Ralph Boehme [Thu, 2 Nov 2017 11:45:48 +0000 (12:45 +0100)]
nfs4acls: update default NFS4 ACL version to 4.1
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 23 Oct 2017 11:35:49 +0000 (13:35 +0200)]
selftest: add explicit default NFS4 acl version
This is the current default, just make it explicit. A subsequent commit
will bump the default to 4.1.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 19 Oct 2017 13:40:52 +0000 (15:40 +0200)]
vfs_nfs4acl_xattr: add support for NFS 4.1 ACL flags in the NDR backend
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 19 Oct 2017 20:44:38 +0000 (22:44 +0200)]
librpc/idl: add NFS 4.1 ACL flags
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 17 Oct 2017 10:02:53 +0000 (12:02 +0200)]
vfs_nfs4acl_xattr: move the meat of the implementation to a seperate file
This is in preperation of modularizing the storage backend. Currently we
store the NFS4 ACL as an IDL/NDR encoded blob in a xattr.
Later commits will add a different backend storing the NFS4 ACL as an
XDR encoded blob in a xattr.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 23 Oct 2017 14:38:51 +0000 (16:38 +0200)]
vfs_nfs4acl_xattr: fsp->fh->fd can legally be -1
We only open the underlying file if the open access mode contains
FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 23 Oct 2017 14:35:52 +0000 (16:35 +0200)]
vfs_nfs4acl_xattr: refactoring
Refactor the code in preperation of factoring out ACL blob to smb4acl
and vice versa mapping functions.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 19 Oct 2017 19:53:40 +0000 (21:53 +0200)]
vfs_nfs4acl_xattr: code polish
README.Coding adjustments, DEBUG macro modernisation, variable name
sanitizing. No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 16 Oct 2017 16:05:51 +0000 (18:05 +0200)]
vfs_nfs4acl_xattr: modernize ACL inheritance
This changes the way ACL inheritance is achieved in this
module.
Previously the module recursed to the next parent directory until the
share root was reached or a directory with an ACL xattr. If the share
root didn't contain an ACL xattr either a default ACL would be used.
This commit removed this recursive scanning and replaces it with the
same mechanism used by vfs_acl_xattr: by setting "inherit acls = yes"
just let smbd do the heavy lefting and inheritance.
For any file without ACL xattr we still synthesize a default ACL,
leveraging the existing default ACL function used by vfs_acl_xattr.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 19 Oct 2017 14:34:44 +0000 (16:34 +0200)]
vfs_nfs4acl_xattr: add a runtime configuration object
No change in behaviour, all option defaults are set to the original
behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 19 Oct 2017 12:22:00 +0000 (14:22 +0200)]
librpc/idl: add versions consts to nfs4acl.idl
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 2 Nov 2017 11:17:48 +0000 (12:17 +0100)]
librpc/idl: rename NFS4 ACL xattr name
The "system" xattr namespace is reserved for the kernel. Any attempt to
use xattrs in that namesspace will fail with EOPNOTSUPP, regardless of
priveleges. In autobuild we're using the xattr_tdb VFS module, so it
works there.
Using the "security" namespace instead makes this module generally
usable with Linux filesystem xattrs as storage backend.
Additionally prefix the xattr name with "_ndr". This is in preperation
of later commits that add a ACL blob marshalling format based on XDR. To
avoid xattr name collision, both format will use distinct xattr names by
default.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 19 Oct 2017 10:29:47 +0000 (12:29 +0200)]
librpc/idl: rename NFS4 ACL xattr name define
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 19 Oct 2017 13:50:07 +0000 (15:50 +0200)]
vfs_nfs4acl_xattr: move interesting functions pointers to the top
Move interesting functions to the top of the vfs_fn_pointers struct, no
change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 16 Oct 2017 15:04:01 +0000 (17:04 +0200)]
vfs_nfs4acl_xattr: remove a layer of indirection
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 17 Oct 2017 13:18:52 +0000 (15:18 +0200)]
s3/posix_acls: add default ACL style "everyone"
This synthesizes an ACL with a single ACE with full permissions for
everyone. Not used for now, this comes later.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 28 Sep 2017 05:53:48 +0000 (07:53 +0200)]
s3/smbd: make make_default_filesystem_acl public
This will be used by another VFS module in a subsequent commit.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 28 Sep 2017 05:48:59 +0000 (07:48 +0200)]
vfs_acl_common: directly pass default_acl_style
This is in preperation of moving make_default_filesystem_acl() and
making it globally accessible. No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 7 Sep 2017 15:26:58 +0000 (17:26 +0200)]
selftest: split out failing owner related subtest from samba3.raw.acls.create_file|dir
All the other subtests in samba3.raw.acls.create_file|dir pass with
nfs4acl_xattr, it's just the subtest that tries to set the owner which
fails with everything else then acl_xattr.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Martin Schwenke [Fri, 3 Nov 2017 05:24:46 +0000 (16:24 +1100)]
ctdb-tests: Add sock_daemon test for stale socket handling
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Nov 7 07:51:02 CET 2017 on sn-devel-144
Amitay Isaacs [Fri, 3 Nov 2017 05:00:04 +0000 (16:00 +1100)]
ctdb-common: Fix stale socket removal
Sockets need to be created from sock_daemon_run_send(). This means
that stale socket removal can depend on the PID file context being
initialised.
Also fix associated test.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Martin Schwenke [Mon, 23 Oct 2017 00:50:51 +0000 (11:50 +1100)]
ctdb-scripts: Don't bother checking PID file when starting ctdbd
This is an optimisation that can cause incorrect results. If ctdbd
was killed and there is a stale PID file then this will often cause
"CTDB exited during initialisation". The wrapper reads the old PID
from the PID file, finds the PID gone, complains and exits.
It is better to drop this code and finally get this right. If ctdbd
does exit early then it will take CTDB_STARTUP_TIMEOUT (default 10)
seconds before the wrapper fails. That's not too bad...
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Fri, 13 Oct 2017 01:49:05 +0000 (12:49 +1100)]
ctdb-tests: Have fake daemon log when it parses public IPs
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 18 Oct 2017 09:08:19 +0000 (20:08 +1100)]
ctdb-common: Ensure unused bytes in union are initialised
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Ralph Wuerthner [Fri, 27 Oct 2017 12:59:32 +0000 (14:59 +0200)]
s4: torture: Add smb2 FIND_and_set_DOC test case.
Regression tests doing an SMB2_find followed by
a set delete on close and then close on a directory.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13118
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Nov 5 12:31:12 CET 2017 on sn-devel-144
Ralph Wuerthner [Fri, 3 Nov 2017 22:33:28 +0000 (22:33 +0000)]
s3: smbd: Fix delete-on-close after smb2_find
Both dptr_create() and can_delete_directory_fsp() are calling OpenDir_fsp()
to get a directory handle. This causes an issue when delete-on-close is
set after smb2_find because both directory handle instances share the same
underlying file descriptor. In addition the SMB_ASSERT() in destructor
smb_Dir_destructor() gets triggered.
To avoid this use OpenDir() instead of OpenDir_fsp().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13118
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Ralph Boehme [Fri, 3 Nov 2017 13:56:43 +0000 (14:56 +0100)]
vfs_fruit: avoid dereferencing a freed object in an error case
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Nov 3 19:05:05 CET 2017 on sn-devel-144
Andrew Bartlett [Wed, 12 Jul 2017 12:38:29 +0000 (00:38 +1200)]
s4-smbtorture: Show that the KDC provides no protection from CVE-2017-11103
The server name in the AS-REQ is unprotected, sadly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12894
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 2 07:16:50 CET 2017 on sn-devel-144
Andrew Bartlett [Wed, 12 Jul 2017 05:48:46 +0000 (17:48 +1200)]
s4-smbtorture: Add test krb5.kdc to prove fix for CVE-2017-11103
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12894
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Ralph Boehme [Sat, 28 Oct 2017 14:13:16 +0000 (16:13 +0200)]
vfs_zfsacl: fix compilation error
Bug: https://bugzilla.samba.org/show_bug.cgi?id=6133
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 2 03:16:11 CET 2017 on sn-devel-144
Joe Guo [Tue, 19 Sep 2017 21:33:27 +0000 (09:33 +1200)]
gitlab-ci: add .gitlab-ci.yml
Add .gitlab-ci.yml file, and define build jobs in groups.
Once gitlab-runner set up, builds and tests can be triggered
automatically in parallel when push to gitlab.
Also, with gitlab-runner autoscale mode, build instances
will be created and removed on demand.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct 31 15:32:16 CET 2017 on sn-devel-144
Günther Deschner [Sat, 28 Oct 2017 09:10:07 +0000 (11:10 +0200)]
s4-torture: remove obsolete comment in libsmbclient torture suite.
Since smbc_setX calls now handle string allocation using malloc
themselves (since commit
2d41b1ab78639abe4ae030ff482573f464564dd7) we
indeed no longer need to provide malloced strings (the extra malloc
already got removed earlier).
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Oct 30 21:09:14 CET 2017 on sn-devel-144
Andrew Bartlett [Mon, 16 Oct 2017 23:00:27 +0000 (12:00 +1300)]
repl_meta_data: Initialise parent_dn to NULL
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Oct 30 04:16:42 CET 2017 on sn-devel-144
Andrew Bartlett [Mon, 16 Oct 2017 22:36:03 +0000 (11:36 +1300)]
repl_meta_data: Explain that we do not truncate the DN at present
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 16 Oct 2017 22:28:45 +0000 (11:28 +1300)]
repl_meta_data: Use replmd_make_prefix_child_dn() in replmd_conflict_dn()
Now both routines avoid the escape/unescape implicit in ldb_dn_add_child_fmt()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 16 Oct 2017 22:27:49 +0000 (11:27 +1300)]
repl_meta_data: Split replmd_make_deleted_child_dn() into a helper function
This will allow it to be used in common with replmd_conflict_dn()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 16 Oct 2017 04:27:59 +0000 (17:27 +1300)]
repl_meta_data: Move creation of deleted DN into helper: replmd_make_deleted_child_dn()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Mon, 16 Oct 2017 03:02:57 +0000 (16:02 +1300)]
repl_meta_data: Avoid printf() and use binary direct RDN creation for deleted objects
This makes it clearer that we are just replacing the RDN and ensures we do not
somehow create multiple components inside ldb_dn_add_child_fmt().
We also avoid an escape/un-escape round-trip.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Günther Deschner [Sat, 28 Oct 2017 09:50:35 +0000 (11:50 +0200)]
s3-auth: remove leftover prototype from auth_domain.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Oct 30 00:15:07 CET 2017 on sn-devel-144
Volker Lendecke [Fri, 27 Oct 2017 12:01:41 +0000 (14:01 +0200)]
winbindd: Remove a misleading comment
The reality is a bit more complex than this comment indicates. We should never
suggest anywhere that we can connect to domains that we don't have a direct
trust account to. For the member case, it's "our" domain, and for the DC case,
it's the direct trusts. Everything else is pure luck.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Oct 28 00:31:58 CEST 2017 on sn-devel-144
Volker Lendecke [Wed, 4 Oct 2017 11:30:13 +0000 (13:30 +0200)]
printing: Avoid an "extern current_user"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 4 Oct 2017 11:27:43 +0000 (13:27 +0200)]
printing: Avoid an "extern current_user"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 4 Oct 2017 13:04:01 +0000 (15:04 +0200)]
smbd: Fix the memory hierarchy in the unix token
"groups" should hang off the token itself, not its parent
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 19 Oct 2017 15:52:31 +0000 (17:52 +0200)]
lib: Use all_zero where appropriate
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 19 Oct 2017 06:13:59 +0000 (08:13 +0200)]
smbd: Remove an indentation level in smb2_negprot
Do an early return. Best viewed with "git show -b"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 26 Oct 2017 19:13:52 +0000 (21:13 +0200)]
samba: Fix CID
1420179 Code maintainability issues UNUSED_VALUE
I don't think pid is used at all here.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 26 Oct 2017 19:08:14 +0000 (21:08 +0200)]
samba: Fix CID
1420180 Null pointer dereferences
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 25 Oct 2017 17:25:20 +0000 (19:25 +0200)]
s4:pyparam: Fix resource leaks on error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 25 Oct 2017 17:23:02 +0000 (19:23 +0200)]
s4:torture: Avoid useless strdup in libsmbclient test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 25 Oct 2017 17:22:34 +0000 (19:22 +0200)]
libsmbclient: Use const for the user
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Fri, 20 Oct 2017 06:58:21 +0000 (08:58 +0200)]
testprogs: Update the kpasswd setpassword test
This has been fixed with
b81ca4f9dcbb378a95fb3ac31bfd9a1cbe505d7d
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Oct 27 15:22:43 CEST 2017 on sn-devel-144
Andreas Schneider [Thu, 19 Oct 2017 15:32:15 +0000 (17:32 +0200)]
s4:kdc: Pass down the task to get access to model_ops for kpasswd server
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Wed, 25 Oct 2017 17:55:32 +0000 (19:55 +0200)]
s3:modules: Check correct variable for NULL in posixacl_xattr
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 27 04:54:22 CEST 2017 on sn-devel-144
Andreas Schneider [Wed, 25 Oct 2017 17:50:57 +0000 (19:50 +0200)]
s3:passdb: Make sure the salt is fully initialized before passing
Otherwise the magic member is not initialized.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 25 Oct 2017 17:30:28 +0000 (19:30 +0200)]
s3:secrets: Do not leak memory of pw and old_pw
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13101
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 26 Oct 2017 06:05:20 +0000 (08:05 +0200)]
s3:vfs_glusterfs: Use SAFE_FREE
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 26 17:31:40 CEST 2017 on sn-devel-144
Martin Schwenke [Wed, 25 Oct 2017 01:15:23 +0000 (12:15 +1100)]
ctdb-tests: Process-exists unit tests should wait until PID is registered
Otherwise the client registration can race with the check in the test.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13097
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu Oct 26 13:32:24 CEST 2017 on sn-devel-144
Martin Schwenke [Wed, 25 Oct 2017 06:52:04 +0000 (17:52 +1100)]
ctdb-tests: Wait for fake_ctdbd to start, fail if it doesn't
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13097
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 25 Oct 2017 10:43:56 +0000 (21:43 +1100)]
ctdb-tests: Skip starting fake_ctdbd when current node is disconnected
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13097
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 25 Oct 2017 07:52:10 +0000 (18:52 +1100)]
ctdb-tests: Wait for ctdb_eventd to start, fail if it doesn't
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13097
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 25 Oct 2017 01:04:49 +0000 (12:04 +1100)]
ctdb-tests: Allow wait_until() to be used in unit tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13097
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Andreas Schneider [Wed, 25 Oct 2017 17:39:34 +0000 (19:39 +0200)]
s3:vfs_glusterfs: Fix a double free in vfs_gluster_getwd()
Found by cppcheck.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13100
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 26 09:34:40 CEST 2017 on sn-devel-144
Douglas Bagnall [Tue, 24 Oct 2017 23:57:09 +0000 (12:57 +1300)]
linked attribute tests: correct add_all_at_once test
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 26 05:36:11 CEST 2017 on sn-devel-144
Douglas Bagnall [Tue, 24 Oct 2017 22:57:50 +0000 (11:57 +1300)]
linked_attribute tests: helper assert function for expected LdbError
The logic involved in asserting that a function raises an LdbError with
a particular error value has shown itself to be too complicated for me
to repeat too often.
To test this function, you would want a put a test in a bit like this:
def test_assertRaisesLdbError(self):
for i in [1, 2, ldb.ERR_ENTRY_ALREADY_EXISTS, 999]:
def f(*args, **kwargs):
raise ldb.LdbError(i, 'msg %s' % i)
self.assertRaisesLdbError(i, 'a message', f, 'la la', la='la')
def f2(*args, **kwargs):
raise ldb.LdbError(i + 1, 'msg %s' % i)
def f3(*args, **kwargs):
pass
for f in (f2, f3):
try:
self.assertRaisesLdbError(i, 'a message', f, 'la la', la='la')
except AssertionError as e:
print i, e, f
pass
else:
print i, f
self.fail('assertRaisesLdbError() failed to fail!')
..but a self-testing test-tester is getting a too meta to run in every
autobuild.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 24 Oct 2017 23:31:08 +0000 (12:31 +1300)]
replmd: use check_parsed_dn_duplicates() more widely
replmd_add_fix_la() was already making the same check; here we move it
a bit earlier.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 24 Oct 2017 23:17:05 +0000 (12:17 +1300)]
linked attribute tests: fix logic for add test
We were ensuring that when we got an LdbError it was the right type,
but we weren't ensuring we got one at all.
The new test doesn't fail.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 24 Oct 2017 23:13:57 +0000 (12:13 +1300)]
linked attribute tests: ensure duplicate deletes fail
We can't remove the same thing twice in the same message.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 24 Oct 2017 21:12:09 +0000 (10:12 +1300)]
replmd: check for duplicate values in MOD_REPLACE case
Because we already have a sorted parsed_dn list, this is a simple
linear scan.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 24 Oct 2017 21:54:42 +0000 (10:54 +1300)]
linked attribute tests: test against duplicates in replace
We should not be able to introduce duplicate links using MOD_REPLACE.
It turns out we could and weren't testing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 25 Oct 2017 15:37:24 +0000 (17:37 +0200)]
s4:scripting: Fix ntstatus_gen.h generation on 32bit
The hex() function results in different output on 32bit systems. It adds
a L for long for some numbers. Thus we have a different header file.
This patch makes sure we have a consistent file generation on different
paltforms.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13099
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Oct 25 22:28:39 CEST 2017 on sn-devel-144
Jeremy Allison [Mon, 23 Oct 2017 22:40:04 +0000 (15:40 -0700)]
s3: smbclient: Test we can rename with a name containing.
Samba always allowed this anyway, but it's a good place
to ensure we don't regress.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13093
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 24 23:32:58 CEST 2017 on sn-devel-144
Jeremy Allison [Fri, 20 Oct 2017 22:09:38 +0000 (15:09 -0700)]
s3: smbclient: Ensure we call client_clean_name() before all operations on remote pathnames.
This allows names containing .. components to be resolved on the client side
before being sent to the server. Relative names work in SMB1 but not in SMB2.
Fix both client.c and clitar.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13093
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Sat, 21 Oct 2017 00:08:08 +0000 (00:08 +0000)]
s3: client: Add new utility function client_clean_name().
Correctly canonicalizes a remote pathname removing '..'
elements before sending to a remote server. '..' elements
work in SMB1 pathnames, but not in SMB2.
Not yet used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13093
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Amitay Isaacs [Wed, 18 Oct 2017 05:16:27 +0000 (16:16 +1100)]
ctdb-client: Fix CID
1419820
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Oct 23 19:45:08 CEST 2017 on sn-devel-144
Amitay Isaacs [Fri, 13 Oct 2017 01:57:08 +0000 (12:57 +1100)]
ctdb-tools: Drop duplicate output from dbstatistics
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Lumir Balhar [Thu, 14 Sep 2017 07:31:17 +0000 (09:31 +0200)]
python: Port tests of samba.messaging to Python 3 compatible form.
Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Oct 23 15:40:48 CEST 2017 on sn-devel-144
Lumir Balhar [Thu, 14 Sep 2017 07:30:28 +0000 (09:30 +0200)]
python: Port samba.messaging module to Python 3 compatible form.
Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Tue, 15 Aug 2017 06:25:34 +0000 (08:25 +0200)]
xattr.idl: Don't generate an interface table
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Oct 22 21:40:16 CEST 2017 on sn-devel-144
Volker Lendecke [Tue, 15 Aug 2017 06:17:22 +0000 (08:17 +0200)]
nfs4acls: Don't generate an interface table for nfs4acls.idl
Nobody uses the function nfs4acl_test.
It took a while to figure out how to get this to build. The "uuid" line in the
idl file triggers pidl to generate the function table entry, which in turn then
triggers tables.pl to register this interface
./bin/default/source4/librpc/gen_ndr/tables.c. We could for example do the same
with xattr_parse_DOSATTRIB. Nobody uses this.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 15 Aug 2017 04:02:13 +0000 (06:02 +0200)]
nfs4acls: Slightly simplify smb_add_ace4
The comment was a bit confusing to me, it took a few seconds too many to figure
out *why* setting NULL is not required. Remove it :-)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Tue, 15 Aug 2017 03:58:05 +0000 (05:58 +0200)]
nfs4acls: Fix a debug message
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Sat, 22 Jul 2017 17:34:25 +0000 (19:34 +0200)]
s3/smbd: update some more DEBUG macros in smbd_smb2_create_send
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Oct 21 18:08:46 CEST 2017 on sn-devel-144
Ralph Boehme [Fri, 21 Jul 2017 16:59:55 +0000 (18:59 +0200)]
s3/smbd: use early returns in smbd_smb2_create_send
Now that we have the nice smbd_smb2_create_after_exec() and
smbd_smb2_create_finish() functions, use early returns for the create
replay and durable handle reconnect case.
No change in behaviour, best viewed with
$ git show -w COMMIT
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 20 Jul 2017 14:14:31 +0000 (16:14 +0200)]
s3/smbd: factor out smbd_smb2_create_after_exec from smbd_smb2_create_send
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 20 Jul 2017 14:14:31 +0000 (16:14 +0200)]
s3/smbd: factor out smbd_smb2_create_before_exec from smbd_smb2_create_send
No change in behaviour, best viewed with:
$ git show --diff-algorithm=histogram COMMIT
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 21 Jul 2017 16:02:05 +0000 (18:02 +0200)]
s3/smbd: remove all stack variables of smbd_smb2_create_send into smbd_smb2_create_state
This allows factoring out smbd_smb2_create_after|before_exec() in the
next steps.
Moving all variable in one big fell swoop instead of one per commit,
because if I'd miss to adjust a variable access the commit wouldn't
compile.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 20 Jul 2017 10:51:37 +0000 (12:51 +0200)]
s3/smbd: move create ctx extraction and validation to a helper func
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 20 Jul 2017 10:15:19 +0000 (12:15 +0200)]
s3/smbd: move create contexts into smbd_smb2_create_state
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 20 Jul 2017 09:29:46 +0000 (11:29 +0200)]
s3/smbd: remove unneeded args from smbd_smb2_create_finish
The previous commits moved all arguments into smbd_smb2_create_state.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Sat, 22 Jul 2017 16:49:50 +0000 (18:49 +0200)]
s3/smbd: move info into smbd_smb2_create_state
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Sat, 22 Jul 2017 16:47:17 +0000 (18:47 +0200)]
s3/smbd: add in_create_disposition to smbd_smb2_create_state
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Sat, 22 Jul 2017 16:43:33 +0000 (18:43 +0200)]
s3/smbd: add in_oplock_level to smbd_smb2_create_state
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Sat, 22 Jul 2017 16:40:16 +0000 (18:40 +0200)]
s3/smbd: move requested_oplock_level into smbd_smb2_create_state
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Sat, 22 Jul 2017 16:32:50 +0000 (18:32 +0200)]
s3/smbd: move replay_operation into smbd_smb2_create_state
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Sat, 22 Jul 2017 13:31:05 +0000 (15:31 +0200)]
s3/smbd: move result into smbd_smb2_create_state
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Wed, 19 Jul 2017 17:07:55 +0000 (19:07 +0200)]
s3/smbd: leverage early return added in the previous commit
Now that the other cases handled in the if/else blocks do early returns,
we can move the logic handling file opens out of the final else block.
No change in behaviour, best viewed with
$ git show -w COMMIT
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Wed, 19 Jul 2017 17:04:46 +0000 (19:04 +0200)]
s3/smbd: factor out smbd_smb2_create_finish from smbd_smb2_create_send
No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 21 Jul 2017 13:34:02 +0000 (15:34 +0200)]
s3/smbd: modernize a DEBUG statement
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Thu, 20 Jul 2017 04:03:34 +0000 (06:03 +0200)]
s3/smbd: move some setup code in smbd_smb2_create_send a few lines up
This is just one of the last steps before splitting out large code parts
into _before() and _after() functions. No change in behaviour.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Fri, 21 Jul 2017 14:23:53 +0000 (16:23 +0200)]
s3/smbd: add tevent context to smbd_smb2_create_state
...and use it in everywhere in smbd_smb2_create_send().
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>