nivanova/samba-autobuild/.git
2 years agogpo: Move the file parse function to gp_ext
David Mulder [Thu, 29 Mar 2018 14:05:21 +0000 (08:05 -0600)]
gpo: Move the file parse function to gp_ext

A file will always be read from the sysvol the
same way, but the data will be read differently.
This patch moves the parse function to gp_ext,
and requires subclasses to implement the read()
function to interpret the data.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agogpo: Move gp_sec_ext __init__ to base class
David Mulder [Thu, 29 Mar 2018 15:07:53 +0000 (09:07 -0600)]
gpo: Move gp_sec_ext __init__ to base class

For this class to be extensible, the constructor
should be available to subclasses.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agogpo: Rename the inf_to class to gp_ext_setter
David Mulder [Thu, 29 Mar 2018 14:00:15 +0000 (08:00 -0600)]
gpo: Rename the inf_to class to gp_ext_setter

This class will be subclassed and used for more
than just inf settings application.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoCheck "auth event notification" param in log_json
Arvid Requate [Wed, 11 Apr 2018 19:46:25 +0000 (21:46 +0200)]
Check "auth event notification" param in log_json

When Samba is compiled with JSON support it logs an error message
at log level 3 by default for every authentication event:

get_auth_event_server: Failed to find 'auth_event' registered on the
message bus to send JSON authentication events to:
NT_STATUS_OBJECT_NAME_NOT_FOUND

This patch adjusts the log_json function to consider the smb.conf
parameter "auth event notification" before calling auth_message_send.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13381

Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Apr 12 08:12:39 CEST 2018 on sn-devel-144

2 years agoldb-samba: require pid match for cached ldb
Gary Lockyer [Tue, 13 Mar 2018 03:43:54 +0000 (16:43 +1300)]
ldb-samba: require pid match for cached ldb

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agoldb_wrap: Remove the magic cache of database handles except for sam.ldb
Andrew Bartlett [Thu, 15 Mar 2018 00:44:52 +0000 (13:44 +1300)]
ldb_wrap: Remove the magic cache of database handles except for sam.ldb

sam.ldb is handled in samdb_connect_url(), not this function.

This cache caused issues when "private dir" was changed in a testing script, but also
just generates many-owner shared mutable state that is frowned upon these days.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Use talloc_get_type_abort() in schema_load_{start,end}_transaction
Andrew Bartlett [Tue, 10 Apr 2018 01:34:56 +0000 (13:34 +1200)]
dsdb: Use talloc_get_type_abort() in schema_load_{start,end}_transaction

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: ensure we take out a read lock during the dsdb_init
Andrew Bartlett [Mon, 9 Apr 2018 06:13:59 +0000 (18:13 +1200)]
dsdb: ensure we take out a read lock during the dsdb_init

We have to also take it out in the partitions code when we load the
partition backends.

This ensures that the init handlers hold a whole-db lock just as the
search code does.

To ensure the locking count in schema_load is balanced, the
private data is now created in the first lock_read() call.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Rework schema reload during the read lock
Andrew Bartlett [Wed, 11 Apr 2018 00:29:18 +0000 (12:29 +1200)]
dsdb: Rework schema reload during the read lock

Rather than refusing the reload based on making cached sequence numbers match
just load it once at the time the DB is globally locked, if required.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Load schema during the read_lock() hook, not the search
Andrew Bartlett [Tue, 10 Apr 2018 23:58:22 +0000 (11:58 +1200)]
dsdb: Load schema during the read_lock() hook, not the search

This should trigger slightly less often and is the more correct place, as
we only load it during the first lock when not in a transaction.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Allow search before init() is called in extended_dn_out
Andrew Bartlett [Tue, 10 Apr 2018 04:34:21 +0000 (16:34 +1200)]
dsdb: Allow search before init() is called in extended_dn_out

This matches the earlier check of p && p->normalise.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Move ldb_set_default_dns() into rootdse_get_private_data()
Andrew Bartlett [Mon, 9 Apr 2018 19:54:20 +0000 (07:54 +1200)]
dsdb: Move ldb_set_default_dns() into rootdse_get_private_data()

This call needs to be done at the very first chance, in this case
during the first call to the lock_read() hook, otherwise the
schema_data module can't find the schema.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Create rootdse_get_private_data()
Andrew Bartlett [Mon, 9 Apr 2018 19:58:07 +0000 (07:58 +1200)]
dsdb: Create rootdse_get_private_data()

This will get the private data on the first call, allowing that not to be
the init() hook.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agoselftest: Make a transaction before @INDEXLIST etc is checked in dsdb_schema_attribut...
Andrew Bartlett [Wed, 11 Apr 2018 00:51:49 +0000 (12:51 +1200)]
selftest: Make a transaction before @INDEXLIST etc is checked in dsdb_schema_attributes.py

This helps us remove the write to the database from the (soon to be
read locked) init code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Wait until a transaction starts to call dsdb_schema_set_indices_and_attributes()
Andrew Bartlett [Mon, 9 Apr 2018 09:59:01 +0000 (21:59 +1200)]
dsdb: Wait until a transaction starts to call dsdb_schema_set_indices_and_attributes()

This avoids starting a transaction in schema_load_init() and allows it
to operate with a read lock held, which will avoid locking issues
(deadlock detected due to lock odering if we do not have a global
read lock).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Allow search before init() call in encrypted_secrets
Andrew Bartlett [Mon, 9 Apr 2018 09:15:25 +0000 (21:15 +1200)]
dsdb: Allow search before init() call in encrypted_secrets

Simply do not decrypt anything until the init call is run.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Do not create a transaction in partition_init()
Andrew Bartlett [Mon, 9 Apr 2018 05:51:57 +0000 (17:51 +1200)]
dsdb: Do not create a transaction in partition_init()

This will allow us to lock the databases for read during all of the Samba init
hooks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13379

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Ensure to cancel the transaction if we fail to save the prefixMap
Andrew Bartlett [Mon, 9 Apr 2018 02:52:47 +0000 (14:52 +1200)]
dsdb: Ensure to cancel the transaction if we fail to save the prefixMap

This rare error case forgot to call ldb_transaction_cancel()

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agoldb_wrap: Remove ldb_transaction_cancel_noerr from ldb_wrap_fork_hook()
Andrew Bartlett [Thu, 15 Mar 2018 00:42:17 +0000 (13:42 +1300)]
ldb_wrap: Remove ldb_transaction_cancel_noerr from ldb_wrap_fork_hook()

Writing to a TDB, without locks (these are per-process) in a forked child is never going to
end well, if a transaction is open at this point we have bigger problems.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: check for dSHeuristics more carefully
Andrew Bartlett [Wed, 11 Apr 2018 10:47:03 +0000 (22:47 +1200)]
dsdb: check for dSHeuristics more carefully

This check would pass if the dSHeuristics was treated as always being
000000000 for searches which is not enough, we must check for a value
of 000000001 (userPassword enabled).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13378

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodsdb: Check for userPassword support after loading the databases
Andrew Bartlett [Wed, 11 Apr 2018 10:49:31 +0000 (22:49 +1200)]
dsdb: Check for userPassword support after loading the databases

The net result of this is only that userPassword values (which were
world readable when set) would still be visible after userPassword
started setting the main DB password.

In AD, those values become hidden once the dSHeuristics bit is set,
but Samba lost that when fixing a performance issue with
f26a2845bd42e580ddeaf0eecc9b46b823a0c6bc

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13378

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agos3: tests: Regression test to ensure we can never return a DIRECTORY attribute on...
Jeremy Allison [Wed, 11 Apr 2018 17:33:22 +0000 (10:33 -0700)]
s3: tests: Regression test to ensure we can never return a DIRECTORY attribute on a stream.

Tests streams_xattr and also streams_depot.

Inspired from a real-world test case by Andrew Walker <awalker@ixsystems.com>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 12 02:04:28 CEST 2018 on sn-devel-144

2 years agos3: smbd. Generic fix for incorrect reporting of stream dos attributes on a directory
Jeremy Allison [Wed, 11 Apr 2018 18:05:14 +0000 (11:05 -0700)]
s3: smbd. Generic fix for incorrect reporting of stream dos attributes on a directory

According to MS-FSA a stream name does not have
separate DOS attribute metadata, so we must return
the DOS attribute from the base filename. With one caveat,
a non-default stream name can never be a directory.

As this is common to all streams data stores, we handle
it here instead of inside all stream VFS modules.

Otherwise identical logic would have to be added to
all streams modules in their [f]get_dos_attribute_fn()
VFS calls.

Found in real-world use case by Andrew Walker <awalker@ixsystems.com>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agos3: vfs: vfs_streams_xattr: Don't blindly re-use the base file mode bits.
Jeremy Allison [Wed, 11 Apr 2018 15:41:00 +0000 (08:41 -0700)]
s3: vfs: vfs_streams_xattr: Don't blindly re-use the base file mode bits.

When returning the stat struct for an xattr stream,
we originally base the st_ex_mode field on the value
from the base file containing the xattr. If the base
file is a directory, it will have S_IFDIR set in st_ex_mode,
but streams can never be directories, they must be reported
as regular files.

The original code OR'ed in S_IFREG, but neglected to
AND out S_IFDIR.

Note this is not a complete to fix bug 13380 as
it doesn't fix the generic case with all streams
modules. See later fix and regression test.

Found in real-world use case by Andrew Walker <awalker@ixsystems.com>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13380

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2 years agocredentials: Fix CID 1414796 Explicit null dereferenced
Volker Lendecke [Wed, 11 Apr 2018 06:27:41 +0000 (08:27 +0200)]
credentials: Fix CID 1414796 Explicit null dereferenced

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 11 21:58:00 CEST 2018 on sn-devel-144

2 years agocredentials: Fix line length
Volker Lendecke [Wed, 11 Apr 2018 06:26:33 +0000 (08:26 +0200)]
credentials: Fix line length

... just because I'll modify that line in the next commit

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agocredentials: Revert "credentials: Fix CID 1414796 Explicit null dereferenced"
Volker Lendecke [Wed, 11 Apr 2018 06:21:23 +0000 (08:21 +0200)]
credentials: Revert "credentials: Fix CID 1414796 Explicit null dereferenced"

This reverts commit 90c02ec64d0e3c860f8d6906cf849bdd2c7bcc54.

We have code to take care of password==NULL, this CID must be fixed in a
different way

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agosmbd: Fix CID 1414783 Double unlock
Volker Lendecke [Tue, 10 Apr 2018 19:27:47 +0000 (21:27 +0200)]
smbd: Fix CID 1414783 Double unlock

The loop is unnecessary, both susv4 as well as the Linux manpage
explicitly say:

> These functions shall not return an error code of [EINTR].

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agodnsrpc: Use TALLOC_FREE instead of an explicit if-statement
Volker Lendecke [Tue, 10 Apr 2018 19:18:15 +0000 (21:18 +0200)]
dnsrpc: Use TALLOC_FREE instead of an explicit if-statement

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowinbind: Fix CID 1427625 Calling risky function
Volker Lendecke [Tue, 10 Apr 2018 19:13:37 +0000 (21:13 +0200)]
winbind: Fix CID 1427625 Calling risky function

Probably not really a problem, but we have generate_random(), so why not
use it?

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agovfs_fruit: Fix CID 1416474 Dereference null return value
Volker Lendecke [Tue, 10 Apr 2018 19:05:09 +0000 (21:05 +0200)]
vfs_fruit: Fix CID 1416474 Dereference null return value

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agotevent: Fix CID 1414792 Unchecked return value
Volker Lendecke [Tue, 10 Apr 2018 18:58:11 +0000 (20:58 +0200)]
tevent: Fix CID 1414792 Unchecked return value

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agorpc_server: Init local_server_* in make_internal_rpc_pipe_socketpair
Volker Lendecke [Wed, 11 Apr 2018 08:42:21 +0000 (10:42 +0200)]
rpc_server: Init local_server_* in make_internal_rpc_pipe_socketpair

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13370
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Apr 11 15:19:19 CEST 2018 on sn-devel-144

2 years agolib/util: Call log_stack_trace() in smb_panic_default()
Andrew Bartlett [Tue, 10 Apr 2018 04:37:45 +0000 (16:37 +1200)]
lib/util: Call log_stack_trace() in smb_panic_default()

This matches the AD DC with the behaviour in smbd.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 11 04:03:07 CEST 2018 on sn-devel-144

2 years agolib/util: Move log_stack_trace() to common code
Andrew Bartlett [Tue, 10 Apr 2018 04:35:07 +0000 (16:35 +1200)]
lib/util: Move log_stack_trace() to common code

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolib/util: Log PANIC before calling pacic action just like s3
Andrew Bartlett [Tue, 10 Apr 2018 04:06:12 +0000 (16:06 +1200)]
lib/util: Log PANIC before calling pacic action just like s3

This is like the changes made in s3 by
4fa555980070d78b39711ef21d77628d26055bc2

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos3-lib: Remove support for libexc for IRIX backtraces
Andrew Bartlett [Tue, 10 Apr 2018 03:54:10 +0000 (15:54 +1200)]
s3-lib: Remove support for libexc for IRIX backtraces

IRIX is long dead, and this code needs become_root() which is not in
the top level code.

Additionally, the check for libexc never made it into waf, so this
has been dead code since Samba 4.1.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolibsmb: Pass "account_name/flags" through nb_getdc
Volker Lendecke [Sat, 10 Mar 2018 17:06:03 +0000 (18:06 +0100)]
libsmb: Pass "account_name/flags" through nb_getdc

Don't hardcode values that we might want to change later

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolibsmb: Pass "account_name/flags" through prep_getdc_request
Volker Lendecke [Sat, 10 Mar 2018 17:06:03 +0000 (18:06 +0100)]
libsmb: Pass "account_name/flags" through prep_getdc_request

Don't hardcode values that we might want to change later

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolibsmb: Introduce a helper variable
Volker Lendecke [Sat, 10 Mar 2018 17:01:08 +0000 (18:01 +0100)]
libsmb: Introduce a helper variable

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolibsmb: Give dsgetdcname.c its own header
Volker Lendecke [Fri, 5 Jan 2018 13:21:05 +0000 (14:21 +0100)]
libsmb: Give dsgetdcname.c its own header

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolibsmb: Give namequery.c its own header
Volker Lendecke [Sat, 10 Mar 2018 14:31:11 +0000 (15:31 +0100)]
libsmb: Give namequery.c its own header

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agolibsmb: Remove unused trustdom_cache.c
Volker Lendecke [Sat, 10 Mar 2018 14:35:43 +0000 (15:35 +0100)]
libsmb: Remove unused trustdom_cache.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agonmbd: Fix a typo
Volker Lendecke [Thu, 25 Jan 2018 13:21:22 +0000 (14:21 +0100)]
nmbd: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agonmbd: Fix a typo
Volker Lendecke [Thu, 25 Jan 2018 13:07:53 +0000 (14:07 +0100)]
nmbd: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agotdbtool: Use tdb_wipe_all in "erase" command
Volker Lendecke [Tue, 10 Apr 2018 14:58:46 +0000 (16:58 +0200)]
tdbtool: Use tdb_wipe_all in "erase" command

This is a lot quicker on large, fragmented databases. tdb_delete can
leave the freelist in a fragmented mess.

Also, it's a lot more robust: I've got a 4GB tdb file that was affected
by the problem fixed with c7211882a79. These databases have large space
at the end that is not part of any record or freelist
entry. tdb_wipe_all converts this space into a freelist entry. One
downside is that with those broken databases (which should not happen
after c7211882a79) have unallocated blocks in their file range after
this operation.

I think the speed advantage outweighs this disadvantage.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos4:ldb/password_hash.c: improve krb5 context error message
William Brown [Tue, 10 Apr 2018 04:51:06 +0000 (14:51 +1000)]
s4:ldb/password_hash.c: improve krb5 context error message

When heimdal encounters a MIT krb5.conf that it does not understand,
it would emit an "ldb operations error". Sadly this does not help
or communicate to the administrator the root cause of the issue.

Improve the error message for when krb init fails during password_hash.c

Signed-off-by: William Brown <william@blackhats.net.au>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos3: smbd: Unix extensions attempts to change wrong field in fchown call.
Jeremy Allison [Mon, 9 Apr 2018 16:32:23 +0000 (09:32 -0700)]
s3: smbd: Unix extensions attempts to change wrong field in fchown call.

Cut and paste error.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13375

Reported-by: Rungta, Vandana <vrungta@amazon.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Apr 10 00:45:56 CEST 2018 on sn-devel-144

2 years agos3: smbd: Fix memory leak in vfswrap_getwd()
Jeremy Allison [Fri, 6 Apr 2018 20:52:52 +0000 (13:52 -0700)]
s3: smbd: Fix memory leak in vfswrap_getwd()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13372

Signed-off-by: Andrew Walker <awalker@ixsystems.com>.
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Apr  9 21:48:12 CEST 2018 on sn-devel-144

2 years agos3:smb2_tcon: Add check to prevent non-DFS clients from connecting to an msdfs proxy.
Ralph Wuerthner [Thu, 29 Mar 2018 08:00:41 +0000 (10:00 +0200)]
s3:smb2_tcon: Add check to prevent non-DFS clients from connecting to an msdfs proxy.

Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr  7 05:05:22 CEST 2018 on sn-devel-144

2 years agopdb_nds: Fix CID 1273401 Unused value
Volker Lendecke [Fri, 6 Apr 2018 13:57:36 +0000 (15:57 +0200)]
pdb_nds: Fix CID 1273401 Unused value

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoidmap: Fix CID 1363261 Resource leak
Volker Lendecke [Fri, 6 Apr 2018 09:04:24 +0000 (11:04 +0200)]
idmap: Fix CID 1363261 Resource leak

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoidmap: Use TALLOC_FREE instead of explicit code
Volker Lendecke [Fri, 6 Apr 2018 09:02:48 +0000 (11:02 +0200)]
idmap: Use TALLOC_FREE instead of explicit code

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos4/torture: spelling fix in vfs_fruit test
Ralph Boehme [Fri, 12 Jan 2018 11:29:17 +0000 (12:29 +0100)]
s4/torture: spelling fix in vfs_fruit test

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos4/torture: spelling fix in vfs_fruit test
Ralph Boehme [Fri, 12 Jan 2018 11:28:18 +0000 (12:28 +0100)]
s4/torture: spelling fix in vfs_fruit test

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agos4/test: fix AAPL size check
Ralph Boehme [Thu, 11 Jan 2018 11:25:49 +0000 (12:25 +0100)]
s4/test: fix AAPL size check

A recent commit changed the ModelString from "Samba" to "MacSamba".

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agowinbindd: Do not ignore domain in the LOOKUPNAME request
Christof Schmitt [Wed, 28 Feb 2018 19:05:34 +0000 (12:05 -0700)]
winbindd: Do not ignore domain in the LOOKUPNAME request

A LOOKUPNAME request with a domain and a name containing a winbind
separator character would return the result for the joined domain,
instead of the specified domain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Apr  6 21:03:31 CEST 2018 on sn-devel-144

2 years agoAdd test for wbinfo name lookup
Christof Schmitt [Wed, 28 Feb 2018 20:10:43 +0000 (13:10 -0700)]
Add test for wbinfo name lookup

This demonstrates that wbinfo -n / --name-to-sid returns information
instead of failing the request. More specifically the query for
INVALIDDOMAIN//user returns the user SID for the joined domain, instead
of failing the request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agonsswitch: Fix wbcListGroups test
Christof Schmitt [Fri, 30 Mar 2018 21:35:03 +0000 (14:35 -0700)]
nsswitch: Fix wbcListGroups test

With an AD DC, wbcListGroups returns the users in the DOMAIN SEPARATOR
GROUPNAME format.  The test then calls wbcLookupName with the domain
name and the previous string (including domain and separator) as
username. Fix this by passing the correct username and adding some
additional checks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agonsswitch: Fix wbcListUsers test
Christof Schmitt [Fri, 30 Mar 2018 21:28:46 +0000 (14:28 -0700)]
nsswitch: Fix wbcListUsers test

With an AD DC, wbcListUsers returns the users in the DOMAIN SEPARATOR
USERNAME format.  The test then calls wbcLookupName with the domain name
and the previous string (including domain and separator) as username.
Fix this by passing the correct username and adding some additional
checks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agotest_smbclient_s3.sh: Use correct separator in "list with backup privilege" test
Christof Schmitt [Fri, 16 Mar 2018 20:52:14 +0000 (13:52 -0700)]
test_smbclient_s3.sh: Use correct separator in "list with backup privilege" test

Samba selftest uses the forward slash as winbind separator and in the
USERNAME passed to the test. "net sam rights" expect the backslash. Map
the separator used in selftest to a backslash to avoid creating an
incorrect username DOMAIN\DOMAIN/USERNAME.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13312

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agoldb: Fix trailing whitespace
Volker Lendecke [Fri, 6 Apr 2018 11:42:35 +0000 (13:42 +0200)]
ldb: Fix trailing whitespace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Apr  6 17:57:04 CEST 2018 on sn-devel-144

2 years agoldb/tests: remove lmdb.h include from test
Ralph Boehme [Fri, 6 Apr 2018 09:27:52 +0000 (11:27 +0200)]
ldb/tests: remove lmdb.h include from test

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Apr  6 14:58:48 CEST 2018 on sn-devel-144

2 years agosamba-tool: Use same method for removing trailing $ as elsewhere in the tool
Andrew Bartlett [Fri, 6 Apr 2018 04:21:15 +0000 (16:21 +1200)]
samba-tool: Use same method for removing trailing $ as elsewhere in the tool

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Apr  6 09:30:14 CEST 2018 on sn-devel-144

2 years agosamba-tool: Escape username and computername in ldb search filter
Andrew Bartlett [Fri, 6 Apr 2018 04:20:22 +0000 (16:20 +1200)]
samba-tool: Escape username and computername in ldb search filter

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agos3-mdssvc: allow build with --enable-spotlight and libtracker-sparql-2.0
Björn Baumbach [Thu, 5 Apr 2018 15:14:32 +0000 (17:14 +0200)]
s3-mdssvc: allow build with --enable-spotlight and libtracker-sparql-2.0

adds libtracker-sparql version 2.0 to configure check with pkg-config.

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodocs-xml:samba-tool.8: improve doc for computer management commands
Joe Guo [Fri, 16 Mar 2018 03:39:08 +0000 (16:39 +1300)]
docs-xml:samba-tool.8: improve doc for computer management commands

Add docs for new options:
1. --ip-address
2. --service-prinicipal-name

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agodocs-xml:samba-tool.8: document computer management commands
Björn Baumbach [Wed, 7 Mar 2018 09:15:06 +0000 (10:15 +0100)]
docs-xml:samba-tool.8: document computer management commands

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agosamba-tool: improve computer management commands
Joe Guo [Tue, 13 Mar 2018 03:47:58 +0000 (16:47 +1300)]
samba-tool: improve computer management commands

This pathch is based on Björn Baumbach's work:
1. Add `--ip-address` option for create subcommand, to allow user set DNS
A or AAAA records while creating the computer.
2. Delete above DNS records while deleting the computer.
3. Add `--service-principal-name` option for create command, to allow user
set `servicePrincipalName` while creating the computer.
4. Tests.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agotests/samba-tool: add tests for new computer management commands
Björn Baumbach [Tue, 6 Feb 2018 21:11:12 +0000 (22:11 +0100)]
tests/samba-tool: add tests for new computer management commands

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agosamba-tool: implement computer management commands
Björn Baumbach [Thu, 7 Dec 2017 20:38:28 +0000 (21:38 +0100)]
samba-tool: implement computer management commands

Usage: samba-tool computer <subcommand>

Computer management.

Available subcommands:
  create  - Create a new computer.
  delete  - Delete a computer.
  list    - List all computers.
  move    - Move a computer to an organizational unit/container.
  show    - Display a computer AD object

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2 years agoupgradeprovision: detect and handle lmdb databases
Gary Lockyer [Wed, 21 Mar 2018 23:50:45 +0000 (12:50 +1300)]
upgradeprovision: detect and handle lmdb databases

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Apr  6 05:12:11 CEST 2018 on sn-devel-144

2 years agoldb: Unwind transaction counter if start_transaction fails
Gary Lockyer [Thu, 22 Mar 2018 22:23:39 +0000 (11:23 +1300)]
ldb: Unwind transaction counter if start_transaction fails

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2 years agosource3: initilize_password_db after a fork.
Gary Lockyer [Tue, 20 Mar 2018 00:14:38 +0000 (13:14 +1300)]
source3: initilize_password_db after a fork.

This is required because we need a new pointer for LDB after the fork,
and with LMDB we can not longer rely on tdb_reopen_all() to do that
for us.

This can not be done in reinit_after_fork() due to the dependency loop
this would create.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agodsdb: add lmdbLevelOne as a required feature.
Gary Lockyer [Tue, 6 Feb 2018 22:10:34 +0000 (11:10 +1300)]
dsdb: add lmdbLevelOne as a required feature.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoprovision: Set @INDEXLIST first when building dummy sam.ldb
Andrew Bartlett [Thu, 22 Mar 2018 21:58:11 +0000 (10:58 +1300)]
provision: Set @INDEXLIST first when building dummy sam.ldb

The new LMDB backed will not allow normal records to be added before the @INDEXLIST
as this is what forces the GUID index mode.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2 years agoprovision: allow provisioning of a different database backend
Gary Lockyer [Tue, 20 Mar 2018 01:38:19 +0000 (14:38 +1300)]
provision: allow provisioning of a different database backend

This sets the backendStore field in @PARTITION, depending on which
argument you set in the provision.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agopython: Add wrapper of mdb_copy that we can call from python
Gary Lockyer [Wed, 4 Apr 2018 04:17:51 +0000 (16:17 +1200)]
python: Add wrapper of mdb_copy that we can call from python

This is like the use of tdbbackup for tdb files.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb tests: add cmocka tests of kv operations
Gary Lockyer [Mon, 19 Mar 2018 23:15:12 +0000 (12:15 +1300)]
ldb tests: add cmocka tests of kv operations

Add tests for the behaviour the ldb layer expects the key value layer to
provide.  This should make it easier to add another KV store

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb_tdb: ltdb_tdb_delete require active transaction
Gary Lockyer [Wed, 14 Mar 2018 22:37:06 +0000 (11:37 +1300)]
ldb_tdb: ltdb_tdb_delete require active transaction

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb_tdb: ltdb_tdb_store require active transaction
Gary Lockyer [Wed, 14 Mar 2018 22:36:33 +0000 (11:36 +1300)]
ldb_tdb: ltdb_tdb_store require active transaction

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb_tdb: ltdb_tdb_parse_record map tdb error codes
Gary Lockyer [Wed, 14 Mar 2018 22:33:32 +0000 (11:33 +1300)]
ldb_tdb: ltdb_tdb_parse_record map tdb error codes

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb tests: ldb_mod_op_test use correct ldb to create dn
Gary Lockyer [Mon, 19 Mar 2018 22:20:35 +0000 (11:20 +1300)]
ldb tests: ldb_mod_op_test use correct ldb to create dn

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb test: close pipes to stop forked tests failing on failure
Gary Lockyer [Mon, 12 Mar 2018 23:43:25 +0000 (12:43 +1300)]
ldb test: close pipes to stop forked tests failing on failure

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb index: Add tests for truncated base 64 index keys
Gary Lockyer [Mon, 12 Mar 2018 19:45:28 +0000 (08:45 +1300)]
ldb index: Add tests for truncated base 64 index keys

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb_tdb: A more robust check for if we can fit the index string in
Andrew Bartlett [Wed, 4 Apr 2018 02:00:57 +0000 (14:00 +1200)]
ldb_tdb: A more robust check for if we can fit the index string in

This avoids magic numbers and also is careful against overflow
from a long attr_for_dn.

This is done as a distinct commit to make the previous behaviour
change more clear, and to show that this does not change the
calculations, only improves the overflow check.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2 years agoldb index: Fix truncation key length calculation
Gary Lockyer [Mon, 12 Mar 2018 19:10:54 +0000 (08:10 +1300)]
ldb index: Fix truncation key length calculation

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb: Allow GUID index mode to be tested on TDB
Andrew Bartlett [Thu, 22 Mar 2018 22:10:25 +0000 (11:10 +1300)]
ldb: Allow GUID index mode to be tested on TDB

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2 years agoldb: Ignore these tests in mdb test mode
Andrew Bartlett [Tue, 6 Mar 2018 04:00:07 +0000 (17:00 +1300)]
ldb: Ignore these tests in mdb test mode

These are tests are specifically for when the GUID index is not in use
which is always in with ldb_mdb.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2 years agoupgradeprovision: Do not copy backup lmdb -lock files
Gary Lockyer [Wed, 17 Jan 2018 01:02:09 +0000 (14:02 +1300)]
upgradeprovision: Do not copy backup lmdb -lock files

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2 years agoldb: Change remaining fetch prototypes to remove TDB_DATA
Garming Sam [Sun, 18 Feb 2018 23:37:20 +0000 (12:37 +1300)]
ldb: Change remaining fetch prototypes to remove TDB_DATA

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2 years agoldb: Change some prototypes to using ldb_val instead of TDB_DATA
Garming Sam [Fri, 16 Feb 2018 04:13:26 +0000 (17:13 +1300)]
ldb: Change some prototypes to using ldb_val instead of TDB_DATA

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2 years agosamba-tool domain classicupgrade: Do not mix python-samdb transactions and passdb...
Andrew Bartlett [Fri, 23 Mar 2018 00:05:55 +0000 (13:05 +1300)]
samba-tool domain classicupgrade: Do not mix python-samdb transactions and passdb modifications

This worked previously because we knew the same tdb was in use under the hood,
but now that nested TDB transactions are banned this breaks, and it breaks for
LMDB.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2 years agoldb: Fix missing NULL terminator in ldb_mod_op_test testsuite
Andrew Bartlett [Thu, 8 Mar 2018 01:01:50 +0000 (14:01 +1300)]
ldb: Fix missing NULL terminator in ldb_mod_op_test testsuite

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2 years agowafsamba: Add '-Werror=strict-overflow -Wstrict-overflow=2' to the developer build
Andreas Schneider [Thu, 5 Apr 2018 20:33:56 +0000 (13:33 -0700)]
wafsamba: Add '-Werror=strict-overflow -Wstrict-overflow=2' to the developer build

We could move it to 3, but shouldn't go higher. If you set it to 4 and 5
you will probably also get a lot of false positives.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Apr  6 02:07:16 CEST 2018 on sn-devel-144

2 years agos3: nmbd: Fix strict overflow checking compiler warning.
Stefan Metzmacher [Thu, 5 Apr 2018 20:28:12 +0000 (13:28 -0700)]
s3: nmbd: Fix strict overflow checking compiler warning.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2 years agoeventlog: Fix CID 1363194 Resource leak
Volker Lendecke [Thu, 5 Apr 2018 08:12:41 +0000 (10:12 +0200)]
eventlog: Fix CID 1363194 Resource leak

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Apr  5 19:11:57 CEST 2018 on sn-devel-144

2 years agoeventlog: Fix CID 242105 Unchecked return value
Volker Lendecke [Thu, 5 Apr 2018 08:11:16 +0000 (10:11 +0200)]
eventlog: Fix CID 242105 Unchecked return value

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2 years agotalloc: version 2.1.13 talloc-2.1.13
Stefan Metzmacher [Tue, 3 Apr 2018 11:46:20 +0000 (13:46 +0200)]
talloc: version 2.1.13

* Use atexit() again instead of a library destructor
  (bug #13366)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr  5 15:53:16 CEST 2018 on sn-devel-144

2 years agotalloc: use atexit() again instead of a library destructor
Stefan Metzmacher [Tue, 3 Apr 2018 11:13:01 +0000 (13:13 +0200)]
talloc: use atexit() again instead of a library destructor

The change for https://bugzilla.samba.org/show_bug.cgi?id=7587
("talloc_autofree_context() in shared libraries and plugins is a bad idea on FreeBSD")
(ommit 41b6810ba01f44537f470c806adb8686e1a39c48)
causes the following for sssd on Linux:

     Stack trace of thread 19667:
     #0  0x00007f2cab91ff6b __GI_raise (libc.so.6)
     #1  0x00007f2cab90a5c1 __GI_abort (libc.so.6)
     #2  0x00007f2cab90a491 __assert_fail_base (libc.so.6)
     #3  0x00007f2cab9186e2 __GI___assert_fail (libc.so.6)
     #4  0x00007f2cb10aaca5 k5_mutex_lock (libkrb5.so.3)
     #5  0x00007f2cb10ab790 k5_mutex_lock (libkrb5.so.3)
     #6  0x00007f2cb10ab8f5 profile_free_file (libkrb5.so.3)
     #7  0x00007f2cb10ab983 profile_close_file (libkrb5.so.3)
     #8  0x00007f2cb10af249 profile_release (libkrb5.so.3)
     #9  0x00007f2cb10a06c7 k5_os_free_context (libkrb5.so.3)
     #10 0x00007f2cb1075a9a krb5_free_context (libkrb5.so.3)
     #11 0x000055cea7cb2dd1 kcm_data_destructor (sssd_kcm)
     #12 0x00007f2cac153e96 _tc_free_internal (libtalloc.so.2)
     #13 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #14 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #15 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #16 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #17 0x00007f2cac14e648 _talloc_free (libtalloc.so.2)
     #18 0x00007f2cac14c480 talloc_lib_fini (libtalloc.so.2)
     #19 0x00007f2cb151da96 _dl_fini (ld-linux-x86-64.so.2)
     #20 0x00007f2cab9226bc __run_exit_handlers (libc.so.6)
     #21 0x00007f2cab9227ec __GI_exit (libc.so.6)
     #22 0x00007f2cb030dc61 orderly_shutdown (libsss_util.so)
     #23 0x00007f2cac365a46 tevent_common_check_signal (libtevent.so.0)
     #24 0x00007f2cac367975 epoll_event_loop_once (libtevent.so.0)
     #25 0x00007f2cac365dab std_event_loop_once (libtevent.so.0)
     #26 0x00007f2cac362098 _tevent_loop_once (libtevent.so.0)
     #27 0x00007f2cac3622eb tevent_common_loop_wait (libtevent.so.0)
     #28 0x00007f2cac365d3b std_event_loop_wait (libtevent.so.0)
     #29 0x00007f2cb030eb37 server_loop (libsss_util.so)
     #30 0x000055cea7cb29f4 main (sssd_kcm)
     #31 0x00007f2cab90c1eb __libc_start_main (libc.so.6)
     #32 0x000055cea7cb2c7a _start (sssd_kcm)

We still only register one atexit handler instead of multiple ones
like in talloc 2.1.11, but avoids using a library destructor.

Bug #7587 seems to be fixed by not using talloc_autofree_context()
within samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13366

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>