Stefan Metzmacher [Sun, 17 Nov 2013 09:47:47 +0000 (10:47 +0100)]
script: prepare librelease.sh for ntdb releases
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Nov 17 12:50:13 CET 2013 on sn-devel-104
Jelmer Vernooij [Fri, 15 Nov 2013 21:40:36 +0000 (21:40 +0000)]
Release ntdb 1.0.
Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Sat Nov 16 19:06:59 CET 2013 on sn-devel-104
Andreas Schneider [Fri, 15 Nov 2013 16:02:20 +0000 (17:02 +0100)]
s3-libnet: Use a const char for realm.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 15 23:11:54 CET 2013 on sn-devel-104
Andreas Schneider [Fri, 15 Nov 2013 16:02:19 +0000 (17:02 +0100)]
s3-vfs: Make glfs_set_preopened() static.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 15 Nov 2013 16:02:18 +0000 (17:02 +0100)]
s3-vfs: Remove unused variable in vfs_glusterfs.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 15 Nov 2013 16:02:17 +0000 (17:02 +0100)]
examples: Fix scanf format in perf_writer_disk.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 15 Nov 2013 16:02:16 +0000 (17:02 +0100)]
s3-libsmb: Fix scanf format in parse_ace().
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 15 Nov 2013 16:02:15 +0000 (17:02 +0100)]
s3-utils: Fix scanf format in sharesec.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 15 Nov 2013 16:02:14 +0000 (17:02 +0100)]
s3-utils: Fix scanf format in smbacls.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 15 Nov 2013 16:02:13 +0000 (17:02 +0100)]
testsuit: Fix fprintf format.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 15 Nov 2013 16:02:12 +0000 (17:02 +0100)]
s3-libsmb: Use the right macro to set uint16_t attr.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Christof Schmitt [Thu, 14 Nov 2013 18:49:03 +0000 (11:49 -0700)]
winbind: Make centry_start static
centry_start is only used in winbindd_cache.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Fri Nov 15 18:05:41 CET 2013 on sn-devel-104
David Disseldorp [Thu, 14 Nov 2013 14:29:35 +0000 (15:29 +0100)]
docs: remove ATM Machine terminology from smbcacls man page
An Access Control List (ACL) is comprised of one or more Access Control
Entries (ACEs). The existing smbcacls documentation confusingly uses the
terms ACL list and ACL to refer to both respectively.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 15 01:50:32 CET 2013 on sn-devel-104
Andreas Schneider [Thu, 14 Nov 2013 17:36:41 +0000 (18:36 +0100)]
util: Remove 32bit macros breaking strict aliasing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10269
These macros might have worked but they break strict aliasing in the
meantime and so the compiler is not able to optimize the relevant code.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Nov 14 23:16:45 CET 2013 on sn-devel-104
Jeremy Allison [Tue, 12 Nov 2013 23:55:51 +0000 (15:55 -0800)]
s3-client: smbclient shows no error if deleting a directory with del failed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10260
In SMB1 the server filters by attribute requested, in SMB2 there is
no attribute sent. Emulate this on the client to provide the same
ABI to callers.
In SMB1 the server returns NT_STATUS_NO_SUCH_FILE if FindFirst
finds no files. Emulate this on the client.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Nov 14 21:23:07 CET 2013 on sn-devel-104
Jeremy Allison [Tue, 12 Nov 2013 23:32:42 +0000 (15:32 -0800)]
s3-lib: smbclient shows no error if deleting a directory with del failed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10260
Move dir_check_ftype() to util.c
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Tue, 12 Nov 2013 23:17:26 +0000 (15:17 -0800)]
s3-smbd: smbclient shows no error if deleting a directory with del failed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10260
Remove unneeded conn argument to dir_check_ftype().
Move to correct uint32_t types.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 11 Nov 2013 10:21:54 +0000 (10:21 +0000)]
heimdal: Fix CID 745516 Use after free
If the loop is exited normally, i.e. we did not find anything proper
within DH_NUM_TRIES, we try to BN_free a second time.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Nov 14 19:17:06 CET 2013 on sn-devel-104
Scott Lovenberg [Thu, 14 Nov 2013 14:52:29 +0000 (09:52 -0500)]
docs: Fix typo in "max open files" description
Removed extra word "The" from parameter description.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
[ddiss@samba.org: removed white space damage]
Reviewed-by: David Disseldorp <ddiss@samba.org>
Volker Lendecke [Thu, 14 Nov 2013 11:49:38 +0000 (11:49 +0000)]
autorid: Correctly init range_index for "delete range"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Nov 14 15:55:54 CET 2013 on sn-devel-104
Günther Deschner [Wed, 13 Nov 2013 14:10:33 +0000 (15:10 +0100)]
s3-winbindd: Fix #10264, cache_traverse_validate_fn failure for NDR cache entries.
We need to increase the keysize limit for NDR queries. A wbint_LookupSids query
for just 20 sids already hits the older limit.
Guenther
https://bugzilla.samba.org/show_bug.cgi?id=10264
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Nov 13 19:33:46 CET 2013 on sn-devel-104
Michael Adam [Wed, 13 Nov 2013 13:53:45 +0000 (14:53 +0100)]
random-sleep: add possiblity to override via environment variable
set AUTOBUILD_RANDOM_SLEEP_OVERRIDE=<x>
to the number x of seconds that you want to sleep.
This is added to make it possible to run one autobuild
target without having to wait for several minutes.
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 25 Sep 2013 22:43:56 +0000 (00:43 +0200)]
autobuild: extend samba-ctdb target to build ctdb, too
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 12 Oct 2011 20:27:55 +0000 (22:27 +0200)]
autobuild: add a "ctdb" target
For a start, this just builds and installs the integrated ctdb copy.
It does not run "make test" in ctdb. This is time consuming and
too flakey for now.
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 13 Nov 2013 13:17:32 +0000 (14:17 +0100)]
Merge branch 'master' of ctdb into 'master' of samba
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 25 Sep 2013 22:00:53 +0000 (00:00 +0200)]
script: add ctdb-import.* scripts
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Stefan Metzmacher [Wed, 25 Sep 2013 21:49:58 +0000 (23:49 +0200)]
remove partial ctdb/ import
In preparation of moving ctdb code into the samba repository.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 18 Sep 2013 07:33:07 +0000 (09:33 +0200)]
s4:rpc-server: fix lsa_lookupsids return value for the domain sid
We currently return type UNKNOWN and copy the domain sid to the name.
Instead we should return type DOMAIN and return NULL as name.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 13 13:34:16 CET 2013 on sn-devel-104
Michael Adam [Fri, 8 Nov 2013 10:15:33 +0000 (11:15 +0100)]
s4:rpc-server: fix use after free in dcesrv_lsa_lookup_sid()
Authority name may be accessed after
state has gone away and take domain_name with it.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Michael Adam [Sat, 21 Sep 2013 19:02:00 +0000 (21:02 +0200)]
wbinfo: fix output of wbinfo --sid-to-name for sids of type DOMAIN
to print only the domain name and not "DOMIN\<SID>".
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Michael Adam [Sat, 21 Sep 2013 19:03:40 +0000 (21:03 +0200)]
wbinfo: fix output of "--lookup-sids" to use the configured winbind separator
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Michael Adam [Sat, 21 Sep 2013 08:35:57 +0000 (10:35 +0200)]
wbinfo: fix ouptput of --lookup-sids for sids of type DOMAIN
To print only the domain name and not "DOMIN\<SID>".
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Michael Adam [Wed, 18 Sep 2013 07:32:17 +0000 (09:32 +0200)]
rpcclient: fix output of lsalookupsids for sids of type DOMAIN
For domain sids, don't print NAME\*unknown* but print NAME instead.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Tue, 12 Nov 2013 21:00:54 +0000 (22:00 +0100)]
heimdal: Fix CID 240779 Allocation size mismatch
The error Coverity complains about is in the malloc. krb5_enctypes is
an enum, so it is usually smaller than the size of a pointer. So we
overallocate, but in the memcpy further down we copy from potentially
invalid memory.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 13 11:05:44 CET 2013 on sn-devel-104
Volker Lendecke [Mon, 11 Nov 2013 21:32:50 +0000 (21:32 +0000)]
tls: Fix CID 242014 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 11 Nov 2013 21:26:34 +0000 (21:26 +0000)]
tls: Fix some noblank line endings
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 11 Nov 2013 21:07:09 +0000 (21:07 +0000)]
heimdal: Fix CID 241943 Uninitialized pointer read
In the error case without EXTRA_ADDRESSES we access ignore_addresses
without initialization
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Mon, 11 Nov 2013 20:37:48 +0000 (20:37 +0000)]
libsmb: Fix CID 242665 Out-of-bounds access
Coverity is confused by the dual-use of "pss" as an array of size 1. This
is not strictly a bug here, but it is admittedly a small subtlety. It
should fix a whole bunch of Coverity issues. Normally I would resist to
change our code in response to a deficient static checker, but here I
would vote for this compromise.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Tue, 12 Nov 2013 13:09:56 +0000 (14:09 +0100)]
s4-dsdb: Fix a use after free segfault.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Nov 12 19:22:28 CET 2013 on sn-devel-104
Andreas Schneider [Tue, 12 Nov 2013 13:09:55 +0000 (14:09 +0100)]
s4-torture: Relax time checking in CHECK_NTTIME.
NTTIME has a nanosecond resolution. We should be tolerate if the system
is busy writing and reading the value. To reproduce this problem just
run the test under valgrind.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Fri, 8 Nov 2013 14:41:18 +0000 (15:41 +0100)]
s3-vfs: Fix stream_depot vfs module on btrfs.
Checking if the directory is empty using 'nlink == 2' only checks if
there are no subdirectories. It doesn't indicate if there are files in
the directory. However checking link count for no subdirectories is
wrong and applications shouldn't rely on it, see:
https://lkml.org/lkml/2012/2/1/756
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
David Disseldorp [Tue, 12 Nov 2013 15:33:20 +0000 (16:33 +0100)]
Revert "s3-vfs: Fix stream_depot vfs module on btrfs."
This reverts commit
29f12e7d5960906935e3af1405e9759a07d64750.
The wrong patch was pushed, according to Andreas:
I sent a second version cause the first was not complete. I've
discussed with Volker after I sent the patch and then sent a new
patch which
a) also does the right thin in the unlink case
b) only tried to remove the server is the deletion of the file
was successful.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Günther Deschner [Wed, 6 Nov 2013 17:21:32 +0000 (18:21 +0100)]
s3-libnetjoin: Fix Bug #10262: use upper-case realm when composing default upn.
In case we are about to generate a keytab during the join make sure the default
upn we create is usable with kinit -k.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10262
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Nov 12 16:39:03 CET 2013 on sn-devel-104
Benjamin Franzke [Thu, 31 Oct 2013 20:23:57 +0000 (21:23 +0100)]
s4:torture/netlogon: Test netlogon with additional attrs
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
se enter the commit message for your changes. Lines starting
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov 12 00:57:19 CET 2013 on sn-devel-104
Benjamin Franzke [Mon, 28 Oct 2013 13:21:20 +0000 (14:21 +0100)]
s4:torture/ldap: Add test for netlogon over tcp
This patch moves the udp netlogon tests from cldap.c
to netlogon.c and passes a generic netlogon-send
function as parameter.
Therefore a tcp replacement for cldap_netlogon is also added.
The two variants tcp and udp are added as 2 new torture tests:
ldap.netlogon-udp & ldap.netlogon-tcp
Both tests succeed.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Benjamin Franzke [Mon, 28 Oct 2013 13:19:57 +0000 (14:19 +0100)]
libcli/cldap: Add utility to create netlogon filter
This utility is splitted of from cldap_netlogon_send.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Benjamin Franzke [Tue, 5 Nov 2013 19:39:56 +0000 (20:39 +0100)]
s4:dsdb: Move cldap netlogon functions into samdb/ldb_modules
As netlogon is handled by the samdb now,
the corresponding functions should live there as well.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Benjamin Franzke [Fri, 1 Nov 2013 09:52:02 +0000 (10:52 +0100)]
s4:cldap_server: Do not handle netlogon ourself anymore
Netlogon is now handled by the ldb rootdse module.
The netlogon files will be moved to dsdb in the next commit.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Benjamin Franzke [Sun, 27 Oct 2013 05:55:48 +0000 (06:55 +0100)]
s4:dsdb/rootdse: Support netlogon request
This patch adds support for a netlogon ldap style request
over the tcp socket. This is available since win2k3+ [1].
The automatic client join & configuration daemon "realmd" makes
use of this ability.
Realmd can now be used to join a computer to a samba 4 domain.
(See also:
https://lists.samba.org/archive/samba-technical/2013-October/095606.html)
Tested with:
ldapsearch -h samba-srv -x -b '' -s base "(&(NtVer=\06\00\00\00)(AAC=\00\00\00\00))" NetLogon
And compared the result in wireshark with cldap request issued by
examples/misc/cldap.pl.
[1]: http://wiki.wireshark.org/MS-CLDAP?action=recall&rev=8
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Benjamin Franzke [Fri, 1 Nov 2013 05:55:41 +0000 (06:55 +0100)]
s4:dsdb/rootdse: Pass rootdse context to rootdse_add_dynamic
This replaced the *module parameter, and uses ac->module in the function
instead, same for *req and *attrs.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Benjamin Franzke [Sun, 27 Oct 2013 15:07:04 +0000 (16:07 +0100)]
s4:cldap_server: Move netlogon parsing into utility function
To be used later by netlogon-request over ldap.
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Benjamin Franzke [Fri, 6 Sep 2013 14:20:43 +0000 (16:20 +0200)]
provision: Fix string replacement ordering
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Benjamin Franzke [Fri, 1 Nov 2013 09:24:43 +0000 (10:24 +0100)]
s4:torture/cldap: Fix a typo
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Volker Lendecke [Sun, 10 Nov 2013 18:45:11 +0000 (19:45 +0100)]
gpo: Fix CID
1034880 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Mon Nov 11 22:59:10 CET 2013 on sn-devel-104
Volker Lendecke [Sun, 10 Nov 2013 18:43:48 +0000 (19:43 +0100)]
gpo: Fix CID
1034881 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 10 Nov 2013 18:41:15 +0000 (19:41 +0100)]
ntvfs: Fix CID
1034883 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 10 Nov 2013 18:34:31 +0000 (19:34 +0100)]
backupkey: Fix CID
1034885 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 10 Nov 2013 10:58:58 +0000 (11:58 +0100)]
smbd: Fix CID
1035365 Buffer not null terminated
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 10 Nov 2013 10:57:37 +0000 (11:57 +0100)]
smbd: Fix CID
1035366 Buffer not null terminated
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 10 Nov 2013 10:56:06 +0000 (11:56 +0100)]
smbd: Use fstring in conn_tdb.c
It might be legacy, but as long as we have it, we can make use of it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 10 Nov 2013 10:56:06 +0000 (11:56 +0100)]
smbd: Use fstring in conn_tdb.h
It might be legacy, but as long as we have it, we can make use of it.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 10 Nov 2013 10:48:17 +0000 (11:48 +0100)]
smbd: Fix CID
1035478 Negative array index read
lp_parm_enum can return -1. Add error checking.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 10 Nov 2013 09:06:18 +0000 (10:06 +0100)]
samdb: Fix CID 241968 Uninitialized pointer read
Interestingly gcc does not catch this at all.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sun, 10 Nov 2013 08:45:38 +0000 (09:45 +0100)]
heimdal: Fix 241482 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 20:29:24 +0000 (21:29 +0100)]
ldb: Fix CID 241329 Array compared against 0
u.generate.remote_names is an array, not a pointer
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 20:11:41 +0000 (21:11 +0100)]
libsmb: Fix CID 241313 Array compared against 0
userinfo->passwrd is not a pointer, no point in checking for !=NULL
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 20:02:10 +0000 (21:02 +0100)]
smbd: Fix CID
1035434 Same on both sides
Looks scary, but the only effect of this bug is too many UNLOCK messages
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 19:37:01 +0000 (20:37 +0100)]
iniparser: Fix CID 241908 Copy into fixed size buffer
strcpy is never a good idea....
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 18:14:15 +0000 (19:14 +0100)]
libsmb: Fix CID
1127343 Dead default in switch
We have checked sec_channel_type a few lines above already
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 18:11:41 +0000 (19:11 +0100)]
netapi: Fix CID
1127344 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 17:50:16 +0000 (18:50 +0100)]
net: Fix CID
1035403 Unchecked return value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 17:40:08 +0000 (18:40 +0100)]
registry: Fix Coverity ID
1034918 Wrong sizeof argument
sizeof(data_val) is the size of the pointer. This might well be 8 bytes
where the string is only 4 bytes long
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 17:40:08 +0000 (18:40 +0100)]
registry: Fix Coverity ID
1034917 Wrong sizeof argument
sizeof(data_val) is the size of the pointer. This might well be 8 bytes
where the string is only 4 bytes long
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 17:40:08 +0000 (18:40 +0100)]
registry: Fix Coverity ID
1034916 Wrong sizeof argument
sizeof(data_val) is the size of the pointer. This might well be 8 bytes
where the string is only 4 bytes long
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 17:32:21 +0000 (18:32 +0100)]
dsdb: Fix Coverity ID
1034907 Dereference before null check
"module" has already been dereferenced by ldb_module_get_private(module)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Volker Lendecke [Sat, 9 Nov 2013 15:40:18 +0000 (16:40 +0100)]
oLschema2ldif: Add some NULL checks
This should fix Coverity ID
1034812
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Michael Adam [Tue, 5 Nov 2013 17:17:58 +0000 (18:17 +0100)]
s4:torture:smb2: add new lease.upgrade3 test to test the contended upgrade
Test what upgrades work when there is another lease already held,
in addition to the lease to be upgraded.
The summary of the behaviour is this:
-------------------------------------
If we have two leases (lease1 and lease2) on the same file,
then attempt to upgrade lease1 results in a change if and only
if the requested lease state:
- is valid,
- is strictly a superset of lease1, and
- can held together with lease2.
In that case, the resuling lease state of the upgraded lease1
is the state requested in the upgrade. lease2 is not broken
and remains unchanged.
Note that this contrasts the case of directly opening with
an initial requested lease state, in which case you get that
portion of the requested state that can be shared with the
already existing leases (or the states that they get broken to).
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Nov 11 18:04:47 CET 2013 on sn-devel-104
Michael Adam [Tue, 5 Nov 2013 17:10:25 +0000 (18:10 +0100)]
s4:torture:smb2: add comment explaining lease upgrade in the non-contended case
The summary of the behaviour is this:
-------------------------------------
An uncontended lease upgrade results in a change
if and only if the requested lease state is
- valid, and
- strictly a superset of the lease state already held.
In that case the resulting lease state is the one
requested in the upgrade.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Volker Lendecke [Fri, 1 Nov 2013 12:04:38 +0000 (12:04 +0000)]
README.Coding: Add __func__
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Nov 11 16:08:09 CET 2013 on sn-devel-104
Volker Lendecke [Fri, 1 Nov 2013 11:55:43 +0000 (11:55 +0000)]
smbd: Fix DEBUG in do_break_to_none
The name of this function has changed, but the DEBUG statements have
not been adapted. This is the case in a lot of our code. With __func__
this problem goes away: __func__ is C99, and we also use it already.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Björn Baumbach [Tue, 29 Oct 2013 16:53:59 +0000 (17:53 +0100)]
CVE-2013-4476: s4:libtls: check for safe permissions of tls private key file (key.pem)
If the tls key is not owned by root or has not mode 0600 samba will not
start up.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Nov 11 13:07:16 CET 2013 on sn-devel-104
Björn Baumbach [Tue, 29 Oct 2013 16:52:39 +0000 (17:52 +0100)]
CVE-2013-4476: s4:libtls: Create tls private key file (key.pem) with mode 0600
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 30 Oct 2013 13:48:36 +0000 (14:48 +0100)]
CVE-2013-4476: selftest/Samba4: use umask 0077 within mk_keyblobs()
We should generate private keys with 0600.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Pair-Programmed-With: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Tue, 29 Oct 2013 16:49:55 +0000 (17:49 +0100)]
CVE-2013-4476: samba-tool provision: create ${private_dir}/tls with mode 0700
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Tue, 29 Oct 2013 16:48:11 +0000 (17:48 +0100)]
CVE-2013-4476: lib-util: split out file_save_mode() from file_save()
file_save_mode() writes files with specified mode.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Tue, 29 Oct 2013 16:43:17 +0000 (17:43 +0100)]
CVE-2013-4476: lib-util: add file_check_permissions()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Björn Jacke [Wed, 6 Nov 2013 11:37:07 +0000 (12:37 +0100)]
xattr: fix listing EAs on *BSD for non-root users
Thanks to Stefan Rompf for reporting.
This fixes bug #10247
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 8 20:43:30 CET 2013 on sn-devel-104
Andreas Schneider [Fri, 8 Nov 2013 15:14:35 +0000 (16:14 +0100)]
s4-smb_server: Fix a use after free.
If we haven't allocated the smbsrv_session then we should not free it.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 8 Nov 2013 14:10:03 +0000 (15:10 +0100)]
s3-vfs: Fix stream_depot vfs module on btrfs.
Checking if the directory is empty using 'nlink == 2' only checks if
there are no subdirectories. It doesn't indicate if there are files in
the directory. However checking link count for no subdirectories is
wrong and applications shouldn't rely on it, see:
https://lkml.org/lkml/2012/2/1/756
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Fri, 8 Nov 2013 12:56:23 +0000 (13:56 +0100)]
vfstest: fix uninitialised variable usage in open
The vfstest open command currently fails intermittently due to a read of
a potentially uninitialised status variable.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Atul Kulkarni [Thu, 3 Oct 2013 10:47:47 +0000 (16:17 +0530)]
net: remove net idmap secret
This is moved to net idmap set secret for consistency.
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 8 01:03:25 CET 2013 on sn-devel-104
Atul Kulkarni [Thu, 3 Oct 2013 16:44:53 +0000 (22:14 +0530)]
doc: update the net manpage for net idmap set, get and delete
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Abhidnya Joshi [Fri, 25 Oct 2013 05:06:01 +0000 (07:06 +0200)]
idmap_autorid: fix failure in reverse lookup if ID is from domain range index #0
Domain range index #0 is not included in the database record.
So in this special case we only have the SID, not SID#IDX...
Signed-off-by: Abhidnya Joshi <achirmul@in.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Tue, 5 Nov 2013 12:46:15 +0000 (13:46 +0100)]
idmap_autorid: fix status code when trying to load range for an invalid input
The "sid" input needs to be verified (it can currently be a SID or "ALLOC").
When handing in string that is valid for other kinds of records,
but not for the SID[#IDX]-->RANGE direction of mappings, like for instance
a range number, then we get "NT_STATUS_INTERNAL_DB_CORRUPTION" because
parse records finds the record, but it does not have the expected size...
This patch fixes this problem by pre-validating the input before fetching
the record from the database.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Atul Kulkarni [Thu, 3 Oct 2013 18:45:19 +0000 (00:15 +0530)]
net: correct typos in net idmap delete ranges help message
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Atul Kulkarni [Wed, 2 Oct 2013 14:44:04 +0000 (20:14 +0530)]
idmap_autorid: add space between two words in a debug message
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 7 Nov 2013 15:55:53 +0000 (16:55 +0100)]
s4-lsa: Make sure we also duplicate the domain_name.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Nov 7 18:58:44 CET 2013 on sn-devel-104
Andreas Schneider [Thu, 7 Nov 2013 14:57:51 +0000 (15:57 +0100)]
s4-lsa: Add missing null checks in dcesrv_lsa_lookup_name().
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andreas Schneider [Thu, 7 Nov 2013 14:55:29 +0000 (15:55 +0100)]
s4-lsa: Fix a user after free in dcesrv_lsa_lookup_name().
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Amitay Isaacs [Thu, 7 Nov 2013 05:01:49 +0000 (16:01 +1100)]
tests: Fix calling of ctdb tool from test
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
(This used to be ctdb commit
9381c33dfd40192b7532d942059c2959dfae059d)