUS_OBJECT_PATH_NOT_FOUND
Addionally add a knownfail for this (to be removed in subsequent patch
to fix bug)
We also need to add a knownfail (which will not be removed) for the
new test which will fail in smb1 envs

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3/client: fix dfs delete, resolve dfs path

since 4cc4938a2866738aaff4dc91550bb7a5ad05d7fb do_list seems
to deal with non dfs root path, hence we need to resolve the
path before calling cli_unlink.

Also remove the knownfail

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Add test smbclient 'del' of file (on DFS share)

del of a file on a DFS share results in NT_STATUS_OBJECT_PATH_NOT_FOUND

Addionally add a knownfail (will be removed in following patch to
fix the bug)
We also need to add a knownfail (which will not be removed) for the
new test which will fail in smb1 envs

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Add new dfs node msdfs-share pointing to new msdfs-share2

Also add another node within msdfs-share2 pointing to normal share

This patch is in preperation for creating a test for 'del' &
'deltree' on DFS shares. The extra redirection is necessary to
reproduce the bug

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15100

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4/torture/unix_info2: return NULL on failure

false is also NULL, but NULL is NULLer.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 17 02:18:32 UTC 2022 on sn-devel-184

bind_dlz: some commentary for b9_format

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dns/dlz: remember old timestamp for dynamic records

If we don't tell dns_common_replace() the old timestamp, it will
think the node is static because the timestamp is 0.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dlz_bind9: call dns_name_is_static before adding space for record

dns_name_is_static is called after adding a uninitialized element to
recs. There is a chance that the uninizialized memory reads a element
with dwTimeStamp=0 and wType!=0. In that case dns_name_is_static will
return true

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Michael Saxl <mike@mwsys.mine.bz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tortures/dlz: more DNS update tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

torture: add torture_assertf()

Often we go 'torture_assert(tctx, expr, talloc_asprintf(tctx, "foo
%s", foo));' which is just a pain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

torture/bind_dlz: return the right kind of failure

torture_fail() is a macro that returns false, which evaluates to ISC_R_SUCCESS
in int context.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

torture/dlz: minor reformatting for README.Coding

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

torture/dlz: reserve test_ prefix for actual tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

torture/dlz: putrr callback recognises more than A records

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15040

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

util/debug: share classname table with tests

The executables generated from lib/util/tests/test_logging.c are used
by the samba.tests.logfiles tests to test logging with various
smb.confs that assign classes to various files at different levels
etc.

Previously test_logging.c had its own version of the table; now it
shares one with debug.c

We put the table in a sub-directory (lib/util/debug-classes/), because
adding local_include=True to the wscript_build stanza causes the
compiler confusion between <time.h> and lib/util/time.h.

Note: there are still two other lists of the class names, in
python/samba/tests/logfiles.py and
docs-xml/smbdotconf/logging/loglevel.xml.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

debug: add DBG_DEV()

This can be a useful macro when you are trying to track the behaviour
of one process out of the dozens that samba starts up, and when your
interest is in following it over time, not necessarily in a single
stack.

In DEVELOPER mode, if you call 'debug_developer_enable()' in the
process you're following, then any instances of DBG_DEV() will work
like DBG_ERR(), also adding ":DEV:12345:" where "12345" is the pid of
th current process.

Within debug.c itself, the macro always writes to stderr, because the
debug.c functions are not all reentrant.

When not in DEVELOPER MODE, the macro evaluates to nothing.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

debug: drop an '#if _SAMBA_BUILD_ == 3'

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests: rename logging test source

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests: adapt logging test for s3.

There is one knownfail, where it seems an smb.conf like

   log file = foo
   log level = 2 tdb:2@baa ldb:3

will send the ldb logs to 'baa' instead of 'foo' (i.e., the last
opened log file, rather than the default log file).

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests: test source4 cmdline/smb.conf log level

The 'log level' line in smb.conf allows messages from different log
classes to be sent to different places, but we have not tested that
this works. Now we do, somewhat.

The test involves running a special binary based on a stripped down
source4/samba/server.c that just starts up, parses the command line
and a given smb.conf, then logs messages from multiple classes and
exits.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3/smbd: stdin fstat failure is a failure

It seems we forgot we were in main.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_symlink_traversal_smb2.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_symlink_traversal_smb1_posix.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_symlink_traversal_smb1.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_symlink_rename_smb1_posix.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_success.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_substitutions.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_smbtorture_s3.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_smbstatus.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_smbspool.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_smbpasswd.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_smbget.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_smbd_no_krb5.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_smbd_error.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_smbcquota.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3:tests: Reformat test_smbclient_tarmode.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3: VFS: full_audit. Ensure the module doesn't load if an operation name is miss-spelled or otherwise unknown.

Document this new behavior. Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15098

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3: VFS: full_audit: Use correct DBG_ print messages in init_bitmap().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15098

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3: test: Add tests to show we still connect to a full_audit share with a bad success or fail VFS names.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15098

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

ctdb-daemon: Use DEBUG() macro for child logging

Directly using dbgtext() with file logging results in a log entry with
no header, which is wrong.  This is a regression, introduced in commit
10d15c9e5dfe4e8595d0b322c96f474fc7078f46.  Prior to this, CTDB's
callback for file logging would always add a header.

Use DEBUG() instead dbgtext().  Note that DEBUG() effectively compares
the passed script_log_level with DEBUGLEVEL, so an explicit check is
no longer necessary.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jun 16 13:33:10 UTC 2022 on sn-devel-184

ctdb-daemon: Drop unused prefix, logfn, logfn_private

These aren't set anywhere in the code.

Drop the log argument because it is also no longer used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>

ctdb-common: Tell file logging not to redirect stderr

This allows ctdb_set_child_logging() to work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>

util: Add new debug setting debug_no_stderr_redirect

CTDB doesn't want this redirection of stderr to the log file.  It
expects to be able to capture stderr of subprocesses and log them with
a header.  This redirection stops that from happening.

Unfortunately this has to be a negative option (i.e. "no" in the name)
so that the default of 0/false maintains existing behaviour.

Note that the default behaviour is sub-optimal because it causes raw
data (i.e. debug data without a header) to appear in the log.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15090

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>

s3:tests: Reformat test_smbclient_s3.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 15 06:54:49 UTC 2022 on sn-devel-184

vfs_btrfs: reduce loglevel message to DEBUG in btrfs_fget_compression()

This restores behaviour of previous versions. The proper fix would be for the
ioctl() to work on O_PATH handles.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15004

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 14 18:27:43 UTC 2022 on sn-devel-184

s4:kdc: Make RBCD access check less strict

Windows only requires SEC_ADS_CONTROL_ACCESS for the check to pass.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 14 15:38:23 UTC 2022 on sn-devel-184

third_party/heimdal: Fix build with gcc version 12.1

Split lib/krb5/crypto to its own subsystem to built with its own CFLAGS
and avoid the following error:

    [1510/4771] Compiling third_party/heimdal/lib/krb5/crypto.c
    ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘_krb5_internal_hmac’:
    ../../third_party/heimdal/lib/krb5/crypto.c:302:24: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual]
      302 |     iov[0].data.data = (void *) data;
          |                        ^
    ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘derive_key_sp800_hmac’:
    ../../third_party/heimdal/lib/krb5/crypto.c:2427:18: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual]
     2427 |     label.data = (void *)constant;
          |                  ^
    ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘decrypt_internal_derived’:
    ../../third_party/heimdal/lib/krb5/crypto.c:1280:9: error: pointer ‘p’ may be used after ‘realloc’ [-Werror=use-after-free]
     1280 |         free(p);
          |         ^~~~~~~
    ../../third_party/heimdal/lib/krb5/crypto.c:1278:20: note: call to ‘realloc’ here
     1278 |     result->data = realloc(p, l);
          |                    ^~~~~~~~~~~~~
    ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘decrypt_internal_enc_then_cksum’:
    ../../third_party/heimdal/lib/krb5/crypto.c:1365:9: error: pointer ‘p’ may be used after ‘realloc’ [-Werror=use-after-free]
     1365 |         free(p);
          |         ^~~~~~~
    ../../third_party/heimdal/lib/krb5/crypto.c:1363:20: note: call to ‘realloc’ here
     1363 |     result->data = realloc(p, l);
          |                    ^~~~~~~~~~~~~
    ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘decrypt_internal’:
    ../../third_party/heimdal/lib/krb5/crypto.c:1431:9: error: pointer ‘p’ may be used after ‘realloc’ [-Werror=use-after-free]
     1431 |         free(p);
          |         ^~~~~~~
    ../../third_party/heimdal/lib/krb5/crypto.c:1429:20: note: call to ‘realloc’ here
     1429 |     result->data = realloc(p, l);
          |                    ^~~~~~~~~~~~~
    ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘decrypt_internal_special’:
    ../../third_party/heimdal/lib/krb5/crypto.c:1478:9: error: pointer ‘p’ may be used after ‘realloc’ [-Werror=use-after-free]
     1478 |         free(p);
          |         ^~~~~~~
    ../../third_party/heimdal/lib/krb5/crypto.c:1476:20: note: call to ‘realloc’ here
     1476 |     result->data = realloc(p, sz);
          |                    ^~~~~~~~~~~~~~
    cc1: all warnings being treated as errors

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15095

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Samuel Cabrero <scabrero@samba.org>
Autobuild-Date(master): Tue Jun 14 10:16:18 UTC 2022 on sn-devel-184

replace: Check for -Wuse-after-free

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15095

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/krb5: Use object() rather than auto() to initialise enums

This ensures that when an enum value is expected, a magic constant won't
be supplied instead.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun 14 08:18:06 UTC 2022 on sn-devel-184

dsdb/common: Make some parameters const

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

lib:krb5_wrap: Add const to parameters for smb_krb5_create_key_from_string()

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s4:kdc: Add space in error message

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

python: Don't use deprecated escape sequences

Certain escape sequences are not valid in Python string literals, and
will eventually result in a SyntaxError.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli/security: Fix typos

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli:util: Update werror table

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libgpo/admx/en-US/samba.adml spelling: authencication paramter

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 10 19:04:57 UTC 2022 on sn-devel-184

spelling: connnect encrytion exisit expection explicit invalide missmatch paramater paramter partion privilige relase reponse seperate unkown verson authencication progagated

Tree-wide spellcheck for some common misspellings.

source3/utils/status.c has misspelled local variable (unkown_dialect).

"missmatch" is a known historical misspelling, only the incorrect
misspellings are fixed.

source3/locale/net/de.po has the spelling error (unkown) in two msgids -
it probably should be updated with current source.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:tests: Reformat test_smbclient_ntlm.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jun 10 14:51:39 UTC 2022 on sn-devel-184

s3:tests: Reformat test_smbclient_netbios_aliases.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_mget.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_machine_auth.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_log_basename.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_list_servers.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_large_file.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_krb5.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_kerberos.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_iconv.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_encryption_off.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_encryption.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_basic.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbclient_auth.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smbXsrv_client_dead_rec.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smb2_not_casesensitive.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smb1_system_security.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_smb1_shadow_copy_torture.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_sharesec.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_shareenum.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_shadow_copy_torture.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s3:tests: Reformat test_sacl_set_get.sh

shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>