kai/samba-autobuild/.git
3 years agodocs-xml:smbdotconf: default "ntlm auth" to "no"
Stefan Metzmacher [Tue, 15 Mar 2016 20:59:42 +0000 (21:59 +0100)]
docs-xml:smbdotconf: default "ntlm auth" to "no"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agoselftest: set "ntlm auth = yes" for now as a lot of tests rely on it
Stefan Metzmacher [Thu, 21 Jul 2016 07:26:27 +0000 (09:26 +0200)]
selftest: set "ntlm auth = yes" for now as a lot of tests rely on it

In future we should use a mix of environments some which support ntlmv1
and some without.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agos3:selftest: run smbclient_auth with a few more combinations
Stefan Metzmacher [Thu, 21 Jul 2016 17:45:04 +0000 (19:45 +0200)]
s3:selftest: run smbclient_auth with a few more combinations

E.g. we try lanman, ntlmv1 and ntlmv2 authentication.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agos3:tests: add 'as user' to the test names in test_smbclient_auth.sh
Stefan Metzmacher [Thu, 21 Jul 2016 17:41:57 +0000 (19:41 +0200)]
s3:tests: add 'as user' to the test names in test_smbclient_auth.sh

We already have 'as anon', having an indication for each case makes it
easier to mark some as knownfail.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agos3:ntlm_auth: call fault_setup() in order to get usefull backtraces
Stefan Metzmacher [Wed, 11 May 2016 21:09:53 +0000 (23:09 +0200)]
s3:ntlm_auth: call fault_setup() in order to get usefull backtraces

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agoWHATSNEW. Add text for Open File Description (OFD) locks.
Jeremy Allison [Thu, 21 Jul 2016 23:24:59 +0000 (16:24 -0700)]
WHATSNEW. Add text for Open File Description (OFD) locks.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jul 22 14:13:52 CEST 2016 on sn-devel-144

3 years agoWHATSNEW: SMB 2.1 leases enabled by default
Ralph Boehme [Thu, 21 Jul 2016 19:21:46 +0000 (12:21 -0700)]
WHATSNEW: SMB 2.1 leases enabled by default

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
3 years agosmbd: Enable leases by default
Volker Lendecke [Wed, 20 Jul 2016 10:32:58 +0000 (12:32 +0200)]
smbd: Enable leases by default

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
3 years agos4: torture: Don't crash if connections fail and treeXX variables are left as NULL.
Jeremy Allison [Thu, 21 Jul 2016 19:49:57 +0000 (12:49 -0700)]
s4: torture: Don't crash if connections fail and treeXX variables are left as NULL.

Correctly log as torture fail.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
3 years agoctdb-pcp-pmda: Reimplement using new client API
Amitay Isaacs [Wed, 14 Oct 2015 04:49:12 +0000 (15:49 +1100)]
ctdb-pcp-pmda: Reimplement using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Jul 22 10:31:57 CEST 2016 on sn-devel-144

3 years agoctdb-tests: Add torture test for fetch functions
Amitay Isaacs [Thu, 5 May 2016 04:51:07 +0000 (14:51 +1000)]
ctdb-tests: Add torture test for fetch functions

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Remove unused tests code
Amitay Isaacs [Wed, 20 Apr 2016 08:30:30 +0000 (18:30 +1000)]
ctdb-tests: Remove unused tests code

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Rename ctdb_porting_tests to porting_tests
Amitay Isaacs [Wed, 20 Apr 2016 06:14:39 +0000 (16:14 +1000)]
ctdb-tests: Rename ctdb_porting_tests to porting_tests

and create unit test for it.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Rename ctdb_lock_tdb to lock_tdb
Amitay Isaacs [Wed, 20 Apr 2016 06:03:41 +0000 (16:03 +1000)]
ctdb-tests: Rename ctdb_lock_tdb to lock_tdb

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Convert rb_test into a unit test
Amitay Isaacs [Wed, 20 Apr 2016 05:56:13 +0000 (15:56 +1000)]
ctdb-tests: Convert rb_test into a unit test

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Replace ctdb_update_record_persistent with update_record_persistent
Amitay Isaacs [Wed, 20 Apr 2016 04:29:56 +0000 (14:29 +1000)]
ctdb-tests: Replace ctdb_update_record_persistent with update_record_persistent

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Replace ctdb_update_record with update_record using new client API
Amitay Isaacs [Wed, 20 Apr 2016 04:27:40 +0000 (14:27 +1000)]
ctdb-tests: Replace ctdb_update_record with update_record using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Replace ctdb_transaction with transaction_loop using new client API
Amitay Isaacs [Mon, 18 Apr 2016 07:11:36 +0000 (17:11 +1000)]
ctdb-tests: Replace ctdb_transaction with transaction_loop using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Replace ctdb_fetch_readonly_loop with fetch_readonly_loop using new clien...
Amitay Isaacs [Sat, 21 Nov 2015 11:50:59 +0000 (22:50 +1100)]
ctdb-tests: Replace ctdb_fetch_readonly_loop with fetch_readonly_loop using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Replace ctdb_fetch_readonly_once with fetch_readonly using new client API
Amitay Isaacs [Wed, 20 Apr 2016 04:49:47 +0000 (14:49 +1000)]
ctdb-tests: Replace ctdb_fetch_readonly_once with fetch_readonly using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Replace ctdb_fetch_one with fetch_loop using new client API
Amitay Isaacs [Fri, 20 Nov 2015 05:24:34 +0000 (16:24 +1100)]
ctdb-tests: Replace ctdb_fetch_one with fetch_loop using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Replace ctdb_fetch with fetch_ring using new client API
Amitay Isaacs [Tue, 17 Nov 2015 21:51:41 +0000 (08:51 +1100)]
ctdb-tests: Replace ctdb_fetch with fetch_ring using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Replace ctdb_bench with message_ring using new client API
Amitay Isaacs [Tue, 10 Nov 2015 05:00:07 +0000 (16:00 +1100)]
ctdb-tests: Replace ctdb_bench with message_ring using new client API

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Add torture test for g_lock functions
Amitay Isaacs [Tue, 19 Apr 2016 06:18:54 +0000 (16:18 +1000)]
ctdb-tests: Add torture test for g_lock functions

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Common code to process commandline options
Amitay Isaacs [Wed, 18 Nov 2015 01:46:08 +0000 (12:46 +1100)]
ctdb-tests: Common code to process commandline options

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoctdb-tests: Common code to wait for synchronization across cluster
Amitay Isaacs [Wed, 18 Nov 2015 01:18:14 +0000 (12:18 +1100)]
ctdb-tests: Common code to wait for synchronization across cluster

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
3 years agoWHATSNEW: Add the update for the samba kcc
Garming Sam [Thu, 30 Jun 2016 00:19:32 +0000 (12:19 +1200)]
WHATSNEW: Add the update for the samba kcc

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu Jul 21 10:17:52 CEST 2016 on sn-devel-144

3 years agosamba_kcc: Enable the python samba_kcc
Garming Sam [Wed, 29 Jun 2016 22:54:29 +0000 (10:54 +1200)]
samba_kcc: Enable the python samba_kcc

For any reasonably large domain, the old KCC is impractical as the dense
mesh topology causes replication pulses.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agokcc: correct a typo in the debug messages
Garming Sam [Mon, 18 Jul 2016 02:38:40 +0000 (14:38 +1200)]
kcc: correct a typo in the debug messages

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agodbcheck: Add a rule regarding replica locations
Garming Sam [Mon, 18 Jul 2016 05:06:57 +0000 (17:06 +1200)]
dbcheck: Add a rule regarding replica locations

This fixes any RW DCs with repsFrom without the corresponding link. On
any RODC, this just reports an error (and doesn't fix it).

(the knownfail entry is also now removed)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agodbcheck/release-4-1-0rc3: Add a check regarding replica locations
Garming Sam [Wed, 20 Jul 2016 00:47:11 +0000 (12:47 +1200)]
dbcheck/release-4-1-0rc3: Add a check regarding replica locations

This DC has repsFrom for the DNS partitions, but not the corresponding
link. This ensures that dbcheck has fixed them up. This will currently
fail without the actual changes to dbcheck coming in the following
commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agojoin.py: Don't add replica locations without the backend
Garming Sam [Thu, 21 Jul 2016 04:01:20 +0000 (16:01 +1200)]
join.py: Don't add replica locations without the backend

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agojoin.py: Add Replica-Locations for DomainDNS and ForestDNS
Garming Sam [Mon, 18 Jul 2016 01:09:59 +0000 (13:09 +1200)]
join.py: Add Replica-Locations for DomainDNS and ForestDNS

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agojoin.py: Ensure that all expressions are escaped
Garming Sam [Wed, 20 Jul 2016 01:37:47 +0000 (13:37 +1200)]
join.py: Ensure that all expressions are escaped

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agodbcheck: Replica locations can now be leftover
Garming Sam [Thu, 21 Jul 2016 03:34:13 +0000 (15:34 +1200)]
dbcheck: Replica locations can now be leftover

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agokcc: Make more fault tolerant on DC demotion
Garming Sam [Thu, 21 Jul 2016 01:08:31 +0000 (13:08 +1200)]
kcc: Make more fault tolerant on DC demotion

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agosamba_kcc: match translate connection from old KCC for RWDC
Garming Sam [Wed, 20 Jul 2016 22:42:14 +0000 (10:42 +1200)]
samba_kcc: match translate connection from old KCC for RWDC

This makes it so that repsTo are always regenerated on the target DCs.
This also happens elsewhere in drepl_out, but is to be removed.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agosamba_kcc: match translate connection from old KCC for RODC
Garming Sam [Tue, 5 Jul 2016 03:57:28 +0000 (15:57 +1200)]
samba_kcc: match translate connection from old KCC for RODC

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agokcc: Prevent the KCC from doing work on the RODC
Garming Sam [Fri, 1 Jul 2016 05:02:50 +0000 (17:02 +1200)]
kcc: Prevent the KCC from doing work on the RODC

This should never have done any real work, new code or not. This just removes
the initial KCC calls and bails out in the KCC if we actually ran it.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agoselftest: Add more information when KCC fails
Garming Sam [Thu, 21 Jul 2016 01:08:56 +0000 (13:08 +1200)]
selftest: Add more information when KCC fails

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agokcc: Make debug more scarce
Garming Sam [Sun, 3 Jul 2016 23:17:45 +0000 (11:17 +1200)]
kcc: Make debug more scarce

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agodrepl: Fix a typo
Garming Sam [Wed, 20 Jul 2016 21:08:11 +0000 (09:08 +1200)]
drepl: Fix a typo

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agoWHATSNEW: Samba-tool speed-up
Garming Sam [Thu, 21 Jul 2016 04:30:35 +0000 (16:30 +1200)]
WHATSNEW: Samba-tool speed-up

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
3 years agoctdb-tests: Add shellcheck test suite
Martin Schwenke [Thu, 14 Jul 2016 02:01:14 +0000 (12:01 +1000)]
ctdb-tests: Add shellcheck test suite

CTDB has a lot of scripts and shellcheck can be useful to find dubious
scripting practices.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Jul 21 06:06:49 CEST 2016 on sn-devel-144

3 years agoctdb-tests: Add new test support script for script install paths
Martin Schwenke [Thu, 14 Jul 2016 01:58:51 +0000 (11:58 +1000)]
ctdb-tests: Add new test support script for script install paths

This helps unit tests locate CTDB's scripts.  It is being created to
support some new shellcheck unit tests.

Hopefully, it can also be used to simplify some of the symlink
complexity in some other unit tests suites, such as eventscripts.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2006 (legacy `..`)
Martin Schwenke [Thu, 14 Jul 2016 02:58:31 +0000 (12:58 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2006 (legacy `..`)

SC2006: Use $(..) instead of legacy `..`.

Make the obvious changes to $(...) but convert some to $((...)).

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2124 (string=array)
Martin Schwenke [Thu, 14 Jul 2016 02:28:17 +0000 (12:28 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2124 (string=array)

SC2124: Assigning an array to a string!
        Assign as array, or use * instead of @ to concatenate.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2155 (declare, assign)
Martin Schwenke [Thu, 14 Jul 2016 02:27:05 +0000 (12:27 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2155 (declare, assign)

SC2155: Declare and assign separately to avoid masking return values.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2059 ($ in printf format)
Martin Schwenke [Thu, 14 Jul 2016 02:08:04 +0000 (12:08 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2059 ($ in printf format)

SC2059: Don't use variables in the printf format string.
        Use printf "..%s.." "$foo".

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid chellcheck warning SC2012 (ls for file list)
Martin Schwenke [Wed, 13 Jul 2016 01:50:58 +0000 (11:50 +1000)]
ctdb-scripts: Avoid chellcheck warning SC2012 (ls for file list)

SC2012: Use find instead of ls to better handle non-alphanumeric filenames.

Make this cope better with unexpected whitespace.

Unfortunately, this results in shellcheck warning:

  SC2035: Use ./*.tdb.* so names with dashes won't become options.

No!  Then stat(1) will print ./file.tdb.X.  We want the basenames and
we know the filenames don't start with dashes.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2012 (ls for file list)
Martin Schwenke [Tue, 12 Jul 2016 20:53:21 +0000 (06:53 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2012 (ls for file list)

SC2012: Use find instead of ls to better handle non-alphanumeric filenames.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2038 (find without -print0)
Martin Schwenke [Tue, 12 Jul 2016 03:27:08 +0000 (13:27 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2038 (find without -print0)

SC2038: Use -print0/-0 or -exec + to allow for non-alphanumeric filenames.

The suggested options aren't POSIX-compliant.  This is more portable.

Base filenames can't have whitespace so rework to avoid problems with
whitespace in directory name.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2039 (non-portable ulimit options)
Martin Schwenke [Tue, 12 Jul 2016 02:15:12 +0000 (12:15 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2039 (non-portable ulimit options)

SC2039: In POSIX sh, ulimit -c/-n is not supported.

Have shellcheck suppress the warnings.  If -n is not supported then
don't set CTDB_MAX_OPEN_FILES.  If packaging for a platform where -c
is not supported then remove this code and associated documentation.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2039 (test -nt operator)
Martin Schwenke [Tue, 12 Jul 2016 01:57:55 +0000 (11:57 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2039 (test -nt operator)

SC2039: In POSIX sh, -nt is not supported.

This script is specific to the Linux NFS implementation.  The -nt
operator is well supported in Linux shells (e.g. dash, bash, ksh).
The alternatives (e.g. using stat(1)) would result in less readable
code.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2094 (read/write same file)
Martin Schwenke [Mon, 11 Jul 2016 10:53:56 +0000 (20:53 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2094 (read/write same file)

SC2094: Make sure not to read and write the same file in the same pipeline.

The semantics here are unclear, so use a separate flock file in each
case for clarity.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2039 (echo -n)
Martin Schwenke [Wed, 6 Jul 2016 20:41:27 +0000 (06:41 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2039 (echo -n)

SC2039: In POSIX sh, echo flags are not supported.

echo -n is well supported but the changes are simple.

Improve some logic, replace some instances with printf.  Who knew
printf was in POSIX?

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2039 (type command)
Martin Schwenke [Wed, 6 Jul 2016 10:43:29 +0000 (20:43 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2039 (type command)

SC2039: In POSIX sh, 'type' is not supported.

type is commonly supported and is more portable than which(1).

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2015 (A && B || C)
Martin Schwenke [Wed, 6 Jul 2016 10:40:23 +0000 (20:40 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2015 (A && B || C)

SC2015: Note that A && B || C is not if-then-else. C may run when A is
true.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warnings SC2119, SC2120 (function arguments)
Martin Schwenke [Wed, 6 Jul 2016 10:25:57 +0000 (20:25 +1000)]
ctdb-scripts: Avoid shellcheck warnings SC2119, SC2120 (function arguments)

SC2119: Use FUNC "$@" if function's $1 should meanscript's $1.
SC2120: FUNC references arguments, but none are ever passed.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2002 (useless cat)
Martin Schwenke [Wed, 6 Jul 2016 10:17:26 +0000 (20:17 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2002 (useless cat)

SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2017 (arithmetic precision)
Martin Schwenke [Wed, 6 Jul 2016 10:14:03 +0000 (20:14 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2017 (arithmetic precision)

SC2017: Increase precision by replacing a/b*c with a*c/b.

This code intentionally rounds to an even value.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC1004 (backslash in quotes)
Martin Schwenke [Wed, 6 Jul 2016 10:09:07 +0000 (20:09 +1000)]
ctdb-scripts: Avoid shellcheck warning SC1004 (backslash in quotes)

SC1004: You don't break lines with \ in single quotes, it results in
literal backslash-linefeed.

These don't hurt, since awk can cope with the continuations.  However,
they don't add anything.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2154 (unassigned variables)
Martin Schwenke [Wed, 6 Jul 2016 07:41:55 +0000 (17:41 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2154 (unassigned variables)

SC2154: VAR is referenced but not assigned.

Change ctdb_setup_service_state_dir(), ctdb_get_pnn() and
ctdb_get_ip_address() to print the value so it can be assigned to a
variable.  The performance gain from avoiding the sub-shells when
calling these functions is close to zero.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warnings SC2046, SC2086 (double-quoting)
Martin Schwenke [Wed, 6 Jul 2016 07:31:51 +0000 (17:31 +1000)]
ctdb-scripts: Avoid shellcheck warnings SC2046, SC2086 (double-quoting)

SC2046: Quote this to prevent word splitting.
SC2086: Double quote to prevent globbing and word splitting.

Add some quoting where it makes sense.  Use shellcheck directives for
false-positives.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2034 (unused variables)
Martin Schwenke [Wed, 6 Jul 2016 07:16:44 +0000 (17:16 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2034 (unused variables)

SC2034: VAR appears unused. Verify it or export it.

Drop some variables that are unnecessarily used.  Use shellcheck
directive for false-positives.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2004 ($ in arithmetic)
Martin Schwenke [Wed, 6 Jul 2016 06:50:30 +0000 (16:50 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2004 ($ in arithmetic)

SC2004: $/${} is unnecessary on arithmetic variables.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warnings SC2030, SC2031 (subshell variables)
Martin Schwenke [Wed, 6 Jul 2016 06:13:27 +0000 (16:13 +1000)]
ctdb-scripts: Avoid shellcheck warnings SC2030, SC2031 (subshell variables)

SC2030: Modification of VAR is local (to subshell caused by (..) group).
SC2031: VAR was modified in a subshell. That change might be lost.

Fix a related, incorrect comment.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Avoid shellcheck warning SC2016 ($ in single quotes)
Martin Schwenke [Wed, 6 Jul 2016 05:22:19 +0000 (15:22 +1000)]
ctdb-scripts: Avoid shellcheck warning SC2016 ($ in single quotes)

SC2016: Expressions don't expand in single quotes, use double quotes for that.

Error messages are now arguably more readable.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Drop function ctdb_check_counter()
Martin Schwenke [Wed, 6 Jul 2016 05:11:43 +0000 (15:11 +1000)]
ctdb-scripts: Drop function ctdb_check_counter()

It is no longer used and adds needless complexity.

As a side-effect, the functions file can now be parsed by shellcheck.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Drop use of ctdb_check_counter from vsftpd event script
Martin Schwenke [Wed, 6 Jul 2016 05:06:24 +0000 (15:06 +1000)]
ctdb-scripts: Drop use of ctdb_check_counter from vsftpd event script

This makes the logic more obvious.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Drop use of ctdb_check_counter from reclock event script
Martin Schwenke [Wed, 6 Jul 2016 04:28:06 +0000 (14:28 +1000)]
ctdb-scripts: Drop use of ctdb_check_counter from reclock event script

This makes the logic more obvious.

Fix the (probably) accidental fall-through to the regular monitor
failure.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Drop use of ctdb_check_counter from httpd event script
Martin Schwenke [Wed, 6 Jul 2016 04:24:18 +0000 (14:24 +1000)]
ctdb-scripts: Drop use of ctdb_check_counter from httpd event script

This makes the logic more obvious.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Drop use of service_tcp_ports
Martin Schwenke [Wed, 6 Jul 2016 04:32:38 +0000 (14:32 +1000)]
ctdb-scripts: Drop use of service_tcp_ports

This makes the logic more obvious.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Event script indentation and whitespace cleanups
Martin Schwenke [Wed, 6 Jul 2016 04:44:14 +0000 (14:44 +1000)]
ctdb-scripts: Event script indentation and whitespace cleanups

* Re-indent case labels as per new script style

  Other indentation can be tweaked later as code changes, but the
  labels are an obvious bulk change.

* Minor whitespace fixes

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Drop use of ctdb_standard_event_handler()
Martin Schwenke [Mon, 11 Jul 2016 05:04:16 +0000 (15:04 +1000)]
ctdb-scripts: Drop use of ctdb_standard_event_handler()

It doesn't do anything.  Add a comment to its definition to explain
why it is still there.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-tests: New event script test for corrupt TDB checking
Martin Schwenke [Tue, 12 Jul 2016 20:44:08 +0000 (06:44 +1000)]
ctdb-tests: New event script test for corrupt TDB checking

Ensures that backups of corrupt TDB files are correctly limited in
number.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-tests: Add new httpd event script test
Martin Schwenke [Mon, 11 Jul 2016 04:44:45 +0000 (14:44 +1000)]
ctdb-tests: Add new httpd event script test

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-tests: Add new vsftpd event script test
Martin Schwenke [Tue, 5 Jul 2016 10:10:06 +0000 (20:10 +1000)]
ctdb-tests: Add new vsftpd event script test

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-tests: Add reclock event script tests
Martin Schwenke [Wed, 6 Jul 2016 04:06:14 +0000 (14:06 +1000)]
ctdb-tests: Add reclock event script tests

Tweak eventscript unit test infrastructure to support.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agoctdb-scripts: Fix a bug in counter checking
Martin Schwenke [Tue, 5 Jul 2016 10:09:12 +0000 (20:09 +1000)]
ctdb-scripts: Fix a bug in counter checking

If there are insufficient arguments then they can't be shifted.

This function will be removed shortly.  However, it needs to work for
now as tests will be added that depend on it to work.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
3 years agos4:torture/ndr: add more krb5pac tests with PAC blobs from pkinit
Stefan Metzmacher [Tue, 19 Jul 2016 14:32:06 +0000 (16:32 +0200)]
s4:torture/ndr: add more krb5pac tests with PAC blobs from pkinit

We validate everything except the whole LOGON_INFO structure,
we even decrypt the PAC_CREDENTIALS_INFO blob and verify
PAC_CREDENTIAL_DATA_NDR and PAC_CREDENTIAL_NTLM_SECPKG.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 21 01:07:28 CEST 2016 on sn-devel-144

3 years agos4:torture/ndr: make use of torture_suite_add_ndr_pull_validate_test() in krb5pac...
Stefan Metzmacher [Tue, 19 Jul 2016 14:38:56 +0000 (16:38 +0200)]
s4:torture/ndr: make use of torture_suite_add_ndr_pull_validate_test() in krb5pac when possible

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agokrb5_wrap: provide CKSUMTYPE_HMAC_SHA1_96_AES_*
Stefan Metzmacher [Tue, 19 Jul 2016 14:31:01 +0000 (16:31 +0200)]
krb5_wrap: provide CKSUMTYPE_HMAC_SHA1_96_AES_*

MIT only defined this as CKSUMTYPE_HMAC_SHA1_96_AES128,
while Heimdal has CKSUMTYPE_HMAC_SHA1_96_AES_128.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agokrb5pac/netlogon: add a comment regarding PAC_LOGON_INFO unique pointers on push
Stefan Metzmacher [Thu, 14 Jul 2016 07:34:43 +0000 (09:34 +0200)]
krb5pac/netlogon: add a comment regarding PAC_LOGON_INFO unique pointers on push

This difference is the reason why we can't fully (ndr)validate some
PAC blobs.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agotorture: Add another sample of a PAC that broke the old PAC_UPN_DNS_INFO handling
Andrew Bartlett [Tue, 19 Jul 2016 04:48:18 +0000 (16:48 +1200)]
torture: Add another sample of a PAC that broke the old PAC_UPN_DNS_INFO handling

This is included because this sample helped us addres issues in the previous attempt at
handling PAC_UPN_DNS_INFO correctly, and I have Tris's permission to include this in our
tests.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 years agos4-torture: add another krb5pac buffer to the ndr test.
Günther Deschner [Wed, 6 Feb 2013 12:10:44 +0000 (13:10 +0100)]
s4-torture: add another krb5pac buffer to the ndr test.

This one nicely demonstrates that the strings are really non-null terminated.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 years agos4-torture: add ndr krb5pac testsuite.
Günther Deschner [Thu, 13 Dec 2012 11:28:19 +0000 (12:28 +0100)]
s4-torture: add ndr krb5pac testsuite.

Someone changed the PAC buffer union without adding proper tests, now we
sometimes fail to parse the PAC completely due to that...

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 years agokrb5pac.idl: implement PAC_UPN_DNS_INFO correct
Stefan Metzmacher [Wed, 6 Jan 2016 12:27:21 +0000 (13:27 +0100)]
krb5pac.idl: implement PAC_UPN_DNS_INFO correct

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agokrb5pac: fix push/pull of subcontexts in PAC_BUFFER
Stefan Metzmacher [Wed, 6 Feb 2013 15:44:12 +0000 (16:44 +0100)]
krb5pac: fix push/pull of subcontexts in PAC_BUFFER

We need to have two subcontexts to get the padding right,
the outer subcontext uses NDR_ROUND(_ndr_size, 8), while
the inner subcontext only uses _ndr_size.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agokrb5pac: no need for a noprint PAC_BUFFER.
Günther Deschner [Mon, 18 Mar 2013 15:25:06 +0000 (16:25 +0100)]
krb5pac: no need for a noprint PAC_BUFFER.

Guenther

@@ -1,6 +1,7 @@
 _PUBLIC_ void ndr_print_PAC_BUFFER(struct ndr_print *ndr, const char *name, const struct PAC_BUFFER *r)
 {
        ndr_print_struct(ndr, name, "PAC_BUFFER");
+       if (r == NULL) { ndr_print_null(ndr); return; }
        ndr->depth++;
        ndr_print_PAC_TYPE(ndr, "type", r->type);
        ndr_print_uint32(ndr, "_ndr_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?_ndr_size_PAC_INFO(r->info,r->type,0):r->_ndr_size);
@@ -11,7 +12,7 @@
                ndr_print_PAC_INFO(ndr, "info", r->info);
        }
        ndr->depth--;
-       ndr_print_uint32(ndr, "_pad", r->_pad);
+       ndr_print_uint32(ndr, "_pad", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?0:r->_pad);
        ndr->depth--;
 }

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 years agos4:torture/ndr: Add supplementalCredentials blob from Win2012R2
Andrew Bartlett [Wed, 20 Jul 2016 04:45:34 +0000 (16:45 +1200)]
s4:torture/ndr: Add supplementalCredentials blob from Win2012R2

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 years agos4:torture/ndr: Add supplementalCredentials blobs from alpha13 and release_4_1_0rc3
Andrew Bartlett [Wed, 20 Jul 2016 02:53:42 +0000 (14:53 +1200)]
s4:torture/ndr: Add supplementalCredentials blobs from alpha13 and release_4_1_0rc3

This coveres the case without AES keys, and before the IDL was changed for SambaGPG support

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 years agos4:torture/ndr: add validation checks for strange supplementalCredentials blobs
Stefan Metzmacher [Fri, 15 Jul 2016 07:10:03 +0000 (09:10 +0200)]
s4:torture/ndr: add validation checks for strange supplementalCredentials blobs

From the mail to dochelp:

  I've also got cases (where I created an account with
  UF_NORMAL_ACCOUNT|UF_ACCOUNTDISABLE|UF_SMARTCARD_REQUIRED
  in the LDAP add) with the following strange blobs:

  One time:
  [0000] 00 00 00 00 00 00 00 00 00 00 00 00 00

  and once:
  [0000] 00 00 00 00 00 00 00 00 00 00 00 00 53

  The original issue I reported was the following, a user was created
  with a password and then userAccountControl was changed to
  UF_NORMAL_ACCOUNT|UF_SMARTCARD_REQUIRED. In that case I'm getting:

  [0000] 00 00 00 00 62 00 00 00   00 00 00 00 20 00 20 00
  [0010] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00
  [0020] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00
  [0030] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00
  [0040] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00
  [0050] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00
  [0060] 20 00 20 00 20 00 20 00   20 00 20 00 50 00 30

As you see the last byte (unknown3) is always different on Windows,
but always 0x00 from Samba, so I used 0x00 in order to allow the
test to pass.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agos4-torture: rename torture_suite_add_ndr_pullpush_test to torture_suite_add_ndr_pull_...
Günther Deschner [Wed, 6 Feb 2013 11:34:53 +0000 (12:34 +0100)]
s4-torture: rename torture_suite_add_ndr_pullpush_test to torture_suite_add_ndr_pull_validate_test.

Hoping the new name is not as confusing as the old name.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
3 years agotorture: show the first differing byte and a dump in torture_assert_data_blob_equal().
Günther Deschner [Wed, 6 Feb 2013 11:25:43 +0000 (12:25 +0100)]
torture: show the first differing byte and a dump in torture_assert_data_blob_equal().

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Günther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
3 years agodrsblobs.idl: supplementalCredentialsSubBlob make it possible to parse strange blobs
Stefan Metzmacher [Fri, 20 May 2016 16:59:20 +0000 (18:59 +0200)]
drsblobs.idl: supplementalCredentialsSubBlob make it possible to parse strange blobs

Windows omits the uint16 num_packages field when the packages array is empty.
This happens if the UF_SMARTCARD_REQUIRED flag is set for an account.

A user was created with a password and then userAccountControl was changed to
UF_NORMAL_ACCOUNT|UF_SMARTCARD_REQUIRED. In that case I'm getting
(as the whole supplementalCredentialsBlob):

[0000] 00 00 00 00 62 00 00 00   00 00 00 00 20 00 20 00   ....b... .... . .
[0010] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0020] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0030] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0040] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0050] 20 00 20 00 20 00 20 00   20 00 20 00 20 00 20 00    . . . .  . . . .
[0060] 20 00 20 00 20 00 20 00   20 00 20 00 50 00 30       . . . .  . .P.0

I've also got cases (where I created an account with
UF_NORMAL_ACCOUNT|UF_ACCOUNTDISABLE|UF_SMARTCARD_REQUIRED
in the LDAP add) with the following strange blobs:

One time:
[0000] 00 00 00 00 00 00 00 00   00 00 00 00 00
and once:
[0000] 00 00 00 00 00 00 00 00   00 00 00 00 53

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agodrsblobs.idl: mark supplementalCredentialsSubBlob as nopull,nopush
Stefan Metzmacher [Fri, 20 May 2016 15:06:23 +0000 (17:06 +0200)]
drsblobs.idl: mark supplementalCredentialsSubBlob as nopull,nopush

This commit moves the autogenerated ndr_{pull,push}_supplementalCredentialsSubBlob()
function to the handwritten librpc/ndr/ndr_drsblobs.c

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agos4:dsdb/password_hash: explicitly set SUPPLEMENTAL_CREDENTIALS_SIGNATURE
Stefan Metzmacher [Thu, 2 Jun 2016 17:57:15 +0000 (19:57 +0200)]
s4:dsdb/password_hash: explicitly set SUPPLEMENTAL_CREDENTIALS_SIGNATURE

Typically this is automatically set in ndr_push_supplementalCredentialsBlob(),
but we need to change that behavior in order to handle strange formated
values.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agos3:libnet_dssync_keytab: ignore empty supplementalCredentialsBlob structures
Stefan Metzmacher [Fri, 3 Jun 2016 14:34:08 +0000 (16:34 +0200)]
s3:libnet_dssync_keytab: ignore empty supplementalCredentialsBlob structures

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
3 years agos4:kdc: ignore empty supplementalCredentialsBlob structures
Stefan Metzmacher [Fri, 3 Jun 2016 14:34:08 +0000 (16:34 +0200)]
s4:kdc: ignore empty supplementalCredentialsBlob structures

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>