[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e3f5e47 smbd: Remove an optimization that became unnecessary via 07ae7e2 smbd: We don't collect our own vnn anymore via ebb027b smbd: Slightly simplify notify_trigger via eb885d1 smbd: Slightly simplify notify_trigger via 032da72 smbd: Avoid some talloc_realloc in notify_internal via c2b26a4 dbwrap-ctdb: Avoid a talloc_stackframe() via d147194 ctdb-conn: remove ctdbd_fetch via 1409895 dbwrap-ctdb: Use ctdbd_parse in db_ctdb_parse_record via abe4046 ctdb-conn: Add ctdbd_parse via c8c0bf7 tdb: Fix blank line endings via a92c08e tdb: Little format change via d4ebeeb smbd: Avoid sending 0-sized keys to dbwrap from bbb4068 dbwrap: Use tdb_null in db_ctdb_delete http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit e3f5e474c826940ebaf43256cb06a50309ba3ef5 Author: Volker Lendecke Date: Wed Oct 31 13:13:50 2012 +0100 smbd: Remove an optimization that became unnecessary After we only collect nonlocal vnns in idx_state.vnns now, at this point we *know* we have something to send to a remote node. The previous code avoided the call to notify_push_remote_blob with an if-statement that has now become unnecessary. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Tue Mar 26 13:16:39 CET 2013 on sn-devel-104 commit 07ae7e22f789a67bbd5e9536e1227a1c394990f9 Author: Volker Lendecke Date: Wed Oct 31 13:11:19 2012 +0100 smbd: We don't collect our own vnn anymore notify_trigger_index_parser will not anymore add ourselves into the vnn list that it collects. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit ebb027b738d0addd3ee5c205c5370b01859aee71 Author: Volker Lendecke Date: Wed Oct 31 13:10:12 2012 +0100 smbd: Slightly simplify notify_trigger We have a good chance that we did not collect any remote vnns. This avoids trying to walk the remote vnns altogether. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit eb885d1fdd6a2be603061aeef63790c92ca9ba56 Author: Volker Lendecke Date: Wed Oct 31 13:08:18 2012 +0100 smbd: Slightly simplify notify_trigger This straightens the for-loop walking the path components slightly Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 032da72e2b81685f292622cfd2ced14af257849d Author: Volker Lendecke Date: Wed Oct 31 13:02:19 2012 +0100 smbd: Avoid some talloc_realloc in notify_internal For the nonclustered case we will only ever have one vnn in notify_index.tdb. For this case, without this patch we did talloc_realloc when collecting vnns to be able to do the memcpy instead of explicit copy with a for-loop. This new code will partition the new vnns we see when parsing a notify_index.tdb record into ourselves and all foreign vnns, only really collecting the foreign ones in an array. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit c2b26a43ffae22c9dff7929c48531fec9e6ed922 Author: Volker Lendecke Date: Sat Nov 24 14:42:06 2012 + dbwrap-ctdb: Avoid a talloc_stackframe() We have only a single allocation in this routine, so I think we can live without a stackframe. Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit d147194466560488cda9f6e5e993c985cea02289 Author: Volker Lendecke Date: Sat Nov 24 14:15:38 2012 + ctdb-conn: remove ctdbd_fetch Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 1409895d9e271744060d3f1ef2c71da5b5151f6a Author: Volker Lendecke Date: Sat Nov 24 14:14:37 2012 + dbwrap-ctdb: Use ctdbd_parse in db_ctdb_parse_record Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit abe4046643735cf0bc5bcdfe330dd946ab221808 Author: Volker Lendecke Date: Fri Nov 23 17:54:57 2012 +0100 ctdb-conn: Add ctdbd_parse Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit c8c0bf74805c61b1379dab1d4529df0004872bb4 Author: Volker Lendecke Date: Mon Mar 18 14:39:04 2013 +0100 tdb: Fix blank line endings Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit a92c08e18bca2f1db671dc5e2d0db4adbf39752d Author: Volker Lendecke Date: Mon Mar 18 10:53:49 2013 +0100 tdb: Little format change Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit d4ebeeb78865c6a20a85437b82a1302921f3d1fe Author: Volker Lendecke Date: Mon Mar 25 14:52:24 2013 +0100 smbd: Avoid sending 0-sized keys to dbwrap Start the notification one level below /. Sharing and
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e865788 dbwrap: Add a comment explaining a restriction
from e3f5e47 smbd: Remove an optimization that became unnecessary
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e8657887a9c1deadbd4e98c8b66cd46bdf36402a
Author: Volker Lendecke
Date: Wed Mar 27 10:23:50 2013 +0100
dbwrap: Add a comment explaining a restriction
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Mar 27 13:40:15 CET 2013 on sn-devel-104
---
Summary of changes:
lib/dbwrap/dbwrap.c | 11 +++
1 files changed, 11 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/dbwrap/dbwrap.c b/lib/dbwrap/dbwrap.c
index f0b7a9a..f03514d 100644
--- a/lib/dbwrap/dbwrap.c
+++ b/lib/dbwrap/dbwrap.c
@@ -453,6 +453,17 @@ int dbwrap_get_seqnum(struct db_context *db)
int dbwrap_transaction_start(struct db_context *db)
{
if (!db->persistent) {
+ /*
+* dbwrap_ctdb has two different data models for persistent
+* and non-persistent databases. Transactions are supported
+* only for the persistent databases. This check is here to
+* prevent breakages of the cluster case, autobuild at this
+* point only tests non-clustered Samba. Before removing this
+* check, please make sure that this facility has also been
+* added to dbwrap_ctdb.
+*
+* Thanks, vl
+*/
DEBUG(1, ("transactions not supported on non-persistent "
"database %s\n", db->name));
return -1;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ed76e65 ntvfs: support setfileinfo with FULL_EA_INFORMATION from 7903839 s3:wscript: change --with-dmapi to default=auto to match the autoconf build http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ed76e65172ba1a21ef21b3c0267ed5ef1aa8aa9b Author: David Disseldorp Date: Wed Apr 3 14:01:00 2013 +0200 ntvfs: support setfileinfo with FULL_EA_INFORMATION Use existing unmarshall and set helper functions. This allows the smb2.setinfo.setinfo test to run against the ntvfs file server. Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Wed Apr 3 16:14:33 CEST 2013 on sn-devel-104 --- Summary of changes: selftest/knownfail |1 - source4/ntvfs/posix/pvfs_setfileinfo.c |7 ++- source4/smb_server/blob.c |6 ++ 3 files changed, 12 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index e4b4694..61a0a0e 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -162,7 +162,6 @@ ^samba4.blackbox.upgradeprovision.alpha13.ldapcmp_sd\(none\) # Due to something rewriting the NT ACL on DNS objects ^samba4.blackbox.upgradeprovision.alpha13.ldapcmp_full_sd\(none\) # Due to something rewriting the NT ACL on DNS objects ^samba4.blackbox.upgradeprovision.release-4-0-0.ldapcmp_sd\(none\) # Due to something rewriting the NT ACL on DNS objects -^samba4.smb2.setinfo.setinfo # ntvfs doesn't support FULL_EA_INFORMATION set. ^samba3.smb2.create.gentest ^samba3.smb2.create.blob ^samba3.smb2.create.open diff --git a/source4/ntvfs/posix/pvfs_setfileinfo.c b/source4/ntvfs/posix/pvfs_setfileinfo.c index 3c9b18d..7fd4e35 100644 --- a/source4/ntvfs/posix/pvfs_setfileinfo.c +++ b/source4/ntvfs/posix/pvfs_setfileinfo.c @@ -367,7 +367,7 @@ NTSTATUS pvfs_setfileinfo(struct ntvfs_module_context *ntvfs, break; case RAW_SFILEINFO_EA_SET: - return pvfs_setfileinfo_ea_set(pvfs, h->name, h->fd, + return pvfs_setfileinfo_ea_set(pvfs, h->name, h->fd, info->ea_set.in.num_eas, info->ea_set.in.eas); @@ -420,6 +420,11 @@ NTSTATUS pvfs_setfileinfo(struct ntvfs_module_context *ntvfs, h->position = info->position_information.in.position; break; + case RAW_SFILEINFO_FULL_EA_INFORMATION: + return pvfs_setfileinfo_ea_set(pvfs, h->name, h->fd, + info->full_ea_information.in.eas.num_eas, + info->full_ea_information.in.eas.eas); + case RAW_SFILEINFO_MODE_INFORMATION: /* this one is a puzzle */ if (info->mode_information.in.mode != 0 && diff --git a/source4/smb_server/blob.c b/source4/smb_server/blob.c index c0077c0..a3e1123 100644 --- a/source4/smb_server/blob.c +++ b/source4/smb_server/blob.c @@ -625,6 +625,12 @@ NTSTATUS smbsrv_pull_passthru_sfileinfo(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; + case RAW_SFILEINFO_FULL_EA_INFORMATION: + return ea_pull_list_chained(blob, + mem_ctx, + &st->full_ea_information.in.eas.num_eas, + &st->full_ea_information.in.eas.eas); + case RAW_SFILEINFO_MODE_INFORMATION: BLOB_CHECK_MIN_SIZE(blob, 4); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b5d5b9a libsmbclient: Fix cli_session_setup_guest_send
from ed76e65 ntvfs: support setfileinfo with FULL_EA_INFORMATION
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b5d5b9a40eb13f89a552e29096deed52229c147e
Author: Volker Lendecke
Date: Wed Apr 3 13:24:53 2013 +0200
libsmbclient: Fix cli_session_setup_guest_send
This worked fine so far, but for the wrong reason: We only ever called
this through the sync wrapper. The tevent_req_nterror in the NT_STATUS_OK
case does not call tevent_req_finish. So the tevent_loop_poll did call
into the core send/receive smb code. This is a fix for the case when
smb1cli_req_chain_submit fails for some reason.
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Apr 3 18:39:30 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/libsmb/cliconnect.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 872900c..ec5c273 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -446,7 +446,7 @@ struct tevent_req *cli_session_setup_guest_send(TALLOC_CTX
*mem_ctx,
}
status = smb1cli_req_chain_submit(&subreq, 1);
- if (NT_STATUS_IS_OK(status)) {
+ if (!NT_STATUS_IS_OK(status)) {
tevent_req_nterror(req, status);
return tevent_req_post(req, ev);
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 7f366d7 tevent: Only set poll_ev->delete=false if it was true
from a7f067c BUG 9699: Fix adding case sensitive spn.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7f366d745c1d4e833470d853ec484459157616e7
Author: Volker Lendecke
Date: Thu Apr 4 10:23:02 2013 +0200
tevent: Only set poll_ev->delete=false if it was true
Might not be noticable, but I thought it would be an obvious tiny
optimization. Possibly the compiler already does this.
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Apr 4 18:32:39 CEST 2013 on sn-devel-104
---
Summary of changes:
lib/tevent/tevent_poll.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tevent/tevent_poll.c b/lib/tevent/tevent_poll.c
index 92fcc44..c6e2a00 100644
--- a/lib/tevent/tevent_poll.c
+++ b/lib/tevent/tevent_poll.c
@@ -419,8 +419,8 @@ static bool poll_event_setup_fresh(struct tevent_context
*ev,
poll_ev->fdes[i]->additional_flags = i;
}
}
+ poll_ev->deleted = false;
}
- poll_ev->deleted = false;
if (poll_ev->fresh == NULL) {
return true;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 77f7a46 s4:dsdb: Fix warnings about not set / set but unused /
shadowed variables
from 31714c9 s3:smbd:smb2:scavenger: fix format error for debugging
open_persistent_id in scavenger_timer()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 77f7a46e180596fa081f4069edea9efd23e3f0c5
Author: Matthieu Patou
Date: Thu Apr 11 22:30:27 2013 -0700
s4:dsdb: Fix warnings about not set / set but unused / shadowed variables
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Fri Apr 19 13:15:40 CEST 2013 on sn-devel-104
---
Summary of changes:
source4/dsdb/common/dsdb_dn.c |3 ---
source4/dsdb/samdb/ldb_modules/linked_attributes.c |6 +++---
source4/dsdb/samdb/ldb_modules/partition.c |3 ---
source4/dsdb/samdb/ldb_modules/resolve_oids.c |2 --
source4/dsdb/samdb/ldb_modules/samba_dsdb.c|6 ++
source4/dsdb/samdb/ldb_modules/simple_ldap_map.c |3 ---
source4/dsdb/samdb/ldb_modules/subtree_rename.c|2 --
7 files changed, 5 insertions(+), 20 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/common/dsdb_dn.c b/source4/dsdb/common/dsdb_dn.c
index 0029f5d..ab42776 100644
--- a/source4/dsdb/common/dsdb_dn.c
+++ b/source4/dsdb/common/dsdb_dn.c
@@ -76,7 +76,6 @@ struct dsdb_dn *dsdb_dn_parse(TALLOC_CTX *mem_ctx, struct
ldb_context *ldb,
{
struct dsdb_dn *dsdb_dn;
struct ldb_dn *dn;
- const char *data;
size_t len;
TALLOC_CTX *tmp_ctx;
char *p1;
@@ -127,8 +126,6 @@ struct dsdb_dn *dsdb_dn_parse(TALLOC_CTX *mem_ctx, struct
ldb_context *ldb,
if (tmp_ctx == NULL) {
return NULL;
}
-
- data = (const char *)dn_blob->data;
len = dn_blob->length - 2;
p1 = talloc_strndup(tmp_ctx, (const char *)dn_blob->data + 2, len);
diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
index 6e08209..a55ec87 100644
--- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -752,7 +752,7 @@ static int linked_attributes_fix_links(struct ldb_module
*module,
/* find our DN in the values */
for (j=0; jnum_values; j++) {
struct dsdb_dn *dsdb_dn2;
- struct GUID link_guid;
+ struct GUID link_guid2;
dsdb_dn2 = dsdb_dn_parse(msg, ldb, &el2->values[j],
target->syntax->ldap_oid);
if (dsdb_dn2 == NULL) {
@@ -760,7 +760,7 @@ static int linked_attributes_fix_links(struct ldb_module
*module,
return LDB_ERR_INVALID_DN_SYNTAX;
}
- ret = la_guid_from_dn(module, parent, dsdb_dn2->dn,
&link_guid);
+ ret = la_guid_from_dn(module, parent, dsdb_dn2->dn,
&link_guid2);
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
@@ -776,7 +776,7 @@ static int linked_attributes_fix_links(struct ldb_module
*module,
* more costly, but still give us a GUID.
* dbcheck will fix this if run.
*/
- if (!GUID_equal(&self_guid, &link_guid)) {
+ if (!GUID_equal(&self_guid, &link_guid2)) {
continue;
}
diff --git a/source4/dsdb/samdb/ldb_modules/partition.c
b/source4/dsdb/samdb/ldb_modules/partition.c
index 435a791..63835d8 100644
--- a/source4/dsdb/samdb/ldb_modules/partition.c
+++ b/source4/dsdb/samdb/ldb_modules/partition.c
@@ -1089,13 +1089,10 @@ int partition_sequence_number_from_partitions(struct
ldb_module *module,
*/
static int partition_sequence_number(struct ldb_module *module, struct
ldb_request *req)
{
- struct partition_private_data *data =
talloc_get_type(ldb_module_get_private(module),
- struct
partition_private_data);
struct ldb_extended *ext;
struct ldb_seqnum_request *seq;
struct ldb_seqnum_result *seqr;
uint64_t seq_number;
- struct dsdb_partition *p;
int ret;
seq = talloc_get_type_abort(req->op.extended.data, struct
ldb_seqnum_request);
diff --git a/source4/dsdb/samdb/ldb_modules/resolve_oids.c
b/source4/dsdb/samdb/ldb_modules/resolve_oids.c
index 71f9a30..b5c5f8e 100644
--- a/source4/dsdb/samdb/ldb_modules/resolve_oids.c
+++ b/source4/dsdb/samdb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5f82641 libsmb: Use sizeof instead of explicit numbers
via b8c1e30 libsmb: Use smb2_lease_push in smb2_create_send
via a8edad3 libcli: Add smb2_lease marshalling
via 96a8f6e libsmb: Move "struct smb2_lease" to common
from 7e80793 check_parent_exists() can change errno. Ensure we preserve
it across calls.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5f82641553e33bc236b6c8a4f5cfc1cf3b722eea
Author: Volker Lendecke
Date: Thu Apr 25 14:24:08 2013 +0200
libsmb: Use sizeof instead of explicit numbers
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Apr 30 16:02:19 CEST 2013 on sn-devel-104
commit b8c1e30a6f2213c0dbb43a55bd5e1f498a610cab
Author: Volker Lendecke
Date: Thu Apr 25 14:19:36 2013 +0200
libsmb: Use smb2_lease_push in smb2_create_send
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit a8edad3743a60b9521b2cd759e22e6350c41cc06
Author: Volker Lendecke
Date: Wed Apr 17 17:04:38 2013 +0200
libcli: Add smb2_lease marshalling
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 96a8f6e0fb9042fe125c9552dfb4c3f6d19cb225
Author: Volker Lendecke
Date: Wed Apr 17 16:48:21 2013 +0200
libsmb: Move "struct smb2_lease" to common
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
libcli/smb/smb2_lease.c | 86 +++
libcli/smb/smb2_lease.h | 50 ++
libcli/smb/smb_common.h |1 +
libcli/smb/wscript |2 +
source4/libcli/raw/interfaces.h | 17
source4/libcli/smb2/create.c| 34 +++
6 files changed, 155 insertions(+), 35 deletions(-)
create mode 100644 libcli/smb/smb2_lease.c
create mode 100644 libcli/smb/smb2_lease.h
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smb2_lease.c b/libcli/smb/smb2_lease.c
new file mode 100644
index 000..10beaca
--- /dev/null
+++ b/libcli/smb/smb2_lease.c
@@ -0,0 +1,86 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ SMB2 Lease context handling
+
+ Copyright (C) Stefan Metzmacher 2012
+ Copyright (C) Volker Lendecke 2013
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../libcli/smb/smb_common.h"
+
+ssize_t smb2_lease_pull(uint8_t *buf, size_t len, struct smb2_lease *lease)
+{
+ int version;
+
+ switch (len) {
+ case 32:
+ version = 1;
+ break;
+ case 52:
+ version = 2;
+ break;
+ default:
+ return -1;
+ }
+
+ memcpy(&lease->lease_key, buf, 16);
+ lease->lease_state = IVAL(buf, 16);
+ lease->lease_flags = IVAL(buf, 20);
+ lease->lease_duration = BVAL(buf, 24);
+
+ switch (version) {
+ case 1:
+ memcpy(&lease->parent_lease_key, buf+32, 16);
+ lease->lease_epoch = SVAL(buf, 48);
+ break;
+ case 2:
+ ZERO_STRUCT(lease->parent_lease_key);
+ lease->lease_epoch = 0;
+ break;
+ }
+
+ return len;
+}
+
+bool smb2_lease_push(const struct smb2_lease *lease, uint8_t *buf, size_t len)
+{
+ int version;
+
+ switch (len) {
+ case 32:
+ version = 1;
+ break;
+ case 52:
+ version = 2;
+ break;
+ default:
+ return false;
+ }
+
+ memcpy(&buf[0], &lease->lease_key, 16);
+ SIVAL(buf, 16, lease->lease_state);
+ SIVAL(buf, 20, lease->lease_flags);
+ SBVAL(buf, 24, lease->lease_duration);
+
+ if (version == 2) {
+ memcpy(&buf[32], &lease->parent_lease_key, 16);
+ SIVAL(buf, 48, lease->lease_epoch);
+ }
+
+ return true;
+}
diff --git a/libcli/smb/smb2_lease.h b/libcli/smb/smb2_lease.h
new file mode 100644
index 00
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 99c95fc libsmb: call directly tevent_req_simple_finish_ntstatus
from bf33239 Fix warnings and one compile error caused by newer gcc 4.7.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 99c95fc98309a7aa08cfc37c4de5105d90696b7a
Author: Matthieu Patou
Date: Sun May 5 14:53:40 2013 -0700
libsmb: call directly tevent_req_simple_finish_ntstatus
The CC compiler on openindiana is not pleased with a void function doing
a return of another void function.
It should help the build of openindiana on the buildfarm
Signed-off-by: Matthieu Patou
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Mon May 6 08:35:10 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/libsmb/cliconnect.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 3242d8c..7179c4f 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -2687,13 +2687,13 @@ static struct tevent_req *cli_tree_connect_send(
static void cli_tree_connect_smb2_done(struct tevent_req *subreq)
{
- return tevent_req_simple_finish_ntstatus(
+ tevent_req_simple_finish_ntstatus(
subreq, smb2cli_tcon_recv(subreq));
}
static void cli_tree_connect_andx_done(struct tevent_req *subreq)
{
- return tevent_req_simple_finish_ntstatus(
+ tevent_req_simple_finish_ntstatus(
subreq, cli_tcon_andx_recv(subreq));
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8c3fa00 lib/param: remove unused 'printer_admin'
via 0ffd074 doc-xml/smbdotconf: fix server [min|max] protocol
documentation
via 8a878ec talloc: only provide the --enable-talloc-compat1 in
standalone build
via f08205b winbind/idmap_ad: be verbose about the user that we fail to
map
from 5868acc vfs_gpfs: slightly simplify connect()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8c3fa009ca6e80bf6e8f9daf786b3ec490c735af
Author: Stefan Metzmacher
Date: Mon Apr 29 12:27:25 2013 +0200
lib/param: remove unused 'printer_admin'
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue May 14 21:45:19 CEST 2013 on sn-devel-104
commit 0ffd074690529a1833e29829b552b3cf6ebcd914
Author: Stefan Metzmacher
Date: Tue Apr 30 08:39:00 2013 +0200
doc-xml/smbdotconf: fix server [min|max] protocol documentation
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
commit 8a878ec74bd24180aa73cfb39ff4a6c3e72d9d0b
Author: Stefan Metzmacher
Date: Tue May 7 14:15:35 2013 +0200
talloc: only provide the --enable-talloc-compat1 in standalone build
The compat library is already only built in standalone build,
so we need the configure option also only in the standalone build.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
commit f08205be7003f6c0a15fd5fd99d01951164ad15c
Author: Björn Jacke
Date: Tue May 14 16:51:28 2013 +0200
winbind/idmap_ad: be verbose about the user that we fail to map
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
docs-xml/smbdotconf/protocol/servermaxprotocol.xml | 10 --
docs-xml/smbdotconf/protocol/serverminprotocol.xml |2 +-
lib/param/param_functions.c|1 -
lib/talloc/wscript | 10 ++
source3/winbindd/idmap_ad.c|5 +++--
5 files changed, 10 insertions(+), 18 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
b/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
index 94184c8..822e42b 100644
--- a/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
+++ b/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
@@ -10,16 +10,6 @@
Possible values are :
- CORE: Earliest version. No
- concept of user names.
-
-
-
- COREPLUS: Slight improvements on
- CORE for efficiency.
-
-
-
LANMAN1: First
modern
version of the protocol. Long filename support.
diff --git a/docs-xml/smbdotconf/protocol/serverminprotocol.xml
b/docs-xml/smbdotconf/protocol/serverminprotocol.xml
index c62ebb3..fc249fc 100644
--- a/docs-xml/smbdotconf/protocol/serverminprotocol.xml
+++ b/docs-xml/smbdotconf/protocol/serverminprotocol.xml
@@ -18,6 +18,6 @@
server max protocol
-CORE
+LANMAN1
NT1
diff --git a/lib/param/param_functions.c b/lib/param/param_functions.c
index 7cb3a69..6fc7801 100644
--- a/lib/param/param_functions.c
+++ b/lib/param/param_functions.c
@@ -72,7 +72,6 @@ FN_LOCAL_STRING(force_user, force_user)
FN_LOCAL_STRING(force_group, force_group)
FN_LOCAL_LIST(readlist, readlist)
FN_LOCAL_LIST(writelist, writelist)
-FN_LOCAL_LIST(printer_admin, printer_admin)
FN_LOCAL_LIST(vfs_objects, szVfsObjects)
FN_LOCAL_STRING(msdfs_proxy, szMSDfsProxy)
static FN_LOCAL_STRING(volume, volume)
diff --git a/lib/talloc/wscript b/lib/talloc/wscript
index bd7708e..ecc5e24 100644
--- a/lib/talloc/wscript
+++ b/lib/talloc/wscript
@@ -27,10 +27,10 @@ def set_options(opt):
opt.BUILTIN_DEFAULT('replace')
opt.PRIVATE_EXTENSION_DEFAULT('talloc', noextension='talloc')
opt.RECURSE('lib/replace')
-opt.add_option('--enable-talloc-compat1',
- help=("Build talloc 1.x.x compat library [False]"),
- action="store_true", dest='TALLOC_COMPAT1', default=False)
if opt.IN_LAUNCH_DIR():
+opt.add_option('--enable-talloc-compat1',
+ help=("Build talloc 1.x.x compat library [False]"),
+ action="store_true", dest='TALLOC_COMPAT1',
default=False)
opt.add_option('--disable-python',
help=("disable the pytalloc module"),
action="store_true", dest='disable_python',
default=False)
@@ -51,7 +51,9 @@ def configure(conf):
implied_deps='
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via fbb12b5 samba-tool/tests: Force the gecos of the user to a fixed
value.
via 54f4536 dsdb-drepl: create a new schedulable event for running
pending operations
from 8c3fa00 lib/param: remove unused 'printer_admin'
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit fbb12b574df69a1cda0a3f201f21279650ddc4c4
Author: Matthieu Patou
Date: Tue May 14 06:20:18 2013 -0700
samba-tool/tests: Force the gecos of the user to a fixed value.
When --gecos is not specified samba-tool user add will try to read the
gecos field from a getpw call. And if user's GECOS is empty (like the
build user on sn-devel-104) then the test will fail because we can't add
an empty gecos.
Signed-off-by: Matthieu Patou
Reviewed-by: Jelmer Vernooij
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed May 15 16:19:23 CEST 2013 on sn-devel-104
commit 54f4536980d86faf532708c92890dd9e8b09667a
Author: Matthieu Patou
Date: Wed May 15 04:46:33 2013 -0700
dsdb-drepl: create a new schedulable event for running pending operations
So instead of running dreplsrv_periodic_schedule when receiving a
DRS_REPLICA_SYNC request which will force the DC to look for changes
with all the DC it usually replicate to, we reduce it to the DC
specified in the DRS_REPLICA_SYNC request. It will allow also to do have the
correct options as set by the client who send the DRS_REPLICA_SYNC.
Signed-off-by: Matthieu Patou
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
python/samba/tests/samba_tool/user.py | 11 +-
source4/dsdb/repl/drepl_periodic.c| 61 +
source4/dsdb/repl/drepl_service.c |2 +-
source4/dsdb/repl/drepl_service.h | 17 +
4 files changed, 89 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/samba_tool/user.py
b/python/samba/tests/samba_tool/user.py
index 89fa22b..645eb40 100644
--- a/python/samba/tests/samba_tool/user.py
+++ b/python/samba/tests/samba_tool/user.py
@@ -212,12 +212,20 @@ class UserCmdTestCase(SambaToolCmdTest):
self.skipTest("Skipping getpwent test, current EUID not found in
NSS")
return
+
+# samba-tool user add command didn't support users with empty gecos if none is
+# specified on the command line and the user hasn't one in the passwd file it
+# will fail, so let's add some contents
+
+gecos = u[4]
+if (gecos is None or len(gecos) == 0):
+gecos = "Foo GECOS"
user = self._randomPosixUser({
"name": u[0],
"uid": u[0],
"uidNumber": u[2],
"gidNumber": u[3],
-"gecos": u[4],
+"gecos": gecos,
"loginShell": u[6],
})
# check if --rfc2307-from-nss sets the same values as we got from
pwd.getpwuid()
@@ -228,6 +236,7 @@ class UserCmdTestCase(SambaToolCmdTest):
"--department=%s" %
user["department"],
"--description=%s" %
user["description"],
"--company=%s" %
user["company"],
+"--gecos=%s" % user["gecos"],
"--rfc2307-from-nss",
"-H", "ldap://%s"; %
os.environ["DC_SERVER"],
"-U%s%%%s" %
(os.environ["DC_USERNAME"], os.environ["DC_PASSWORD"]))
diff --git a/source4/dsdb/repl/drepl_periodic.c
b/source4/dsdb/repl/drepl_periodic.c
index 62b4092..d6b9467 100644
--- a/source4/dsdb/repl/drepl_periodic.c
+++ b/source4/dsdb/repl/drepl_periodic.c
@@ -133,3 +133,64 @@ void dreplsrv_run_pending_ops(struct dreplsrv_service *s)
dreplsrv_notify_run_ops(s);
}
}
+
+static void dreplsrv_pending_run(struct dreplsrv_service *service);
+
+static void dreplsrv_pending_handler_te(struct tevent_context *ev, struct
tevent_timer *te,
+ struct timeval t, void *ptr)
+{
+ struct dreplsrv_service *service = talloc_get_type(ptr, struct
dreplsrv_service);
+
+ service->pending.te = NULL;
+
+ dreplsrv_pending_ru
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2ed6b08 auth: Ensure auth_sam is not used on the AD DC via 9b24f65 dsdb: Expand on what the error finding the ntSecurityDescriptor was in acl_read via 60d1c2d autobuild.py add ntdb to the samba-libs task, to ensure it works as an external library via 73628e9 rpc_server-drsuapi: Include the failing DN when unable to convert DB objects to DRS via 11e716a dsdb-schema: Print clear debug message when we find a OID in our local DB we cannot convert via 25402e0 dsdb-repl: Allow the name attribute (and name-based schema lookups) to be skipped in dsdb_repl_make_working_schema() via 3482060 python-samba-tool domain classicupgrade: Use transactions when adding users/groups/members via ef895fe samba-tool dbcheck: Use dsdb.DS_GUID_DELETED_OBJECTS_CONTAINER rather than the literal value via 9c5756c python-samba-tool domain classicupgrade: Correct message about re-promoting BDCs via 1165776 pdb_ldap: Do not skip accounts without a sambaAcctFlags value via 2c04719 python-samba-tool domain classicupgrade: Actually Skip domain trust accounts via 2e1f143 python-samba-tool domain classicupgrade: Skip machine accounts that do not end in $ via 2044541 build: Do not set PATH in install_with_python now we set $PYTHON via 10f6926 s3-rpc_server: Ensure we are root when starting and usiing gensec via 9430310 gensec: Make the no-hostname status message much less scary via 768c3bb build: Blacklist the release-4-0-0 provision as well from 46e98cf dns: Fix allocation of txt_record in txt record tests http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2ed6b0818a68ac07bd9c4270522aa8e2098ec140 Author: Andrew Bartlett Date: Thu May 16 10:32:50 2013 +1000 auth: Ensure auth_sam is not used on the AD DC Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Thu May 16 22:51:26 CEST 2013 on sn-devel-104 commit 9b24f6523e8c78879ada3e6d2927ebbb21dabfdc Author: Andrew Bartlett Date: Mon May 13 14:06:14 2013 +1200 dsdb: Expand on what the error finding the ntSecurityDescriptor was in acl_read Reviewed-by: Stefan Metzmacher commit 60d1c2d5288b01bd9a99f90bb0a9d0ff3c873412 Author: Andrew Bartlett Date: Mon May 13 14:05:28 2013 +1200 autobuild.py add ntdb to the samba-libs task, to ensure it works as an external library Reviewed-by: Stefan Metzmacher commit 73628e9cd9005478cdb225f01917eb54270a3c05 Author: Andrew Bartlett Date: Tue Apr 2 16:10:03 2013 +1100 rpc_server-drsuapi: Include the failing DN when unable to convert DB objects to DRS This is a very serious situation (it should not happen) so getting information on the objects that this happens for would be very helpful. Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 11e716ae0736067272868b997367e94ebf1cdf3b Author: Andrew Bartlett Date: Tue Apr 2 15:36:47 2013 +1100 dsdb-schema: Print clear debug message when we find a OID in our local DB we cannot convert We need to work out why we are unable to make a mapping for an OID in our database, because we should not have been able to add it without such a mapping. Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 25402e06bcdf98e346fdbbfa7e8740504329b42f Author: Andrew Bartlett Date: Tue Mar 26 11:51:38 2013 +1100 dsdb-repl: Allow the name attribute (and name-based schema lookups) to be skipped in dsdb_repl_make_working_schema() This allows us to use a schema that may only be valid for attributeID based lookups, during the schema load. Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 34820602715cc8936179091e188993f7a42808ac Author: Andrew Bartlett Date: Sun Apr 14 14:36:08 2013 +1000 python-samba-tool domain classicupgrade: Use transactions when adding users/groups/members This should make things a bit faster when importing very large numbers of users as we will not constantly rewrite the indicies on disk. Andrew Bartlett Reviewed-by: Stefan Metzmacher commit ef895fe9e4e4043bd4ce1db5007fd2016f0b8673 Author: Andrew Bartlett Date: Sun Apr 14 13:32:05 2013 +1000 samba-tool dbcheck: Use dsdb.DS_GUID_DELETED_OBJECTS_CONTAINER rather than the literal value This is better practice. Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 9c5756c077896e6a3ff8e610acf706f203e4dede Author: Andrew Bartlett Date: Thu Apr 11 18:13:16 2013 +1000 python-samba-tool domain classicupgrade: Correct message about re-promoting BDCs Reviewed-by: Stefan Metzmacher commit 1165776d861e8e4f2fe26dcaf1e9dabdcc0a4179 Author: Andrew Bartlett Date: Thu Apr 11 17:21
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 277831e dsdb-repl_meta_data: Move TODO comment about conflicts and
missing parents
via 2d38009 torture: Add tests of rename behaviour to replica_sync.py
via 6960f8e dsdb-repl_meta_data: Handle renames better, considering
only the RDN as given, and then the parent as given
via 54e092b dsdb-linked_attributes: Do not crash if the target GUID can
not be found
from 3bd686c tdb: fix logging of offets and lengths.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 277831eaf140c06bb25a3549434bc4acd4f533ec
Author: Andrew Bartlett
Date: Thu May 16 17:51:56 2013 +1000
dsdb-repl_meta_data: Move TODO comment about conflicts and missing parents
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue May 28 18:11:00 CEST 2013 on sn-devel-104
commit 2d38009852487ab3572b66817ed0492333b5ec7d
Author: Andrew Bartlett
Date: Thu May 16 15:24:25 2013 +1000
torture: Add tests of rename behaviour to replica_sync.py
Reviewed-by: Stefan Metzmacher
commit 6960f8e4c3d683103580aa91605f951bc227dbed
Author: Andrew Bartlett
Date: Thu May 16 15:19:20 2013 +1000
dsdb-repl_meta_data: Handle renames better, considering only the RDN as
given, and then the parent as given
This ignores the full DN as given, because the parent compents might be out
of date.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 54e092bb31001879f4d7a49e36a226c27b4d9843
Author: Andrew Bartlett
Date: Thu May 16 13:52:51 2013 +1000
dsdb-linked_attributes: Do not crash if the target GUID can not be found
Note that we must not give an error when we cannot find the object
that should hold the backlink, there really isn't anything we can do
in this case.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/linked_attributes.c | 15 ++
source4/dsdb/samdb/ldb_modules/repl_meta_data.c| 230 ---
source4/torture/drs/python/replica_sync.py | 104 +
3 files changed, 264 insertions(+), 85 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
index a55ec87..eb57f91 100644
--- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -4,6 +4,7 @@
Copyright (C) Andrew Bartlett 2007
Copyright (C) Simo Sorce 2008
Copyright (C) Matthieu Patou 2011
+ Copyright (C) Andrew Tridgell 2009
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -729,6 +730,20 @@ static int linked_attributes_fix_links(struct ldb_module
*module,
talloc_free(tmp_ctx);
return ret;
}
+ if (res->count == 0) {
+ /* Forward link without backlink object remaining -
nothing to do here */
+ continue;
+ }
+ if (res->count != 1) {
+ ldb_asprintf_errstring(ldb, "Linked attribute %s->%s
between %s and %s - target GUID %s found more than once!",
+ el->name,
target->lDAPDisplayName,
+ ldb_dn_get_linearized(old_dn),
+
ldb_dn_get_linearized(dsdb_dn->dn),
+ GUID_string(tmp_ctx,
&link_guid));
+ talloc_free(tmp_ctx);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
msg = res->msgs[0];
if (msg->num_elements == 0) {
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 651cdf1..98e60d7 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -94,6 +94,8 @@ struct replmd_replicated_request {
bool is_urgent;
};
+static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar);
+
enum urgent_situation {
REPL_URGENT_ON_CREATE = 1,
REPL_URGENT_ON_UPDATE = 2,
@@ -3656,15 +3658,6 @@ static int replmd_replicated_apply_add(struct
replmd_replicated_request *ar)
int ret;
bool remote_isDeleted = false;
- /*
-* TODO: check if the parent object exist
-*/
-
- /*
-* TODO: handle the conflict case where an object with the
-* same name exist
-*/
-
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d1feccb tdb: change version to tdb-1.2.12
from 55add52 smbcquotas.c: fix a bug of -t
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d1feccb35e987545f4ae8e3f4eb0b4fc741e7e7e
Author: Stefan Metzmacher
Date: Tue Jun 4 10:48:20 2013 +0200
tdb: change version to tdb-1.2.12
* internal code cleanups
* crash fix for pytdb
* fix for 4GB overflow detection
See http://permalink.gmane.org/gmane.network.samba.internals/42906 for
an example of what happens.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Jun 4 16:07:55 CEST 2013 on sn-devel-104
---
Summary of changes:
lib/tdb/ABI/{tdb-1.2.11.sigs => tdb-1.2.12.sigs} |0
lib/tdb/wscript |2 +-
2 files changed, 1 insertions(+), 1 deletions(-)
copy lib/tdb/ABI/{tdb-1.2.11.sigs => tdb-1.2.12.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/tdb/ABI/tdb-1.2.11.sigs b/lib/tdb/ABI/tdb-1.2.12.sigs
similarity index 100%
copy from lib/tdb/ABI/tdb-1.2.11.sigs
copy to lib/tdb/ABI/tdb-1.2.12.sigs
diff --git a/lib/tdb/wscript b/lib/tdb/wscript
index 7a3d0fa..00a1c34 100644
--- a/lib/tdb/wscript
+++ b/lib/tdb/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'tdb'
-VERSION = '1.2.11'
+VERSION = '1.2.12'
blddir = 'bin'
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag tdb-1.2.12 created
The annotated tag, tdb-1.2.12 has been created at e88be38520d8ec2c0af18897082bd881f0a3ee24 (tag) tagging d1feccb35e987545f4ae8e3f4eb0b4fc741e7e7e (commit) replaces tevent-0.9.18 tagged by Stefan Metzmacher on Tue Jun 4 16:28:29 2013 +0200 - Log - tdb: tag release tdb-1.2.12 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRrfmNAAoJEEeTkWETCEAlCS0IAMcsCJRSu5+Gtew7Kv39Ewp8 2un+vZZid1OakiBJnakl7U2qoF65e2Rup9vwj4b2vAWqCNFXlJ+xzERjWpBj5UhG HQUcJGYinqSGJo7k3bUy2QNQu0duHJj/bvf1tBjcYX14OLH0qWKIxYujZ2VSR/sB tiA20e0O8GyauZBasibmHpJMJTCHuCBC51Tzzl5Wj6hSrvEZcrY8LYYhULttmiXN oUF4sVqg6meMalduwhzb8YZLnO3kmDcNo5UiD41y02ObbgCmvb63qrqm6SBmBo5U dtukFdvcJBVqBvRrIByp4x1v/d0DzWR5YVrEry5qBD22av0iprpjoHc9i1hmZ7g= =wQpl -END PGP SIGNATURE- Abhidnya Joshi (2): s3:winbindd/autorid multiple range support docs-xml: manpage update for autorid multirange support Alexander Bokovoy (4): wafsamba: fix samba_abi for default catch-all case s3-waf: filter out ldapsam internal init functions PASSDB: add support to set and enumerate UPN suffixes associated with our forest s3-netlogon: enumerate UPN suffixes from PASSDB when available Alexander Werth (13): vfs: Fix compile of vfs_gpfs.c. vfs: Add inheritance emulation to vfs_nfs4acl_xattr. s4-smbtorture: Set result message when failing the inheritance test. s3: Move up declaration of params struct and related function. s3: Change smbacl4_get_vfs_params to use connection_struct instead of fsp. s3: Add params parameter to smbacl4_nfs42win function. s3: Mapping of special entries to creator owner in mode simple. s3: Mapping of cifs creator owner to nfs owner@ ace. s3: Add changes that keep nfs4:mode special behavior. s3: Use mode bits in some cases in mode simple. s3: Update README.nfs4acls.txt s3: Update vfs_gpfs man page with new nfs4:mode help text. s4-smbtorture: Run tests for nfs4:modes simple and special. Amitay Isaacs (8): samba-tool/dns: Fix a typo in ttl variable name s4-dns: Print/Set minimumTTL value in SOA record s4-rpc: dnsserver: Fix removal of trailing '.' in soa mname s4-rpc: dnsserver: dns_name_equal() returns boolean s4-rpc: dnsserver: When updating SOA record, use the specified serial s4-dns: Support update of SOA records samba-tool/dns: Pass on additional flags when creating zones samba-tool/dns: Set secure zone update flag after creating new zone Anand Avati (3): check_parent_exists() can change errno. Ensure we preserve it across calls. building RPMs on RHEL fail because of a typo. vfs_glusterfs: Samba VFS module for glusterfs Andreas Schneider (35): winbind: Use talloc for allocating domain, dns, forest and dc name. winbind: Correctly use names in the domain struct. winbind: Fix samba3.winbind.struct test. waf: Correctly check for prctl in just one place. lib: Add prctl_set_comment to utils. s3-daemons: Set the comment field of the daemons. krb5_wrap: Make sure we don't dereference a NULL pointer. winbind: Fix no memory check in _wbint_PingDc(). s4-client: Make sure entry is a valid string. s4-libregistry: Make sure we don't dereference a NULL pointer. s4-libregistry: Fix path check and improve while loops. gensec: recv_handler can't be NULL at that point. dsdb: Check for pointers before we deference them. s4-libregistry: Improve NULL handling of name. Make sure to set umask() before calling mkstemp(). pidl: Add skip option to elements. ndr: Add ndr_ntprinting_string_flags() function. idl: Add flags for strings in ntprinting idl. ndr: Pass down string_flags in ndr_pull_ntprinting_printer(). s3-net: Add encoding= to 'net printing migrate'. s3-net: Add encoding= to 'net printing dump'. torture: Add ntprinting latin1 test. torture: Update ndr README. BUG 9735: Fix winbind seperator in upn to username conversion. epm: Increase debug level for already registered endpoints. BUG 9758: Don't leak the epm_Map policy handle. BUG 9699: Fix adding case sensitive spn. BUG 9139: Fix the username map optimization. BUG 9766: Cache name_to_sid/sid_to_name correctly. BUG 9817: Fix 'map untrusted to domain' with NTLMv2. waf: Create a better wscript for finding ncurses. regedit: Don't panic if we can't open the file. regedit: Remove talloc leak report. regedit: Improve the while loop. regedit: Use color only when available. Andrew Bartlett (144): build: Rename samba_python waf node to avoid duplicate name build: Change bin/default/python -> bin/python symlink to bin/default/python_modul
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 3fba9ba dsdb: reset schema->{classes,attributes}_to_remove_size to 0
via d2f8471 dsdb: use the correct talloc parent in
dsdb_repl_merge_working_schema()
via 5263f0a Revert "s4-dsdb: Remove strcasecmp() fallback in
replmd_ldb_message_element_attid_sort"
from 424a990 s4-dfs_server: check for netbios aliases in ad_get_referrals
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 3fba9ba7ea85e33faac2718d2463c5d0cd2d85f4
Author: Stefan Metzmacher
Date: Mon Jun 10 10:46:41 2013 +0200
dsdb: reset schema->{classes,attributes}_to_remove_size to 0
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Jun 11 11:40:39 CEST 2013 on sn-devel-104
commit d2f847149d3d1310c829169564704b45ac43e978
Author: Stefan Metzmacher
Date: Mon Jun 10 10:45:25 2013 +0200
dsdb: use the correct talloc parent in dsdb_repl_merge_working_schema()
schema->{classes,attributes} are the DLIST pointer not an array.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit 5263f0a626dac3ac1fc48ece2324438279f187f0
Author: Andrew Bartlett
Date: Wed Jun 5 20:44:17 2013 +1000
Revert "s4-dsdb: Remove strcasecmp() fallback in
replmd_ldb_message_element_attid_sort"
This reverts commit d799b25dd3ed0f72ee03949225ba241c5538d7d6.
Sometimes the schema just isn't right. A segfault is not the correct
answer in those cases.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
source4/dsdb/repl/replicated_objects.c |4 ++--
source4/dsdb/samdb/ldb_modules/repl_meta_data.c |7 +++
source4/dsdb/schema/schema_set.c|4 +++-
3 files changed, 12 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/repl/replicated_objects.c
b/source4/dsdb/repl/replicated_objects.c
index b0abc1a..e018aa4 100644
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -58,7 +58,7 @@ static WERROR dsdb_repl_merge_working_schema(struct
ldb_context *ldb,
* as the rest won't be modified and this is for
* a short lived object.
*/
- tmp2 = talloc(dest_schema->classes, struct dsdb_class);
+ tmp2 = talloc(dest_schema, struct dsdb_class);
if (tmp2 == NULL) {
return WERR_NOMEM;
}
@@ -85,7 +85,7 @@ static WERROR dsdb_repl_merge_working_schema(struct
ldb_context *ldb,
* as the rest won't be modified and this is for
* a short lived object.
*/
- tmp2 = talloc(dest_schema->attributes, struct dsdb_attribute);
+ tmp2 = talloc(dest_schema, struct dsdb_attribute);
if (tmp2 == NULL) {
return WERR_NOMEM;
}
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 98e60d7..24dcc6f 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -663,6 +663,13 @@ static int replmd_ldb_message_element_attid_sort(const
struct ldb_message_elemen
a1 = dsdb_attribute_by_lDAPDisplayName(schema, e1->name);
a2 = dsdb_attribute_by_lDAPDisplayName(schema, e2->name);
+ /*
+* TODO: remove this check, we should rely on e1 and e2 having valid
attribute names
+* in the schema
+*/
+ if (!a1 || !a2) {
+ return strcasecmp(e1->name, e2->name);
+ }
if (a1->attributeID_id == a2->attributeID_id) {
return 0;
}
diff --git a/source4/dsdb/schema/schema_set.c b/source4/dsdb/schema/schema_set.c
index 73264f9..ce8facb 100644
--- a/source4/dsdb/schema/schema_set.c
+++ b/source4/dsdb/schema/schema_set.c
@@ -338,8 +338,10 @@ int dsdb_setup_sorted_accessors(struct ldb_context *ldb,
TALLOC_FREE(schema->attributes_to_remove[i]);
}
- TALLOC_FREE(schema->attributes_to_remove);
TALLOC_FREE(schema->classes_to_remove);
+ schema->classes_to_remove_size = 0;
+ TALLOC_FREE(schema->attributes_to_remove);
+ schema->attributes_to_remove_size = 0;
/* free all caches */
dsdb_sorted_accessors_free(schema);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 68f8f4e dsdb-tests ldap.py: Add test for usn behaviour on certain
changes
via 51298d3 dsdb-tests ldap.py: Fix quoting of print statements
via 96980f7 dsdb: Fix behaviour for when to update the USN when there
is no change
via e461ff5 dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs
via eec29db python samba-tool drs: Correctly print KCC references to
deleted servers
from 3e66cb7 Fix bug #9932 - Currently the maximum number of aces in an
SD is limited to 1000, but Microsoft supports around 1800.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 68f8f4ec4dbbdb20c4c51a6059535b5ef669373f
Author: Andrew Bartlett
Date: Fri May 31 14:14:54 2013 +1000
dsdb-tests ldap.py: Add test for usn behaviour on certain changes
This probes when the usn is updated, and when it is not.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Jun 12 11:54:01 CEST 2013 on sn-devel-104
commit 51298d33dd28e034967db38312e0129935a27a66
Author: Andrew Bartlett
Date: Fri May 31 11:15:51 2013 +1000
dsdb-tests ldap.py: Fix quoting of print statements
While python didn't mind (oddly) it really confused my editor.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 96980f7c04cc4226ed109654025b8254921f8d58
Author: Andrew Bartlett
Date: Fri May 31 14:16:02 2013 +1000
dsdb: Fix behaviour for when to update the USN when there is no change
This handles deletions and replacements with no value, or with an
exactly specified value, as well as modifies.
Pair-Programmed-With: Stefan Metzmacher
Andrew Bartlett
Signed-off-by: Stefan Metzmacher
commit e461ff530046199b7e647b81d6dfb2746f68b0d7
Author: Andrew Bartlett
Date: Mon Jun 10 12:22:40 2013 +1000
dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs
This helps us in the KCC as we need to return the deleted DN for the GUID
in DsReplicaGetInfo calls (tested for deleted servers against Windows
2008R2).
Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit eec29db7c237c70732f94e33147c960fa8df39fb
Author: Andrew Bartlett
Date: Mon Jun 10 11:43:18 2013 +1000
python samba-tool drs: Correctly print KCC references to deleted servers
Tested against Windows 2008R2, presumably before the KCC ran.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
python/samba/netcmd/drs.py | 15 ++-
source4/dsdb/common/util.c |6 +-
source4/dsdb/kcc/kcc_connection.c |4 +-
source4/dsdb/kcc/kcc_drs_replica_info.c | 10 +-
source4/dsdb/repl/drepl_partitions.c|2 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 34 +++-
source4/dsdb/tests/python/ldap.py | 229 ---
source4/rpc_server/drsuapi/getncchanges.c |4 +-
8 files changed, 222 insertions(+), 82 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/netcmd/drs.py b/python/samba/netcmd/drs.py
index ff8d830..de78ac7 100644
--- a/python/samba/netcmd/drs.py
+++ b/python/samba/netcmd/drs.py
@@ -170,10 +170,19 @@ class cmd_drs_showrepl(Command):
self.message(" KCC CONNECTION OBJECTS \n")
for c in conn:
-c_rdn, sep, c_server_dn = c['fromServer'][0].partition(',')
-c_server_res = self.samdb.search(base=c_server_dn,
scope=ldb.SCOPE_BASE, attrs=["dnsHostName"])
-c_server_dns = c_server_res[0]["dnsHostName"][0]
self.message("Connection --")
+
+c_rdn, sep, c_server_dn = c['fromServer'][0].partition(',')
+try:
+c_server_res = self.samdb.search(base=c_server_dn,
scope=ldb.SCOPE_BASE, attrs=["dnsHostName"])
+c_server_dns = c_server_res[0]["dnsHostName"][0]
+except ldb.LdbError, (errno, _):
+if errno == ldb.ERR_NO_SUCH_OBJECT:
+self.message("\tWARNING: Connection to DELETED server!")
+c_server_dns = ""
+except KeyError:
+c_server_dns = ""
+
self.message("\tConnection name: %s" % c['name'][0])
self.message("\tEnabled: %s" % attr_default(c,
'enabledConnection', 'TRUE'))
self.message("\tServer DNS name : %s" % c_server_dns)
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 8e40776..7a243c3 100644
---
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6c8 dsdb repl_meta_data: Use dsdb_request_add_controls()
from 5c488cf Initialize the file descriptor in the files_struct before
trying to close it. Otherwise, if one of the SETXATTR calls had failed, the
close() call will return EBADF.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6c81fbf4966f707286343b19e79513915c01
Author: Andrew Bartlett
Date: Fri May 31 15:36:34 2013 +1000
dsdb repl_meta_data: Use dsdb_request_add_controls()
This makes the code easier to read.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Jun 13 11:15:01 CEST 2013 on sn-devel-104
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 19 +--
1 files changed, 1 insertions(+), 18 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 0f2aa58..b6ff7ff 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -4462,7 +4462,6 @@ static int replmd_replicated_apply_next(struct
replmd_replicated_request *ar)
char *tmp_str;
char *filter;
struct ldb_request *search_req;
- struct ldb_search_options_control *options;
if (ar->index_current >= ar->objs->num_objects) {
/* done with it, go to next stage */
@@ -4492,24 +4491,8 @@ static int replmd_replicated_apply_next(struct
replmd_replicated_request *ar)
ar->req);
LDB_REQ_SET_LOCATION(search_req);
- ret = ldb_request_add_control(search_req, LDB_CONTROL_SHOW_RECYCLED_OID,
- true, NULL);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
-
- /* we need to cope with cross-partition links, so search for
- the GUID over all partitions */
- options = talloc(search_req, struct ldb_search_options_control);
- if (options == NULL) {
- DEBUG(0, (__location__ ": out of memory\n"));
- return LDB_ERR_OPERATIONS_ERROR;
- }
- options->search_options = LDB_SEARCH_OPTION_PHANTOM_ROOT;
+ ret = dsdb_request_add_controls(search_req,
DSDB_SEARCH_SEARCH_ALL_PARTITIONS|DSDB_SEARCH_SHOW_RECYCLED);
- ret = ldb_request_add_control(search_req,
- LDB_CONTROL_SEARCH_OPTIONS_OID,
- true, options);
if (ret != LDB_SUCCESS) {
return ret;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f1781ad dsdb: remove a wrong comment in
dsdb_check_access_on_dn_internal()
via 122214b dsdb: don't allow a missing nTSecurityDescriptor in
dsdb_get_sd_from_ldb_message()
via 5959aff dsdb: use AS_SYSTEM | SHOW_RECYCLED for access check
searches
via afb2bcc s4:smb_server: call irpc_add_name() at startup (bug #9905)
via 12d9728 s4:rpc_server: call irpc_add_name() at startup (bug #9905)
via a1a s4:ldap_server: call irpc_add_name() at startup (bug #9905)
from 6c8 dsdb repl_meta_data: Use dsdb_request_add_controls()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f1781adb051bb5a166d619ed9db6bdb252b1acb5
Author: Stefan Metzmacher
Date: Thu Jun 13 14:16:43 2013 +0200
dsdb: remove a wrong comment in dsdb_check_access_on_dn_internal()
Signed-off-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104
commit 122214b16bb2d247c8040728a6b0964531596ea9
Author: Stefan Metzmacher
Date: Thu Jun 13 14:13:26 2013 +0200
dsdb: don't allow a missing nTSecurityDescriptor in
dsdb_get_sd_from_ldb_message()
Every object has a nTSecurityDescriptor attribute.
This also avoids potential segfaults in the callers.
Signed-off-by: Stefan Metzmacher
commit 5959affa031843d741513000fb382efe54ff147b
Author: Stefan Metzmacher
Date: Mon Jun 10 13:31:59 2013 +0200
dsdb: use AS_SYSTEM | SHOW_RECYCLED for access check searches
We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute.
Also the result of this search not controlled by the client
nor is the result exposed to the client.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit afb2bcc08489dbece732fc8f842cbd83862320be
Author: Stefan Metzmacher
Date: Mon May 27 12:10:57 2013 +0200
s4:smb_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the smb_server task.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit 12d9728131afab7fa093a9cd7ccaff076a74f271
Author: Stefan Metzmacher
Date: Mon May 27 12:10:57 2013 +0200
s4:rpc_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the rpc_server task.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit a1a4302a4eaf7e210e8084416cd2a0d14384
Author: Stefan Metzmacher
Date: Mon May 27 12:10:57 2013 +0200
s4:ldap_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the ldap_server task.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
---
Summary of changes:
source4/dsdb/common/dsdb_access.c | 19 +++
source4/ldap_server/ldap_server.c |3 +++
source4/rpc_server/service_rpc.c |1 +
source4/smb_server/service_smb.c |1 +
4 files changed, 16 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/common/dsdb_access.c
b/source4/dsdb/common/dsdb_access.c
index 6af5c3a..5c02daa 100644
--- a/source4/dsdb/common/dsdb_access.c
+++ b/source4/dsdb/common/dsdb_access.c
@@ -64,9 +64,9 @@ int dsdb_get_sd_from_ldb_message(struct ldb_context *ldb,
enum ndr_err_code ndr_err;
sd_element = ldb_msg_find_element(acl_res, "nTSecurityDescriptor");
- if (!sd_element) {
- *sd = NULL;
- return LDB_SUCCESS;
+ if (sd_element == NULL) {
+ return ldb_error(ldb, LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS,
+"nTSecurityDescriptor is missing");
}
*sd = talloc(mem_ctx, struct security_descriptor);
if(!*sd) {
@@ -101,10 +101,7 @@ int dsdb_check_access_on_dn_internal(struct ldb_context
*ldb,
if (ret != LDB_SUCCESS) {
return ldb_operr(ldb);
}
- /* Theoretically we pass the check if the object has no sd */
- if (!sd) {
- return LDB_SUCCESS;
- }
+
sid = samdb_result_dom_sid(mem_ctx, acl_res->msgs[0], "objectSid");
if (guid) {
if (!insert_in_object_tree(mem_ctx, guid, access_mask, NULL,
@@ -159,7 +156,13 @@ int dsdb_check_access_on_dn(struct ldb_context *ldb,
}
}
- ret = dsdb_search_dn(ldb, mem_ctx, &acl_res, dn, acl_attrs,
DSDB_SEARCH_SHOW_DELETED);
+ /*
+* We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute.
+* Also the result of this search not controlled by the client
+* nor is the result exposed to the client.
+*/
+
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9f25ad4 librpc: Shorten dcerpc_binding_handle_call a bit
via 7982d2a librpc: Use tevent_req_poll_ntstatus
via 20bede7 libsmbclient: Fix typos
via fffb701 tsocket: Add some const
via cf86f3e gencache: Simplify gencache_init a bit
from c71d6ec genrand: Slightly simplify do_reseed
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9f25ad44a93da09b3a7c14a4a1a0e78c5a1b529c
Author: Volker Lendecke
Date: Thu Jun 6 11:37:59 2013 +0200
librpc: Shorten dcerpc_binding_handle_call a bit
... saves 200 bytes on 64 bit Linux with -O3
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Fri Jun 14 22:27:43 CEST 2013 on sn-devel-104
commit 7982d2aff89c7ff8a2371163bad5f9f88be6af46
Author: Volker Lendecke
Date: Thu Jun 6 11:31:37 2013 +0200
librpc: Use tevent_req_poll_ntstatus
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 20bede7baa3576aa0f97ceb2533db6e33d587b69
Author: Volker Lendecke
Date: Thu May 16 10:26:09 2013 +0200
libsmbclient: Fix typos
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit fffb70168d8031dc1999fab963263ac7d3a2442a
Author: Volker Lendecke
Date: Tue Jun 11 19:36:09 2013 +0200
tsocket: Add some const
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit cf86f3e81b4e228d5f85cac283c51ca7d5e0cd16
Author: Volker Lendecke
Date: Tue Jun 11 21:03:22 2013 +0200
gencache: Simplify gencache_init a bit
Use the implicit cleanup facility CLEAR_IF_FIRST provides
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
lib/tsocket/tsocket.h |4 ++--
lib/tsocket/tsocket_bsd.c |2 +-
librpc/rpc/binding_handle.c| 22 +++---
source3/include/libsmbclient.h |8
source3/lib/gencache.c | 29 -
5 files changed, 30 insertions(+), 35 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/tsocket/tsocket.h b/lib/tsocket/tsocket.h
index 98f864e..6b0eef6 100644
--- a/lib/tsocket/tsocket.h
+++ b/lib/tsocket/tsocket.h
@@ -897,12 +897,12 @@ struct sockaddr;
* @return 0 on success, -1 on error with errno set.
*/
int tsocket_address_bsd_from_sockaddr(TALLOC_CTX *mem_ctx,
- struct sockaddr *sa,
+ const struct sockaddr *sa,
size_t sa_socklen,
struct tsocket_address **addr);
#else
int _tsocket_address_bsd_from_sockaddr(TALLOC_CTX *mem_ctx,
- struct sockaddr *sa,
+ const struct sockaddr *sa,
size_t sa_socklen,
struct tsocket_address **_addr,
const char *location);
diff --git a/lib/tsocket/tsocket_bsd.c b/lib/tsocket/tsocket_bsd.c
index 89e5f4c..4417f8e 100644
--- a/lib/tsocket/tsocket_bsd.c
+++ b/lib/tsocket/tsocket_bsd.c
@@ -209,7 +209,7 @@ struct tsocket_address_bsd {
};
int _tsocket_address_bsd_from_sockaddr(TALLOC_CTX *mem_ctx,
- struct sockaddr *sa,
+ const struct sockaddr *sa,
size_t sa_socklen,
struct tsocket_address **_addr,
const char *location)
diff --git a/librpc/rpc/binding_handle.c b/librpc/rpc/binding_handle.c
index 89ada1d..9354bbd 100644
--- a/librpc/rpc/binding_handle.c
+++ b/librpc/rpc/binding_handle.c
@@ -515,7 +515,7 @@ NTSTATUS dcerpc_binding_handle_call(struct
dcerpc_binding_handle *h,
TALLOC_CTX *frame = talloc_stackframe();
struct tevent_context *ev;
struct tevent_req *subreq;
- NTSTATUS status;
+ NTSTATUS status = NT_STATUS_NO_MEMORY;
/*
* TODO: allow only one sync call
@@ -527,30 +527,22 @@ NTSTATUS dcerpc_binding_handle_call(struct
dcerpc_binding_handle *h,
ev = samba_tevent_context_init(frame);
}
if (ev == NULL) {
- talloc_free(frame);
- return NT_STATUS_NO_MEMORY;
+ goto fail;
}
subreq = dcerpc_binding_handle_call_send(frame, ev,
h, object, table,
opnum, r_mem, r_ptr);
if (subreq == NULL) {
- talloc_free(frame);
- return NT_STATUS_NO_MEMORY
[SCM] Samba Shared Repository - annotated tag ldb-1.1.16 created
The annotated tag, ldb-1.1.16 has been created at f65b680fb3eac352a3e40b321c51af6d7561b217 (tag) tagging 4ca963926938917bf32af4eead61ded2a8275139 (commit) replaces tdb-1.2.12 tagged by Stefan Metzmacher on Tue Jun 25 00:04:29 2013 +0200 - Log - ldb: tag release ldb-1.1.16 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJRyMJtAAoJEEeTkWETCEAl3a8IALW0VMaCfICo6ahU+fHpY30P 4Hxvw6u0imspX1B8coeG/MSvQU2iROI5k5+05gEoyrTmXOgA9akCioapl7VM19KB qWVoprIPsy9q+R1lchGkZ7t+e9aOoGAiwYiP44SxNLeQ8SCpZaOubhz9UAzn5DUX 7scZ1I594xd1xcDFlKPFqYRylLD85gTD9RTwd2/6fmWe/Ie4N3xjxWesD7TMobk4 A1fxH6BE4w/W1tbXf2aMLmsqoG+5D6C0zikIri+RXo82YXi1fGYy5dbfFrpItIks d/FpICwkAx2/aK9j5YUU6fSrMGpWbtdrh7TZpsbbXbyejTjrYrwSwv9Fq+Ay09Q= =v1DI -END PGP SIGNATURE- Andreas Schneider (3): krb5wrap: Move mask to the right position. s3-libads: Print the debug string of a failed call with LDAP_OTHER. tevent: Link the tutorial on the mainpage. Andrew Bartlett (17): .gitignore: Tidy up after removal of the autoconf build Revert "s4-dsdb: Remove strcasecmp() fallback in replmd_ldb_message_element_attid_sort" auth: Remove "password level" docs: Do not encourage unix passwords, and remove reference to password level Remove remaining references to "password level" in the tree python samba-tool drs: Correctly print KCC references to deleted servers dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs dsdb: Fix behaviour for when to update the USN when there is no change dsdb-tests ldap.py: Fix quoting of print statements dsdb-tests ldap.py: Add test for usn behaviour on certain changes dsdb repl_meta_data: Use dsdb_request_add_controls() build: Build with system md5.h on OpenIndiana s4-winbind: Add special case for BUILTIN domain ldb: Ensure not to segfault on a filter such as (mail=) build: Remove the struct MD5Context conf file check. ldb: Cope with substring match with no chunks in ldb_filter_from_tree ldb: bump version to allow a depencency on the substring crash fix Björn Baumbach (1): s4-dfs_server: check for netbios aliases in ad_get_referrals Christian Ambach (15): s3:utils/net_lookup fix a format-error s3:passdb/samba_dsdb fix a compiler warning s3:passdb/samba_dsdb fix some compiler warnings s3:passdb add idmap control functions s3:passdb add pdb_*_is_responsible_for* functions s3:lib/util_sid_passdb make use of pdb_is_responsible_for_* functions s3:passdb/pdb_samba_dsdb make the module handle well-known s3:passdb make pdb_sid_to_id honor backend responsibilities s3:passdb/pdb_ldap make the module handle well-known s3:passdb/pdb_ldap remove an unnecessary check s3:passdb/pdb_tdb add parameter to control handling of BUILTIN s3:passdb expose pdb_create_builtin function s3:utils/net_sam make use of pdb_create_builtin helper function s3:passdb add a gid argument to pdb_create_builtin_alias s3:passdb/pdb_util make pdb_create_builtin consider whether backend deals with BUILTIN Christof Schmitt (3): smbd: Change logging when SET_OFFLINE is not supported Initialize the file descriptor in the files_struct before trying to close it. Otherwise, if one of the SETXATTR calls had failed, the close() call will return EBADF. vfs_streams_xattr: Do not attempt to write empty attribute twice David Disseldorp (5): libsmb: add ABI/smbclient-0.2.1.sigs vfs_catia: use translate direction enum instead of int docs/vfs_catia: remove space-char mapping recommendation docs/vfs_catia: rework man page s3/smbclient: fix incorrect command tab completions David Koňař (1): tevent: Add tevent tutorial files. Jeremy Allison (14): Check for fstatat. Optimization on POSIX platforms that have fstatat. Add the ability to parse out the port to SMBC_parse_path(). Add port argument to SMBC_attr_server(). Does nothing as yet. Add the port argument to SMBC_server(). Plumb the 'port' parameter into the connect code. Add smbc_getPort(), smbc_setPort(). Bump the .so minor number. Fix xx_path() - return check from mkdir() is incorrect. Re-add umask(0) code removed by commit 3a7c2777ee0de37d758fe81d67d6836a8354825e Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in "EOF on stdin" Fix glusterfs backend crash found at the Microsoft interop event. Use existing "acl map full control" parameter to control the adding of the DELETE_CHILD parameter on NFSv4/ZFS/GPFS file ACE's. Add missing documentation for vfs_zfsacl. Note how vfs_gpfs uses the "acl map full control" parameter. Matthias Dieter Wallnöfer (4): s4:s
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2763cad dsdb-ridalloc: Fix RID pools - RID numbers increase too
quickly
from 2536ee8 Make the output of the crackname script more readable
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2763cad409430c183f7f1f6f57bc6b38ae616ed9
Author: Andrew Bartlett
Date: Sat Jun 22 19:30:50 2013 +1000
dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly
A patch by Cove Schneider who reports:
I noticed that the RID numbers seem to increase incrementally, then
will suddenly jump by 124501. Unless I'm misunderstanding, shouldn't
RID pool allocations just be 500 at a time?
e.g. Adding accounts one after another on a single test instance here's
how they're incrementing (from 4.0.6):
1596
1597
1598
1599
126100
126101
126102
...
126599
251100
...
251599
376100
...
The problem is that this complicates using sssd's AD integration, as
that it doesn't expect the RIDs to increase in a single domain so
quickly.
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Jul 4 20:13:05 CEST 2013 on sn-devel-104
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/ridalloc.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/ridalloc.c
b/source4/dsdb/samdb/ldb_modules/ridalloc.c
index 73ecb03..c0859d3 100644
--- a/source4/dsdb/samdb/ldb_modules/ridalloc.c
+++ b/source4/dsdb/samdb/ldb_modules/ridalloc.c
@@ -606,7 +606,8 @@ int ridalloc_allocate_rid(struct ldb_module *module,
uint32_t *rid, struct ldb_r
/*
* if we are half-exhausted then try to get a new pool.
*/
- if (nridset.next_rid > (prev_pool_hi + prev_pool_lo)/2) {
+ if (nridset.next_rid > (prev_pool_hi + prev_pool_lo)/2 &&
+ nridset.alloc_pool == nridset.prev_pool) {
/*
* if we are the RID Manager,
* we can get a new pool localy.
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2bdaf53 VERSION: change to 4.2.0pre1
via a0130c6 Merge remote-tracking branch 'origin/v4-1-test' into master
via e56343f VERSION: Set version to 4.1.0rc1-GITSNAPSHOT.
via 0025e97 WHATSNEW: Start release notes for Samba 4.1.0rc1.
via d641469 Make the output of the crackname script more readable
via 47bd903 s3-winbind: Allow sec_initial_uid() to store creds.
via c153e6c selftest: Use higher ip numbers.
via bb122b0 selftest: Add a newline to root entries in the nss files.
via 6a0cb7d selftest: Fix domain name of plugindc.
via 99c800b torture: Don't segfault in smb2.session on error.
via 096ff2e torture: Don't segfault in raw.session on error.
via 67c8f87 torture: Fix comparsion of uninitalized bytes.
via bef3fc8 tsocket: Pass the full port number to getaddrinfo().
from af6d9ce tevent: Fix a typo
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2bdaf532cde6e5529cf7d0136b149eb82f7ef601
Author: Stefan Metzmacher
Date: Fri Jul 5 12:32:07 2013 +0200
VERSION: change to 4.2.0pre1
Signed-off-by: Stefan Metzmacher
commit a0130c662a40d6951fadae4bd9a6f7c230df05db
Merge: af6d9cebaf3bc4b564952e445af035fe8aece662
e56343f1bba603852afcb816f7b5ebdf680c182e
Author: Stefan Metzmacher
Date: Fri Jul 5 12:07:53 2013 +0200
Merge remote-tracking branch 'origin/v4-1-test' into master
git merge -s ours origin/v4-1-test
Signed-off-by: Stefan Metzmacher
---
Summary of changes:
VERSION |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 766989c..59990a3 100644
--- a/VERSION
+++ b/VERSION
@@ -24,7 +24,7 @@
# -> "3.0.0" #
SAMBA_VERSION_MAJOR=4
-SAMBA_VERSION_MINOR=1
+SAMBA_VERSION_MINOR=2
SAMBA_VERSION_RELEASE=0
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated
via fd036b8 WHATSNEW: Start release notes for Samba 4.1.0rc1.
via e5465d7 VERSION: Set version to 4.1.0rc1-GITSNAPSHOT.
via a0130c6 Merge remote-tracking branch 'origin/v4-1-test' into master
via af6d9ce tevent: Fix a typo
via a68cea6 docs: Fix typos in "use ntdb" section.
via 2763cad dsdb-ridalloc: Fix RID pools - RID numbers increase too
quickly
via 2536ee8 Make the output of the crackname script more readable
via caf3af3 s3-winbind: Allow sec_initial_uid() to store creds.
via a4af4fa selftest: Use higher ip numbers.
via d5511b1 selftest: Add a newline to root entries in the nss files.
via 7392985 selftest: Fix domain name of plugindc.
via bf5bc72 torture: Don't segfault in smb2.session on error.
via d295e18 torture: Don't segfault in raw.session on error.
via 474eee0 torture: Fix comparsion of uninitalized bytes.
via 0b58eed tsocket: Pass the full port number to getaddrinfo().
from e56343f VERSION: Set version to 4.1.0rc1-GITSNAPSHOT.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -
commit fd036b8df5b57fb6da6bc99e383d19070c22889c
Author: Karolin Seeger
Date: Fri Jul 5 10:04:37 2013 +0200
WHATSNEW: Start release notes for Samba 4.1.0rc1.
Signed-off-by: Karolin Seeger
(cherry picked from commit 0025e9782d6a2d9df56556871566a3354996a999)
commit e5465d78711ea04da8ba801b8313109cfa6465c5
Author: Karolin Seeger
Date: Fri Jul 5 10:05:19 2013 +0200
VERSION: Set version to 4.1.0rc1-GITSNAPSHOT.
Signed-off-by: Karolin Seeger
Autobuild-User(v4-1-test): Karolin Seeger
Autobuild-Date(v4-1-test): Fri Jul 5 11:56:40 CEST 2013 on sn-devel-104
(cherry picked from commit e56343f1bba603852afcb816f7b5ebdf680c182e)
---
Summary of changes:
docs-xml/smbdotconf/tuning/usentdb.xml|4 ++--
lib/tevent/doc/tevent_request.dox |2 +-
source4/dsdb/samdb/ldb_modules/ridalloc.c |3 ++-
3 files changed, 5 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/tuning/usentdb.xml
b/docs-xml/smbdotconf/tuning/usentdb.xml
index 9a0d2cd..6d5ca48 100644
--- a/docs-xml/smbdotconf/tuning/usentdb.xml
+++ b/docs-xml/smbdotconf/tuning/usentdb.xml
@@ -6,9 +6,9 @@
Beginning in Samba 4.1, a growing number of databases can
use the NTDB format rather than TDB.
-If you enable this option these databases will defaul to a
+If you enable this option these databases will default to a
.ntdb extension rather than
-.tdb: If the .tdb file
+.tdb. If the .tdb file
exists, it will automatically be converted to NTDB and renamed to
.tdb.bak.
diff --git a/lib/tevent/doc/tevent_request.dox
b/lib/tevent/doc/tevent_request.dox
index 1461384..3358cfb 100644
--- a/lib/tevent/doc/tevent_request.dox
+++ b/lib/tevent/doc/tevent_request.dox
@@ -1,6 +1,6 @@
/**
@page tevent_request Chapter 4: Tevent request
-@section request Tevent requst
+@section request Tevent request
A specific feature of the library is the tevent request API that provides for
asynchronous computation and allows much more interconnected working and
diff --git a/source4/dsdb/samdb/ldb_modules/ridalloc.c
b/source4/dsdb/samdb/ldb_modules/ridalloc.c
index 73ecb03..c0859d3 100644
--- a/source4/dsdb/samdb/ldb_modules/ridalloc.c
+++ b/source4/dsdb/samdb/ldb_modules/ridalloc.c
@@ -606,7 +606,8 @@ int ridalloc_allocate_rid(struct ldb_module *module,
uint32_t *rid, struct ldb_r
/*
* if we are half-exhausted then try to get a new pool.
*/
- if (nridset.next_rid > (prev_pool_hi + prev_pool_lo)/2) {
+ if (nridset.next_rid > (prev_pool_hi + prev_pool_lo)/2 &&
+ nridset.alloc_pool == nridset.prev_pool) {
/*
* if we are the RID Manager,
* we can get a new pool localy.
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e6a58d3 s4:rpc_server: make sure we don't terminate a connection
with pending requests (bug #9820)
via 2505d48 s4-winbindd: Do not terminate a connection that is still
pending (bug #9820)
via df929d6 service_stream: Log if the connection termination is
deferred or not (bug #9820)
from 577cef8 s3-smbstatus: display [u|g]id of -1 as "-1" in connection
list
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e6a58d370403e818bc2cfb8389751b78adcc14fd
Author: Stefan Metzmacher
Date: Tue Jul 9 16:38:59 2013 +0200
s4:rpc_server: make sure we don't terminate a connection with pending
requests (bug #9820)
Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104
commit 2505d48e4fbcd8a805a88ad0b05fb1a16a588197
Author: Andrew Bartlett
Date: Thu Jun 27 11:28:03 2013 +1000
s4-winbindd: Do not terminate a connection that is still pending (bug #9820)
Instead, wait until the call attempts to reply, and let it terminate then
(often this happens in the attempt to then write to the broken pipe).
Andrew Bartlett
Pair-Programmed-With: Stefan Metzmacher
Signed-off-by: Andrew Bartlett
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit df929d6feb857668ad9da277213e9fae1480ff63
Author: Andrew Bartlett
Date: Thu Jun 27 11:27:03 2013 +1000
service_stream: Log if the connection termination is deferred or not (bug
#9820)
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
source4/rpc_server/dcerpc_server.c | 55 -
source4/rpc_server/dcerpc_server.h |8 -
source4/smbd/service_stream.c|6 +++-
source4/winbind/wb_samba3_protocol.c |5 +++
source4/winbind/wb_server.c | 51 ++-
source4/winbind/wb_server.h | 10 +-
6 files changed, 129 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/rpc_server/dcerpc_server.c
b/source4/rpc_server/dcerpc_server.c
index 389cbe3..10e711b 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -386,6 +386,8 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct
dcesrv_context *dce_ctx,
return NT_STATUS_NO_MEMORY;
}
+ p->prev = NULL;
+ p->next = NULL;
p->dce_ctx = dce_ctx;
p->endpoint = ep;
p->contexts = NULL;
@@ -402,7 +404,7 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct
dcesrv_context *dce_ctx,
p->event_ctx = event_ctx;
p->msg_ctx = msg_ctx;
p->server_id = server_id;
- p->processing = false;
+ p->terminate = NULL;
p->state_flags = state_flags;
ZERO_STRUCT(p->transport);
@@ -1143,6 +1145,7 @@ _PUBLIC_ NTSTATUS dcesrv_init_context(TALLOC_CTX *mem_ctx,
dce_ctx->lp_ctx = lp_ctx;
dce_ctx->assoc_groups_idr = idr_init(dce_ctx);
NT_STATUS_HAVE_NO_MEMORY(dce_ctx->assoc_groups_idr);
+ dce_ctx->broken_connections = NULL;
for (i=0;endpoint_servers[i];i++) {
const struct dcesrv_endpoint_server *ep_server;
@@ -1269,12 +1272,45 @@ const struct dcesrv_critical_sizes
*dcerpc_module_version(void)
static void dcesrv_terminate_connection(struct dcesrv_connection *dce_conn,
const char *reason)
{
+ struct dcesrv_context *dce_ctx = dce_conn->dce_ctx;
struct stream_connection *srv_conn;
srv_conn = talloc_get_type(dce_conn->transport.private_data,
struct stream_connection);
- stream_terminate_connection(srv_conn, reason);
+ if (dce_conn->pending_call_list == NULL) {
+ char *full_reason = talloc_asprintf(dce_conn, "dcesrv: %s",
reason);
+
+ DLIST_REMOVE(dce_ctx->broken_connections, dce_conn);
+ stream_terminate_connection(srv_conn, full_reason ? full_reason
: reason);
+ return;
+ }
+
+ if (dce_conn->terminate != NULL) {
+ return;
+ }
+
+ DEBUG(3,("dcesrv: terminating connection due to '%s' defered due to
pending calls\n",
+reason));
+ dce_conn->terminate = talloc_strdup(dce_conn, reason);
+ if (dce_conn->terminate == NULL) {
+ dce_conn->term
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 596b51c s4:server: avoid calling into nss_winbind from within
'samba'
from 1573638 Fix typos in man-pages
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 596b51c666e549fb518d92931d8837922154a2fe
Author: Stefan Metzmacher
Date: Wed Jul 10 14:48:18 2013 +0200
s4:server: avoid calling into nss_winbind from within 'samba'
The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().
As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
---
Summary of changes:
file_server/file_server.c |9 +
source4/smbd/server.c |7 +++
2 files changed, 16 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/file_server/file_server.c b/file_server/file_server.c
index 5d44d5a..aab5f39 100644
--- a/file_server/file_server.c
+++ b/file_server/file_server.c
@@ -28,6 +28,7 @@
#include "source4/smbd/process_model.h"
#include "file_server/file_server.h"
#include "dynconfig.h"
+#include "nsswitch/winbind_client.h"
/*
called if smbd exits
@@ -64,6 +65,8 @@ static void s3fs_task_init(struct task_server *task)
smbd_path = talloc_asprintf(task, "%s/smbd", dyn_SBINDIR);
smbd_cmd[0] = smbd_path;
+ /* the child should be able to call through nss_winbind */
+ (void)winbind_on();
/* start it as a child process */
subreq = samba_runcmd_send(task, task->event_ctx, timeval_zero(), 1, 0,
smbd_cmd,
@@ -72,6 +75,12 @@ static void s3fs_task_init(struct task_server *task)
"--foreground",
debug_get_output_is_stdout()?"--log-stdout":NULL,
NULL);
+ /* the parent should not be able to call through nss_winbind */
+ if (!winbind_off()) {
+ DEBUG(0,("Failed to re-disable recursive winbindd calls after
forking smbd\n"));
+ task_server_terminate(task, "Failed to re-disable recursive
winbindd calls", true);
+ return;
+ }
if (subreq == NULL) {
DEBUG(0, ("Failed to start smbd as child daemon\n"));
task_server_terminate(task, "Failed to startup s3fs smb task",
true);
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index 0ad3e6b..37aac62 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -43,6 +43,7 @@
#include "cluster/cluster.h"
#include "dynconfig/dynconfig.h"
#include "lib/util/samba_modules.h"
+#include "nsswitch/winbind_client.h"
/*
recursively delete a directory tree
@@ -402,6 +403,12 @@ static int binary_smbd_main(const char *binary_name, int
argc, const char *argv[
}
}
+ /* make sure we won't go through nss_winbind */
+ if (!winbind_off()) {
+ DEBUG(0,("Failed to disable recusive winbindd calls.
Exiting.\n"));
+ exit(1);
+ }
+
gensec_init(); /* FIXME: */
ntptr_init(); /* FIXME: maybe run this in the initialization function
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ca98d81 dynconfig: Remove last s3 markers now we have just one build system from 077dfd0 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_my_addr() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ca98d816cc898ed66a0aa065de65938bd4b71c1a Author: Andrew Bartlett Date: Thu Jun 13 19:33:42 2013 +1000 dynconfig: Remove last s3 markers now we have just one build system Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Wed Jul 24 16:29:15 CEST 2013 on sn-devel-104 --- Summary of changes: dynconfig/dynconfig.c |2 -- dynconfig/dynconfig.h |3 --- 2 files changed, 0 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/dynconfig/dynconfig.c b/dynconfig/dynconfig.c index 5f67278..af9d735 100644 --- a/dynconfig/dynconfig.c +++ b/dynconfig/dynconfig.c @@ -83,7 +83,6 @@ const char *set_dyn_##name(const char *newpath) \ return dyn_##name;\ } -/* these are in common with s3 */ DEFINE_DYN_CONFIG_PARAM(SBINDIR) DEFINE_DYN_CONFIG_PARAM(BINDIR) DEFINE_DYN_CONFIG_PARAM(CONFIGFILE) /**< Location of smb.conf file. **/ @@ -105,7 +104,6 @@ DEFINE_DYN_CONFIG_PARAM(NMBDSOCKETDIR) DEFINE_DYN_CONFIG_PARAM(DATADIR) DEFINE_DYN_CONFIG_PARAM(SETUPDIR) DEFINE_DYN_CONFIG_PARAM(WINBINDD_SOCKET_DIR) /* from winbind_struct_protocol.h in s3 autoconf */ - DEFINE_DYN_CONFIG_PARAM(WINBINDD_PRIVILEGED_SOCKET_DIR) DEFINE_DYN_CONFIG_PARAM(NTP_SIGND_SOCKET_DIR) DEFINE_DYN_CONFIG_PARAM(PYTHONDIR) diff --git a/dynconfig/dynconfig.h b/dynconfig/dynconfig.h index 4d24001..2a45f1f 100644 --- a/dynconfig/dynconfig.h +++ b/dynconfig/dynconfig.h @@ -30,7 +30,6 @@ const char *get_dyn_##name(void); \ const char *set_dyn_##name(const char *newpath); \ bool is_default_dyn_##name(void); -/* these are in common with s3 */ DEFINE_DYN_CONFIG_PROTO(SBINDIR) DEFINE_DYN_CONFIG_PROTO(BINDIR) DEFINE_DYN_CONFIG_PROTO(CONFIGFILE) /**< Location of smb.conf file. **/ @@ -49,8 +48,6 @@ DEFINE_DYN_CONFIG_PROTO(SMB_PASSWD_FILE) DEFINE_DYN_CONFIG_PROTO(PRIVATE_DIR) DEFINE_DYN_CONFIG_PROTO(LOCALEDIR) DEFINE_DYN_CONFIG_PROTO(NMBDSOCKETDIR) - -/* these are not in s3 */ DEFINE_DYN_CONFIG_PROTO(DATADIR) DEFINE_DYN_CONFIG_PROTO(SETUPDIR) DEFINE_DYN_CONFIG_PROTO(WINBINDD_SOCKET_DIR) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a74c7d7 torture/drs: Expand an error message to aid debugging via 63c05e8 dsdb/samdb: use RECYCLED it implies DELETED... via 6016ba3 selftest: ensure samba4.nss.test.*using.*winbind is always tested via 93b8315 selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested via 5e1f279 rpc_server-drsuapi: Improve comments and DEBUG lines via e9faf50 dsdb: Add assert in drepl_take_FSMO_role via ae0ba6b selftest: Ensure the DC has started and and got a RID set before we proceed via db9c3c6 dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails via 31fb7f9 dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches via 03b44d2 dsdb-descriptor: Do not do a subtree search unless we have child entries from ca98d81 dynconfig: Remove last s3 markers now we have just one build system http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a74c7d780cb6a1e8a5a63ebbbcf36fd7cf717ea1 Author: Andrew Bartlett Date: Mon Jun 17 22:37:54 2013 +1000 torture/drs: Expand an error message to aid debugging Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Thu Jul 25 13:51:44 CEST 2013 on sn-devel-104 commit 63c05e820f1449b2dfa6e4f096d8270284a60bbb Author: Stefan Metzmacher Date: Mon Jun 10 14:00:01 2013 +0200 dsdb/samdb: use RECYCLED it implies DELETED... Signed-off-by: Stefan Metzmacher commit 6016ba3a02c5418b44bb61d434f3a25d6e5991b8 Author: Andrew Bartlett Date: Sat Jul 13 19:35:52 2013 +1000 selftest: ensure samba4.nss.test.*using.*winbind is always tested With the winbind fixes now in master this should be more reliable. Andrew Bartlett Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 93b83151c9563f4c1f47b925fed079d275f8ec43 Author: Andrew Bartlett Date: Sat Jul 13 19:34:45 2013 +1000 selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested This test should now be more reliable with the over-allocation of RID values now fixed. Andrew Bartlett Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 5e1f2795f28b0a213b4529e046edec68caa3bd41 Author: Andrew Bartlett Date: Fri Jun 28 09:19:48 2013 +1000 rpc_server-drsuapi: Improve comments and DEBUG lines Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher commit e9faf50ee123a8d1d647ebffa39107ca0dce756c Author: Andrew Bartlett Date: Fri Jun 28 09:15:16 2013 +1000 dsdb: Add assert in drepl_take_FSMO_role Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Andrew Bartlett Signed-off-by: Stefan Metzmacher commit ae0ba6bd833f71c4337ae3b6621bf797cb3c48c2 Author: Andrew Bartlett Date: Wed Jun 19 11:33:36 2013 +1000 selftest: Ensure the DC has started and and got a RID set before we proceed This avoids errors when a busy DC has not yet fetched a RID set, showing up as flapping tests when users are created, such as the samr.large-dc test. Andrew Bartlett Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher commit db9c3c62c89e1328872e3fdedde22b78770728a9 Author: Andrew Bartlett Date: Wed Jun 19 10:30:48 2013 +1000 dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails We now also only poke the RID manager once per request. This may help track down why RID allocation can fail, as while we never wait for the RID set to be created/updated, it may be the only clue the admin gets as to why the async allocations were failing. Andrew Bartlett Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Andrew Bartlett Signed-off-by: Stefan Metzmacher Reviewed-by: Stefan Metzmacher commit 31fb7f9c1b93b0f2114dec5096e43616ed317720 Author: Andrew Bartlett Date: Sun Jun 23 21:38:40 2013 +1000 dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches This should be more efficient, particularly in the leaf node case when renaming and deleting entries on large databases. Andrew Bartlett Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 03b44d26fd17761675fe33ab29e8f325f59d8a5c Author: Andrew Bartlett Date: Sun Jun 23 19:47:35 2013 +1000 dsdb-descriptor: Do not do a subtree search unless we have child entries This avoids a subtree search here in most cases where an object is deleted. Andrew Bartlett Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher --- Summary of changes: selftest
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 7615b25 samba-tool dbcheck: Correctly remove deleted DNs in dbcheck
via f2afdb6 dsdb: Include MS-ADTS doc references on deleted object
contstraints
via a9e565a dsdb tests: Add member/memberOf checking to delete_objects
testing
via 0162be3 dsdb: Improve DRS deleted link source/target handing in
repl_meta_data
via 32955a1 dsdb: Ensure we always force deleted objects back under the
deleted objects DN
via a796cad dsdb/repl_meta_data: split out replmd_deletion_state()
via d3aad89 dsdb: Prune deleted objects of links and extra attributes
of replicated deletes
from 8f8e843 s3:winbind: add a warning DEBUG message when skipping a sid
from the mapped GID list
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7615b2549d9549683978cb3e85b926e2ba63e294
Author: Andrew Bartlett
Date: Sun Apr 14 13:32:49 2013 +1000
samba-tool dbcheck: Correctly remove deleted DNs in dbcheck
The previous pattern never matched, as it was a typo.
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Jul 30 12:55:00 CEST 2013 on sn-devel-104
commit f2afdb61698c37389be286f9443471d4aeba49b8
Author: Andrew Bartlett
Date: Tue Jun 4 20:22:31 2013 +1000
dsdb: Include MS-ADTS doc references on deleted object contstraints
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit a9e565a5a4478f7b923f35311e170de2044ff848
Author: Andrew Bartlett
Date: Mon Jun 3 17:51:41 2013 +1000
dsdb tests: Add member/memberOf checking to delete_objects testing
Pair-Programmed-With: Stefan Metzmacher
Signed-off-by: Andrew Bartlett
Signed-off-by: Stefan Metzmacher
commit 0162be32ab4f9716a4300d1f1a0caae8b0133f7c
Author: Andrew Bartlett
Date: Tue Jun 4 19:57:06 2013 +1000
dsdb: Improve DRS deleted link source/target handing in repl_meta_data
We now correctly ignore the link updates if the source or target is
deleted locally.
This fixes the long-standing failure in the vampire_dc dbcheck test.
Pair-Programmed-With: Stefan Metzmacher
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Signed-off-by: Stefan Metzmacher
commit 32955a1dec3a97ab4550869dbeb5034247f3b1bc
Author: Andrew Bartlett
Date: Mon Jun 17 22:37:20 2013 +1000
dsdb: Ensure we always force deleted objects back under the deleted objects
DN
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit a796cad90f1028ccc54a3539e34dc0728b990a96
Author: Stefan Metzmacher
Date: Wed Jun 5 09:35:42 2013 +0200
dsdb/repl_meta_data: split out replmd_deletion_state()
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit d3aad891c5759f66bd891cb47866d908a0562a8a
Author: Andrew Bartlett
Date: Fri May 31 20:01:17 2013 +1000
dsdb: Prune deleted objects of links and extra attributes of replicated
deletes
When an object is deleted, the links to be removed are not propogated,
you have to watch out for them manually!
We do this by calling back into the originating update delete code (ie
what is called if you ldb_delete() locally) so that any extra
attribute found locally and not on the remote server becomes removed
remotely too.
We currently do the same with links, but that isn't strictly correct,
but for now our getNCChanges server code filters these out, so only
the usn is bumped.
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
python/samba/dbchecker.py |2 +-
selftest/knownfail |1 -
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 568 ++-
source4/torture/drs/python/delete_object.py | 278 ++-
4 files changed, 698 insertions(+), 151 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py
index e88f876..8b175c2 100644
--- a/python/samba/dbchecker.py
+++ b/python/samba/dbchecker.py
@@ -271,7 +271,7 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn),
str(to_base)))
"""handle a missing target DN (both GUID and DN string form are
missing)"""
# check if its a backlink
linkID = self.samdb_schema.get_linkId_from_lDAPDisplayName(attrname)
-if (linkID & 1 == 0) and str(dsdb_dn).find('DEL\\0A') == -1:
+if (linkID & 1 == 0) and str(dsdb_dn).find('\\0ADEL') == -1:
self.report("Not removing dangling forward
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8f98f5d tevent: change version to 0.9.19
via 066a642 tevent: Remove the signal pipe if no signal events are
around
from f9d19c4 Ensure gpfs kernel leases are wrapped in a
become_root()/unbecome_root() pair.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8f98f5d85ae30361f6bb9f6f42d6a7fd279301e1
Author: Stefan Metzmacher
Date: Thu Aug 1 13:13:04 2013 +0200
tevent: change version to 0.9.19
* Fix tevent testsuite issue on Solaris.
* Add tevent tuturial and documentation updates
* Fix Coverity ID 989236 Operands don't affect result
* Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012
Signed-off-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Aug 1 17:05:02 CEST 2013 on sn-devel-104
commit 066a642f10cae7980eefb2d8ada3a6c3f5220542
Author: Volker Lendecke
Date: Wed Jul 31 11:31:57 2013 +0200
tevent: Remove the signal pipe if no signal events are around
It makes adding/removing the first/last sigevents a bit more expensive, but
it
will fix tevent_loop_wait not finishing when one signal event was added and
removed.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10012
Signed-off-by: Volker Lendecke
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
---
Summary of changes:
.../ABI/{tevent-0.9.18.sigs => tevent-0.9.19.sigs} |0
lib/tevent/tevent_signal.c | 14 +-
lib/tevent/wscript |2 +-
3 files changed, 14 insertions(+), 2 deletions(-)
copy lib/tevent/ABI/{tevent-0.9.18.sigs => tevent-0.9.19.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/tevent/ABI/tevent-0.9.18.sigs
b/lib/tevent/ABI/tevent-0.9.19.sigs
similarity index 100%
copy from lib/tevent/ABI/tevent-0.9.18.sigs
copy to lib/tevent/ABI/tevent-0.9.19.sigs
diff --git a/lib/tevent/tevent_signal.c b/lib/tevent/tevent_signal.c
index 0fdf646..8e13d73 100644
--- a/lib/tevent/tevent_signal.c
+++ b/lib/tevent/tevent_signal.c
@@ -175,7 +175,19 @@ static int tevent_signal_destructor(struct tevent_signal
*se)
struct tevent_common_signal_list);
if (se->event_ctx) {
- DLIST_REMOVE(se->event_ctx->signal_events, se);
+ struct tevent_context *ev = se->event_ctx;
+
+ DLIST_REMOVE(ev->signal_events, se);
+
+ if (ev->signal_events == NULL && ev->pipe_fde != NULL) {
+ /*
+* This was the last signal. Destroy the pipe.
+*/
+ TALLOC_FREE(ev->pipe_fde);
+
+ close(ev->pipe_fds[0]);
+ close(ev->pipe_fds[1]);
+ }
}
talloc_free(sl);
diff --git a/lib/tevent/wscript b/lib/tevent/wscript
index 02bddb8..39f2ae4 100755
--- a/lib/tevent/wscript
+++ b/lib/tevent/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'tevent'
-VERSION = '0.9.18'
+VERSION = '0.9.19'
blddir = 'bin'
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag tevent-0.9.19 created
The annotated tag, tevent-0.9.19 has been created at 9ab5377392768d4465f2d6529fa9dc8ada01502f (tag) tagging 8f98f5d85ae30361f6bb9f6f42d6a7fd279301e1 (commit) replaces ldb-1.1.16 tagged by Stefan Metzmacher on Thu Aug 1 17:11:55 2013 +0200 - Log - tevent: tag release tevent-0.9.19 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJR+nq7AAoJEEeTkWETCEAlnj0IAL5uIboUh4zDM0UFk3j/H+Re /cYnCufwHp1ROtiBsvhPRolpdVEFB/Fn57JLfbYvLPLTuzCrDzvnbQt3zr50W0au PnNe9hNNALsXDz78eha8qYkfkk1dVM4nTvIqUWU6iTbovd4iMT4x687FKLfJekeT o9ygHh4kyTp4DWD7Tai/PTWKCuhgrVz03Yz1Ao//vGuHaJEQclZsVdn0e3X2U9Bt WcNIo64u3C6Vx/+FDrpA1qrWD+0ZPxw9+ZfF+H6OZ8xcymbPQrlyWHeQxon1tStT 6ZvkhDlzVqzQfxOOoHZD/pjrTi67miejwfTgx6TBxPPsfo+rhDZFDk+X+wOXoVI= =AS6o -END PGP SIGNATURE- Alexander Werth (1): s3: Remove old mode special substitution. Andreas Schneider (22): tsocket: Pass the full port number to getaddrinfo(). tsocket: Pass the full port number to getaddrinfo(). torture: Fix comparsion of uninitalized bytes. torture: Don't segfault in raw.session on error. torture: Don't segfault in smb2.session on error. selftest: Fix domain name of plugindc. selftest: Add a newline to root entries in the nss files. selftest: Use higher ip numbers. s3-winbind: Allow sec_initial_uid() to store creds. torture: Fix comparsion of uninitalized bytes. torture: Don't segfault in raw.session on error. torture: Don't segfault in smb2.session on error. selftest: Fix domain name of plugindc. selftest: Add a newline to root entries in the nss files. selftest: Use higher ip numbers. s3-winbind: Allow sec_initial_uid() to store creds. waf: Build with RELRO if supported by the compiler. s3-winbind: Do not delete an existing valid credential cache. nsswitch: Don't enumerate all domains with wbinfo -u|-g. s3-waf: Rename regedit to samba-regedit. docs-xml: Remove obsolete swat manpage and references. nsswitch: Add OPT_KRB5CCNAME to avoid an error message. Andrew Bartlett (23): libcli/ldap: Cope with substring match with no chunks in ldap_push_filter torture: Add tests for LDAP substring search with no strings provided heimdal_build: Add missing dep on samba4kgetcred dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly service_stream: Log if the connection termination is deferred or not (bug #9820) s4-winbindd: Do not terminate a connection that is still pending (bug #9820) s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr() dynconfig: Remove last s3 markers now we have just one build system dsdb-descriptor: Do not do a subtree search unless we have child entries dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails selftest: Ensure the DC has started and and got a RID set before we proceed dsdb: Add assert in drepl_take_FSMO_role rpc_server-drsuapi: Improve comments and DEBUG lines selftest: ensure samba4.rpc.samr.large-dc.two.samr.many is always tested selftest: ensure samba4.nss.test.*using.*winbind is always tested torture/drs: Expand an error message to aid debugging dsdb: Prune deleted objects of links and extra attributes of replicated deletes dsdb: Ensure we always force deleted objects back under the deleted objects DN dsdb: Improve DRS deleted link source/target handing in repl_meta_data dsdb tests: Add member/memberOf checking to delete_objects testing dsdb: Include MS-ADTS doc references on deleted object contstraints samba-tool dbcheck: Correctly remove deleted DNs in dbcheck Aurélien Aptel (1): docs-xml/manpages/smbclient.1.xml: fix case of -T flag in example. Bill Parker (1): Fix bug 10025 - Lack of Sanity Checking in calls to malloc()/calloc(). Björn Baumbach (2): s3-lib: fix segf while reading incomplete session info (bug #10003) s3-smbstatus: display [u|g]id of -1 as "-1" in connection list Björn Jacke (2): time: don't try to use the coarse clock time: prefer CLOCK_BOOTTIME for clock_gettime_mono() Christian Ambach (5): nsswitch: fix a comment s3:smbd/aio mark file as modified in the SMB2 case s3:lib add mapping for ETXTBSY s3:smbd/close use common exit path s3:smbd/close remove filesystem lock before removing sharemode Christof Schmitt (1): selftest: Print error message when smbd does not have ADS support Daniel Gan-Levi (1): s3-ctdb: Fix auto-enabling of CTDB readonly support David Disseldorp (1): tevent: document tevent_req_create state zeroing Günther Deschner
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 859182d dfs_server: Use dsdb_search_one to catch 0 results as well
as NO_SUCH_OBJECT errors
from ba40d0d s3:lib/system fix build on AIX 7
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 859182da6d06be0e9d37d7ed3448efc3dc78bdb2
Author: Andrew Bartlett
Date: Tue Jul 30 10:40:39 2013 +1200
dfs_server: Use dsdb_search_one to catch 0 results as well as
NO_SUCH_OBJECT errors
This ensures we do not de-reference an invalid rs->msgs pointer if the
pointed-to object was not objectclass=computer
Andrew Bartlett
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10052
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Fri Aug 2 13:11:20 CEST 2013 on sn-devel-104
---
Summary of changes:
dfs_server/dfs_server_ad.c | 10 +-
1 files changed, 5 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/dfs_server/dfs_server_ad.c b/dfs_server/dfs_server_ad.c
index 249a1d1..062eb49 100644
--- a/dfs_server/dfs_server_ad.c
+++ b/dfs_server/dfs_server_ad.c
@@ -206,14 +206,14 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct
ldb_context *ldb,
for (i = 0; icount; i++) {
struct ldb_dn *dn;
- struct ldb_result *r2;
+ struct ldb_message *msg;
dn = ldb_msg_find_attr_as_dn(ldb, ctx, r->msgs[i],
"serverReference");
if (!dn) {
return NT_STATUS_INTERNAL_ERROR;
}
- ret = ldb_search(ldb, r, &r2, dn, LDB_SCOPE_BASE, attrs2,
"(objectClass=computer)");
+ ret = dsdb_search_one(ldb, r, &msg, dn, LDB_SCOPE_BASE, attrs2,
0, "(objectClass=computer)");
if (ret != LDB_SUCCESS) {
DEBUG(2,(__location__ ": Search for computer on %s
failed - %s\n",
ldb_dn_get_linearized(dn),
ldb_errstring(ldb)));
@@ -221,7 +221,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct
ldb_context *ldb,
}
if (dofqdn) {
- const char *dns =
ldb_msg_find_attr_as_string(r2->msgs[0], "dNSHostName", NULL);
+ const char *dns = ldb_msg_find_attr_as_string(msg,
"dNSHostName", NULL);
if (dns == NULL) {
DEBUG(2,(__location__ ": dNSHostName missing on
%s\n",
ldb_dn_get_linearized(dn)));
@@ -233,7 +233,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct
ldb_context *ldb,
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(list->names[list->count], r);
} else {
char *tmp;
- const char *aname =
ldb_msg_find_attr_as_string(r2->msgs[0], "sAMAccountName", NULL);
+ const char *aname = ldb_msg_find_attr_as_string(msg,
"sAMAccountName", NULL);
if (aname == NULL) {
DEBUG(2,(__location__ ": sAMAccountName missing
on %s\n",
ldb_dn_get_linearized(dn)));
@@ -250,7 +250,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct
ldb_context *ldb,
list->names[list->count] = tmp;
}
list->count++;
- talloc_free(r2);
+ talloc_free(msg);
}
talloc_free(r);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9177a0d libcli/auth: add more const to
spnego_negTokenInit->mechTypes
via f1e6014 libcli/auth: avoid possible mem leak in read_negTokenInit()
via 966faef auth/gensec: treat struct gensec_security_ops as const if
possible.
via c81b6f7 auth/gensec: use 'const char * const *' for function
parameters
via e81550c auth/gensec: make it possible to implement async backends
via 6a7a44d auth/gensec: avoid talloc_reference in
gensec_security_mechs()
via 3e3534f auth/gensec: avoid talloc_reference in
gensec_use_kerberos_mechs()
via 71c63e8 auth/gensec: introduce gensec_internal.h
via 57bcbb9 libcli/auth/schannel: remove unused schannel_position
via 4c978b6 libcli/auth/schannel: make struct schannel_state private
via e90e1b5 s4:gensec/schannel: only require librpc/gen_ndr/dcerpc.h
via 9b9ab1a s4:gensec/schannel: there's no point in having
schannel_session_key()
via a07049a s4:gensec/schannel: GENSEC_FEATURE_ASYNC_REPLIES is not
supported
via b510476 s4:gensec/schannel: use the correct computer_name from
netlogon_creds_CredentialState
via 49f347e s4:gensec/schannel: simplify the code by using
netsec_create_state()
via 4cad5dc s4:gensec/schannel: remove unused dcerpc_schannel_creds()
via 2ea3a24 s4:torture: avoid usage of dcerpc_schannel_creds()
via c014427 s4:libnet: avoid usage of dcerpc_schannel_creds()
via a36ccdc s3:dcerpc_helpers: remove unused DEBUG message of
schannel_state->seq_num.
via a964309 s3:rpc_server: make use of netsec_create_state()
via af4dc30 s3:cli_pipe.c: return NO_USER_SESSION_KEY in
cli_get_session_key() for schannel
via 838cb53 s3:cli_pipe: pass down creds->computer_name to
NL_AUTH_MESSAGE
via e96142f s3:cli_pipe: make use of netsec_create_state()
via 3321539 libcli/auth: add netsec_create_state()
via 9f2e81a libcli/auth: maintain the sequence number for the NETLOGON
SSP as 64bit
via 59b0956 auth/gensec: add gensec_security_by_auth_type()
via 45c74c8 auth/gensec: first check GENSEC_FEATURE_SESSION_KEY before
returning NOT_IMPLEMENTED
via 04938cb s3:rpc_client: remove unused
cli_rpc_pipe_open_ntlmssp_auth_schannel()
via 3302356 s3:rpc_client: remove netr_LogonGetCapabilities check from
rpc_pipe_bind*
via eecb5ba s3:rpc_client: add netr_LogonGetCapabilities to
cli_rpc_pipe_open_schannel_with_key()
via e9c8e3f s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bind
via 90e28c1 s3:rpc_client: fix/add AES downgrade detection to
rpc_pipe_bind_step_two_done()
via e77a64f s3:rpcclient: try to use NETLOGON_NEG_SUPPORTS_AES
via 0460063 s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AES
via beba326 s3:libnet_join: try to use NETLOGON_NEG_SUPPORTS_AES
via d82ab705 s3:auth_domain: try to use NETLOGON_NEG_SUPPORTS_AES
via 11e0be0 s3:libsmb: remove unused cli_state->is_guestlogin
from d944841 torture: add smb2 FSCTL_[GET/SET]_COMPRESSION test
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9177a0d1c1c92c45ef92fbda55fc6dd8aeb76b6c
Author: Stefan Metzmacher
Date: Mon Aug 5 10:46:47 2013 +0200
libcli/auth: add more const to spnego_negTokenInit->mechTypes
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Sat Aug 10 11:11:54 CEST 2013 on sn-devel-104
commit f1e60142e12deb560e3c62441fd9ff2acd086b60
Author: Stefan Metzmacher
Date: Mon Aug 5 10:43:38 2013 +0200
libcli/auth: avoid possible mem leak in read_negTokenInit()
Also add error checks.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit 966faef9c61d2ec02d75fc3ccc82a61524fb77e4
Author: Stefan Metzmacher
Date: Mon Aug 5 11:20:21 2013 +0200
auth/gensec: treat struct gensec_security_ops as const if possible.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit c81b6f7448d7f945635784de645bea4f7f2e230f
Author: Stefan Metzmacher
Date: Mon Aug 5 11:10:55 2013 +0200
auth/gensec: use 'const char * const *' for function parameters
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit e81550c8117166d0fbf69ba1d3957cb950c42961
Author: Stefan Metzmacher
Date: Mon Aug 5 16:12:13 2013 +0200
auth/gensec: make it possible to implement async backends
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit 6a7a44db5999af7262478eb1c186d784d6075beb
Author: Stefan Metzmacher
Date: Mon Aug 5 10:39:16 2013 +0200
auth/gensec: avoid talloc_reference in gensec_security_mechs()
We
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1b57fd1 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().
from 52d66d8 s3-winbind: Fix a segfault passing NULL to a fstring
argument.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1b57fd180c2640598c13d2459a7c7a6f04708388
Author: Günther Deschner
Date: Mon Aug 12 17:23:12 2013 +0200
s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().
Fallback to lsa named-pipe connection when tcp connection has failed twice
(it
could be a trusted domain connection where we cannot setup a secure
channel).
Guenther
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9615
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9899
Signed-off-by: Günther Deschner
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
Tested-by: Christof Schmitt
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Aug 13 20:55:33 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/winbindd/winbindd_cm.c |9 +++--
1 files changed, 7 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 08c763c..1832b2b 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2651,11 +2651,16 @@ NTSTATUS cm_connect_lsat(struct winbindd_domain *domain,
invalidate_cm_connection(&domain->conn);
status = cm_connect_lsa_tcp(domain, mem_ctx, cli);
}
- if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_IS_OK(status)) {
return status;
}
- return NT_STATUS_OK;
+ /*
+* we tried twice to connect via ncan_ip_tcp and schannel and
+* failed - maybe it is a trusted domain we can't connect to ?
+* do not try tcp next time - gd
+*/
+ domain->can_do_ncacn_ip_tcp = false;
}
status = cm_connect_lsa(domain, mem_ctx, cli, lsa_policy);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5f75814 winbind3: Fix an invalid free
from 1b57fd1 s3-winbindd: fix fallback to ncacn_np in cm_connect_lsat().
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5f75814586f2d6f7c2dc8fd9342cb045c1f7e68c
Author: Volker Lendecke
Date: Wed Aug 14 09:27:59 2013 +
winbind3: Fix an invalid free
This fixes a warning I've never seen before :-)
../source3/winbindd/winbindd_cm.c:781:59: warning: attempt to free a
non-heap object ‘machine_krb5_principal’ [-Wfree-nonheap-object]
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Aug 14 14:04:16 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/winbindd/winbindd_cm.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 1832b2b..d89ca95 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -778,7 +778,7 @@ static NTSTATUS get_trust_creds(const struct
winbindd_domain *domain,
}
if (!strupper_m(*machine_krb5_principal)) {
- SAFE_FREE(machine_krb5_principal);
+ SAFE_FREE(*machine_krb5_principal);
return NT_STATUS_INVALID_PARAMETER;
}
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
mit b706ca6e55aa76d4da901c69d991969602facc3b Author: Stefan Metzmacher Date: Wed Aug 14 15:18:47 2013 -0700 s3:libsmb: call smb2cli_logoff() from cli_ulogoff() Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Thu Aug 15 10:53:21 CEST 2013 on sn-devel-104 commit 1d7bdfc4feac35d92b003c3c78f502897ecc5d4e Author: Stefan Metzmacher Date: Wed Aug 14 11:48:40 2013 +0200 s3:libsmb: make cli_ulogoff_send/recv static Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit e6be68fb5e4dc528f7365f3413b9b66090992f42 Author: Stefan Metzmacher Date: Wed Aug 14 11:44:58 2013 +0200 s3:libsmb: call smb2cli_tdis() from cli_tdis() Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit d732e9aab3bbad3ea97f8b120e57b41152aaee3b Author: Stefan Metzmacher Date: Wed Aug 14 11:44:10 2013 +0200 s3:libsmb: only set tcon to invalid in smb2cli_tdis* This matches the behavior of cli_tdis*. Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 80d4f64352c0ddacb9ee15d2b48a42a0b7929501 Author: Stefan Metzmacher Date: Wed Aug 14 11:38:22 2013 +0200 s3:libsmb: make cli_tdis_send/recv static Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit ccf7b3719121e03ed06d15b9af5373eecba3e828 Author: Stefan Metzmacher Date: Tue Aug 13 18:38:57 2013 +0200 s3:libsmb: add support for SMB2 in cli_writeall() Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit a85d4511e6bc84938d60f090b44a5b1468ee4136 Author: Stefan Metzmacher Date: Tue Aug 13 18:20:08 2013 +0200 s3:libsmb: add SMB2 support to cli_pull* Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 6896bf0b28a07eb8ead5b3bd2bc50229aa59d439 Author: Stefan Metzmacher Date: Tue Aug 13 16:33:30 2013 +0200 s3:libsmb: add SMB2 support to cli_push* Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 80758e4b07c87280e778ba161c2c9c4a2ee47853 Author: Jeremy Allison Date: Thu Aug 8 11:00:49 2013 -0700 s3:libsmb: Plumb cli_smb2_set_security_descriptor() inside cli_set_security_descriptor(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit 1db7e90451f31d75298508c19a859d98d56d7e7c Author: Jeremy Allison Date: Thu Aug 8 11:00:08 2013 -0700 s3:libsmb: Plumb cli_smb2_query_security_descriptor() inside cli_query_security_descriptor(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit de895bf228432f2a42bcdcadcf12ffd1be64022f Author: Jeremy Allison Date: Wed Aug 7 16:50:03 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo_alt_name() inside cli_qpathinfo_alt_name(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit cba3ed0466b8598e28a44809778b99e97b1bf1a1 Author: Jeremy Allison Date: Thu Aug 8 10:52:02 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo_basic() inside cli_qpathinfo_basic(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit 2bb3e251d59910d9bf527a73271094702bceefe2 Author: Jeremy Allison Date: Wed Aug 7 16:47:21 2013 -0700 s3:libsmb: Plumb cli_smb2_qfileinfo_basic() inside cli_qfileinfo_basic(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit e96309ca1b057d430444531523bb2c9f59fcd624 Author: Jeremy Allison Date: Wed Aug 7 16:46:05 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo_streams() inside cli_qpathinfo_streams(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit f2f566b1cc8d55bd1cf93478b877a3e7f455855c Author: Jeremy Allison Date: Wed Aug 7 16:45:05 2013 -0700 s3:libsmb: Plumb cli_smb2_qpathinfo2() inside cli_qpathinfo2(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit 73255d3ba912b3a112f9d766deae895f51e16cd9 Author: Jeremy Allison Date: Wed Aug 7 16:43:33 2013 -0700 s3:libsmb: Plumb cli_smb2_list() inside cli_list(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit 7e2d969deb1d4bcf3add422d80852b2d386cfaac Author: Jeremy Allison Date: Wed Aug 7 16:42:02 2013 -0700 s3:libsmb: Plumb cli_smb2_get_ea_list_path() inside cli_get_ea_list_path(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit f8dfc50124e5b5083aa801d9658389dd3fa6698a Author: Jeremy Allison Date: Wed Aug 7 16:32:55 2013 -0700 s3:libsmb: Plumb cli_smb2_set_ea_fnum() inside cli_set_ea_fnum(). Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher commit 3276853e59c2686873baad7c6f9d2665ed6fdd56 Author: Jeremy Allison Date: Wed Aug 7 16:21:48 2013 -0700 s3:libsmb: Plumb cli_smb2_set_ea_path() inside cli_set_ea_path(). Signed-off-by: Jeremy Allison Reviewed-by: Ste
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 38e4396 torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9 via 16b26ea selftest: Add a basic test of samba_upgradedns via 013c499 selftest: Start internal DNS server on domain provisioned for BIND9_DLZ via e281037 selftest: Test creation of the dns-SERVER account during selftest via d19c437 scripting/samba_upgradedns: Tighten up exception and attribute list handling via b106d90 scripting/join.py: Handle creating the dns-NAME account during a DC join from bdab6f9 Optimization. Don't do the retry logic if sitename_fetch() returned NULL, we already did a NULL query. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 38e43961c01f6f491b069e7106fe2a2ec80bd840 Author: Andrew Bartlett Date: Fri Dec 28 21:00:28 2012 +1100 torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9 This exercises some more of the dlz_bind9 code outside BIND, by sending in a ticket to be access checked, wrapped either in SPNEGO or just in GSSAPI. Andrew Bartlett Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Wed Sep 4 11:25:10 CEST 2013 on sn-devel-104 commit 16b26eafa75280e576333975cff5dd1505c118fa Author: Andrew Bartlett Date: Fri Dec 28 10:06:39 2012 +1100 selftest: Add a basic test of samba_upgradedns This does not check that the command runs correctly, but does at least check that the command runs to completion without errors. Andrew Bartlett Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher commit 013c4990c6f1412dd25592bf177ceffab4b5d16d Author: Andrew Bartlett Date: Fri Dec 28 09:25:11 2012 +1100 selftest: Start internal DNS server on domain provisioned for BIND9_DLZ This shows that the internal server can use the dns-SERVER account. Andrew Bartlett Reviewed-by: Stefan Metzmacher Signed-off-by: Andrew Bartlett commit e281037c9bfa68ca3dc564ec7a36e5c790024902 Author: Andrew Bartlett Date: Wed Dec 26 10:03:47 2012 +1100 selftest: Test creation of the dns-SERVER account during selftest We do this by having the samba-tool domain dcpromo for promoted_vampire_dc also create a dns-SERVER account. Andrew Bartlett Reviewed-by: Stefan Metzmacher Signed-off-by: Andrew Bartlett commit d19c437a36b26e71c24bc25e672d714e21ba50bd Author: Andrew Bartlett Date: Mon Dec 24 09:12:04 2012 +1100 scripting/samba_upgradedns: Tighten up exception and attribute list handling This avoids asking for attributes that will not be used, and looks only for the expected exceptions, rather than all exceptions. Andrew Bartlett Reviewed-by: Stefan Metzmacher Signed-off-by: Andrew Bartlett commit b106d9090e8f8f44f02059d2ced3d10066787060 Author: Andrew Bartlett Date: Mon Dec 24 08:56:50 2012 +1100 scripting/join.py: Handle creating the dns-NAME account during a DC join This will ensure that the DLZ plugin works out of the box when joining a second Samba DC to the domain. Andrew Bartlett Reviewed-by: Stefan Metzmacher Signed-off-by: Andrew Bartlett --- Summary of changes: python/samba/join.py| 73 +++-- python/samba/provision/sambadns.py | 11 +++- selftest/target/Samba4.pm |4 +- source4/scripting/bin/samba_upgradedns | 30 +++ source4/selftest/tests.py |3 +- source4/setup/secrets_dns.ldif |2 +- source4/torture/dns/dlz_bind9.c | 78 +++ source4/torture/winbind/winbind.c |1 + testprogs/blackbox/test_samba_upgradedns.sh | 37 + 9 files changed, 218 insertions(+), 21 deletions(-) create mode 100755 testprogs/blackbox/test_samba_upgradedns.sh Changeset truncated at 500 lines: diff --git a/python/samba/join.py b/python/samba/join.py index c55c22c..b2f4da4 100644 --- a/python/samba/join.py +++ b/python/samba/join.py @@ -26,9 +26,12 @@ from samba.ndr import ndr_pack from samba.dcerpc import security, drsuapi, misc, nbt, lsa, drsblobs from samba.credentials import Credentials, DONT_USE_KERBEROS from samba.provision import secretsdb_self_join, provision, provision_fill, FILL_DRS, FILL_SUBDOMAIN +from samba.provision.common import setup_path from samba.schema import Schema from samba.net import Net from samba.provision.sambadns import setup_bind9_dns +from samba import read_and_sub_file +from base64 import b64encode import logging import talloc import random @@ -179,6 +182,19 @@ class dc
[SCM] Samba Shared Repository - annotated tag talloc-2.1.0 created
The annotated tag, talloc-2.1.0 has been created at 3be5ea3325aa68d75510640ac90a8ad1c5cbfbd4 (tag) tagging 256d10f5792a37d20cbb45f2af3f8578bd354110 (commit) replaces tevent-0.9.19 tagged by Stefan Metzmacher on Sun Sep 8 16:48:15 2013 +0200 - Log - talloc: tag release talloc-2.1.0 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJSLI4vAAoJEEeTkWETCEAlLGQIAMPYK++eJ4CIDSoP/JaNe78Q NSdwmi2VCqEhH5CMzntL9IOMX8nUzbTIxdd0qVVoO2J9YdmfD85PU4VzyRtT9QWK A8uFAPtdr9TN71QMezEz0yFRKOTrehv1EfO1MmS83rtox8t0D/MVvvA07F+IpiSg iCFnTt9gdWWjCrXQ2xSBi1nMA1UyjBrlIZL7tXgE8QtAMW7QEstvHQIkkczIxLC+ rW4PGyRx0bxTshN7+4t/+4bQ8rloygvYYn7k/Rydzs05FQp3YOsGjXwld44sqD3g yl42+X87aNaxfNeiJqS4I5sXFDtIZUWnksq+6/mrQKpvYofXVduN4ZxF1Z0BERc= =Yhld -END PGP SIGNATURE- Abhidnya Joshi (1): s3: fix missing braces in nfs4_acls.c Anand Avati (1): vfs_glusterfs: Implement proper mashalling/unmarshalling of ACLs Andreas Schneider (6): s3-libads: Print a message if no realm has been specified. libcli: Add security_token_system_privilege(). s3-rpc_server: Grant the system token full access. s3-netlogon: Connecting with the system token should be sufficient. s3-winbind: Fix a segfault passing NULL to a fstring argument. Followup patch for BUG: https://bugzilla.samba.org/show_bug.cgi?id=10082 Andrew Bartlett (8): dfs_server: Use dsdb_search_one to catch 0 results as well as NO_SUCH_OBJECT errors provision: Rewrite named.txt to be more useful scripting/join.py: Handle creating the dns-NAME account during a DC join scripting/samba_upgradedns: Tighten up exception and attribute list handling selftest: Test creation of the dns-SERVER account during selftest selftest: Start internal DNS server on domain provisioned for BIND9_DLZ selftest: Add a basic test of samba_upgradedns torture: Ensure that GSSAPI and SPNEGO packets are accepted by dlz_bind9 Christian Ambach (5): s3:lib/system fix build on AIX 7 waf: fix build on AIX7 waf: add --without-gettext option waf: consolidate libintl related checks waf: replace dependency to libintl with samba_intl Christof Schmitt (3): FSCTL_GET_SHADOW_COPY_DATA: Initialize output array to zero FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at end doc: Fix prefix parameter name in vfs_full_audit man page Christopher R. Hertel (1): vfs_glusterfs: Fix excessive debug output from vfs_gluster_open(). David Disseldorp (9): torture: split out ioctl test file creation helper lib: add FSCTL_[GET/SET]_COMPRESSION constants torture: add smb2 FSCTL_[GET/SET]_COMPRESSION test torture: extend FSCTL_[GET/SET]_COMPRESSION tests torture: check for filesystem compression capability torture: add compressed file attribute ioctl test torture: add file_attribs arg to file create helper torture: add more [no-]compress-on-open ioctl tests torture: support Windows 2k8 response for compress_invalid_buf Gregor Beck (2): security.idl: add new security_secinfo bits Fix bug 9678 - Windows 8 Roaming profiles fail Günther Deschner (37): s3-libads: Fail create_local_private_krb5_conf_for_domain() if parameters missing. s3-net: pass down ndr_interface_table to connect_dst_pipe(). s3-rpc_cli: remove prototype of nonexisting cli_rpc_pipe_open_krb5(). s3-libnetapi: pass down ndr_interface_table to libnetapi_get_binding_handle(). s3-libnetapi: pass down ndr_interface_table to libnetapi_open_pipe(). s3-libnetapi: pass down ndr_interface_table to pipe_cm() and friends. s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_ncalrpc(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_interface(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_ntlmssp_auth_schannel(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_schannel_with_key(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open_noauth_transport(). s3-rpc_cli: pass down ndr_interface_table to cli_rpc_pipe_open(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_np(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_get_tcp_port(). s3-rpc_cli: pass down ndr_interface_table to rpc_pipe_open_tcp_port(). s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init(). s3-rpc_cli: pass down ndr_interface_table to rpc_transport_np_init_send(). libcli/auth: also set secure channel type in netlogon_creds_client_init(). s3: libnet_join
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 0af09f0 ldb: Do not build libldb-cmdline when using system ldb.
from b8100af gencache: Avoid a duplicate call to string_term_tdb_data
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 0af09f0179c024099e0776d3794f4b3d7fb3f6f6
Author: Jeroen Dekkers
Date: Mon Sep 9 00:42:39 2013 +0200
ldb: Do not build libldb-cmdline when using system ldb.
Cleanup leftover include and linking of libldb-cmdline in
oLschema2ldif. Do not build libldb-cmdline anymore when using the
system ldb, oLschema2ldif was the only reason for building
libldb-cmdline.
Signed-off-by: Jeroen Dekkers
Reviewed-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Sep 10 12:52:26 CEST 2013 on sn-devel-104
---
Summary of changes:
lib/ldb/wscript |8
source4/utils/oLschema2ldif.c |1 -
source4/utils/wscript_build |2 +-
3 files changed, 5 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index f5647b1..071038c 100755
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -257,10 +257,10 @@ def build(bld):
bld.SAMBA_BINARY('ldbdump', 'tools/ldbdump.c', deps='ldb-cmdline ldb',
install=False)
-bld.SAMBA_LIBRARY('ldb-cmdline',
- source='tools/ldbutil.c tools/cmdline.c',
- deps='ldb dl popt',
- private_library=True)
+bld.SAMBA_LIBRARY('ldb-cmdline',
+ source='tools/ldbutil.c tools/cmdline.c',
+ deps='ldb dl popt',
+ private_library=True)
def test(ctx):
diff --git a/source4/utils/oLschema2ldif.c b/source4/utils/oLschema2ldif.c
index be86daa..bcdf570 100644
--- a/source4/utils/oLschema2ldif.c
+++ b/source4/utils/oLschema2ldif.c
@@ -33,7 +33,6 @@
#include "includes.h"
#include "ldb.h"
-#include "tools/cmdline.h"
#include "dsdb/samdb/samdb.h"
#include "../lib/crypto/sha256.h"
#include "../librpc/gen_ndr/ndr_misc.h"
diff --git a/source4/utils/wscript_build b/source4/utils/wscript_build
index a5217b3..046e237 100644
--- a/source4/utils/wscript_build
+++ b/source4/utils/wscript_build
@@ -14,6 +14,6 @@ bld.SAMBA_BINARY('ntlm_auth4',
bld.SAMBA_BINARY('oLschema2ldif',
source='oLschema2ldif.c',
manpages='man/oLschema2ldif.1',
- deps='ldb-cmdline samdb POPT_SAMBA'
+ deps='samdb POPT_SAMBA'
)
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via ef830f7 samba-tool domain join: Set server role correctly to
"active directory domain controller"
via f75dc8f s4-rpc_server/drsuapi: Print ldb error showing why we
failed to perform the access check
via 1d92d5b samba-tool domian join: Only print adminpass warning on
subdomain creation
via 84dc9f8 samba-tool domain join: Add --quite and --verbose
via 35e56d2 dsdb: Use dsdb_next_callback() rather than a no-op
per-module callback
via 650eca0 join.py: Restore support for joining as a subdomain
via 0de dsdb: Add DSDB_SEARCH_ONE_ONLY support to
dsdb_module_search*()
via 3af4f03 join.py: Handle more error cases with useful exceptions
via a5e4c45 samba-tool domain join subdomain: Set "reveal_internals:0"
control so we can see the ncName
via 347b2c6 ldb: Show the type of failing operation in default error
message
via bbeca62 join.py: Show which database we failed to find the DN on
(clarify local v remote)
via ccb1beb join.py: Handle exceptions when looking for GUID in a DN
from 20999fc tdb: Fix some typos in comments.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit ef830f7e7107cd5287903d83519588c9d31b526f
Author: Andrew Bartlett
Date: Mon Sep 9 12:15:36 2013 +1200
samba-tool domain join: Set server role correctly to "active directory
domain controller"
We changed the magic string when we reworked the list of server roles.
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Mon Sep 16 23:33:41 CEST 2013 on sn-devel-104
commit f75dc8f4a54581ed207e7caa2e52211ea24e3554
Author: Andrew Bartlett
Date: Mon Sep 9 09:57:27 2013 +1200
s4-rpc_server/drsuapi: Print ldb error showing why we failed to perform the
access check
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 1d92d5b19b36ddf15a70e3110caabfe06ba78619
Author: Andrew Bartlett
Date: Mon Sep 9 09:56:58 2013 +1200
samba-tool domian join: Only print adminpass warning on subdomain creation
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 84dc9f8cc17d49bef5b9c37fd818c7599bf5897a
Author: Andrew Bartlett
Date: Mon Sep 9 09:53:37 2013 +1200
samba-tool domain join: Add --quite and --verbose
This means we now use logger consistently between doimin join, domain
dcpromo
and domain provision.
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 35e56d2b71b1dcd906baa70509ec50af39504b5a
Author: Andrew Bartlett
Date: Fri Sep 6 15:46:36 2013 +1200
dsdb: Use dsdb_next_callback() rather than a no-op per-module callback
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 650eca0e061c731614b5fa49756872d11b7b67f0
Author: Andrew Bartlett
Date: Fri Sep 6 15:46:05 2013 +1200
join.py: Restore support for joining as a subdomain
This set of patches fixes up the errors that were introduced into the
partial support
during the past couple of years.
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 0dee04e2e3aecd82ed4cf887f9e36dd4962d
Author: Andrew Bartlett
Date: Fri Sep 6 15:39:50 2013 +1200
dsdb: Add DSDB_SEARCH_ONE_ONLY support to dsdb_module_search*()
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 3af4f0377e1ff8b23d415bc4b241bf8cb83c130c
Author: Andrew Bartlett
Date: Fri Sep 6 15:38:36 2013 +1200
join.py: Handle more error cases with useful exceptions
This will help track down strange failures in the future.
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit a5e4c4520af9f7a99aac4117d1225c85b891554d
Author: Andrew Bartlett
Date: Mon Sep 16 10:23:07 2013 -0700
samba-tool domain join subdomain: Set "reveal_internals:0" control so we
can see the ncName
The issue here is that we create the ncName remotely with DsAddEntry,
and then replicate it back. However, at this point the naming context
pointed at by the ncName does not exist! The issue is that the
extended_dn_out module then hides the link, because it points to a
missing object. The reveal_internals control forces this link to be
returned, and so we can then find the GUID, to create the domain with
the right GUID.
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 347b2c65a4b8c219cfdae3306fdc3d793980cbed
Author: Andrew Bartlett
Date: Fri Sep 6 15:37:30 2013 +1200
ldb: Show the type of fa
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6ef3c98 docs-xml: document SMB3_02 as available protocol for the
client side
via 4912378 s3:torture: add PROTOCOL_SMB3_02 handling
via 66d3064 lib/param: add PROTOCOL_SMB3_02 handling
via f8b3c71 libcli/smb: negotiate SMB3_DIALECT_REVISION_302 if
PROTOCOL_SMB3_02 is requested
via 80623b8 libcli/smb: add PROTOCOL_SMB3_02
via 4a401d6 libcli/smb: add SMB3_DIALECT_REVISION_302
from 4dacaef dsdb: Use credentials.get_forced_sasl_mech()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6ef3c98ade76e361d210366a0fe79fc3b66e63be
Author: Stefan Metzmacher
Date: Sun Sep 15 17:09:35 2013 +0200
docs-xml: document SMB3_02 as available protocol for the client side
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
Reviewed-by: Jeremy Allison
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Sep 17 05:55:04 CEST 2013 on sn-devel-104
commit 491237840269943550bb0189c19a460d7a3cf0e7
Author: Stefan Metzmacher
Date: Fri Sep 13 11:28:03 2013 +0200
s3:torture: add PROTOCOL_SMB3_02 handling
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
Reviewed-by: Jeremy Allison
commit 66d306491bbd7e07e504c5d246498c1f748a
Author: Stefan Metzmacher
Date: Fri Sep 13 11:27:39 2013 +0200
lib/param: add PROTOCOL_SMB3_02 handling
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
Reviewed-by: Jeremy Allison
commit f8b3c712f0dcb635bb750ebd218df77eeb584940
Author: Stefan Metzmacher
Date: Fri Sep 13 11:27:01 2013 +0200
libcli/smb: negotiate SMB3_DIALECT_REVISION_302 if PROTOCOL_SMB3_02 is
requested
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
Reviewed-by: Jeremy Allison
commit 80623b8593700eb9b14e6d50b5687cc7d37de764
Author: Stefan Metzmacher
Date: Fri Sep 13 11:26:20 2013 +0200
libcli/smb: add PROTOCOL_SMB3_02
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
Reviewed-by: Jeremy Allison
commit 4a401d6fccfe75c34047427226bb1004e83a6563
Author: Stefan Metzmacher
Date: Fri Sep 13 11:25:42 2013 +0200
libcli/smb: add SMB3_DIALECT_REVISION_302
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
Reviewed-by: Jeremy Allison
---
Summary of changes:
docs-xml/manpages/smb.conf.5.xml |2 +-
docs-xml/smbdotconf/protocol/clientmaxprotocol.xml |3 +++
lib/param/param_table.c|1 +
libcli/smb/smb2_constants.h|1 +
libcli/smb/smbXcli_base.c |1 +
libcli/smb/smb_constants.h |5 +++--
source3/torture/test_smb2.c|3 +++
7 files changed, 13 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages/smb.conf.5.xml b/docs-xml/manpages/smb.conf.5.xml
index 975d105..399e996 100644
--- a/docs-xml/manpages/smb.conf.5.xml
+++ b/docs-xml/manpages/smb.conf.5.xml
@@ -471,7 +471,7 @@ chmod 1770 /usr/local/samba/lib/usershares
%R
the selected protocol level after protocol
negotiation. It can be one of CORE, COREPLUS,
- LANMAN1, LANMAN2, NT1, SMB2_02, SMB2_10, SMB2_22,
SMB2_24, SMB3_00 or SMB2_FF.
+ LANMAN1, LANMAN2, NT1, SMB2_02, SMB2_10, SMB2_22,
SMB2_24, SMB3_00, SMB3_02 or SMB2_FF.
diff --git a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
index 06fda5a..c7a9fd1 100644
--- a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
+++ b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
@@ -60,6 +60,9 @@
SMB3_00: Windows 8 SMB3 version.
(mostly the same as SMB2_24)
+
+ SMB3_02: Windows 8.1 SMB3
version.
+
By default SMB3 selects the SMB3_00 variant.
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index 7b32998..10cf046 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -30,6 +30,7 @@
static const struct enum_list enum_protocol[] = {
{PROTOCOL_SMB2_10, "SMB2"}, /* for now keep PROTOCOL_SMB2_10 */
{PROTOCOL_SMB3_00, "SMB3"}, /* for now keep PROTOCOL_SMB3_00 */
+ {PROTOCOL_SMB3_02, "SMB3_02"},
{PROTOCOL_SMB3_00, "SMB3_00"},
{PROTOCOL_SMB2_24, "SMB2_24"},
{PROTOCOL_SMB2_22, "SMB2_22"},
diff --git a/libcli/smb/smb2_constants.h b/libcli/smb/smb2_constants.h
index 54ab250..40a6339 100644
--- a/libcli/smb/smb2_
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via af290a0 libcli/smb: fix non mendatory signing against some vendor
SMB2 servers.
via 1d54d8c libcli/smb: use SMB1 MID=0 for the initial Negprot
from 6ed5b1c Cleanup map return codes
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit af290a03cef63c3b08446c1980de064a3b1c8804
Author: Stefan Metzmacher
Date: Tue Sep 17 04:12:30 2013 +0200
libcli/smb: fix non mendatory signing against some vendor SMB2 servers.
Windows and Samba always sign the final session setup response
even if signing is not mendatory, but it ensures that the signing
key is correctly in place.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10146
Signed-off-by: Stefan Metzmacher
Reviewed-by: Jeremy Allison
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Sep 17 09:40:10 CEST 2013 on sn-devel-104
commit 1d54d8c501afa151b6cc07b98a14caae2b31ec65
Author: Stefan Metzmacher
Date: Tue Sep 17 04:09:03 2013 +0200
libcli/smb: use SMB1 MID=0 for the initial Negprot
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10144
Signed-off-by: Stefan Metzmacher
Reviewed-by: Jeremy Allison
---
Summary of changes:
libcli/smb/smbXcli_base.c | 19 ++-
1 files changed, 18 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 7176e8f..f59f1f7 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -737,6 +737,14 @@ static uint16_t smb1cli_alloc_mid(struct smbXcli_conn
*conn)
size_t num_pending = talloc_array_length(conn->pending);
uint16_t result;
+ if (conn->protocol == PROTOCOL_NONE) {
+ /*
+* This is what windows sends on the SMB1 Negprot request
+* and some vendors reuse the SMB1 MID as SMB2 sequence number.
+*/
+ return 0;
+ }
+
while (true) {
size_t i;
@@ -4835,7 +4843,16 @@ NTSTATUS smb2cli_session_set_session_key(struct
smbXcli_session *session,
session->conn->protocol,
recv_iov, 3);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ /*
+* Sadly some vendors don't sign the
+* final SMB2 session setup response
+*
+* At least Windows and Samba are always doing this
+* if there's a session key available.
+*/
+ if (conn->mandatory_signing) {
+ return status;
+ }
}
session->smb2->should_sign = false;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1c41feb s3: libsmb : The short name length is only a one byte field.
from af290a0 libcli/smb: fix non mendatory signing against some vendor
SMB2 servers.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1c41feb7893ae4a4f42c035f3c83f8b2950b7816
Author: Jeremy Allison
Date: Mon Sep 16 19:16:52 2013 -0700
s3: libsmb : The short name length is only a one byte field.
The next byte is "undefined" and some vendors set this to 0xff
(discovered in SNIA SDC lab tests).
Signed-off-by: Jeremy Allison
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Sep 17 12:27:18 CEST 2013 on sn-devel-104
---
Summary of changes:
source3/libsmb/cli_smb2_fnum.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c
index 18b03f3..3253f9d 100644
--- a/source3/libsmb/cli_smb2_fnum.c
+++ b/source3/libsmb/cli_smb2_fnum.c
@@ -412,7 +412,7 @@ static NTSTATUS parse_finfo_id_both_directory_info(uint8_t
*dir_data,
if (namelen > (dir_data_length - 104)) {
return NT_STATUS_INFO_LENGTH_MISMATCH;
}
- slen = SVAL(dir_data + 68, 0);
+ slen = CVAL(dir_data + 68, 0);
if (slen > 24) {
return NT_STATUS_INFO_LENGTH_MISMATCH;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4879d08 libcli/smb: only check the SMB2 session setup signature if
required and valid
from 17a9a0f s3: libsmb : Bug 10150 - Not all OEM servers support the
ALTNAME info level.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4879d0810a2ad741e32ad174a7a14cd35521aeaf
Author: Stefan Metzmacher
Date: Wed Sep 18 02:24:30 2013 +0200
libcli/smb: only check the SMB2 session setup signature if required and
valid
This is an update to commit af290a03cef63c3b08446c1980de064a3b1c8804
that skips the scary debug messages.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10146
Signed-off-by: Stefan Metzmacher
Reviewed-by: Jeremy Allison
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Sep 18 04:46:00 CEST 2013 on sn-devel-104
---
Summary of changes:
libcli/smb/smbXcli_base.c | 26 +-
1 files changed, 21 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index f59f1f7..27ac2a8 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -4742,12 +4742,18 @@ NTSTATUS smb2cli_session_set_session_key(struct
smbXcli_session *session,
struct smbXcli_conn *conn = session->conn;
uint16_t no_sign_flags;
uint8_t session_key[16];
+ bool check_signature = true;
+ uint32_t hdr_flags;
NTSTATUS status;
if (conn == NULL) {
return NT_STATUS_INVALID_PARAMETER_MIX;
}
+ if (recv_iov[0].iov_len != SMB2_HDR_BODY) {
+ return NT_STATUS_INVALID_PARAMETER_MIX;
+ }
+
no_sign_flags = SMB2_SESSION_FLAG_IS_GUEST | SMB2_SESSION_FLAG_IS_NULL;
if (session->smb2->session_flags & no_sign_flags) {
@@ -4839,18 +4845,28 @@ NTSTATUS smb2cli_session_set_session_key(struct
smbXcli_session *session,
return NT_STATUS_NO_MEMORY;
}
- status = smb2_signing_check_pdu(session->smb2_channel.signing_key,
- session->conn->protocol,
- recv_iov, 3);
- if (!NT_STATUS_IS_OK(status)) {
+ check_signature = conn->mandatory_signing;
+
+ hdr_flags = IVAL(recv_iov[0].iov_base, SMB2_HDR_FLAGS);
+ if (hdr_flags & SMB2_HDR_FLAG_SIGNED) {
/*
* Sadly some vendors don't sign the
* final SMB2 session setup response
*
* At least Windows and Samba are always doing this
* if there's a session key available.
+*
+* We only check the signature if it's mandatory
+* or SMB2_HDR_FLAG_SIGNED is provided.
*/
- if (conn->mandatory_signing) {
+ check_signature = true;
+ }
+
+ if (check_signature) {
+ status =
smb2_signing_check_pdu(session->smb2_channel.signing_key,
+ session->conn->protocol,
+ recv_iov, 3);
+ if (!NT_STATUS_IS_OK(status)) {
return status;
}
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8d8872a python-samba-tool fsmo: Do not give an error on a
successful role transfer
from abb47b6 build: fix spacing in the definition of the "idmap_autorid"
target
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8d8872ae0a19786452c3be044757b16814b82be8
Author: Andrew Bartlett
Date: Thu May 9 15:16:55 2013 +1200
python-samba-tool fsmo: Do not give an error on a successful role transfer
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9461
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Mon Sep 23 12:00:24 CEST 2013 on sn-devel-104
---
Summary of changes:
python/samba/netcmd/fsmo.py | 14 +++---
1 files changed, 7 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/netcmd/fsmo.py b/python/samba/netcmd/fsmo.py
index c938c91..02721f9 100644
--- a/python/samba/netcmd/fsmo.py
+++ b/python/samba/netcmd/fsmo.py
@@ -124,22 +124,22 @@ all=all of the above"""),
self.message("Attempting transfer...")
try:
transfer_role(self.outf, role, samdb)
+self.outf.write("FSMO seize was not required, as transfer of
'%s' role was successful\n" % role)
+return
except CommandError:
#transfer failed, use the big axe...
self.message("Transfer unsuccessful, seizing...")
-m["fSMORoleOwner"]= ldb.MessageElement(
-serviceName, ldb.FLAG_MOD_REPLACE,
-"fSMORoleOwner")
else:
self.message("Will not attempt transfer, seizing...")
-m["fSMORoleOwner"]= ldb.MessageElement(
-serviceName, ldb.FLAG_MOD_REPLACE,
-"fSMORoleOwner")
+
+m["fSMORoleOwner"]= ldb.MessageElement(
+serviceName, ldb.FLAG_MOD_REPLACE,
+"fSMORoleOwner")
try:
samdb.modify(m)
except LdbError, (num, msg):
raise CommandError("Failed to initiate role seize of '%s' role:
%s" % (role, msg))
-self.outf.write("FSMO transfer of '%s' role successful\n" % role)
+self.outf.write("FSMO seize of '%s' role successful\n" % role)
def run(self, force=None, H=None, role=None,
credopts=None, sambaopts=None, versionopts=None):
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 167e2f2 pidl: Generate wireshark that conforms to the rules of
Wireshark project
via 00dc30a pidl: Generate NDR64/NDR32 aware code for the wireshark
dissectors
via 26c1c15 idl: fix frsrpc idl with NDR64 fields
via aa5b369 idl: remove duplicate flag
via fc11bab frstrans.idl: add flag(NDR_PAHEX) to frstrans_BytePipe
via 51d8eba drsuapi.idl: change the range for attribute values to
26214400 bytes.
via c18c6c9 librpc/ndr: make use of ndr_dump_data() in
ndr_print_array_uint8()
via 3d3e8b5 librpc/ndr: make ndr_pull/push_DATA_BLOB NDR64 aware
from 4f69b58 s4:torture:ldap: Fix misleading output
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 167e2f2b5543008e02613dcd56e36f7326912cdb
Author: Matthieu Patou
Date: Sun Sep 22 22:23:51 2013 -0700
pidl: Generate wireshark that conforms to the rules of Wireshark project
Signed-off-by: Matthieu Patou
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Sep 24 02:04:05 CEST 2013 on sn-devel-104
commit 00dc30a9ffafbd2bbf8041e81b443e9eb73f9dcf
Author: Matthieu Patou
Date: Sun Sep 22 22:10:10 2013 -0700
pidl: Generate NDR64/NDR32 aware code for the wireshark dissectors
Signed-off-by: Matthieu Patou
Pair-Programmed-With: Stefan Metzmacher
Reviewed-by: Stefan Metzmacher
commit 26c1c15da45ce3b024498c85fe8f5ebef0e6b9d2
Author: Matthieu Patou
Date: Sun Sep 22 19:50:10 2013 -0700
idl: fix frsrpc idl with NDR64 fields
Signed-off-by: Matthieu Patou
Pair-Programmed-With: Stefan Metzmacher
Signed-off-by: Stefan Metzmacher
Reviewed-by: Stefan Metzmacher
commit aa5b3697346710138852b32d6fa479a75b371049
Author: Matthieu Patou
Date: Sun Sep 22 18:29:56 2013 -0700
idl: remove duplicate flag
Signed-off-by: Matthieu Patou
Reviewed-by: Stefan Metzmacher
commit fc11bab20b8ba9548808d60c108fb81096aaffe3
Author: Stefan Metzmacher
Date: Mon Sep 23 08:09:37 2013 +0200
frstrans.idl: add flag(NDR_PAHEX) to frstrans_BytePipe
That way we get hexdump -C style output for the content of the pipe chunks.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Matthieu Patou
commit 51d8eba8417c58c2ade30d58a838441008209542
Author: Stefan Metzmacher
Date: Mon Sep 23 08:05:41 2013 +0200
drsuapi.idl: change the range for attribute values to 26214400 bytes.
This matches the IDL from [MS-DRSR].
Signed-off-by: Stefan Metzmacher
Reviewed-by: Matthieu Patou
commit c18c6c9fb53a84e587f5ed951e47a1bb5f53a30e
Author: Stefan Metzmacher
Date: Mon Sep 23 07:39:43 2013 +0200
librpc/ndr: make use of ndr_dump_data() in ndr_print_array_uint8()
It's much easier to look at hexdump -C style output than
a few thousand lines with 1 byte each.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Matthieu Patou
commit 3d3e8b53bf78c6ab442682b9fe22c902b9c45d73
Author: Stefan Metzmacher
Date: Mon Sep 23 07:20:00 2013 +0200
librpc/ndr: make ndr_pull/push_DATA_BLOB NDR64 aware
Pair-Programmed-With: Matthieu Patou
Signed-off-by: Stefan Metzmacher
Reviewed-by: Matthieu Patou
---
Summary of changes:
librpc/idl/drsuapi.idl |2 +-
librpc/idl/frsrpc.idl|5 ++---
librpc/idl/frstrans.idl |2 +-
librpc/ndr/ndr_basic.c | 21 +++--
pidl/lib/Parse/Pidl/Wireshark/NDR.pm | 16
5 files changed, 31 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/drsuapi.idl b/librpc/idl/drsuapi.idl
index ed85205..063d135 100644
--- a/librpc/idl/drsuapi.idl
+++ b/librpc/idl/drsuapi.idl
@@ -546,7 +546,7 @@ interface drsuapi
/* Generic DATA_BLOB values */
typedef struct {
- [range(0,10485760),value(ndr_size_DATA_BLOB(0,blob,0))] uint32
__ndr_size;
+ [range(0,26214400),value(ndr_size_DATA_BLOB(0,blob,0))] uint32
__ndr_size;
DATA_BLOB *blob;
} drsuapi_DsAttributeValue;
diff --git a/librpc/idl/frsrpc.idl b/librpc/idl/frsrpc.idl
index fcc3119..a235702 100644
--- a/librpc/idl/frsrpc.idl
+++ b/librpc/idl/frsrpc.idl
@@ -43,7 +43,6 @@ interface frsrpc
FRSRPC_CO_FLAG_MORPH_GEN_HEAD = 0x0040,
FRSRPC_CO_FLAG_JUST_OID_RESET = 0x0080,
FRSRPC_CO_FLAG_COMPRESSED_STAGE = 0x0100,
- FRSRPC_CO_FLAG_COMPRESSED_STAGE = 0x0100,
FRSRPC_CO_FLAG_SKIP_VV_UPDATE = 0x0200
} frsrpc_CommPktCoCmdFlags;
@@ -344,8 +343,8 @@ interface frsrpc
[value(0)] uint32 upk_len;
[subcont
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 89200c2 dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs from fc486d8 s4-openldap: Restored openldap-related options to the provision script http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 89200c227f36a063612eb38927ac8dee18e044d5 Author: Andrew Bartlett Date: Tue Sep 24 10:18:36 2013 -0700 dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 Note that this doesn't fix the userParameters problem completely, but it doesn't truncate the userParameters value anymore. Signed-off-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Thu Sep 26 22:05:12 CEST 2013 on sn-devel-104 --- Summary of changes: source4/dsdb/schema/schema_syntax.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c index f7176cd..c2e0208 100644 --- a/source4/dsdb/schema/schema_syntax.c +++ b/source4/dsdb/schema/schema_syntax.c @@ -1529,7 +1529,7 @@ static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(const struct dsdb_syntax_ctx *c return WERR_FOOBAR; } - out->values[i] = data_blob_string_const(str); + out->values[i] = data_blob_const(str, converted_size); } return WERR_OK; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via 76c4a51 Merge tag 'samba-4.1.0rc4' into v4-1-test via fcf3fd6 VERSION: Disable git snapshots for the 4.1.0rc4 release. via 6a03c81 VERSION: Disable git snapshots for the 4.1.0rc3 release. via d9517d5 WHATSNEW: Update changes since 4.1.0rc2. from 7160446 VERSION: Bump version up to 4.1.0rc5... http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit 76c4a517ad433aa87c62b7edd7c91a119928a9c4 Merge: 7160446d332dbc5f881fdd122eea8f0d87184fcd fcf3fd6478090e7bebb65d142edbd097ab260fc4 Author: Stefan Metzmacher Date: Fri Sep 27 12:50:45 2013 +0200 Merge tag 'samba-4.1.0rc4' into v4-1-test samba: tag release samba-4.1.0rc4 --- Summary of changes: Changeset truncated at 500 lines: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 7c0277c librpc: Fix blank line endings
via 816e68f libndr: Fix ndr_print_bitmap_flag for value=0
via 9ac3286 librpc: return a ndr_pull_error instead of just
NDR_ERR_NDR64 when upper bits of 64 bit value are not 0
from 280f21a net: allow "net idmap get ranges" to list all ranges
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7c0277c923443402b8a292fd3b3b1faba1da6dd5
Author: Volker Lendecke
Date: Sat Sep 14 13:44:54 2013 +0200
librpc: Fix blank line endings
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Oct 2 15:02:07 CEST 2013 on sn-devel-104
commit 816e68f94fe500b9d68fd29021d432b84d3139b7
Author: Volker Lendecke
Date: Sat Sep 14 13:43:03 2013 +0200
libndr: Fix ndr_print_bitmap_flag for value=0
Don't endlessly loop
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 9ac32866db2c4244d867093e2594347f4707313f
Author: Matthieu Patou
Date: Sun Sep 22 17:17:16 2013 -0700
librpc: return a ndr_pull_error instead of just NDR_ERR_NDR64 when upper
bits of 64 bit value are not 0
Signed-off-by: Matthieu Patou
Signed-off-by: Stefan Metzmacher
---
Summary of changes:
librpc/ndr/ndr_basic.c | 23 ++-
1 files changed, 14 insertions(+), 9 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/ndr/ndr_basic.c b/librpc/ndr/ndr_basic.c
index 5c653c8..ae5af7a 100644
--- a/librpc/ndr/ndr_basic.c
+++ b/librpc/ndr/ndr_basic.c
@@ -1,20 +1,20 @@
-/*
+/*
Unix SMB/CIFS implementation.
routines for marshalling/unmarshalling basic types
Copyright (C) Andrew Tridgell 2003
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -169,7 +169,8 @@ _PUBLIC_ enum ndr_err_code ndr_pull_uint3264(struct
ndr_pull *ndr, int ndr_flags
if (unlikely(v64 != *v)) {
DEBUG(0,(__location__ ": non-zero upper 32 bits 0x%016llx\n",
(unsigned long long)v64));
- return NDR_ERR_NDR64;
+ return ndr_pull_error(ndr, NDR_ERR_NDR64, __location__ ":
non-zero upper 32 bits 0x%016llx\n",
+(unsigned long long)v64);
}
return err;
}
@@ -1004,7 +1005,7 @@ _PUBLIC_ void ndr_print_null(struct ndr_print *ndr)
ndr->print(ndr, "UNEXPECTED NULL POINTER");
}
-_PUBLIC_ void ndr_print_enum(struct ndr_print *ndr, const char *name, const
char *type,
+_PUBLIC_ void ndr_print_enum(struct ndr_print *ndr, const char *name, const
char *type,
const char *val, uint32_t value)
{
if (ndr->flags & LIBNDR_PRINT_ARRAY_HEX) {
@@ -1019,10 +1020,14 @@ _PUBLIC_ void ndr_print_bitmap_flag(struct ndr_print
*ndr, size_t size, const ch
/* this is an attempt to support multi-bit bitmap masks */
value &= flag;
+ if (value == 0) {
+ return;
+ }
+
while (!(flag & 1)) {
flag >>= 1;
value >>= 1;
- }
+ }
if (flag == 1) {
ndr->print(ndr, " %d: %-25s", value, flag_name);
} else {
@@ -1160,7 +1165,7 @@ _PUBLIC_ void ndr_print_bad_level(struct ndr_print *ndr,
const char *name, uint1
ndr->print(ndr, "UNKNOWN LEVEL %u", level);
}
-_PUBLIC_ void ndr_print_array_uint8(struct ndr_print *ndr, const char *name,
+_PUBLIC_ void ndr_print_array_uint8(struct ndr_print *ndr, const char *name,
const uint8_t *data, uint32_t count)
{
int i;
@@ -1195,7 +1200,7 @@ _PUBLIC_ void ndr_print_array_uint8(struct ndr_print
*ndr, const char *name,
free(idx);
}
}
- ndr->depth--;
+ ndr->depth--;
#undef _ONELINE_LIMIT
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c3a5fec smbd:smb2: fix error code when the header says the request
is signed but we don't have a sesseion
via 4a7b792 s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if
signing is required
from 7c0277c librpc: Fix blank line endings
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c3a5fecdc1ff0320f4979fa21aa636aacaac8abe
Author: Michael Adam
Date: Wed Sep 25 23:18:56 2013 +0200
smbd:smb2: fix error code when the header says the request is signed but we
don't have a sesseion
I.e. when the request is a session setup.
We replied with ACCESS_DENIED, but windows expects USER_SESSION_DELETED
Signed-off-by: Michael Adam
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Oct 2 22:07:44 CEST 2013 on sn-devel-104
commit 4a7b792bc6d463a3aa4e1150a271ed6b929276cc
Author: Stefan Metzmacher
Date: Mon Sep 23 20:51:30 2013 +0200
s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is
required
Windows (at least the test suites) may skip the SMB2_HDR_FLAG_SIGNED
in a reauth session setup, but still provide a valid signature.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Michael Adam
---
Summary of changes:
source3/smbd/smb2_server.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index b031c6d..1bebee1 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1993,12 +1993,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct
smbd_smb2_request *req)
if (req->do_encryption) {
signing_required = false;
- } else if (flags & SMB2_HDR_FLAG_SIGNED) {
+ } else if (signing_required || (flags & SMB2_HDR_FLAG_SIGNED)) {
DATA_BLOB signing_key;
if (x == NULL) {
return smbd_smb2_request_error(
- req, NT_STATUS_ACCESS_DENIED);
+ req, NT_STATUS_USER_SESSION_DELETED);
}
signing_key = x->global->channels[0].signing_key;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8b51eab Revert "Support UPN_DNS_INFO in the PAC"
from 8f201fe Remove dead code. Now we have no SWAT we don't use the
invalid_services array or associated counter.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8b51eabf319689d45ce1f8492c4372b49eecb794
Author: Stefan Metzmacher
Date: Thu Oct 3 15:14:58 2013 +0200
Revert "Support UPN_DNS_INFO in the PAC"
This reverts commit a6be8a97f705247c1b1cbb0595887d8924740a71.
We fail (often) to parse a krb5pac type 12 buffer due to the incomplete
change
which came in via a6be8a97f705247c1b1cbb0595887d8924740a71. This change came
into master and has only been released in RCs so no regression to published
4.0.x releases. We should revert this for 4.1 for now until we can make it
work
in all cases (see work on this in
https://git.samba.org/?p=gd/samba/.git;a=shortlog;h=refs/heads/master-krb5pac_type12).
Without this revert the entire PAC parsing may fail which can effect serious
implications (krb5 smb session setup not working).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10178
Signed-off-by: Günther Deschner
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Oct 3 17:08:46 CEST 2013 on sn-devel-104
---
Summary of changes:
librpc/idl/krb5pac.idl | 16 +++-
1 files changed, 7 insertions(+), 9 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl
index 0fce16b..8a6540c 100644
--- a/librpc/idl/krb5pac.idl
+++ b/librpc/idl/krb5pac.idl
@@ -37,20 +37,18 @@ interface krb5pac
[size_is(num_transited_services)] lsa_String
*transited_services;
} PAC_CONSTRAINED_DELEGATION;
- typedef [public,bitmap32bit] bitmap {
- UDI_ACCT_HAS_NO_UPN = 0x0001 /* 1= User account has no
UPN */
- } upn_dns_info_flags;
-
typedef struct {
[value(2*strlen_m(upn_name))] uint16 upn_size;
uint16 upn_offset;
[value(2*strlen_m(domain_name))] uint16 domain_size;
uint16 domain_offset;
- upn_dns_info_flags flags;
- uint32 padding;
+ uint16 unknown3; /* 0x01 */
+ uint16 unknown4;
+ uint32 unknown5;
[charset(UTF16)] uint8 upn_name[upn_size+2];
[charset(UTF16)] uint8 domain_name[domain_size+2];
- } PAC_UPN_DNS_INFO;
+ uint32 unknown6; /* padding */
+ } PAC_UNKNOWN_12;
typedef [public] struct {
PAC_LOGON_INFO *info;
@@ -66,7 +64,7 @@ interface krb5pac
PAC_TYPE_KDC_CHECKSUM = 7,
PAC_TYPE_LOGON_NAME = 10,
PAC_TYPE_CONSTRAINED_DELEGATION = 11,
- PAC_TYPE_UPN_DNS_INFO = 12
+ PAC_TYPE_UNKNOWN_12 = 12
} PAC_TYPE;
typedef struct {
@@ -80,12 +78,12 @@ interface krb5pac
[case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name;
[case(PAC_TYPE_CONSTRAINED_DELEGATION)][subcontext(0xFC01)]
PAC_CONSTRAINED_DELEGATION_CTR constrained_delegation;
- [case(PAC_TYPE_UPN_DNS_INFO)] PAC_UPN_DNS_INFO upn_dns_info;
/* when new PAC info types are added they are supposed to be
done
in such a way that they are backwards compatible with
existing
servers. This makes it safe to just use a [default] for
unknown types, which lets us ignore the data */
[default] [subcontext(0)] DATA_BLOB_REM unknown;
+ /* [case(PAC_TYPE_UNKNOWN_12)] PAC_UNKNOWN_12 unknown; */
} PAC_INFO;
typedef [public,nopush,nopull,noprint] struct {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9110c07 smbd:smb2: clarify and comment code treating dh2c blob
check.
via dd25679 smbd:smb2: ignore an dhnq blob along with a dhnc in create
via ea51681 smbd:smb2_create: fix return code for durable handle create
blob combinations
via 7b624cf s4:torture:smb2: add durable-v2-open.reopen2c
via ba05f70 s4:torture:smb2: add durable-v2-open.reopen2b
via 0ecfe17 s4:torture:smb2: add durable-v2-open.create-blob
via bd3b922 s4:torture:smb2: extend the durable-open.reopen2 test
via 6fc5661 s4:torture:smb2: extend the durable-v2-open.reopen2 test
via 1bd2ab4 smbd:smb2: successfully answer a DHnC request when the
initial create was DH2Q
via 9769f06 smbd:smb2_create: add comment about validity of check
reconnect blob being only one
via d8cd549 s4:torture:smb2: add a durable-open.reopen-lease-v2 test
via 43c4a65 s4:torture:smb2: add durable-v2-open.reopen2-lease-v2
via 5647287 s4:torture:smb2: add smb2_lease_v2_create() wrapper to
smb2_lease_v2_create_share()
via d4f4d08 s4:torture:smb2: add durable-v2-open.reopen2-lease
via 1f14747 s4:torture:smb2: add durable-open.reopen2-lease test
via 6c6643c s4:torture:smb2: fix durable-open lease tests to pass
against windows.
via a31ea15 s4:torture:smb2: add smbcli_options argument to
torture_smb2_connection_ext()
via 596f802 s4:libcli:smb2: make smbcli_options argument to
smb2_connect_(send|ext) const
via 5736f13 s4:libcli:smb2: add the smb2_capabilities to the
smbcli_options
via 4e99a0f s4:libcli:smb2: add the client_guid to the smbcli_options
via 39a965a s4:torture:spoolss: use smb2_connect() instead of
smb2_connet_ext()
via 14e3f4b s4:torture:smb2: fix a comment in the
durable-open.lock-oplock test
from 8fe1f40 samba_backup: fix bug, add command line parameter, improve
error messages
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9110c079f1aa504bc114d8c00a5a48f58dce5459
Author: Michael Adam
Date: Fri Oct 4 12:39:57 2013 +0200
smbd:smb2: clarify and comment code treating dh2c blob check.
This makes the code that checks for extra create blobs in the
case of the dh2c blob look very similar to the corresponding
(slightly mode complex) code for the dhnc blob.
With this preparation it will be easier and more obvious how
to add proper treatment of the lease request blobs when leases
get implemented.
Signed-off-by: Michael Adam
Reviewed-by: Jeremy Allison
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Sat Oct 5 15:56:11 CEST 2013 on sn-devel-104
commit dd256792568d96c4a8dba5ea28cd3274ed1c040b
Author: Michael Adam
Date: Thu Sep 26 07:48:42 2013 +0200
smbd:smb2: ignore an dhnq blob along with a dhnc in create
This is according to MS-SMB2, 3.3.5.9.7
"Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT Create Context"
Signed-off-by: Michael Adam
Reviewed-by: Jeremy Allison
Reviewed-by: Stefan Metzmacher
commit ea51681cc21f6e84af2f71309875c6692efcbc6e
Author: Michael Adam
Date: Wed Sep 25 20:39:17 2013 +0200
smbd:smb2_create: fix return code for durable handle create blob
combinations
According to MS-SMB2:
3.3.5.9.7 Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT Create Context
3.3.5.9.12 Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 Create
Context
and verified by test results.
Signed-off-by: Michael Adam
Reviewed-by: Jeremy Allison
Reviewed-by: Stefan Metzmacher
commit 7b624cf856816851882d00d82658b756c0c29c1e
Author: Michael Adam
Date: Thu Sep 26 07:00:33 2013 +0200
s4:torture:smb2: add durable-v2-open.reopen2c
- create durable with v1 request
- reconnect with v2 reconnect request
==> fails
Signed-off-by: Michael Adam
Reviewed-by: Jeremy Allison
Reviewed-by: Stefan Metzmacher
commit ba05f705a192a8f20ba1cc488016e58eebce2013
Author: Michael Adam
Date: Thu Sep 26 06:06:01 2013 +0200
s4:torture:smb2: add durable-v2-open.reopen2b
- connect with durable v2
- reconnect with durable v1
=> succeeds
Signed-off-by: Michael Adam
Reviewed-by: Jeremy Allison
Reviewed-by: Stefan Metzmacher
commit 0ecfe1755e5e402188c9fa18f81561da248e3e12
Author: Michael Adam
Date: Thu Sep 26 05:47:47 2013 +0200
s4:torture:smb2: add durable-v2-open.create-blob
test various combinations of durable create and reconnect
request blobs, according to
MS-SMB2, 3.3.5.9.12:
"Handling the SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 Create Context"
Signed-off-by: Michael Adam
Reviewed-by: Jeremy Allison
Revi
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via f650bb9 smbd: Remove unused "brl->key" struct element
via e9513bc smbd: Convert some dbgtxt to DEBUG
via 3a72cdb torture: Remove an unused variable
via 960bd9a torture: Continue buffer check after NOT_IMPLEMENTED
infolevels
via c944d2e libcli: Correct smb2_lease_pull
via eb5e817 libcli: Add const to smb2_lease_pull
via b40fcf3 torture: Fix a typo
via c134a37 smbd: Fix a comment
via 41857bd smbd: Fix confusing comments
via 4cde5bf smbd: Avoid calling serverid_exists twice
from 9110c07 smbd:smb2: clarify and comment code treating dh2c blob
check.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit f650bb94c8b79bec87c2a1f17b573c27e0ef1b1b
Author: Volker Lendecke
Date: Wed Sep 11 09:31:36 2013 +
smbd: Remove unused "brl->key" struct element
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Sun Oct 6 15:49:43 CEST 2013 on sn-devel-104
commit e9513bc6ab2974899a3f6ddc73886e969b142502
Author: Volker Lendecke
Date: Sun Sep 15 19:18:41 2013 -0700
smbd: Convert some dbgtxt to DEBUG
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 3a72cdb33aa34fa1d950b73c6ab6698bdc364bb4
Author: Volker Lendecke
Date: Thu Sep 26 21:27:42 2013 -0700
torture: Remove an unused variable
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 960bd9a584a27bde45433be1ca869b2197cf465d
Author: Volker Lendecke
Date: Thu Sep 26 21:21:21 2013 -0700
torture: Continue buffer check after NOT_IMPLEMENTED infolevels
Patch from the SDC plugfest. Not every implementation supports every
infolevel, and we want to be able to test buffersize error behaviour
for all supported infolevels
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit c944d2ea41456d27e1f327f9e50b70c0bbbde824
Author: Volker Lendecke
Date: Thu Sep 26 17:10:50 2013 -0700
libcli: Correct smb2_lease_pull
We don't really use leases yet, so so far this went by unnoticed. It's
the V2 lease requests that hold the parent lease key, not the V1 ones.
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit eb5e817a73ab158c8f106ac6ae0503d70a315d7f
Author: Volker Lendecke
Date: Wed Aug 21 10:27:43 2013 +
libcli: Add const to smb2_lease_pull
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit b40fcf3f17e4ed9dde31dff73e4669d867753941
Author: Volker Lendecke
Date: Sun Sep 22 17:19:09 2013 -0700
torture: Fix a typo
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit c134a37df3084d794267730612e38451887a2fc2
Author: Volker Lendecke
Date: Wed Oct 2 15:20:16 2013 +
smbd: Fix a comment
This has been converted from a timed event to an immediate one in
e7dab403c0ca6f6
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 41857bd0f73bf294fa98d6e697ac563297b24310
Author: Volker Lendecke
Date: Tue Sep 3 13:31:27 2013 +
smbd: Fix confusing comments
The brlock-check is done in grant_fsp_oplock_type
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 4cde5bf1a406e14fcc7a51eba1e337fd1d3c80b3
Author: Volker Lendecke
Date: Sun Sep 22 19:16:56 2013 -0700
smbd: Avoid calling serverid_exists twice
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
libcli/smb/smb2_lease.c| 11 ++-
libcli/smb/smb2_lease.h|3 ++-
source3/locking/brlock.c |4 +---
source3/locking/locking.c |6 ++
source3/smbd/open.c|3 +--
source3/smbd/oplock.c | 36 ++--
source4/torture/raw/streams.c |2 +-
source4/torture/smb2/getinfo.c |4 +++-
8 files changed, 34 insertions(+), 35 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smb2_lease.c b/libcli/smb/smb2_lease.c
index 10beaca..f97f096 100644
--- a/libcli/smb/smb2_lease.c
+++ b/libcli/smb/smb2_lease.c
@@ -23,7 +23,8 @@
#include "includes.h"
#include "../libcli/smb/smb_common.h"
-ssize_t smb2_lease_pull(uint8_t *buf, size_t len, struct smb2_lease *lease)
+ssize_t smb2_lease_pull(const uint8_t *buf, size_t len,
+ struct smb2_lease *lease)
{
int version;
@@ -45,13 +46,13 @@ ssize_t smb2_lease_pull(uint8_t *buf, size_t len, struct
smb2_lease *lease)
switch (version) {
case 1:
- memcpy(&lease->pa
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c952e11 smbd: Remove byte_range_lock->read_only
via 8c435cd smbd: Remove the brl_get_locks wrapper
via 440e331 smbd: brl_get_locks_internal is always called r/w now
via 5d8f64c smbd: Restructure brl_get_locks_readonly
via 2b3c5be smbd: Avoid an if-statement per read/write in the
non-clustered case
from f650bb9 smbd: Remove unused "brl->key" struct element
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c952e11859d786418f82204e6cabc6c424e71bb9
Author: Volker Lendecke
Date: Wed Sep 11 11:54:37 2013 +
smbd: Remove byte_range_lock->read_only
With the rewritten brl_get_lock_readonly we only set the destructor for
r/w lock records anyway.
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Sun Oct 6 22:20:05 CEST 2013 on sn-devel-104
commit 8c435cd588bd15f444eb4d2fcd687eee02204c88
Author: Volker Lendecke
Date: Wed Sep 11 11:53:26 2013 +
smbd: Remove the brl_get_locks wrapper
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 440e331949fe8da5c09ce9ef6cf79f6e8656abe2
Author: Volker Lendecke
Date: Wed Sep 11 11:51:44 2013 +
smbd: brl_get_locks_internal is always called r/w now
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 5d8f64c47d02c2aa58f3f0c87903bbd41d086aa0
Author: Volker Lendecke
Date: Wed Sep 11 11:36:54 2013 +
smbd: Restructure brl_get_locks_readonly
This is step 1 to get rid of brl_get_locks_internal with its complex
readonly
business. It also optimizes 2 things: First, it uses dbwrap_parse_record to
avoid a talloc and memcpy, and second it uses talloc_pooled_object.
And -- hopefully it is easier to understand the caching logic with
fsp->brlock_rec and the clustering escape.
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 2b3c5bea1c1512bc250481690b2d968491738629
Author: Volker Lendecke
Date: Wed Sep 11 10:17:05 2013 +
smbd: Avoid an if-statement per read/write in the non-clustered case
Without clustering, fsp->brlock_rec will never be set anyway. In the
clustering case we can't use the seqnum trick, so this is slow enough
that the additional if-statement does not matter in this case anyway. In
the non-clustered case it might. Have not measured it, but every little
bit helps I guess.
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
source3/locking/brlock.c | 168 ++
1 files changed, 109 insertions(+), 59 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/locking/brlock.c b/source3/locking/brlock.c
index ee4354c..0d45501 100644
--- a/source3/locking/brlock.c
+++ b/source3/locking/brlock.c
@@ -47,7 +47,6 @@ struct byte_range_lock {
struct files_struct *fsp;
unsigned int num_locks;
bool modified;
- bool read_only;
struct lock_struct *lock_data;
struct db_record *record;
};
@@ -1879,10 +1878,6 @@ int brl_forall(void (*fn)(struct file_id id, struct
server_id pid,
static void byte_range_lock_flush(struct byte_range_lock *br_lck)
{
- if (br_lck->read_only) {
- SMB_ASSERT(!br_lck->modified);
- }
-
if (!br_lck->modified) {
goto done;
}
@@ -1910,10 +1905,7 @@ static void byte_range_lock_flush(struct byte_range_lock
*br_lck)
}
done:
-
- br_lck->read_only = true;
br_lck->modified = false;
-
TALLOC_FREE(br_lck->record);
}
@@ -1929,12 +1921,10 @@ static int byte_range_lock_destructor(struct
byte_range_lock *br_lck)
TALLOC_FREE(brl) will release the lock in the destructor.
/
-static struct byte_range_lock *brl_get_locks_internal(TALLOC_CTX *mem_ctx,
- files_struct *fsp, bool read_only)
+struct byte_range_lock *brl_get_locks(TALLOC_CTX *mem_ctx, files_struct *fsp)
{
TDB_DATA key, data;
struct byte_range_lock *br_lck = talloc(mem_ctx, struct
byte_range_lock);
- bool do_read_only = read_only;
if (br_lck == NULL) {
return NULL;
@@ -1947,40 +1937,22 @@ static struct byte_range_lock
*brl_get_locks_internal(TALLOC_CTX *mem_ctx,
key.dptr = (uint8 *)&fsp->file_id;
key.dsize = sizeof(struct file_id);
- if (!fsp->lockdb_clean) {
- /* We must be read/write to clean
- the dead entries. */
-
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5241617 pidl-wireshark: fix the trailling white space in the
generated headers
via cd871a6 pidl-wireshark: fix trailing white space in the HF
definition
from 0de6282 Fix bug #10187 - Missing talloc_free can leak stackframe in
error path.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 52416175dba7c359f0f324c6f0754c75a4cca18d
Author: Matthieu Patou
Date: Tue Oct 8 12:23:21 2013 -0700
pidl-wireshark: fix the trailling white space in the generated headers
Signed-off-by: Matthieu Patou
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Oct 9 10:31:25 CEST 2013 on sn-devel-104
commit cd871a6b8c82bd2b9d2c1470ea93ba84b7f57885
Author: Matthieu Patou
Date: Tue Oct 8 12:22:18 2013 -0700
pidl-wireshark: fix trailing white space in the HF definition
Signed-off-by: Matthieu Patou
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
pidl/lib/Parse/Pidl/Wireshark/NDR.pm |6 +++---
pidl/tests/wireshark-ndr.pl |2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
index 1151dc0..91ef118 100644
--- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
+++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
@@ -1021,9 +1021,9 @@ sub Parse($)
This filter was automatically generated
from $idl_file and $cnf_file.
- Pidl is a perl based IDL compiler for DCE/RPC idl files.
+ Pidl is a perl based IDL compiler for DCE/RPC idl files.
It is maintained by the Samba team, not the Wireshark team.
- Instructions on how to download and install Pidl can be
+ Instructions on how to download and install Pidl can be
found at http://wiki.wireshark.org/Pidl
\$Id\$
@@ -1192,7 +1192,7 @@ sub DumpHfList($)
foreach (values %{$self->{conformance}->{header_fields}})
{
- $res .= "\t{ &$_->{INDEX},
+ $res .= "\t{ &$_->{INDEX},
{ ".make_str($_->{NAME}).", ".make_str($_->{FILTER}).",
$_->{FT_TYPE}, $_->{BASE_TYPE}, $_->{VALSSTRING}, $_->{MASK},
".make_str_or_null($_->{BLURB}).", HFILL }},
";
}
diff --git a/pidl/tests/wireshark-ndr.pl b/pidl/tests/wireshark-ndr.pl
index 8c2cd47..49ecc5c 100755
--- a/pidl/tests/wireshark-ndr.pl
+++ b/pidl/tests/wireshark-ndr.pl
@@ -227,7 +227,7 @@ $x->{conformance} = {
};
is($x->DumpHfList(), "\tstatic hf_register_info hf[] = {
- { &hf_bla,
+ { &hf_bla,
{ \"Bla\", \"bla.field\", FT_UINT32, BASE_DEC, NULL, 255, \"NULL\",
HFILL }},
};
");
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a2d45cf provision/sambadns: CN=MicrosoftDNS,CN=System, is relative
to DOMAINDN
via a90067e provision: Fix comment to refer to correct file (krb5.conf)
via 6da2dcd dsdb: Provide a clearer error when we fail to store the
sequence number in metadata.tdb
via d2ff474 ldb:rdn_name: reject 'distinguishedName' depending of the
MOD flags
via da7ef12 dsdb/tests/ldap: fix test_distinguished_name against w2k8r2
via 295b4de s4:dsdb/rootdse: report 'dnsHostName' instead of
'dNSHostName'
via ca17392 dsdb/tests/ldap: fix test_ldapServiceName against w2k8r2
from b197de7 libndr: Avoid ommitting display of unset bitmap flags.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a2d45cf49e4976d55261d01df955e412ac7fa73f
Author: Stefan Metzmacher
Date: Wed Oct 9 09:37:52 2013 +0200
provision/sambadns: CN=MicrosoftDNS,CN=System, is relative to DOMAINDN
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Oct 10 10:24:55 CEST 2013 on sn-devel-104
commit a90067ec8ef56a8edfbede992848f08e70853cb5
Author: Andrew Bartlett
Date: Wed Sep 25 20:28:42 2013 -0700
provision: Fix comment to refer to correct file (krb5.conf)
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 6da2dcd17ee46d339d7d80df3dccd456703e7fe2
Author: Andrew Bartlett
Date: Wed Sep 25 17:09:58 2013 -0700
dsdb: Provide a clearer error when we fail to store the sequence number in
metadata.tdb
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit d2ff474766ebb104309bf1e801c54ce0f8ea0a64
Author: Stefan Metzmacher
Date: Wed Sep 25 01:30:23 2013 +0200
ldb:rdn_name: reject 'distinguishedName' depending of the MOD flags
This is what Windows 2008 R2 returns:
LDB_MOD_ADD => LDB_ERR_UNWILLING_TO_PERFORM
LDB_MOD_REPLACE => LDB_ERR_CONSTRAINT_VIOLATION
LDB_MOD_DEL => LDB_ERR_UNWILLING_TO_PERFORM
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit da7ef12b43f355fa6ff92af98645c80c85699d78
Author: Stefan Metzmacher
Date: Mon Sep 23 03:39:58 2013 +0200
dsdb/tests/ldap: fix test_distinguished_name against w2k8r2
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit 295b4de7215f3326f9a403973547eb6ed4339f9b
Author: Stefan Metzmacher
Date: Wed Sep 25 00:49:19 2013 +0200
s4:dsdb/rootdse: report 'dnsHostName' instead of 'dNSHostName'
The attribute on the RootDSE object is called 'dnsHostName'
instead of 'dNSHostName' (which is used in the schema and on
all other directory objects).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit ca173923a3937a9ed08f71bfd4ba177a6aeeaeba
Author: Stefan Metzmacher
Date: Sun Sep 22 23:40:12 2013 +0200
dsdb/tests/ldap: fix test_ldapServiceName against w2k8r2
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
---
Summary of changes:
lib/ldb/modules/rdn_name.c | 10 ++-
python/samba/provision/__init__.py |5 +--
python/samba/provision/sambadns.py | 16 ++--
.../dsdb/samdb/ldb_modules/partition_metadata.c| 25 +++
source4/dsdb/samdb/ldb_modules/rootdse.c |2 +-
source4/dsdb/tests/python/ldap.py | 16
6 files changed, 48 insertions(+), 26 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/modules/rdn_name.c b/lib/ldb/modules/rdn_name.c
index 50b63ae..f44ea71 100644
--- a/lib/ldb/modules/rdn_name.c
+++ b/lib/ldb/modules/rdn_name.c
@@ -371,6 +371,7 @@ static int rdn_name_modify(struct ldb_module *module,
struct ldb_request *req)
{
struct ldb_context *ldb;
const struct ldb_val *rdn_val_p;
+ struct ldb_message_element *e = NULL;
ldb = ldb_module_get_ctx(module);
@@ -389,10 +390,15 @@ static int rdn_name_modify(struct ldb_module *module,
struct ldb_request *req)
return LDB_ERR_INVALID_DN_SYNTAX;
}
- if (ldb_msg_find_element(req->op.mod.message, "distinguishedName")) {
+ e = ldb_msg_find_element(req->op.mod.message, "distinguishedName");
+ if (e != NULL) {
ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on
%s not permitted, must use 'rename' operation instead&qu
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via af3138e samba-tool domain join subdomain: Rework sambadns.py to
allow setup of DomainDNSZone only
via d5077ba join.py: Reconnect to the DC based on the DC name in
dnsHostName to allow connection to IPC$
via 5a9265d join.py: Remove special full_ncs handling, we only need to
updateRefs on an NC we replicate
via ca7c3fb join.py: Use ctx.forestdns_zone variable
via a8c6dd5 join.py: Correct ctx.forestdns_zone and so remove the need
for duplicate repl.replicate() call
via 48b979c provision: Remove --username and --password options from
samba-tool domain provision
from a2d45cf provision/sambadns: CN=MicrosoftDNS,CN=System, is relative
to DOMAINDN
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit af3138e9b6813ef88698c3e6eeb280c6e988c4cc
Author: Andrew Bartlett
Date: Mon Sep 9 11:54:23 2013 +1200
samba-tool domain join subdomain: Rework sambadns.py to allow setup of
DomainDNSZone only
This skips handling the ForestDNSZone when we are setting up a subdomain.
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Fri Oct 11 10:27:49 CEST 2013 on sn-devel-104
commit d5077baee26c593eb55cedf90ae440f50aa32e14
Author: Andrew Bartlett
Date: Wed Sep 25 17:09:30 2013 -0700
join.py: Reconnect to the DC based on the DC name in dnsHostName to allow
connection to IPC$
The treeConnect&X of the GUID name fails against Windows 2003.
Andrew Bartlett
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 5a9265de88bd5a1e9582ce57b5c5076826e01a85
Author: Andrew Bartlett
Date: Fri Oct 11 09:47:29 2013 +1300
join.py: Remove special full_ncs handling, we only need to updateRefs on an
NC we replicate
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit ca7c3fb279ba8367e00053fe344a72af063bdbcd
Author: Andrew Bartlett
Date: Fri Oct 11 09:37:41 2013 +1300
join.py: Use ctx.forestdns_zone variable
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit a8c6dd54381412201051fdc78f13e60ec9c47de6
Author: Andrew Bartlett
Date: Fri Oct 11 09:36:53 2013 +1300
join.py: Correct ctx.forestdns_zone and so remove the need for duplicate
repl.replicate() call
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 48b979c4fec39c8d3b9684b4a759715c0f93e9cc
Author: Andrew Bartlett
Date: Thu Sep 26 10:19:18 2013 -0700
provision: Remove --username and --password options from samba-tool domain
provision
This avoids confusion, because the LDAP backend does not use these,
and they do not set the password for the administrator account either!
This may break support for the 'existing' backend LDAP backend, but
that is nothing more than a stub for future development anyway, and
new work in this area should use EXTERNAL in any case.
Signed-off-by: Andrew Bartlett
Signed-off-by: Stefan Metzmacher
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
python/samba/join.py | 25 +++---
python/samba/netcmd/domain.py | 18 ++---
python/samba/provision/__init__.py| 26 +++---
python/samba/provision/backend.py | 52 +++-
python/samba/provision/common.py |5 +
python/samba/provision/sambadns.py| 90 +
python/samba/upgrade.py |5 +-
python/samba/upgradehelpers.py|7 +-
source4/scripting/bin/samba_upgradedns|5 +-
source4/scripting/bin/samba_upgradeprovision |2 +-
source4/setup/provision_dnszones_add.ldif | 51 ++--
source4/setup/provision_dnszones_modify.ldif | 31 ++-
source4/setup/provision_dnszones_partitions.ldif |9 +--
source4/setup/tests/blackbox_provision-backend.sh |2 +-
14 files changed, 135 insertions(+), 193 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/join.py b/python/samba/join.py
index 2379d5f..9cac8f5 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -24,6 +24,7 @@ from samba import gensec, Ldb, drs_utils
import ldb, samba, sys, uuid
from samba.ndr import ndr_pack
from samba.dcerpc import security, drsuapi, misc, nbt, lsa, drsblobs
+from samba.dsdb import DS_DOMAIN_FUNCTION_2003
from samba.credentials import Credentials, DONT_USE_KERBEROS
from samba.provision import secretsdb_self_join, provision, provision_fill,
FILL_DRS, FILL_SUBDOMAIN
from samba.provision.common import setup_path
@@ -65,7 +66,6 @@
[SCM] Samba Shared Repository - annotated tag ldb-2.0.8 created
The annotated tag, ldb-2.0.8 has been created at a5e8c9dad749a94db491fd85ed9fc9649def6e6f (tag) tagging c37b94fd0a7b24df93b664ad4c2d197c516c9dce (commit) replaces samba-4.11.2 tagged by Stefan Metzmacher on Tue Dec 10 12:02:27 2019 +0100 - Log - ldb: tag release ldb-2.0.8 -BEGIN PGP SIGNATURE- iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl3ve0MACgkQR5ORYRMI QCXLLwf9G8yNW7rtjIRjUVL7ld3B41nvmRmSdzHPWkhGGuoOfKKeZYMu/Crh+Btz vKpYGlRBKuxVXoPSXdkvHvPn7EAOMr/R0y7lmuadIUoif001si/zJGKBlPMHzTzu ml0rtot96mjGZB3cr/xpilhSQp6kg2b5HmIhwJ0CwVPnfudtuI9Lk6aryx2S9BnP b1xTexJ6EoX2+WsgnDG8zeL14HffCTyE1bBZ2NrxPMnDwbp77vpP8/EL2Gqwdm6b w4lRXffydjUwsO1hwaC8uzDbtlcNHx0UZvKLSYYF5My7LpORZbehPVZoIuqYSZc3 0BWddj752x/A15m3O4PKEKotG4bTig== =MO0N -END PGP SIGNATURE- Andreas Schneider (1): replace: Only link libnsl and libsocket if requrired Christof Schmitt (6): wscript: Fix build with system heimdal krb5_plugin: Use C99 initializer krb5_plugin: Fix developer build with newer heimdal system library autobuild: Add test for build with system heimdal library bootstrap: Add heimdal-multidev for Debian and Ubuntu gitlab-ci: Run samba-fileserver-heimdalkrb5 Isaac Boukris (7): libnet_join: build dnsHostName from netbios name and lp_dnsdomain() libnet_join_set_machine_spn: improve style and make a bit room for indentation libnet_join_set_machine_spn: simplify memory handling libnet_join_set_machine_spn: simplify adding uniq spn to array docs-xml: add "additional dns hostnames" smb.conf option libnet_join: add SPNs for additional-dns-hostnames entries selftest: system-heimdal: workaround upstream "host" canon bug Jeremy Allison (5): s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number. s3: torture: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number. s3: libsmb: Ensure we don't call cli_RNetShareEnum() on an SMB1 connection. s3: utils: smbtree. Ensure we don't call cli_RNetShareEnum() on an SMB1 connection. s3: libsmb: Ensure return from net_share_enum_rpc() sets cli->raw_status on error. Karolin Seeger (3): VERSION: Bump version up to 4.11.2... Merge tag 'samba-4.11.2' into v4-11-test VERSION: Bump version up to 4.11.3. Martin Schwenke (3): ctdb-tcp: Check incoming queue to see if incoming connection is up ctdb-tcp: Avoid orphaning the TCP incoming queue ctdb-tcp: Drop tracking of file descriptor for incoming connections Ralph Boehme (16): s3:dbwrap: initialize messaging before getting the ctdb connection s3: remove now unneeded call to cmdline_messaging_context() s3:smbd: Incomplete conversion of former parametric options s3:smbd: Fix sync dosmode fallback in async dosmode codepath torture: expand test "vfs.fruit.resource fork IO" to check size vfs_fruit: fix a long line vfs_fruit: README.Coding fix: multi-line if expression lib/adouble: drop ad_data reallocate logic lib/adouble: pass filesize to ad_unpack() s3:printing: fix a long line s3: replace standard_sub_advanced with talloc_sub_advanced in one place s3: remove unused function standard_sub_advanced() s3: rename talloc_sub_advanced() to talloc_sub_full() s3:lib: factor out talloc_sub_advanced() from talloc_sub_full() s3:printing: add a DEBUG statement s3:printing: Fix %J substition Stefan Metzmacher (2): s4:tests/dirsync: add tests for dirsync with extended_dn s4:dirsync: fix interaction of dirsync and extended_dn controls Uri Simchoni (6): waf: upgrade to 2.0.18 wafsamba: use test_args instead of exec_args to support cross-compilation wafsamba: avoid pre-forking if cross-compilation is enabled wafsamba: pass environment to cross-execute tests autobuild: harden samba-xc test suite ldb: Release ldb 2.0.8 Volker Lendecke (1): ctdb-tcp: Close inflight connecting TCP sockets after fork --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via bc0c876a9eb pidl:NDR/Parser: only include structs in
ndr_interface_public_struct
via 238d08b07d0 selftest: Confirm that ndrdump struct mode is not
available for enums
from 73f43626062 CVE-2019-14870: mit-kdc: enforce delegation_not_allowed
flag
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bc0c876a9ebbec1a31856a9e7147a481c69ba434
Author: Andrew Bartlett
Date: Thu Dec 5 11:37:05 2019 +1300
pidl:NDR/Parser: only include structs in ndr_interface_public_struct
We only have ndrdump and the fuzzers set up for structures, not BITMAPS,
ENUMS etc.
Pair-Programmed-With: Stefan Metzmacher
Signed-off-by: Andrew Bartlett
Signed-off-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Dec 10 17:45:46 UTC 2019 on sn-devel-184
commit 238d08b07d0178940c28839518c9f1afbc605378
Author: Andrew Bartlett
Date: Fri Dec 6 11:00:57 2019 +1300
selftest: Confirm that ndrdump struct mode is not available for enums
These are not passed by pointer so the structure dump system does not work
for these. It is best to dump the containing structure instead.
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 20
python/samba/tests/blackbox/ndrdump.py | 14 ++
2 files changed, 30 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
index 91b5f942994..c2821874db8 100644
--- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
@@ -88,6 +88,18 @@ sub has_fast_array($$)
return ($t->{NAME} eq "uint8");
}
+sub is_public_struct
+{
+ my ($d) = @_;
+ if (!has_property($d, "public")) {
+ return 0;
+ }
+ my $t = $d;
+ if ($d->{TYPE} eq "TYPEDEF") {
+ $t = $d->{DATA};
+ }
+ return $t->{TYPE} eq "STRUCT";
+}
# defer() is like pidl(), but adds to
@@ -2794,7 +2806,7 @@ sub FunctionTable($$)
my $uname = uc $interface->{NAME};
foreach my $d (@{$interface->{TYPES}}) {
- next unless (has_property($d, "public"));
+ next unless (is_public_struct($d));
$count_public_structs += 1;
}
return if ($#{$interface->{FUNCTIONS}}+1 == 0 and
@@ -2807,8 +2819,8 @@ sub FunctionTable($$)
$self->pidl("static const struct ndr_interface_public_struct
$interface->{NAME}\_public_structs[] = {");
foreach my $d (@{$interface->{TYPES}}) {
- next unless (has_property($d, "public"));
- $self->StructEntry($d)
+ next unless (is_public_struct($d));
+ $self->StructEntry($d);
}
$self->pidl("\t{ .name = NULL }");
$self->pidl("};");
@@ -3034,7 +3046,7 @@ sub ParseTypePrintFunction($$$)
$self->pidl_hdr("void ".TypeFunctionName("ndr_print", $e)."(struct
ndr_print *ndr, const char *name, $args);");
- if (has_property($e, "public")) {
+ if (is_public_struct($e)) {
$self->pidl("static void ".TypeFunctionName("ndr_print_flags",
$e).
"(struct ndr_print *$ndr, const char *name, int
unused, $args)"
);
diff --git a/python/samba/tests/blackbox/ndrdump.py
b/python/samba/tests/blackbox/ndrdump.py
index f56858e98ba..5e4b3bfbd8c 100644
--- a/python/samba/tests/blackbox/ndrdump.py
+++ b/python/samba/tests/blackbox/ndrdump.py
@@ -111,6 +111,20 @@ dump OK
# convert expected to bytes for python 3
self.assertEqual(actual, expected.encode('utf-8'))
+def test_ndrdump_with_enum_not_struct(self):
+expected = '''Public structure 'netr_SchannelType' not found
+'''
+try:
+actual = self.check_exit_code(
+"ndrdump misc netr_SchannelType --input=x struct",
+1)
+except BlackboxProcessError as e:
+self.fail(e)
+
+# check_output will return bytes
+# convert expected to bytes for python 3
+self.assertEqual(actual, expected.encode('utf-8'))
+
def test_ndrdump_input_cmdline_short_struct_name(self):
expected = '''pull returned Buffer Size Error
'''
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag talloc-2.3.1 created
The annotated tag, talloc-2.3.1 has been created at 7b48c1a9dafb9a83e993457267fc32c082a75735 (tag) tagging 3e2eafeb4460c8b6b3c3dbf64bbc967ae1d601d0 (commit) replaces tevent-0.10.1 tagged by Stefan Metzmacher on Mon Dec 16 10:29:48 2019 +0100 - Log - talloc: tag release talloc-2.3.1 -BEGIN PGP SIGNATURE- iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl33TowACgkQR5ORYRMI QCWhsQf/ermCoOj64aK67Xbw1MDiHj54leb8a1tK0FkjY5dBDrbfcxcyqUevovy1 U3zxNQU0Ih4E5itwbk3Co/sOJQOueA2USIWckrNArtZw1gmzL8Ylvnai6mXEXvUu 8pWkIjbCELSC2Zr3EWyh5UGr1iLjTImCSSuBHRQWSyJqIUuyuftu3MfhCjyK1eEc BxW+7sH1zvM7zYEfkE3LqALIOpbhJz25T39VXf/ceBbXTJvUDGTHzJ0wGMXFgUvl 8ng9mRd+3rWoxivYgzOjtWDqWEfRkwOh1pVk/kwkR1jljXySH7WbZcv5Wlwz/xW5 tAS9aKAVwTfmE2KVFatFcmOfFeFERA== =yNFh -END PGP SIGNATURE- Alexander Bokovoy (1): samba-tool: create working private krb5.conf Amit Kumar (7): s3:winbind: Don't abort when receiving a NULL SID docs: Add 'net gpo command' text in man net docs: Add 'ads dns command' text in man net docs: modifies 'net ads dns gethostbyname -h' Changes server to nameserver and name to hostname. samba-tool: Update 'samba-tool gpo list <>' description net: 'net ads gpo getgpo' command not dumping gpo samba-tool domain: fix an unhandled exception Amitay Isaacs (22): ctdb-eventscripts: Fix the regression in 01.reclock.script ctdb-eventscripts: Remove non-posix -v option to mkdir ctdb-vacuum: Process all records not deleted on a remote node ctdb-protocol: Drop code related to obsolete controls ctdb-tests: Drop code releated to obsolete controls ctdb-protocol: Add new control VACUUM_FETCH ctdb-protocol: Add marshalling for new control VACUUM_FETCH ctdb-tests: Add marshalling tests for new control ctdb-daemon: Add implementation of VACUUM_FETCH control ctdb-vacuum: Add processing of fetch queue ctdb-vacuum: Replace VACUUM_FETCH message with control ctdb-recoverd: Drop VACUUM_FETCH message handling ctdb-recoverd: No need for database detach handler ctdb-daemon: Avoid memory leak when packet is deferred ctdb-vacuum: Avoid processing any more packets ctdb-ib: Fix build errors for infiniband transport ctdb-common: Generate usage message from cmdline_parse() ctdb-common: Add section to group commands in cmdline ctdb-tests: Update cmdline tests for section name ctdb-common: Change cmdline implementation to support multiple sections ctdb-common: Add api to add new section/commands to cmdline ctdb-tests: Add tests for cmdline_add() api Andreas Schneider (64): selftest: Export TRUST information in the ad_member target environment s3:waf: Do not check for nanosleep() as we don't use it anywhere replace: Only link against librt if really needed pthreadpool: Only link pthreadpool against librt if we have to third_party: Only link cmocka against librt if really needed third_party: Link nss_wrapper against pthread third_party: Link uid_wrapper against pthread waf:replace: Do not link against libpthread if not necessary waf: Use waf function to add for -Wl,--as-needed replace: Improve sys/sysctl.h check to catch warning on glibc >= 2.30 bootstrap: Remove pyhton2 packages bootstrap: We can only build docker images on gitlab shared runners gitlab-ci: Add CentOS 8 to CI waf: Check for gnutls_aead_cipher_encryptv2() libcli:smb: Use gnutls_aead_cipher_encryptv2() for AES GCM or CCM libcli:smb: Use gnutls_aead_cipher_decryptv2() for AES GCM or CCM testprogs: Fix failure count in test_net_ads.sh s3:libads: Use ldap_add_ext_s() in ads_gen_add() s3:libnet: Require sealed LDAP SASL connections for joining s3:libads: Cleanup error code paths in ads_create_machine_acct() s3:libads: Use a talloc_asprintf in ads_find_machine_acct() s3:libads: Fix detection if acount already exists in ads_find_machine_count() s3:libads: Don't set supported encryption types during account creation s3:libads: Fix creating machine account using LDAP s3:libnet: Improve debug messages s3:libads: Just change the machine password if account already exists testprogs: Add test for 'net ads join createcomputer=' WHATSNEW: Mention performance improvements for SMB3 encryption s3:libsmb: Do not check the SPNEGO neg token for KRB5 lib:krb5_wrap: Do not create a temporary file for MEMORY keytabs s4:selftest: Do not print the target env twice gitlab-ci: Run several AD tests with MIT KDC s4:selftest: Do not print the target env twice testprogs: Add test for kinit with canonicalization s3:libads: Do not turn on canonicalization flag
[SCM] Samba Shared Repository - annotated tag tdb-1.4.3 created
The annotated tag, tdb-1.4.3 has been created at 6e8a5f636b4295c2e5f1f6c62075ff900fb802c7 (tag) tagging 28e4ac0e7ae965745fde628d7a675e337aa45341 (commit) replaces talloc-2.3.1 tagged by Stefan Metzmacher on Mon Dec 16 10:30:40 2019 +0100 - Log - tdb: tag release tdb-1.4.3 -BEGIN PGP SIGNATURE- iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl33TsAACgkQR5ORYRMI QCUZawgAlNi33xjztBGo/F9+SyokI5N7EaYZ5IP//4LXg+GTR7ntXU3Ge/hvg5Ss DTM1n6sFV470XouFdZTd1rvKOjVFyfw5o5DuNJN/Bqh2CiiIh0icCOM9QDs/Yfpg JZUJFidwIe65EUfaQdKl0SUEq3er5gkL9ogfOXHk9tgTyjY74/4TXh0gIJ6ZnE1I 1+++ZUSsNLPVHfcIilZL3UZVLu66EO6CgIGnwtEoBhG8wEy0u153ZSQoRJaVoJZO XTkepOQCdC0cXaARLKwFpgBfQGIelR9Y6Fo+5opwsYnKXGzugtBM6yOmmTF+q+cL 8bxkB8uJxkEeUtPbfZD9fVopLyIFQQ== =9w/l -END PGP SIGNATURE- Uri Simchoni (1): tdb: Release tdb 1.4.3 --- -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag tevent-0.10.2 created
The annotated tag, tevent-0.10.2 has been created at 8c3459f2febb29cba303f540dbfd79f642bb4924 (tag) tagging 4aea5c0972de53c143530cc42ef6d3b8cfafb973 (commit) replaces tdb-1.4.3 tagged by Stefan Metzmacher on Mon Dec 16 10:31:39 2019 +0100 - Log - tevent: tag release tevent-0.10.2 -BEGIN PGP SIGNATURE- iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl33TvsACgkQR5ORYRMI QCXXGAgArg7J1Q/s6qI7psSxVutmnojp61yiOh//OrxRWlm5Gu6dW9ytFnEfg250 Vz6GgEJYh8N699aebXOOfxh9oopR88wpxf/bkTgjWXh9gH6U17JAHsbXDkfeGRHd Fxy00GSP9/Yl/V0C1vpG3hzjC28YZcBJ9YBmfZli0MrsYXojFTi5pzWB+fa5ROhn NDfNROZl69mqR+J5NsrPc/HhwcXT8o7yiUyXywbPV9ow+8ffjw9lypf9AZ0OJPmJ cFXUMC5lFGJ6GM7kGUC6Psm1z/KSiH+uUgOpFuEK++XYbl4Hh8/rA4pOJDgVKhWr B8NJmV70+DoQhePhmPNwwR5WsL/xww== =GYIz -END PGP SIGNATURE- Uri Simchoni (1): tevent: Release tevent 0.10.2 --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via df5040b1867 Happy New Year 2020!
from 40ecc2f6f01 lib: Fix contending with a READ lock
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit df5040b186753acf72600042753d312bd5945429
Author: Stefan Metzmacher
Date: Wed Jan 1 10:05:07 2020 +0100
Happy New Year 2020!
Signed-off-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Jan 1 12:04:52 UTC 2020 on sn-devel-184
---
Summary of changes:
source3/include/smb.h | 2 +-
source4/smbd/server.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 162cdcc1a32..311490d699e 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -30,7 +30,7 @@
#include "libds/common/roles.h"
/* logged when starting the various Samba daemons */
-#define COPYRIGHT_STARTUP_MESSAGE "Copyright Andrew Tridgell and the
Samba Team 1992-2019"
+#define COPYRIGHT_STARTUP_MESSAGE "Copyright Andrew Tridgell and the
Samba Team 1992-2020"
#define SAFETY_MARGIN 1024
#define LARGE_WRITEX_HDR_SIZE 65
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index 0fc9125cbba..95acb99b86c 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -630,7 +630,7 @@ static int binary_smbd_main(const char *binary_name,
binary_name,
SAMBA_VERSION_STRING));
DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team"
- " 1992-2019\n"));
+ " 1992-2020\n"));
if (sizeof(uint16_t) < 2 ||
sizeof(uint32_t) < 4 ||
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag ldb-2.1.0 created
The annotated tag, ldb-2.1.0 has been created
at f5698d21c5e94186d82048b57512b907556069f8 (tag)
tagging 79460b1b9f3452d6d68014b84f4a9dc3988bd916 (commit)
replaces tevent-0.10.2
tagged by Stefan Metzmacher
on Tue Jan 21 15:13:07 2020 +0100
- Log -
ldb: tag release ldb-2.1.0
-BEGIN PGP SIGNATURE-
iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl4nBvMACgkQR5ORYRMI
QCUtUAf/SqLyprEhEB9ZrmguuSezQaDvBr5GpK1ufOOd0iDQ5wwRqSPikhIc71kW
V72bfy1yUjEQbYjtWiqAOhppAyZHxiPNmWxbZMdISMaZTn5viuh+S/F/Z5EvM8Pz
Fd1z5ctSnIx+QbcdS9GVPDQnsupLk1vwWnotpLzL/TKREczOwJJktgmzMY7Tti9S
fNVCw2uwqFU2Ptqs5XEneIafLf79XdeI+bfBBPIQ7t7W3pAkOadk9DPZuoN5oLes
XqiQ+hKwS9BgCtkM/h7f5T/rLH4dWIA8+0RlOjdJfQwyItAhd72ZgWJHzwGpzQ3X
B2kaARhXDlwLI91xk0nXPEhgEqqo1g==
=kQMw
-END PGP SIGNATURE-
Alexander Bokovoy (1):
s3-rpcserver: fix security level check for DsRGetForestTrustInformation
Amitay Isaacs (1):
build: add missing crypt dependency for auth4_unix
Andreas Schneider (41):
s3:rpc_server: Replace E_md5hash() with GnuTLS calls
s3:winbindd: Replace E_md5hash() with GnuTLS calls
s3:winbind: Replace E_md5hash() with GnuTLS calls
libcli:auth: Remove unused E_md5hash()
s4:lib:tls: Fix cert and privkey types
s4:rpc_server: Return the status code from dcesrv_transport_session_key()
s3:printing: Use httpConnect2 from CUPS
gitignore: Add .build.log
s3:winbind: Print priv pipe location
ldb:tests: Avoid that the debug function overwrites memory
ldb:tests: Allow test filtering in ldb_mod_op_test
ldb: Avoid a possible NULL pointer dereference
ldb:tests: Use assert_in_range() in test_get_size()
ldb:tests: Add missing size check for tdb
ldb:tests: Add missing null check for ldb_kv_private
s3:tests: Remove the -I SERVER_IP so that Kerberos auth works
s3:selfest: Do not print the env twice
s3:smbspool: Map AUTH_INFO_REQUIRED=none to anonymous connection
s3:smbspool_krb5_wrapper: Map AUTH_INFO_REQUIRED=none to anonymous
s3:smbspool: Leave early if we print as root
s4:lib: Make sure we close fd's in error path
s3:rpc_server: Fix string compare for utmp entries
s3:torture: Do not segfault if cli is NULL
s3:smbd: Fix possible NULL deref in smbd_do_qfilepathinfo()
s3:lib: Move NULL check before messaging_dgm_out_rearm_idle_timer()
auth:tests: Improve debug output of test_gnutls
auth:tests: Only enable torture_gnutls_aes_128_cfb() on GnuTLS >= 3.6.11
pidl: Remove Parse/Yapp/Driver.pm
lib:crypto: Remove our implementation of AES CCM
lib:crypto: Remove our implementation of AES GCM
lib:crypto: Only build AES code if we need AES CMAC
lib:crypto: Build intel aes-ni only if GnuTLS doesn't provide AES CMAC
s3:script: Try to fix a Perl warning
s3:libsmb: Generate the inode only based on the path component
s3:libsmb: Add try_posixinfo to SMBSRV struct. Only enable for SMB1 with
UNIX for now.
s3:libsmb: Return a 'struct stat' buffer for SMBC_getatr()
s3:libsmb: Add a setup_stat_from_stat_ex() function
libsmbclient: If over SMB1 first try to do a posix stat on the file.
librpc: Fix string length checking in ndr_pull_charset_to_null()
librpc: Add test for ndr_string_length()
docs-xml: 'mangled names = illegal' is the new default
Andrew Bartlett (95):
lib/fuzzing: Avoid NULL pointer de-ref from 0-length input
lib/fuzzing: Free memory after successful load in fuzz_tiniparser
witness.idl: Change array type in IDL for the print function
ndr: Include the caller location in ndr_{pull,push}_error() messages
librpc: Unify packet dumping on ndr_pull() failure
ndrdump: Fix one more NTSTATUS rather than friendly ndr message
ndrdump: print structure name when failing to setup
ndrdump: TALLOC_FREE() on each exit path to allow running with leak
detection
ndrdump: Add const
ndrdump: Check for input decode failures
ndrdump: Allow for base64-encoded input in a file and on the command line
ndrdump: Return a different error code for ndr_pull() failures
ndrdump: Invert sense of --stop-on-parse-failure into
--print-after-parse-failure
ndrdump: Still print --dump bytes after parse failure
python: Return the stdout when also checking error codes
selftest: Confirm that --base64-input and --input work and a PIDL bug is
fixed.
selftest: Confirm that NDR bugs are fixed in DCOM code
selftest: Test repushing an ntlmssp AUTHENTICATE_MESSAGE
librpc: Check for NULL pointer in value() in ntlmssp_AUTHENTICATE
lib/fuzzing: Use --fuzz-target-ldflags if specified
lib/fuzzing/oss-fuzz: Add build_samba.sh for oss-fuzz
lib/fuzzing/oss-fuzz: add stub build.sh that will not change often
lib/fuzzin
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 71b57a0ac3d WHATSNEW: Start release notes for Samba 4.13.0pre1.
via 423ca5e3529 VERSION: Bump version up to 4.13.0pre1...
via 773c5de6750 VERSION: Disable GIT_SNAPSHOT for the 4.12.0rc1
release...
via e1e55a47419 WHATSNEW: Add release note for Samba 4.12.0rc1.
via cf9850b4e06 samba-tool group addmembers: avoid python traceback on
member add failure
via 2697415239d selftest: add test for samba-tool groupmember
--member-base-dn option
via 8c5a266ef3f selftest: add tests for samba-tool group addmembers
--object-types option
via 347c65434ec selftest: add test for new samba-tool group addmembers
--member-dn option
via 557fa1d44b6 samba-tool group addmembers: add --member-base-dn
option for group member search
via 5b129bf12ba samba-tool group {add,remove}members: allow to use
--member-dn in combination with listofmembers
via 47f9ee91ed9 samba-tool group removemembers: adapt functionality to
addmembers command
via aedcf6a5274 samba-tool group addmembers: add --member-dn option
via f2e2579926e samba-tool group addmembers: add new option
--object-types
via a4d77bfd90d python/samdb: validation of group member types for
group member filter
via f9bf6b7856e python/samdb: add type "all" to search for all common
types of group members
via c4e899d6b4b python/samdb: adapt search filter for group object type
via 45abb4fd4f4 python/samdb: adapt search filter for user object type
via 2baa301237f python/samdb: add 'computer' to the default group
member types for group member filters
via 2abebee1405 python/samdb: fetch specific error if there are more
than one search results
via e3099ac4072 python/samdb: add more object types for adding/remove
group members
via 662b7458aed python/samdb: add option to specify types of group
members
via b081bd977c8 samba-tool tests: add test-case for 'ou list --base-dn'
via 2186c5a6a4c samba-tool: add -b/--base-dn option to OUs list command
via 918d91bb843 samba-tool tests: add test-case for 'user list
--base-dn'
via d4de2e3192e samba-tool: add -b/--base-dn option to users list
command
via 55be0f1d2f7 samba-tool tests: add test-case for 'contact list
--base-dn'
via 8a45adb2b19 samba-tool: add -b/--base-dn option to contacts list
command
via 88f0a1390b8 samba-tool tests: add test-case for 'computer list
--base-dn'
via b292a266a8d samba-tool: add -b/--base-dn option to computer list
command
via bced03b0d1a samba-tool tests: add test-case for 'group list
--base-dn'
via 8f68236dc4e samba-tool: add -b/--base-dn option to groups list
command
via b545ab1a85d samba-tool tests: add test-case for 'user getgrouops
--full-dn'
via 41262d1d66c samba-tool: add --full-dn option for user getgroups
command
via d2d345103b2 samba-tool tests: add test-case for 'group listmembers
--full-dn'
via bb66b322546 samba-tool: add --full-dn option to group listmembers
command
via 08207f77f13 samba-tool tests: add test case for 'user list
--full-dn'
via 31060963956 samba-tool: add --full-dn option to user list command
via 2e767e81be4 samba-tool tests: add test case for 'computer list
--full-dn'
via 29326e32645 samba-tool: add --full-dn option to computer list
command
via e64f7de31fd samba-tool tests: Add test-case for 'group list
--full-dn'
via 51d4c82f3c5 samba-tool: add --full-dn option to group list command
via b813ef6ae7a Revert "vfs_glusterfs: Return fake fd from pipe()
during open"
via cc4a55d290c vfs_glusterfs: add .fcntl_fn hook
via b56c56eecdf vfs_ceph: add .fcntl_fn hook
via 0a77890bbc9 testenv: No "mktemp" for in_screen
via 823e4de3094 testenv: Simplify "in_screen"
via 1ca1c601989 testenv: Properly kill daemons
via 4f1e4f9ce3f testenv: Be more careful deleting environment tmpfiles
from 85478847a1f WHATSNEW: Add CTDB changes for 4.12
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 71b57a0ac3d1ac5be98347dc109d7ebd14d39e88
Author: Stefan Metzmacher
Date: Tue Jan 21 14:51:34 2020 +0100
WHATSNEW: Start release notes for Samba 4.13.0pre1.
Signed-off-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Jan 21 16:04:29 UTC 2020 on sn-devel-184
commit 423ca5e3529f137cec3d367ef004eee2d4d18e4b
Author: Stefan Metzmacher
Date: Tue Jan 21 14:23:45 2020 +0100
VERSION: Bump version up to 4.13.0pre1...
and re-enable GIT_SNAPSHOT.
Signed-off-
[SCM] Samba Shared Repository - branch v4-12-stable updated
The branch, v4-12-stable has been updated
via 773c5de6750 VERSION: Disable GIT_SNAPSHOT for the 4.12.0rc1
release...
via e1e55a47419 WHATSNEW: Add release note for Samba 4.12.0rc1.
via cf9850b4e06 samba-tool group addmembers: avoid python traceback on
member add failure
via 2697415239d selftest: add test for samba-tool groupmember
--member-base-dn option
via 8c5a266ef3f selftest: add tests for samba-tool group addmembers
--object-types option
via 347c65434ec selftest: add test for new samba-tool group addmembers
--member-dn option
via 557fa1d44b6 samba-tool group addmembers: add --member-base-dn
option for group member search
via 5b129bf12ba samba-tool group {add,remove}members: allow to use
--member-dn in combination with listofmembers
via 47f9ee91ed9 samba-tool group removemembers: adapt functionality to
addmembers command
via aedcf6a5274 samba-tool group addmembers: add --member-dn option
via f2e2579926e samba-tool group addmembers: add new option
--object-types
via a4d77bfd90d python/samdb: validation of group member types for
group member filter
via f9bf6b7856e python/samdb: add type "all" to search for all common
types of group members
via c4e899d6b4b python/samdb: adapt search filter for group object type
via 45abb4fd4f4 python/samdb: adapt search filter for user object type
via 2baa301237f python/samdb: add 'computer' to the default group
member types for group member filters
via 2abebee1405 python/samdb: fetch specific error if there are more
than one search results
via e3099ac4072 python/samdb: add more object types for adding/remove
group members
via 662b7458aed python/samdb: add option to specify types of group
members
via b081bd977c8 samba-tool tests: add test-case for 'ou list --base-dn'
via 2186c5a6a4c samba-tool: add -b/--base-dn option to OUs list command
via 918d91bb843 samba-tool tests: add test-case for 'user list
--base-dn'
via d4de2e3192e samba-tool: add -b/--base-dn option to users list
command
via 55be0f1d2f7 samba-tool tests: add test-case for 'contact list
--base-dn'
via 8a45adb2b19 samba-tool: add -b/--base-dn option to contacts list
command
via 88f0a1390b8 samba-tool tests: add test-case for 'computer list
--base-dn'
via b292a266a8d samba-tool: add -b/--base-dn option to computer list
command
via bced03b0d1a samba-tool tests: add test-case for 'group list
--base-dn'
via 8f68236dc4e samba-tool: add -b/--base-dn option to groups list
command
via b545ab1a85d samba-tool tests: add test-case for 'user getgrouops
--full-dn'
via 41262d1d66c samba-tool: add --full-dn option for user getgroups
command
via d2d345103b2 samba-tool tests: add test-case for 'group listmembers
--full-dn'
via bb66b322546 samba-tool: add --full-dn option to group listmembers
command
via 08207f77f13 samba-tool tests: add test case for 'user list
--full-dn'
via 31060963956 samba-tool: add --full-dn option to user list command
via 2e767e81be4 samba-tool tests: add test case for 'computer list
--full-dn'
via 29326e32645 samba-tool: add --full-dn option to computer list
command
via e64f7de31fd samba-tool tests: Add test-case for 'group list
--full-dn'
via 51d4c82f3c5 samba-tool: add --full-dn option to group list command
via b813ef6ae7a Revert "vfs_glusterfs: Return fake fd from pipe()
during open"
via cc4a55d290c vfs_glusterfs: add .fcntl_fn hook
via b56c56eecdf vfs_ceph: add .fcntl_fn hook
via 0a77890bbc9 testenv: No "mktemp" for in_screen
via 823e4de3094 testenv: Simplify "in_screen"
via 1ca1c601989 testenv: Properly kill daemons
via 4f1e4f9ce3f testenv: Be more careful deleting environment tmpfiles
from 85478847a1f WHATSNEW: Add CTDB changes for 4.12
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-stable
- Log -
---
Summary of changes:
VERSION | 6 +-
WHATSNEW.txt | 2 +-
python/samba/netcmd/computer.py | 27 +-
python/samba/netcmd/contact.py| 11 ++-
python/samba/netcmd/group.py | 156 ++
python/samba/netcmd/ou.py | 19 +++-
python/samba/netcmd/user.py | 46 -
python/samba/samdb.py | 113 +-
python/samba/tests/samba_tool/computer.py | 39
python/samba/tests/samba_tool/contact.py | 19
python/samba/tests/samba_tool/group.py| 66 +
python/samba/tests/samba_tool/ou.py | 19
python/samba/tests/samba_tool/user.py |
[SCM] Samba Shared Repository - branch v4-12-test updated
The branch, v4-12-test has been updated
via 773c5de6750 VERSION: Disable GIT_SNAPSHOT for the 4.12.0rc1
release...
via e1e55a47419 WHATSNEW: Add release note for Samba 4.12.0rc1.
via cf9850b4e06 samba-tool group addmembers: avoid python traceback on
member add failure
via 2697415239d selftest: add test for samba-tool groupmember
--member-base-dn option
via 8c5a266ef3f selftest: add tests for samba-tool group addmembers
--object-types option
via 347c65434ec selftest: add test for new samba-tool group addmembers
--member-dn option
via 557fa1d44b6 samba-tool group addmembers: add --member-base-dn
option for group member search
via 5b129bf12ba samba-tool group {add,remove}members: allow to use
--member-dn in combination with listofmembers
via 47f9ee91ed9 samba-tool group removemembers: adapt functionality to
addmembers command
via aedcf6a5274 samba-tool group addmembers: add --member-dn option
via f2e2579926e samba-tool group addmembers: add new option
--object-types
via a4d77bfd90d python/samdb: validation of group member types for
group member filter
via f9bf6b7856e python/samdb: add type "all" to search for all common
types of group members
via c4e899d6b4b python/samdb: adapt search filter for group object type
via 45abb4fd4f4 python/samdb: adapt search filter for user object type
via 2baa301237f python/samdb: add 'computer' to the default group
member types for group member filters
via 2abebee1405 python/samdb: fetch specific error if there are more
than one search results
via e3099ac4072 python/samdb: add more object types for adding/remove
group members
via 662b7458aed python/samdb: add option to specify types of group
members
via b081bd977c8 samba-tool tests: add test-case for 'ou list --base-dn'
via 2186c5a6a4c samba-tool: add -b/--base-dn option to OUs list command
via 918d91bb843 samba-tool tests: add test-case for 'user list
--base-dn'
via d4de2e3192e samba-tool: add -b/--base-dn option to users list
command
via 55be0f1d2f7 samba-tool tests: add test-case for 'contact list
--base-dn'
via 8a45adb2b19 samba-tool: add -b/--base-dn option to contacts list
command
via 88f0a1390b8 samba-tool tests: add test-case for 'computer list
--base-dn'
via b292a266a8d samba-tool: add -b/--base-dn option to computer list
command
via bced03b0d1a samba-tool tests: add test-case for 'group list
--base-dn'
via 8f68236dc4e samba-tool: add -b/--base-dn option to groups list
command
via b545ab1a85d samba-tool tests: add test-case for 'user getgrouops
--full-dn'
via 41262d1d66c samba-tool: add --full-dn option for user getgroups
command
via d2d345103b2 samba-tool tests: add test-case for 'group listmembers
--full-dn'
via bb66b322546 samba-tool: add --full-dn option to group listmembers
command
via 08207f77f13 samba-tool tests: add test case for 'user list
--full-dn'
via 31060963956 samba-tool: add --full-dn option to user list command
via 2e767e81be4 samba-tool tests: add test case for 'computer list
--full-dn'
via 29326e32645 samba-tool: add --full-dn option to computer list
command
via e64f7de31fd samba-tool tests: Add test-case for 'group list
--full-dn'
via 51d4c82f3c5 samba-tool: add --full-dn option to group list command
via b813ef6ae7a Revert "vfs_glusterfs: Return fake fd from pipe()
during open"
via cc4a55d290c vfs_glusterfs: add .fcntl_fn hook
via b56c56eecdf vfs_ceph: add .fcntl_fn hook
via 0a77890bbc9 testenv: No "mktemp" for in_screen
via 823e4de3094 testenv: Simplify "in_screen"
via 1ca1c601989 testenv: Properly kill daemons
via 4f1e4f9ce3f testenv: Be more careful deleting environment tmpfiles
from 85478847a1f WHATSNEW: Add CTDB changes for 4.12
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-test
- Log -
---
Summary of changes:
VERSION | 6 +-
WHATSNEW.txt | 2 +-
python/samba/netcmd/computer.py | 27 +-
python/samba/netcmd/contact.py| 11 ++-
python/samba/netcmd/group.py | 156 ++
python/samba/netcmd/ou.py | 19 +++-
python/samba/netcmd/user.py | 46 -
python/samba/samdb.py | 113 +-
python/samba/tests/samba_tool/computer.py | 39
python/samba/tests/samba_tool/contact.py | 19
python/samba/tests/samba_tool/group.py| 66 +
python/samba/tests/samba_tool/ou.py | 19
python/samba/tests/samba_tool/user.py | 46 +
[SCM] Samba Shared Repository - annotated tag samba-4.12.0rc1 created
The annotated tag, samba-4.12.0rc1 has been created
at f57687fc81fb658531e2dc81435ff70b0eea9b8f (tag)
tagging 773c5de675049bd6943e0464d7cabcea54d94e47 (commit)
replaces ldb-2.1.0
tagged by Stefan Metzmacher
on Tue Jan 21 17:10:55 2020 +0100
- Log -
samba: tag release samba-4.12.0rc1
-BEGIN PGP SIGNATURE-
iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCXicijwAKCRBvM5FbZWi3
6g5fAJ9JxlFHfGH2YgzDDeHESpiQyJrpDQCfZLRlT2HKV/JlMPTDVu1XynQjvZs=
=oX1O
-END PGP SIGNATURE-
Andrew Bartlett (15):
heimdal_build: Remove bashism from --address-sanitizer build rule
CVE-2019-14902 selftest: Add test for replication of inherited security
descriptors
CVE-2019-14902 selftest: Add test for a special case around replicated
renames
selftest: Add test to confirm ACL inheritence really happens
CVE-2019-14902 dsdb: Explain that descriptor_sd_propagation_recursive()
is proctected by a transaction
CVE-2019-14902 dsdb: Add comments explaining why SD propagation needs to
be done here
CVE-2019-14902 dsdb: Ensure we honour both change->force_self and
change->force_children
CVE-2019-14902 repl_meta_data: schedule SD propagation to a renamed DN
CVE-2019-14902 repl_meta_data: Fix issue where inherited Security
Descriptors were not replicated.
CVE-2019-14902 repl_meta_data: Set renamed = true (and so do SD
inheritance) after any rename
CVE-2019-14902 dsdb: Change basis of descriptor module deferred
processing to be GUIDs
repl_meta_data: Add comment explaining what is being renamed after the
conflict is resolved
repl_meta_data: Do not set *rename = true unless there has been a
conflict on the incoming DN
repl_meta_data: Only reset replMetaData entry for name if we made a
conflict name here
CVE-2019-14907 lib/util: Do not print the failed to convert string into
the logs
Anoop C S (1):
vfs_glusterfs: Return fake fd from pipe() during open
Björn Baumbach (20):
samba-tool: add --full-dn option to group list command
samba-tool: add --full-dn option for user getgroups command
samba-tool tests: add test-case for 'user getgrouops --full-dn'
python/samdb: add option to specify types of group members
python/samdb: add more object types for adding/remove group members
python/samdb: fetch specific error if there are more than one search
results
python/samdb: add 'computer' to the default group member types for group
member filters
python/samdb: adapt search filter for user object type
python/samdb: adapt search filter for group object type
python/samdb: add type "all" to search for all common types of group
members
python/samdb: validation of group member types for group member filter
samba-tool group addmembers: add new option --object-types
samba-tool group addmembers: add --member-dn option
samba-tool group removemembers: adapt functionality to addmembers command
samba-tool group {add,remove}members: allow to use --member-dn in
combination with listofmembers
samba-tool group addmembers: add --member-base-dn option for group member
search
selftest: add test for new samba-tool group addmembers --member-dn option
selftest: add tests for samba-tool group addmembers --object-types option
selftest: add test for samba-tool groupmember --member-base-dn option
samba-tool group addmembers: avoid python traceback on member add failure
David Disseldorp (3):
vfs_ceph: add .fcntl_fn hook
vfs_glusterfs: add .fcntl_fn hook
Revert "vfs_glusterfs: Return fake fd from pipe() during open"
Douglas Bagnall (7):
fuzz: ldb_dn parsing
fuzz: add ldb ldif fuzzer
fuzz: ldb binary decode/enode
fuzz: add nmblib/parse_packet target
samba-tool gpo: improve UNC parsing
fuzzing: check for NULL on ldb_init()
fuzz_oLschema2ldif: check multiple possible NULLs
Gary Lockyer (1):
CVE-2019-19344 kcc dns scavenging: Fix use after free in
dns_tombstone_records_zone
Günther Deschner (7):
librpc: add various new clusapi functions and types
s4-torture: save cluster version in clusapi test context
s4-torture: fix asserts in clusapi_NodeControl tests
s4-torture: add clusapi GroupSet tests
s4-torture: fix copy/paste error in clusapi group test
s4-torture: increase various bufsizes to better deal with Windows 2019
clusters
librpc: add clusapi_GroupSetControlCode enum
Jule Anger (17):
samba-tool tests: Add test-case for 'group list --full-dn'
samba-tool: add --full-dn option to computer list command
samba-tool tests: add test case for 'computer list --full-dn'
samba-tool: add --full-dn option to user list command
samba-tool tests: add test case for &#x
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via bb3a6d6 NEWS[4.12.0rc1]: Samba 4.12.0rc1 Available for Download from 23dc692 NEWS[4.11.5]: Samba 4.11.5, 4.10.12 and 4.9.18 Security Releases Available https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit bb3a6d6e65c3edec791fe58e2f70e4e343314c6f Author: Stefan Metzmacher Date: Tue Jan 21 17:11:25 2020 +0100 NEWS[4.12.0rc1]: Samba 4.12.0rc1 Available for Download Signed-off-by: Stefan Metzmacher --- Summary of changes: posted_news/20200121-161552.4.12.0rc1.body.html | 12 posted_news/20200121-161552.4.12.0rc1.headline.html | 3 +++ 2 files changed, 15 insertions(+) create mode 100644 posted_news/20200121-161552.4.12.0rc1.body.html create mode 100644 posted_news/20200121-161552.4.12.0rc1.headline.html Changeset truncated at 500 lines: diff --git a/posted_news/20200121-161552.4.12.0rc1.body.html b/posted_news/20200121-161552.4.12.0rc1.body.html new file mode 100644 index 000..3254446 --- /dev/null +++ b/posted_news/20200121-161552.4.12.0rc1.body.html @@ -0,0 +1,12 @@ + +21 January 2020 +Samba 4.12.0rc1 Available for Download + +This is the first release candidate of the upcoming Samba 4.12 release series. + + +The uncompressed tarball has been signed using GnuPG (ID 6F33915B6568B7EA). +The source code can be https://download.samba.org/pub/samba/rc/samba-4.12.0rc1.tar.gz";>downloaded now. +See https://download.samba.org/pub/samba/rc/samba-4.12.0rc1.WHATSNEW.txt";>the release notes for more info. + + diff --git a/posted_news/20200121-161552.4.12.0rc1.headline.html b/posted_news/20200121-161552.4.12.0rc1.headline.html new file mode 100644 index 000..6f405e1 --- /dev/null +++ b/posted_news/20200121-161552.4.12.0rc1.headline.html @@ -0,0 +1,3 @@ + + 21 January 2020 Samba 4.12.0rc1 Available for Download + -- Samba Website Repository
[SCM] Samba Shared Repository - branch v4-12-test updated
The branch, v4-12-test has been updated via 1e3b0034af6 VERSION: Bump version up to 4.12.0rc2... from 773c5de6750 VERSION: Disable GIT_SNAPSHOT for the 4.12.0rc1 release... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-test - Log - commit 1e3b0034af65259046771f1aad83d21450220a66 Author: Stefan Metzmacher Date: Tue Jan 21 14:48:35 2020 +0100 VERSION: Bump version up to 4.12.0rc2... and re-enable GIT_SNAPSHOT. Signed-off-by: Stefan Metzmacher --- Summary of changes: VERSION | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 17bb6b45790..78a4c77be70 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=1 +SAMBA_VERSION_RC_RELEASE=2 # To mark SVN snapshots this should be set to 'yes'# @@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=1 # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # -SAMBA_VERSION_IS_GIT_SNAPSHOT=no +SAMBA_VERSION_IS_GIT_SNAPSHOT=yes # This is for specifying a release nickname# -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 648f94d2031 script/release.sh: make it possible to run from a git
worktree
from 71b57a0ac3d WHATSNEW: Start release notes for Samba 4.13.0pre1.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 648f94d2031c6e758bdf54089d1e710c265ca732
Author: Stefan Metzmacher
Date: Tue Jan 21 19:25:00 2020 +0100
script/release.sh: make it possible to run from a git worktree
.git is a regular file in that case.
Also check that script/release.sh is present as a relative path
to ensure we're called from the expected location.
Signed-off-by: Stefan Metzmacher
---
Summary of changes:
script/release.sh | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/script/release.sh b/script/release.sh
index b533e259440..6c3ba0d4add 100755
--- a/script/release.sh
+++ b/script/release.sh
@@ -17,14 +17,14 @@
CONF_UPLOAD_URL="samba-b...@download-master.samba.org:/home/data/ftp/pub"
CONF_DOWNLOAD_URL="https://download.samba.org/pub";
CONF_HISTORY_URL="https://www.samba.org";
-test -d ".git" || {
+test -d ".git" -o -r ".git" || {
echo "Run this script from the top-level directory in the"
echo "repository"
exit 1
}
usage() {
- echo "Usage: release.sh "
+ echo "Usage: script/release.sh "
echo ""
echo "PRODUCT: ldb, talloc, tevent, tdb, samba-rc, samba-stable"
echo "COMMAND: fullrelease, create, push, upload, announce"
@@ -32,6 +32,13 @@ usage() {
return 0
}
+test -x "script/release.sh" || {
+ usage
+ echo "Run this script from the top-level directory in the"
+ echo "repository: as 'script/release.sh'"
+ exit 1
+}
+
check_args() {
local cmd="$1"
local got_args="$2"
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-12-test updated
The branch, v4-12-test has been updated
via 814be2888b3 script/release.sh: make it possible to run from a git
worktree
from 1e3b0034af6 VERSION: Bump version up to 4.12.0rc2...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-test
- Log -
commit 814be2888b3bd77f7a67323b1a0a909448e878e3
Author: Stefan Metzmacher
Date: Tue Jan 21 19:25:00 2020 +0100
script/release.sh: make it possible to run from a git worktree
.git is a regular file in that case.
Also check that script/release.sh is present as a relative path
to ensure we're called from the expected location.
Signed-off-by: Stefan Metzmacher
(cherry picked from commit 648f94d2031c6e758bdf54089d1e710c265ca732)
---
Summary of changes:
script/release.sh | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/script/release.sh b/script/release.sh
index b533e259440..6c3ba0d4add 100755
--- a/script/release.sh
+++ b/script/release.sh
@@ -17,14 +17,14 @@
CONF_UPLOAD_URL="samba-b...@download-master.samba.org:/home/data/ftp/pub"
CONF_DOWNLOAD_URL="https://download.samba.org/pub";
CONF_HISTORY_URL="https://www.samba.org";
-test -d ".git" || {
+test -d ".git" -o -r ".git" || {
echo "Run this script from the top-level directory in the"
echo "repository"
exit 1
}
usage() {
- echo "Usage: release.sh "
+ echo "Usage: script/release.sh "
echo ""
echo "PRODUCT: ldb, talloc, tevent, tdb, samba-rc, samba-stable"
echo "COMMAND: fullrelease, create, push, upload, announce"
@@ -32,6 +32,13 @@ usage() {
return 0
}
+test -x "script/release.sh" || {
+ usage
+ echo "Run this script from the top-level directory in the"
+ echo "repository: as 'script/release.sh'"
+ exit 1
+}
+
check_args() {
local cmd="$1"
local got_args="$2"
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-11-test updated
The branch, v4-11-test has been updated
via bbacbd5f3f2 script/release.sh: make it possible to run from a git
worktree
from c5f61b9dd0a VERSION: Bump version up to 4.11.6.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-11-test
- Log -
commit bbacbd5f3f2f1fc624f057c6e30160fbcfbaba40
Author: Stefan Metzmacher
Date: Tue Jan 21 19:25:00 2020 +0100
script/release.sh: make it possible to run from a git worktree
.git is a regular file in that case.
Also check that script/release.sh is present as a relative path
to ensure we're called from the expected location.
Signed-off-by: Stefan Metzmacher
(cherry picked from commit 648f94d2031c6e758bdf54089d1e710c265ca732)
---
Summary of changes:
script/release.sh | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/script/release.sh b/script/release.sh
index b533e259440..6c3ba0d4add 100755
--- a/script/release.sh
+++ b/script/release.sh
@@ -17,14 +17,14 @@
CONF_UPLOAD_URL="samba-b...@download-master.samba.org:/home/data/ftp/pub"
CONF_DOWNLOAD_URL="https://download.samba.org/pub";
CONF_HISTORY_URL="https://www.samba.org";
-test -d ".git" || {
+test -d ".git" -o -r ".git" || {
echo "Run this script from the top-level directory in the"
echo "repository"
exit 1
}
usage() {
- echo "Usage: release.sh "
+ echo "Usage: script/release.sh "
echo ""
echo "PRODUCT: ldb, talloc, tevent, tdb, samba-rc, samba-stable"
echo "COMMAND: fullrelease, create, push, upload, announce"
@@ -32,6 +32,13 @@ usage() {
return 0
}
+test -x "script/release.sh" || {
+ usage
+ echo "Run this script from the top-level directory in the"
+ echo "repository: as 'script/release.sh'"
+ exit 1
+}
+
check_args() {
local cmd="$1"
local got_args="$2"
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-10-test updated
The branch, v4-10-test has been updated
via 969123b4ab8 script/release.sh: make it possible to run from a git
worktree
from 1c330a18d45 VERSION: Bump version up to 4.10.13.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-10-test
- Log -
commit 969123b4ab8643a6cac47012bc61ec7bc00f1824
Author: Stefan Metzmacher
Date: Tue Jan 21 19:25:00 2020 +0100
script/release.sh: make it possible to run from a git worktree
.git is a regular file in that case.
Also check that script/release.sh is present as a relative path
to ensure we're called from the expected location.
Signed-off-by: Stefan Metzmacher
(cherry picked from commit 648f94d2031c6e758bdf54089d1e710c265ca732)
---
Summary of changes:
script/release.sh | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/script/release.sh b/script/release.sh
index b533e259440..6c3ba0d4add 100755
--- a/script/release.sh
+++ b/script/release.sh
@@ -17,14 +17,14 @@
CONF_UPLOAD_URL="samba-b...@download-master.samba.org:/home/data/ftp/pub"
CONF_DOWNLOAD_URL="https://download.samba.org/pub";
CONF_HISTORY_URL="https://www.samba.org";
-test -d ".git" || {
+test -d ".git" -o -r ".git" || {
echo "Run this script from the top-level directory in the"
echo "repository"
exit 1
}
usage() {
- echo "Usage: release.sh "
+ echo "Usage: script/release.sh "
echo ""
echo "PRODUCT: ldb, talloc, tevent, tdb, samba-rc, samba-stable"
echo "COMMAND: fullrelease, create, push, upload, announce"
@@ -32,6 +32,13 @@ usage() {
return 0
}
+test -x "script/release.sh" || {
+ usage
+ echo "Run this script from the top-level directory in the"
+ echo "repository: as 'script/release.sh'"
+ exit 1
+}
+
check_args() {
local cmd="$1"
local got_args="$2"
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c8e3c78d4f2 selftest: Test behaviour of DNS scavenge with an
existing dNSTombstoned value
via 3657bbc2118 dsdb: Correctly handle memory in objectclass_attrs
via d3b385d5963 source4/scripting/bin: Swap machine account password
scripts
via 76e1206717e smb2_server: use sendmsg/recvmsg instead of writev/readv
via 7d1b560804b selftest: create a pcap file for the environment setup
via f182c9a36b4 selftest: create pcap files for invidual env services
via 4effc5585ec selftest: move {setup,cleanup}_pcap() to
selftest/target/Samba.pm
via c48ae9cf4db selftest: force LC_ALL=en_US.utf8 LANG=en_US.utf8
via cc7b909b8bb s3:rpclient: simplify rpc_tstream_next_vector()
via 8b80145a2c0 s4:torture: make rpc.handles.random-assoc test even
more robust
from f705629a171 smbd: avoid double chdir() in chdir_current_service()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c8e3c78d4f2a6f3e122fe458aa6835772290a700
Author: Andrew Bartlett
Date: Thu Jan 30 16:44:05 2020 +1300
selftest: Test behaviour of DNS scavenge with an existing dNSTombstoned
value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14258
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Feb 6 16:24:25 UTC 2020 on sn-devel-184
commit 3657bbc21182d764ddfcd603025f24ec240fd263
Author: Andrew Bartlett
Date: Thu Jan 30 16:41:39 2020 +1300
dsdb: Correctly handle memory in objectclass_attrs
el->values is caller-provided memory that should be thought of as constant,
it should not be assumed to be a talloc context.
Otherwise, if the caller gives constant memory or a stack
pointer we will get an abort() in talloc when it expects
a talloc magic in the memory preceeding the el->values.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14258
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit d3b385d59634927a4ddbfa7885ac5f2e004f4e03
Author: Andrew Bartlett
Date: Mon Feb 3 16:45:45 2020 +1300
source4/scripting/bin: Swap machine account password scripts
I regularly get requests for my simple script to print the
password from the secrets.tdb (or secrets.ldb on the AD DC).
This removes the old script that only reads the secrets.ldb.
Neither new nor old script has tests, however it seems
better to have it in the tree where it can be found rather
that me digging it out of my outbound e-mail.
Originally posted here:
https://lists.samba.org/archive/samba/2017-November/212362.html
Signed-off-by: Andrew Bartlett
Reviewed-by: Stefan Metzmacher
commit 76e1206717e76dadc212f3363d3faeb66b18c7e7
Author: Stefan Metzmacher
Date: Mon Aug 27 13:02:50 2018 +0200
smb2_server: use sendmsg/recvmsg instead of writev/readv
This avoids a few function calls inside the kernel
in order to reach sock_sendmsg() quicker:
entry_SYSCALL_64_after_hwframe
do_syscall_64
__x64_sys_writev
do_writev
vfs_writev
do_iter_write
do_iter_readv_writev
sock_write_iter
sock_sendmsg
entry_SYSCALL_64_after_hwframe
do_syscall_64
__x64_sys_sendmsg
__sys_sendmsg
___sys_sendmsg
sock_sendmsg
As a side effect it will be useful for SMB-Direct invalidation
messages via msg->msg_control and CMSG_*.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 7d1b560804b46fd6de83fa1b478d180a4184b5d3
Author: Stefan Metzmacher
Date: Thu Nov 14 17:36:36 2019 +0100
selftest: create a pcap file for the environment setup
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit f182c9a36b4a6f083aac0c7137ffad248006f297
Author: Stefan Metzmacher
Date: Wed Oct 30 21:53:39 2019 +0100
selftest: create pcap files for invidual env services
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 4effc5585ec5fca0c232b3b8fe772cea75941bb7
Author: Stefan Metzmacher
Date: Tue Feb 4 17:03:17 2020 +0100
selftest: move {setup,cleanup}_pcap() to selftest/target/Samba.pm
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit c48ae9cf4dbbcd4154f6642f18a73c871024cccb
Author: Stefan Metzmacher
Date: Mon Nov 18 22:02:13 2019 +0100
selftest: force LC_ALL=en_US.utf8 LANG=en_US.utf8
That makes sure we have the same as on gitlab runners
(see bootstrap/config.py).
Signed-off-by: Stefan M
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c90824a24a5 krb5_wrap: map KRB5_REALM_UNKNOWN to
NT_STATUS_NO_SUCH_DOMAIN
via 765b0eac63e krb5_wrap: map KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN to
NT_STATUS_INVALID_COMPUTER_NAME
via c403fa1a7fe krb5_wrap: move source3/libads/krb5_errs.c to
lib/krb5_wrap/krb5_errs.c
via 98d2d5a4035 auth/gensec: map
NT_STATUS_{INVALID_ACCOUNT_NAME,NO_SUCH_DOMAIN} to NT_STATUS_NO_SUCH_USER
via 28d9493d232 gensec/spnego: fallback on
INVALID_{ACCOUNT,COMPUTER}_NAME and NO_SUCH_DOMAIN
via 62ee0d93cc5 winbindd_cm: fallback to anonymous for
INVALID_COMPUTER_NAME and NO_SUCH_DOMAIN too
via d032569f2e4 smbspool: add more error codes to the auth_errors array
via a0c6ae24c99 smbspool: use one element per line for the auth_errors
array
via 15d2130bad3 s4:gensec_krb5: remove unused argument of
gensec_krb5_common_client_creds()
via 8ec0e3194bf s4:gensec_krb5: make use of talloc_zero() in
gensec_krb5_start()
via a8ba35fa97b s4:gensec_krb5: make use of struct samba_sockaddr
via 240e5cf325b s3:libads: prefer ENCTYPE_AES256_CTS_HMAC_SHA1_96 in
ads_keytab_add_entry()
via 0be55059429 lib/krb5_wrap: prefer new enctyptes in
ms_suptypes_to_ietf_enctypes()
via fd2ca9d26d5 s3:libads: make use
auth4_context_{for,get}_PAC_DATA_CTR() in kerberos_return_pac()
via f8e7c3d3821 auth/kerberos: add
auth4_context_{for,get}_PAC_DATA_CTR() helpers
from 0b3db29bd5f ctdb-tests: Add some tool unit tests to ensure that
timeouts work
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c90824a24a513a39dd7bbf42c81bd9e9b552fd06
Author: Stefan Metzmacher
Date: Fri Nov 29 08:46:21 2019 +
krb5_wrap: map KRB5_REALM_UNKNOWN to NT_STATUS_NO_SUCH_DOMAIN
This is much better than mapping it to NT_STATUS_UNSUCCESSFUL.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Mon Feb 10 17:59:34 UTC 2020 on sn-devel-184
commit 765b0eac63ef508c66f4e615882d8eb5bb7ae929
Author: Stefan Metzmacher
Date: Thu Nov 14 15:38:42 2019 +0100
krb5_wrap: map KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN to
NT_STATUS_INVALID_COMPUTER_NAME
KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN is already mapped to
NT_STATUS_INVALID_ACCOUNT_NAME and we need a way to
distinguish between client and server principal
at the NTSTATUS layer too.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit c403fa1a7fe6725957aab7e8039877d1becad8bf
Author: Stefan Metzmacher
Date: Wed Nov 6 15:38:23 2019 +0100
krb5_wrap: move source3/libads/krb5_errs.c to lib/krb5_wrap/krb5_errs.c
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 98d2d5a40358e26d34c81047d80b79876a8ddab9
Author: Stefan Metzmacher
Date: Wed Dec 11 14:53:20 2019 +0100
auth/gensec: map NT_STATUS_{INVALID_ACCOUNT_NAME,NO_SUCH_DOMAIN} to
NT_STATUS_NO_SUCH_USER
This means nt_status_squash() will map NT_STATUS_NO_SUCH_USER to
LOGON_FAILURE later.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 28d9493d232020a65b1b4634408c9341ef1dc39c
Author: Stefan Metzmacher
Date: Tue Nov 19 12:10:11 2019 +0100
gensec/spnego: fallback on INVALID_{ACCOUNT,COMPUTER}_NAME and
NO_SUCH_DOMAIN
I think it's better to handle them in spnego.c, instead of squashing
them already in the gssapi/gse modules. This is related to
KRB5KDC_ERR_{C,S}_PRINCIPAL_UNKNOWN and KRB5_REALM_UNKNOWN.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 62ee0d93cc5f809ebc5c4bcb4aa818aa4c69a9e3
Author: Stefan Metzmacher
Date: Tue Nov 19 12:10:11 2019 +0100
winbindd_cm: fallback to anonymous for INVALID_COMPUTER_NAME and
NO_SUCH_DOMAIN too
These error codes are soon propagated in addition to
INVALID_ACOUNT_NAME through the gensec/spnego layers.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit d032569f2e441afd59b85a16ae7e0adcdd9f8ad2
Author: Stefan Metzmacher
Date: Fri Feb 7 13:08:43 2020 +0100
smbspool: add more error codes to the auth_errors array
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit a0c6ae24c99c6ba6969e849fd17fdd9ebbeba0a4
Author: Stefan Metzmacher
Date: Fri Feb 7 13:06:46 2020 +0100
smbspool: use one element per line for the auth_errors array
This makes it more obvious if the later change the array.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 15d2130bad3126e1f8f26a0309eee19d248fa120
Author: Stefan Metzmacher
Date: Tue Nov 12 22:01:43 2019 +0100
s4:gensec_krb5: remove unused argument of gensec_krb5_common_client_creds()
Signed-off-by: S
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 7e78d275424 gensec: Fix CID 1458419 Control flow issues (NO_EFFECT)
via 43c808f2ff9 gensec: Fix CID 1458421 OVERRUN
via ef0350221e1 auth: Fix CID 1458418 Null pointer dereferences
(REVERSE_INULL)
via 503fc8f2ba6 auth: Fix CID 1458420 Null pointer dereferences
(REVERSE_INULL)
from bd279d3f98d ctdb-tests: Fix getdbmap test so that it actually works
sanely
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 7e78d275424db52544ee550ad0993c38d08d30a8
Author: Volker Lendecke
Date: Wed Feb 12 15:42:28 2020 +0100
gensec: Fix CID 1458419 Control flow issues (NO_EFFECT)
socklen_t can be unsigned
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Fri Feb 14 13:42:26 UTC 2020 on sn-devel-184
commit 43c808f2ff907497dfff0988ff90a48fdcfc16ef
Author: Volker Lendecke
Date: Wed Feb 12 15:36:20 2020 +0100
gensec: Fix CID 1458421 OVERRUN
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit ef0350221e194a3dd3350eab02b38baeb32d8fd3
Author: Volker Lendecke
Date: Wed Feb 12 15:40:32 2020 +0100
auth: Fix CID 1458418 Null pointer dereferences (REVERSE_INULL)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 503fc8f2ba662ecbec0788bd1710440464dc5cfd
Author: Volker Lendecke
Date: Wed Feb 12 15:39:54 2020 +0100
auth: Fix CID 1458420 Null pointer dereferences (REVERSE_INULL)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
source3/auth/auth_sam.c | 6 --
source4/auth/gensec/gensec_krb5.c | 18 ++
2 files changed, 14 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index c6357c696ea..3c12f959faf 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -80,12 +80,13 @@ static NTSTATUS auth_samstrict_auth(const struct
auth_context *auth_context,
const struct auth_usersupplied_info
*user_info,
struct auth_serversupplied_info
**server_info)
{
- const char *effective_domain = user_info->mapped.domain_name;
+ const char *effective_domain = NULL;
bool is_local_name, is_my_domain;
if (!user_info || !auth_context) {
return NT_STATUS_LOGON_FAILURE;
}
+ effective_domain = user_info->mapped.domain_name;
if (user_info->mapped.account_name == NULL ||
user_info->mapped.account_name[0] == '\0')
@@ -187,12 +188,13 @@ static NTSTATUS auth_sam_netlogon3_auth(const struct
auth_context *auth_context,
const struct auth_usersupplied_info
*user_info,
struct auth_serversupplied_info
**server_info)
{
- const char *effective_domain = user_info->mapped.domain_name;
+ const char *effective_domain = NULL;
bool is_my_domain;
if (!user_info || !auth_context) {
return NT_STATUS_LOGON_FAILURE;
}
+ effective_domain = user_info->mapped.domain_name;
if (user_info->mapped.account_name == NULL ||
user_info->mapped.account_name[0] == '\0')
diff --git a/source4/auth/gensec/gensec_krb5.c
b/source4/auth/gensec/gensec_krb5.c
index c7d0fc6c225..866ecc82133 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -145,16 +145,17 @@ static NTSTATUS gensec_krb5_start(struct gensec_security
*gensec_security, bool
tlocal_addr = gensec_get_local_address(gensec_security);
if (tlocal_addr) {
+ ssize_t sockaddr_ret;
struct samba_sockaddr addr;
bool ok;
- addr.sa_socklen = tsocket_address_bsd_sockaddr(tlocal_addr,
- &addr.u.sa,
- sizeof(addr.u));
- if (addr.sa_socklen < 0) {
+ sockaddr_ret = tsocket_address_bsd_sockaddr(
+ tlocal_addr, &addr.u.sa, sizeof(addr.u.sa));
+ if (sockaddr_ret < 0) {
talloc_free(gensec_krb5_state);
return NT_STATUS_INTERNAL_ERROR;
}
+ addr.sa_socklen = sockaddr_ret;
ok = smb_krb5_sockaddr_to_kaddr(&addr.u.ss, &my_krb5_addr);
if (!ok)
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 195e88cea34 s3:modules: add vfs_io_uring module
via fb5a99fa020 bootstrap: replace libaio-dev/libaio-devel with
liburing-dev/liburing-devel
via c1b9bf99340 lib/replace: remove unused check for aio.h
from b9ab8bf7a9c s3:tests: Add smbclient test for 'force create mode =
0664'
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 195e88cea34c983afc02cfb521a60cdd1edbe9e1
Author: Stefan Metzmacher
Date: Wed Jun 5 17:01:49 2019 +0200
s3:modules: add vfs_io_uring module
The module makes use of the new io_uring infrastructure
(intruduced in linux 5.1), see https://lwn.net/Articles/778411/ and
http://git.kernel.dk/cgit/liburing/
Currently this only implements SMB_VFS_{PREAD,PWRITE,FSYNC}_SEND/RECV
and avoids the overhead of our userspace threadpool.
In future we'll hopefully make more use of more advanced io_uring
features.
For now we don't have automated tests as our test infrastructure
doesn't use a recent kernel. At least we're able to do compile tests
on fedora31.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Jeremy Allison
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Sat Feb 15 11:37:45 UTC 2020 on sn-devel-184
commit fb5a99fa0200785ef1b5a8c9bc4a645d09fbeb5e
Author: Stefan Metzmacher
Date: Fri Feb 7 11:00:21 2020 +0100
bootstrap: replace libaio-dev/libaio-devel with liburing-dev/liburing-devel
We'll never use libaio, but will soon add a io_uring vfs module.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Jeremy Allison
commit c1b9bf993402f7d74f992c609ede94653e87172f
Author: Stefan Metzmacher
Date: Fri Feb 7 11:02:18 2020 +0100
lib/replace: remove unused check for aio.h
Signed-off-by: Stefan Metzmacher
Reviewed-by: Jeremy Allison
---
Summary of changes:
.gitlab-ci.yml | 2 +-
bootstrap/config.py| 18 +-
bootstrap/generated-dists/centos6/bootstrap.sh | 1 -
bootstrap/generated-dists/centos6/packages.yml | 1 -
bootstrap/generated-dists/centos7/bootstrap.sh | 1 -
bootstrap/generated-dists/centos7/packages.yml | 1 -
bootstrap/generated-dists/centos8/bootstrap.sh | 1 -
bootstrap/generated-dists/centos8/packages.yml | 1 -
bootstrap/generated-dists/debian10/bootstrap.sh| 1 -
bootstrap/generated-dists/debian10/packages.yml| 1 -
bootstrap/generated-dists/debian7/bootstrap.sh | 1 -
bootstrap/generated-dists/debian7/packages.yml | 1 -
bootstrap/generated-dists/debian8/bootstrap.sh | 1 -
bootstrap/generated-dists/debian8/packages.yml | 1 -
bootstrap/generated-dists/debian9/bootstrap.sh | 1 -
bootstrap/generated-dists/debian9/packages.yml | 1 -
bootstrap/generated-dists/fedora29/bootstrap.sh| 1 -
bootstrap/generated-dists/fedora29/packages.yml| 1 -
bootstrap/generated-dists/fedora30/bootstrap.sh| 1 -
bootstrap/generated-dists/fedora30/packages.yml| 1 -
bootstrap/generated-dists/fedora31/bootstrap.sh| 2 +-
bootstrap/generated-dists/fedora31/packages.yml| 2 +-
bootstrap/generated-dists/opensuse150/bootstrap.sh | 1 -
bootstrap/generated-dists/opensuse150/packages.yml | 1 -
bootstrap/generated-dists/opensuse151/bootstrap.sh | 1 -
bootstrap/generated-dists/opensuse151/packages.yml | 1 -
bootstrap/generated-dists/ubuntu1404/bootstrap.sh | 1 -
bootstrap/generated-dists/ubuntu1404/packages.yml | 1 -
bootstrap/generated-dists/ubuntu1604/bootstrap.sh | 1 -
bootstrap/generated-dists/ubuntu1604/packages.yml | 1 -
bootstrap/generated-dists/ubuntu1804/bootstrap.sh | 1 -
bootstrap/generated-dists/ubuntu1804/packages.yml | 1 -
bootstrap/sha1sum.txt | 2 +-
.../{vfs_aio_pthread.8.xml => vfs_io_uring.8.xml} | 54 +-
docs-xml/wscript_build | 1 +
lib/replace/wscript| 2 +-
source3/modules/vfs_io_uring.c | 543 +
source3/modules/wscript_build | 8 +
source3/wscript| 11 +
39 files changed, 617 insertions(+), 56 deletions(-)
copy docs-xml/manpages/{vfs_aio_pthread.8.xml => vfs_io_uring.8.xml} (55%)
create mode 100644 source3/modules/vfs_io_uring.c
Changeset truncated at 500 lines:
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index df91d7dadb1..56adf10c7be 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -22,7 +22,7 @@ variables:
# Set this to the contents of bootstrap/sha1sum.txt
# which is generated by bootstrap/template.p
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 340cd2b8163 ldb: change the version to 2.2.0 for Samba 4.13
from 4edece5e973 s3:smb2_tcon: pass down in_flags to
smbd_smb2_tree_connect_send()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 340cd2b81639cee622bb35981f680e7d2a7a491c
Author: Stefan Metzmacher
Date: Tue Feb 25 11:30:04 2020 +0100
ldb: change the version to 2.2.0 for Samba 4.13
Signed-off-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Feb 26 23:11:39 UTC 2020 on sn-devel-184
---
Summary of changes:
lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.2.0.sigs} | 0
lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.2.0.sigs} | 0
lib/ldb/wscript | 2 +-
3 files changed, 1 insertion(+), 1 deletion(-)
copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.2.0.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.2.0.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/ABI/ldb-2.0.5.sigs b/lib/ldb/ABI/ldb-2.2.0.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-2.0.5.sigs
copy to lib/ldb/ABI/ldb-2.2.0.sigs
diff --git a/lib/ldb/ABI/pyldb-util-2.1.0.sigs
b/lib/ldb/ABI/pyldb-util-2.2.0.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-2.1.0.sigs
copy to lib/ldb/ABI/pyldb-util-2.2.0.sigs
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 06c8922aa8d..280e0916736 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'ldb'
-VERSION = '2.1.1'
+VERSION = '2.2.0'
import sys, os
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag ldb-2.0.9 created
The annotated tag, ldb-2.0.9 has been created at 7acafd2995bed5c9828c85e4b5be55f1ac67a332 (tag) tagging 8cb7818a40564e2af2090e9b775ac4d770d3aae5 (commit) replaces samba-4.11.6 tagged by Stefan Metzmacher on Tue Mar 10 13:34:27 2020 +0100 - Log - ldb: tag release ldb-2.0.9 -BEGIN PGP SIGNATURE- iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl5niVMACgkQR5ORYRMI QCVf8Af/b6Y+FB8bUJNxusSlmR1v9GWzfKg92WKFU5jvNFPt9iWtOylgwSm619Re DJVTERmoHNXxcW30wYDaEJqRtxW2OKV0z3iw46XUPLpFmY9LQS12JSC9Er1sa6GT zGAWxSvgek2EmKeCXPad42vcXaqTz6pzDB8p3WzvzG79Zzy50uT8k2hFe6QxEglD Us90pbiFSheeB6wr4Cn8Hh2u8Vhint6R8fsxZ1TkWM3qNV6/olr/U+jVrvtzO/FP mlzVJHNTI2kcYHzoidXMDQdKy/XO/kzZ0hSYuz9ikmJ+NX7ica4sxoBSE8sUgFGC rIc3c5CxFsCUw9tM77H9cS5+d8DhkQ== =c4zr -END PGP SIGNATURE- Andreas Schneider (3): lib:util: Log mkdir error on correct debug levels s4:torture: Skip the deltest20 as user root wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9 Andrew Bartlett (6): ldb: Add tests for one-level indexes in conjunction with other indexes ldb: Add tests aimed at the SCOPE_ONELEVEL particular ldb: Ensure @IDXONE modes is tested in ldb.python (apy.py) tests ldb: Fix search with scope ONE and small result sets ldb: Add tests aimed at the SCOPE_ONELEVEL bug in particular ldb: version 2.0.9 Jeremy Allison (2): s3: lib: nmblib. Clean up and harden nmb packet processing. s3: VFS: full_audit. Use system session_info if called from a temporary share definition. Karolin Seeger (2): VERSION: Bump version up to 4.11.7... script/release.sh: Don't use quotations any longer. Martin Schwenke (1): ctdb-tcp: Make error handling for outbound connection consistent Stefan Metzmacher (7): s3:auth_sam: replace confusing FALL_THROUGH; with break; s3:auth_sam: unify the debug messages of all auth_sam*_auth() functions s3:auth_sam: make sure we never handle empty usernames s3:auth_sam: introduce effective_domain helper variables s3:selftest: test authentication with an empty userdomain and upn names s3:auth_sam: map an empty domain or '.' to the local SAM name winbindd: handling missing idmap in getgrgid() Volker Lendecke (6): auth: Fix CID 1458420 Null pointer dereferences (REVERSE_INULL) auth: Fix CID 1458418 Null pointer dereferences (REVERSE_INULL) test: Intercept open in vfs_error_inject test: Show that smbd does not handle EINTR from open() correctly lib: Map EINPROGRESS->NT_STATUS_MORE_PROCESSING_REQUIRED smbd: Separate aio_pthread indicator from normal EINTR --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e2d260c7b42 third_party: Update resolv_wrapper to version 1.1.6
via e09c2e118b3 third_party: Update socket_wrapper to version 1.2.4
via 61a6bf82d4c third_party: Update pam_wrapper to version 1.1.2
from 2a5d994b1a1 vfs: remove SMB_VFS_OPENDIR()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e2d260c7b42e30eca20fc90c8dbb8de82820ee2a
Author: Stefan Metzmacher
Date: Wed Mar 18 14:51:12 2020 +0100
third_party: Update resolv_wrapper to version 1.1.6
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Mar 25 08:33:17 UTC 2020 on sn-devel-184
commit e09c2e118b31968f6618c21eb4a5f952735f19a0
Author: Stefan Metzmacher
Date: Tue Mar 10 13:27:27 2020 +0100
third_party: Update socket_wrapper to version 1.2.4
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 61a6bf82d4cd7b1deecaf41d5d4f7d9e73f168be
Author: Andreas Schneider
Date: Fri Mar 20 15:25:47 2020 +0100
third_party: Update pam_wrapper to version 1.1.2
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
buildtools/wafsamba/samba_third_party.py| 6 +-
third_party/pam_wrapper/pam_wrapper.c | 472 ++--
third_party/pam_wrapper/python/pypamtest.c | 67 ++-
third_party/pam_wrapper/wscript | 14 +-
third_party/resolv_wrapper/resolv_wrapper.c | 799 +---
third_party/resolv_wrapper/wscript | 14 +-
third_party/socket_wrapper/socket_wrapper.c | 199 ++-
third_party/socket_wrapper/wscript | 10 +-
8 files changed, 1302 insertions(+), 279 deletions(-)
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/samba_third_party.py
b/buildtools/wafsamba/samba_third_party.py
index a7026034984..181d0b352a5 100644
--- a/buildtools/wafsamba/samba_third_party.py
+++ b/buildtools/wafsamba/samba_third_party.py
@@ -24,7 +24,7 @@ Build.BuildContext.CHECK_CMOCKA = CHECK_CMOCKA
@conf
def CHECK_SOCKET_WRAPPER(conf):
-return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.2.3')
+return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.2.4')
Build.BuildContext.CHECK_SOCKET_WRAPPER = CHECK_SOCKET_WRAPPER
@conf
@@ -34,7 +34,7 @@ Build.BuildContext.CHECK_NSS_WRAPPER = CHECK_NSS_WRAPPER
@conf
def CHECK_RESOLV_WRAPPER(conf):
-return conf.CHECK_BUNDLED_SYSTEM_PKG('resolv_wrapper', minversion='1.1.4')
+return conf.CHECK_BUNDLED_SYSTEM_PKG('resolv_wrapper', minversion='1.1.6')
Build.BuildContext.CHECK_RESOLV_WRAPPER = CHECK_RESOLV_WRAPPER
@conf
@@ -44,5 +44,5 @@ Build.BuildContext.CHECK_UID_WRAPPER = CHECK_UID_WRAPPER
@conf
def CHECK_PAM_WRAPPER(conf):
-return conf.CHECK_BUNDLED_SYSTEM_PKG('pam_wrapper', minversion='1.0.7')
+return conf.CHECK_BUNDLED_SYSTEM_PKG('pam_wrapper', minversion='1.1.2')
Build.BuildContext.CHECK_PAM_WRAPPER = CHECK_PAM_WRAPPER
diff --git a/third_party/pam_wrapper/pam_wrapper.c
b/third_party/pam_wrapper/pam_wrapper.c
index 48d2c2ae566..dd69c43f021 100644
--- a/third_party/pam_wrapper/pam_wrapper.c
+++ b/third_party/pam_wrapper/pam_wrapper.c
@@ -36,6 +36,8 @@
#include
#include
+#include
+
#include
#ifdef HAVE_SECURITY_PAM_APPL_H
@@ -97,6 +99,19 @@
* LOGGING
*/
+#ifndef HAVE_GETPROGNAME
+static const char *getprogname(void)
+{
+#if defined(HAVE_PROGRAM_INVOCATION_SHORT_NAME)
+ return program_invocation_short_name;
+#elif defined(HAVE_GETEXECNAME)
+ return getexecname();
+#else
+ return NULL;
+#endif /* HAVE_PROGRAM_INVOCATION_SHORT_NAME */
+}
+#endif /* HAVE_GETPROGNAME */
+
enum pwrap_dbglvl_e {
PWRAP_LOG_ERROR = 0,
PWRAP_LOG_WARN,
@@ -123,6 +138,7 @@ static void pwrap_vlog(enum pwrap_dbglvl_e dbglvl,
const char *d;
unsigned int lvl = 0;
const char *prefix = "PWRAP";
+ const char *progname = getprogname();
d = getenv("PAM_WRAPPER_DEBUGLEVEL");
if (d != NULL) {
@@ -136,24 +152,29 @@ static void pwrap_vlog(enum pwrap_dbglvl_e dbglvl,
vsnprintf(buffer, sizeof(buffer), format, args);
switch (dbglvl) {
- case PWRAP_LOG_ERROR:
- prefix = "PWRAP_ERROR";
- break;
- case PWRAP_LOG_WARN:
- prefix = "PWRAP_WARN";
- break;
- case PWRAP_LOG_DEBUG:
- prefix = "PWRAP_DEBUG";
- break;
- case PWRAP_LOG_TRACE:
- prefix = "PWRAP_TRACE&qu
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via be394406ee0 lib: Try nonblocking writes in writev_send()
via 79f55ba3271 lib: Use optimize_empty in writev_send()
via 8946531f1f7 winbind: Set the parent->child sock nonblocking
via 0e50ed19360 libsmb: Make sure that the TCP socket is non-blocking
via f52f531771d lib: Remove unused SOCKET_FLAG_BLOCK
via 051b7c135c9 lib: Simplify writev_cancel()
from e2d260c7b42 third_party: Update resolv_wrapper to version 1.1.6
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit be394406ee016c6bab75fcd96417554468cf495d
Author: Volker Lendecke
Date: Thu Mar 19 17:00:59 2020 +0100
lib: Try nonblocking writes in writev_send()
All callers now use nonblocking sockets, so that we can optimize by
doing early writes
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Mar 25 10:41:29 UTC 2020 on sn-devel-184
commit 79f55ba3271b54068535e97695f5d6065a7048a5
Author: Volker Lendecke
Date: Thu Mar 12 16:20:25 2020 +0100
lib: Use optimize_empty in writev_send()
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 8946531f1f70c87b17ded5a9b42cf0329fe83fe7
Author: Volker Lendecke
Date: Fri Mar 20 12:17:08 2020 +0100
winbind: Set the parent->child sock nonblocking
The parent goes through wb_simple_trans_send(), which deals with short
writes fine.
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 0e50ed193606c3716bcd3955e6305f6891f34cff
Author: Volker Lendecke
Date: Fri Mar 20 11:46:43 2020 +0100
libsmb: Make sure that the TCP socket is non-blocking
All traffic goes through smbXcli_base.c, and that is prepared to deal
with short writes via the conn->outgoing queue. Instead of making sure
that all callers properly set the socket nonblocking, do it here, so
that we can later optimize sending out data to the server.
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit f52f531771d6a25b2e363384bf94a9fa14334e1b
Author: Volker Lendecke
Date: Fri Mar 20 11:31:15 2020 +0100
lib: Remove unused SOCKET_FLAG_BLOCK
Nobody in the code set this flag, so remove it
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 051b7c135c959dad8b19c69aa372c7060e39ff19
Author: Volker Lendecke
Date: Thu Mar 12 11:42:41 2020 +0100
lib: Simplify writev_cancel()
We can only reasonably cancel a writev request that is still
queued. Once writing has started, cancel is pointless. Simplify the
if-conditions.
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
lib/async_req/async_sock.c | 91 ++--
libcli/smb/smbXcli_base.c| 1 +
source3/winbindd/winbindd_dual.c | 1 +
source4/lib/socket/socket.c | 5 +--
source4/lib/socket/socket.h | 1 -
source4/lib/socket/socket_ip.c | 49 +-
source4/lib/socket/socket_unix.c | 28 +
7 files changed, 85 insertions(+), 91 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c
index e436d00ac79..8f04a7bcbae 100644
--- a/lib/async_req/async_sock.c
+++ b/lib/async_req/async_sock.c
@@ -291,11 +291,14 @@ struct tevent_req *writev_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
return req;
}
- state->queue_entry = tevent_queue_add_entry(queue, ev, req,
- writev_trigger, NULL);
+ state->queue_entry = tevent_queue_add_optimize_empty(
+ queue, ev, req, writev_trigger, NULL);
if (tevent_req_nomem(state->queue_entry, req)) {
return tevent_req_post(req, ev);
}
+ if (!tevent_req_is_in_progress(req)) {
+ return tevent_req_post(req, ev);
+ }
return req;
}
@@ -312,35 +315,67 @@ static bool writev_cancel(struct tevent_req *req)
{
struct writev_state *state = tevent_req_data(req, struct writev_state);
- TALLOC_FREE(state->queue_entry);
- TALLOC_FREE(state->fde);
-
- if (state->count == 0) {
- /*
-* already completed.
-*/
- return false;
- }
-
- tevent_req_defer_callback(req, state->ev);
if (state->total_size > 0) {
/*
* We've already started to write :-(
*/
- tevent_req_error(req, EIO);
return false;
}
+ TALLOC_FREE(state->
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c4ccdf4b30d s4:selftest: run samba.tests.krb5.simple_tests against
ad_dc_default
via 4f6d26609a6 python/tests/krb5: add simple_tests.py with the first
simple test
via fb7cba50ae3 python/tests/krb5: add raw_testcase.py as the base for
our Kerberos protocol testing
via 94d068427f6 python/tests/krb5: modify rfc4120.asn1 in order to
generate pyasn1 code
via a2f75c314e9 python/tests/krb5: add rfc4120.asn1
via 47385248c8e python/tests/krb5: add support for Cksumtype.MD5
via 7010a1311d1 s4:selftest: run samba.tests.krb5.kcrypto test
via 8bdd3799768 python/tests/krb5: convert kcrypto.py to
python3-cryptography and a few Samba helpers
via 679bb52c957 python/tests/krb5: add crypto.py from greghudson/pyk5
as kcrypto.py
via 0f805db40a4 python/tests: let usage.py be more verbose on errors
via 99b64424874 bootstrap: add python3-pyasn1/python3-cryptography for
kerberos testing
via 53402b35300 bootstrap: add ubuntu2004 Ubuntu Focal Fossa
(development branch)
from a85fadaefc6 selftest: we no longer need '--use-dns-faking' on Linux
and FreeBSD
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c4ccdf4b30de1b1e63d3fd99d33b924b816a5d37
Author: Stefan Metzmacher
Date: Thu Feb 13 16:29:38 2020 +0100
s4:selftest: run samba.tests.krb5.simple_tests against ad_dc_default
Signed-off-by: Stefan Metzmacher
Reviewed-by: Isaac Boukris
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Fri Mar 27 19:54:25 UTC 2020 on sn-devel-184
commit 4f6d26609a66a42df671a540677af15e67efc0df
Author: Stefan Metzmacher
Date: Thu Feb 13 16:29:38 2020 +0100
python/tests/krb5: add simple_tests.py with the first simple test
This just demonstrates that the infrastructure works:-)
I'm running this as:
SERVER=172.31.9.188 DOMAIN=W2012R2-L6 REALM=W2012R2-L6.BASE \
USERNAME=administrator PASSWORD=A1b2C3d4 SERVICE_USERNAME="w2012r2-188" \
python/samba/tests/krb5/simple_tests.py
Pair-Programmed-With: Isaac Boukris
Signed-off-by: Stefan Metzmacher
Signed-off-by: Isaac Boukris
Reviewed-by: Isaac Boukris
commit fb7cba50ae3472b29aa806208badc1ded8979073
Author: Stefan Metzmacher
Date: Thu Feb 13 16:29:38 2020 +0100
python/tests/krb5: add raw_testcase.py as the base for our Kerberos
protocol testing
Pair-Programmed-With: Isaac Boukris
Signed-off-by: Stefan Metzmacher
Signed-off-by: Isaac Boukris
Reviewed-by: Isaac Boukris
commit 94d068427f6cf23ab68c135ed9833db4b9155b65
Author: Stefan Metzmacher
Date: Thu Feb 13 16:29:38 2020 +0100
python/tests/krb5: modify rfc4120.asn1 in order to generate pyasn1 code
The pyasn1 bindings are generated by pyasn1gen.py from
https://github.com/kimgr/asn1ate.git
Signed-off-by: Stefan Metzmacher
Reviewed-by: Isaac Boukris
commit a2f75c314e9946f74e9dacceac69029525b5
Author: Stefan Metzmacher
Date: Thu Feb 13 16:29:38 2020 +0100
python/tests/krb5: add rfc4120.asn1
Signed-off-by: Stefan Metzmacher
Reviewed-by: Isaac Boukris
commit 47385248c8e462162e01afc3d3d68b97dff3542c
Author: Stefan Metzmacher
Date: Mon Mar 23 08:53:54 2020 +0100
python/tests/krb5: add support for Cksumtype.MD5
Signed-off-by: Stefan Metzmacher
Reviewed-by: Isaac Boukris
commit 7010a1311d193c78e9f26adeafe98458217edbca
Author: Stefan Metzmacher
Date: Wed Mar 25 22:07:39 2020 +0100
s4:selftest: run samba.tests.krb5.kcrypto test
Signed-off-by: Stefan Metzmacher
Reviewed-by: Isaac Boukris
commit 8bdd37997686d4ca60584bdfda78440be8432405
Author: Stefan Metzmacher
Date: Fri Mar 20 12:47:39 2020 +0100
python/tests/krb5: convert kcrypto.py to python3-cryptography and a few
Samba helpers
Signed-off-by: Stefan Metzmacher
Reviewed-by: Isaac Boukris
commit 679bb52c957dafcec96ff37f87d8c3496996b909
Author: Isaac Boukris
Date: Sat Feb 15 18:33:33 2020 +0100
python/tests/krb5: add crypto.py from greghudson/pyk5 as kcrypto.py
This is crypto.py of commit f0612aa908062fb239d1c3873595e7204ae1691d
from https://github.com/greghudson/pyk5.git
This will be used in order to do raw protocol testing against
[MS-KILE] KDCs.
Pair-Programmed-With: Stefan Metzmacher
Signed-off-by: Isaac Boukris
Signed-off-by: Stefan Metzmacher
Reviewed-by: Stefan Metzmacher
commit 0f805db40a4948f9902733aa03ed6ae2789dabb3
Author: Stefan Metzmacher
Date: Tue Mar 24 14:02:58 2020 +0100
python/tests: let usage.py be more verbose on errors
Signed-off-by: Stefan Metzmacher
Reviewed-by: Isaac Boukris
commit 99b644248746a8a038d6f4b15aa621a907adc987
Author: Stefan Metzmacher
Da
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9b1e96197e0 script/autobuild.py: allow write_system_info commands
to fail
via 0312a10e09d script/autobuild.py: use more portable 'cp -R -a -l'
via f9374d0a4ec script/autobuild.py: add support git worktree
via 579c27fc4aa .gitlab-ci.yml: actually run ubuntu2004-samba-o3
from 24b03fd28ed s3/utils: Fix double free error with smbtree
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9b1e96197e0983a16e73ce351eac7775801736d8
Author: Stefan Metzmacher
Date: Fri Feb 28 00:00:08 2020 +0100
script/autobuild.py: allow write_system_info commands to fail
These commands are just there as hints to debug possible problems.
In order to support autobuild.py on non-linux platforms we should
just ignore errors here.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Apr 2 07:36:07 UTC 2020 on sn-devel-184
commit 0312a10e09d8dc1295a4a80493761e91031e88e7
Author: Stefan Metzmacher
Date: Thu Feb 27 23:59:00 2020 +0100
script/autobuild.py: use more portable 'cp -R -a -l'
On platforms like FreeBSD 12 cp doesn't accept the long options,
using the one letter options works there and keeps working on Linux
as well.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit f9374d0a4ecc11acc46884feec28d138accc6dab
Author: Stefan Metzmacher
Date: Thu Feb 27 23:58:42 2020 +0100
script/autobuild.py: add support git worktree
.git is not always a directory, with 'git worktree' it's a file.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
commit 579c27fc4aafe5cbed6f4431f9a6230696c21611
Author: Stefan Metzmacher
Date: Thu Apr 2 00:22:26 2020 +0200
.gitlab-ci.yml: actually run ubuntu2004-samba-o3
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andrew Bartlett
---
Summary of changes:
.gitlab-ci.yml | 2 +-
script/autobuild.py | 9 ++---
2 files changed, 7 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 27a8dea47c1..ef44a3d9d89 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -274,7 +274,7 @@ ubuntu1804-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_ubuntu1804
-.ubuntu2004-samba-o3:
+ubuntu2004-samba-o3:
extends: .samba-o3-template
image: $SAMBA_CI_CONTAINER_IMAGE_ubuntu2004
diff --git a/script/autobuild.py b/script/autobuild.py
index 3889d6ed620..8cee3ecbbbf 100755
--- a/script/autobuild.py
+++ b/script/autobuild.py
@@ -37,7 +37,7 @@ def find_git_root():
'''get to the top of the git repo'''
p = os.getcwd()
while p != '/':
-if os.path.isdir(os.path.join(p, ".git")):
+if os.path.exists(os.path.join(p, ".git")):
return p
p = os.path.abspath(os.path.join(p, '..'))
return None
@@ -836,7 +836,7 @@ class builder(object):
run_cmd("rm -rf %s" % self.test_source_dir)
run_cmd("rm -rf %s" % self.prefix)
if cp:
-run_cmd("cp --recursive --link --archive %s %s" % (test_master,
self.test_source_dir), dir=test_master, show=True)
+run_cmd("cp -R -a -l %s %s" % (test_master, self.test_source_dir),
dir=test_master, show=True)
else:
run_cmd("git clone --recursive --shared %s %s" % (test_master,
self.test_source_dir), dir=test_master, show=True)
self.start_next()
@@ -967,7 +967,10 @@ class buildlist(object):
'cc --version',
'df -m .',
'df -m %s' % testbase]:
-out = run_cmd(cmd, output=True, checkfail=False)
+try:
+out = run_cmd(cmd, output=True, checkfail=False)
+except subprocess.CalledProcessError as e:
+out = "" % str(e)
print('### %s' % cmd, file=f)
print(out, file=f)
print(file=f)
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via afd3bd01eb4 docs-xml/smbdotconf: clarify the quoting for advanced
"interfaces" options
via fe3380d369c interface: clarify the quoting for advanced
"interfaces" options
via 5944ec38cd9 interface: allow overriding speed/cap/if_index for
named interfaces
via d39636acea4 lib/socket: autodetect RSS using ETHTOOL_GRXRINGS
via 4ccb5816093 lib/socket: let query_iface_speed_from_name()
initialize memory passed to syscalls
from c83ce5f4f99 lib:util: Fix smbclient -l basename dir
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit afd3bd01eb463081cb85724260a0840cd98b38c2
Author: Stefan Metzmacher
Date: Thu May 7 12:04:00 2020 +0200
docs-xml/smbdotconf: clarify the quoting for advanced "interfaces" options
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu May 7 16:23:40 UTC 2020 on sn-devel-184
commit fe3380d369c2a528f89da5a047235420cec63b4d
Author: Stefan Metzmacher
Date: Thu May 7 12:04:00 2020 +0200
interface: clarify the quoting for advanced "interfaces" options
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
commit 5944ec38cd9462643f82bf733a86a8e405bc0594
Author: Steven Noonan
Date: Mon Sep 23 22:53:40 2019 -0700
interface: allow overriding speed/cap/if_index for named interfaces
Signed-off-by: Steven Noonan
Reviewed-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
commit d39636acea4fda840b23646b021e24559681b0b0
Author: Stefan Metzmacher
Date: Thu May 7 11:06:03 2020 +0200
lib/socket: autodetect RSS using ETHTOOL_GRXRINGS
This is also used as part of 'ethtool -n rdma14' and
'ethtool -x rdma14'.
;#> ethtool -n rdma14
8 RX rings available
rxclass: Cannot get RX class rule count: Operation not supported
RX classification rule retrieval failed
;#> ethtool -x rdma14
RX flow hash indirection table for rdma14 with 8 RX ring(s):
0: 0 1 2 3 4 5 6 7
8: 0 1 2 3 4 5 6 7
RSS hash key:
Operation not supported
RSS hash function:
toeplitz: on
xor: off
crc32: off
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
commit 4ccb58160936d13a06c74ed1c28c855564b50f22
Author: Stefan Metzmacher
Date: Thu May 7 11:06:03 2020 +0200
lib/socket: let query_iface_speed_from_name() initialize memory passed to
syscalls
I'm not sure if struct initializers would take care of padding,
so I use ZERO_STRUCT().
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
---
Summary of changes:
docs-xml/smbdotconf/base/interfaces.xml | 20 ---
lib/socket/interfaces.c | 43 +
source3/lib/interface.c | 39 +-
3 files changed, 86 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/base/interfaces.xml
b/docs-xml/smbdotconf/base/interfaces.xml
index b804e64be9e..cbc29712385 100644
--- a/docs-xml/smbdotconf/base/interfaces.xml
+++ b/docs-xml/smbdotconf/base/interfaces.xml
@@ -41,12 +41,13 @@
In order to support SMB3 multi-channel configurations, smbd understands
- some extra data that can be appended after the actual interface with
- this extended syntax:
+ some extra parameters which can be appended after the actual interface
with
+ this extended syntax (note that the quoting is important in order to
handle the ; and ,
+ characters):
- interface[;key1=value1[,key2=value2[...]]]
+ "interface[;key1=value1[,key2=value2[...]]]"
@@ -58,18 +59,29 @@
development rather than for production use. At least on Linux systems,
these values should be auto-detected, but the settings can serve
as last a resort when autodetection is not working or is not available.
+ The specified values overwrite the auto-detected values.
- The example below configures three network interfaces corresponding
+ The first two example below configures three network interfaces
corresponding
to the eth0 device and IP addresses 192.168.2.10 and 192.168.3.10.
The netmasks of the latter two interfaces would be set to 255.255.255.0.
+
+ The other examples show how per interface extra parameters can be
specified.
+ Notice the possible usage of "," and ";", which
makes
+ the double q
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 01db877c776 srvsvc: Move brl_get_locks() out of enum_file_fn()
via 8e4583f730a test: Show that netfileenum is broken
via 1d40cc01c2d rpcclient: Make netfileenum cmd print the path names
via 8c080f28c37 rpcclient: Use struct initializers in
cmd_srvsvc_net_file_enum()
via 46ab1d478d8 srvsvc: Collect file ids in enum_file_fn()
via bda0b3875d9 srvsvc: Use a struct initializer in net_enum_files()
via 96d68bb9f26 srvsvc: Directly use "ctr3->count" instead of "i"
via ff80f68c302 srvsvc: Use a struct assignment in enum_file_fn()
via a9397f87881 srvsvc: Introduce ctx3 helper var in enum_file_fn()
from 7215669d297 vfs: remove root_dir_fid arg from SMB_VFS_CREATE_FILE()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 01db877c7766387984ef32914eca0b2e817c4c6a
Author: Volker Lendecke
Date: Tue Apr 21 14:54:25 2020 +0200
srvsvc: Move brl_get_locks() out of enum_file_fn()
With share_infos.tdb this is a locking order violation:
share_infos.tdb is level 4, brlock.tdb is level 2. Avoid this by first
walking the share_infos.tdb and then fetching all the brlock entries.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu May 14 22:06:32 UTC 2020 on sn-devel-184
commit 8e4583f730abd1a210ec52d5a060dddc4ad850bb
Author: Volker Lendecke
Date: Mon May 11 11:08:54 2020 +0200
test: Show that netfileenum is broken
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 1d40cc01c2d7f14704c1d9b4b7c42c4cf3450da9
Author: Volker Lendecke
Date: Mon May 11 11:09:02 2020 +0200
rpcclient: Make netfileenum cmd print the path names
Needed for the next commit testing netfileenum
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 8c080f28c37a4ada4f3605123a357666881fa3a0
Author: Volker Lendecke
Date: Wed Apr 22 13:21:40 2020 +0200
rpcclient: Use struct initializers in cmd_srvsvc_net_file_enum()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 46ab1d478d8c27bb4837bf277f8eae5d59613dd2
Author: Volker Lendecke
Date: Tue Apr 21 14:32:16 2020 +0200
srvsvc: Collect file ids in enum_file_fn()
Will be used a few patches down
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit bda0b3875d965c5cccd09dc09f593229e268ee9b
Author: Volker Lendecke
Date: Tue Apr 21 14:42:50 2020 +0200
srvsvc: Use a struct initializer in net_enum_files()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit 96d68bb9f26a0c99d00e92130a2f2c91c7b985e2
Author: Volker Lendecke
Date: Tue Apr 21 14:24:48 2020 +0200
srvsvc: Directly use "ctr3->count" instead of "i"
To me this was not very transparent, and now that we have "ctr3" a
single indirect looks okay
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit ff80f68c3020be0a92eb41115a64518ece097ee7
Author: Volker Lendecke
Date: Tue Apr 21 14:21:49 2020 +0200
srvsvc: Use a struct assignment in enum_file_fn()
Looks nicer than 5 complex array references...
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
commit a9397f87881b9a67407b557e09478cdd40f75b75
Author: Volker Lendecke
Date: Tue Apr 21 14:16:41 2020 +0200
srvsvc: Introduce ctx3 helper var in enum_file_fn()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14355
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 74 +++
source3/rpcclient/cmd_srvsvc.c| 29 +++-
source3/script/tests/test_netfileenum.sh | 73 ++
source3/selftest/tests.py | 9
4 files changed, 145 insertions(+), 40 deletions(-)
create mode 100755 source3/script/tests/test_netfileenum.sh
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
index 17391424fc0..3fb8427693
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 68380ebaa60 winbindd: Fix a use-after-free when winbind clients exit
from dd1f750293e s3: lib: Paranoia around use of snprintf copying into a
fixed-size buffer from a getenv() pointer.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 68380ebaa60c64311cc1081f700d571abbf69f4f
Author: Volker Lendecke
Date: Fri May 15 15:19:45 2020 +0200
winbindd: Fix a use-after-free when winbind clients exit
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14382
Pair-Programmed-With: Stefan Metzmacher
Signed-off-by: Volker Lendecke
Signed-off-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue May 19 10:45:06 UTC 2020 on sn-devel-184
---
Summary of changes:
source3/winbindd/winbindd_dual.c | 28 +++-
1 file changed, 27 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c
index 8ad2485324e..47efe988d65 100644
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -202,7 +202,32 @@ struct tevent_req *wb_child_request_send(TALLOC_CTX
*mem_ctx,
state->ev = ev;
state->child = child;
- state->request = request;
+
+ /*
+* We have to make a copy of "request", because our caller
+* might drop us via talloc_free().
+*
+* The talloc_move() magic in wb_child_request_cleanup() keeps
+* all the requests, but if we are sitting deep within
+* writev_send() down to the client, we have given it the
+* pointer to "request". As our caller lost interest, it will
+* just free "request", while writev_send still references it.
+*/
+
+ state->request = talloc_memdup(state, request, sizeof(*request));
+ if (tevent_req_nomem(state->request, req)) {
+ return tevent_req_post(req, ev);
+ }
+
+ if (request->extra_data.data != NULL) {
+ state->request->extra_data.data = talloc_memdup(
+ state->request,
+ request->extra_data.data,
+ request->extra_len);
+ if (tevent_req_nomem(state->request->extra_data.data, req)) {
+ return tevent_req_post(req, ev);
+ }
+ }
subreq = tevent_queue_wait_send(state, ev, child->queue);
if (tevent_req_nomem(subreq, req)) {
@@ -330,6 +355,7 @@ static void wb_child_request_cleanup(struct tevent_req *req,
subreq = talloc_move(state->child->queue, &state->subreq);
talloc_move(subreq, &state->queue_subreq);
+ talloc_move(subreq, &state->request);
tevent_req_set_callback(subreq,
wb_child_request_orphaned,
state->child);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ec312ee6fe5 tevent: Fix a tevent tutorial error from 68380ebaa60 winbindd: Fix a use-after-free when winbind clients exit https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ec312ee6fe5eecc79e9212ee93de332d99bc3f4c Author: Volker Lendecke Date: Mon May 18 10:38:41 2020 +0200 tevent: Fix a tevent tutorial error We don't pass a tevent_req but a tevent_context to the _send function Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Tue May 19 12:07:42 UTC 2020 on sn-devel-184 --- Summary of changes: lib/tevent/tevent.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h index 3c3e3cc2cef..dc68a1d3f69 100644 --- a/lib/tevent/tevent.h +++ b/lib/tevent/tevent.h @@ -669,7 +669,7 @@ void tevent_get_trace_callback(struct tevent_context *ev, * * @code * struct tevent_req *computation_send(TALLOC_CTX *mem_ctx, - * struct tevent_req *ev, + * struct tevent_context *ev, * ... further args); * int computation_recv(struct tevent_req *req, ... further output args); * @endcode -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d18c7f8 smbd: Protect smbd_smb2_getinfo_send() against invalid
quota files
via 7f16ecc5ce3 torture3: Check error code for quotactl on a non-quota
file handle
from 5c918d40bdc libsmb: Use tevent_req_received() in
cli_qfileinfo_recv()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d18c7f8c39bd3a91019247a4752faccb81fe
Author: Volker Lendecke
Date: Fri May 22 14:41:27 2020 +0200
smbd: Protect smbd_smb2_getinfo_send() against invalid quota files
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14367
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Fri May 29 09:55:10 UTC 2020 on sn-devel-184
commit 7f16ecc5ce3fd9a6fd084096d150a7b48fabb985
Author: Volker Lendecke
Date: Fri May 22 15:24:06 2020 +0200
torture3: Check error code for quotactl on a non-quota file handle
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14367
Signed-off-by: Volker Lendecke
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
selftest/knownfail.d/quota1 | 2 ++
source3/selftest/tests.py | 1 +
source3/smbd/smb2_getinfo.c | 9 ++
source3/torture/proto.h | 1 +
source3/torture/test_smb2.c | 67 +
source3/torture/torture.c | 4 +++
6 files changed, 84 insertions(+)
create mode 100644 selftest/knownfail.d/quota1
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail.d/quota1 b/selftest/knownfail.d/quota1
new file mode 100644
index 000..a36f3252f8f
--- /dev/null
+++ b/selftest/knownfail.d/quota1
@@ -0,0 +1,2 @@
+# ntvfs returns NT_STATUS_NOT_SUPPORTED
+^samba3.smbtorture_s3.plain.SMB2-QUOTA1.smbtorture\(ad_dc_ntvfs\)
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 6d8a730bb07..fb07610c3f0 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -96,6 +96,7 @@ fileserver_tests = [
"SMB2-SESSION-REAUTH", "SMB2-SESSION-RECONNECT", "SMB2-FTRUNCATE",
"SMB2-ANONYMOUS", "SMB2-DIR-FSYNC",
"SMB2-PATH-SLASH",
+"SMB2-QUOTA1",
"CLEANUP1",
"CLEANUP2",
"CLEANUP4",
diff --git a/source3/smbd/smb2_getinfo.c b/source3/smbd/smb2_getinfo.c
index 01aedbf8e2e..f4fb7ce0b23 100644
--- a/source3/smbd/smb2_getinfo.c
+++ b/source3/smbd/smb2_getinfo.c
@@ -547,12 +547,21 @@ static struct tevent_req
*smbd_smb2_getinfo_send(TALLOC_CTX *mem_ctx,
struct ndr_pull *ndr_pull = NULL;
DATA_BLOB sid_buf = data_blob_null;
TALLOC_CTX *tmp_ctx = talloc_init("geninfo_quota");
+ bool ok;
if (!tmp_ctx) {
tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
return tevent_req_post(req, ev);
}
+ ok = check_fsp_ntquota_handle(conn, smbreq, fsp);
+ if (!ok) {
+ DBG_INFO("no valid QUOTA HANDLE\n");
+ TALLOC_FREE(tmp_ctx);
+ tevent_req_nterror(req, NT_STATUS_INVALID_HANDLE);
+ return tevent_req_post(req, ev);
+ }
+
ndr_pull = ndr_pull_init_blob(&in_input_buffer, tmp_ctx);
if (!ndr_pull) {
TALLOC_FREE(tmp_ctx);
diff --git a/source3/torture/proto.h b/source3/torture/proto.h
index f9c79fd7906..18e686089ed 100644
--- a/source3/torture/proto.h
+++ b/source3/torture/proto.h
@@ -104,6 +104,7 @@ bool run_smb2_ftruncate(int dummy);
bool run_smb2_dir_fsync(int dummy);
bool run_smb2_path_slash(int dummy);
bool run_smb2_sacl(int dummy);
+bool run_smb2_quota1(int dummy);
bool run_chain3(int dummy);
bool run_local_conv_auth_info(int dummy);
bool run_local_sprintf_append(int dummy);
diff --git a/source3/torture/test_smb2.c b/source3/torture/test_smb2.c
index 52f1c397623..0fb40a61dd0 100644
--- a/source3/torture/test_smb2.c
+++ b/source3/torture/test_smb2.c
@@ -2876,3 +2876,70 @@ bool run_smb2_sacl(int dummy)
(void)cli_unlink(cli, fname, 0);
return false;
}
+
+bool run_smb2_quota1(int dummy)
+{
+ struct cli_state *cli = NULL;
+ NTSTATUS status;
+ uint16_t fnum = (uint16_t)-1;
+ SMB_NTQUOTA_STRUCT qt = {0};
+
+ printf("Starting SMB2-SACL\n");
+
+ if (!torture_init_connection(&cli)) {
+ return false;
+ }
+
+ status = smbXcli_negprot(cli->conn,
+ cli->timeout,
+ PROTOCOL_SMB2_02,
+ PROTOCOL_SMB3_11);
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 05e14173961 s4:torture:smb2: use delete-on-close in
test_rw_invalid()
from 72d69eef136 pysmbd: make sure that session unix info is filled
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 05e141739617c771cea39033893fce3c2559d125
Author: Stefan Metzmacher
Date: Tue Jun 2 13:52:23 2020 +0200
s4:torture:smb2: use delete-on-close in test_rw_invalid()
We test the limits here and leave a 16TB file with zeros.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14361
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Fri Jun 5 13:17:55 UTC 2020 on sn-devel-184
---
Summary of changes:
source4/torture/smb2/read_write.c | 9 +
1 file changed, 9 insertions(+)
Changeset truncated at 500 lines:
diff --git a/source4/torture/smb2/read_write.c
b/source4/torture/smb2/read_write.c
index b0eea55d7f1..707a49b6b1c 100644
--- a/source4/torture/smb2/read_write.c
+++ b/source4/torture/smb2/read_write.c
@@ -169,6 +169,7 @@ static bool test_rw_invalid(struct torture_context
*torture, struct smb2_tree *t
uint8_t buf[64*1024];
struct smb2_read rd;
struct smb2_write w = {0};
+ union smb_setfileinfo sfinfo;
TALLOC_CTX *tmp_ctx = talloc_new(tree);
ZERO_STRUCT(buf);
@@ -178,6 +179,14 @@ static bool test_rw_invalid(struct torture_context
*torture, struct smb2_tree *t
status = torture_smb2_testfile(tree, FNAME, &h);
CHECK_STATUS(status, NT_STATUS_OK);
+ /* set delete-on-close */
+ ZERO_STRUCT(sfinfo);
+ sfinfo.generic.level = RAW_SFILEINFO_DISPOSITION_INFORMATION;
+ sfinfo.disposition_info.in.delete_on_close = 1;
+ sfinfo.generic.in.file.handle = h;
+ status = smb2_setinfo_file(tree, &sfinfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
status = smb2_util_write(tree, h, buf, 0, ARRAY_SIZE(buf));
CHECK_STATUS(status, NT_STATUS_OK);
--
Samba Shared Repository
[SCM] Socket Wrapper Repository - branch master updated
The branch, master has been updated
via 49aeafa Revert "socket_wrapper.c: implement getsockopt(TCP_INFO) if
the platform supports it"
via a6f95ed Revert "test_echo_tcp_socket_options.c: add tests for
TCP_INFO"
via f13db2b Revert "socket_wrapper.c: make FIONREAD handling more
robust in swrap_vioctl()"
via 22cfac3 Revert "socket_wrapper.c: let swrap_vioctl() handle
SIOCOUTQ/TIOCOUTQ/FIONWRITE explicitly"
via f4fc52b Merge branch 'tcp_info' into 'master'
via f317ebc socket_wrapper.c: let swrap_vioctl() handle
SIOCOUTQ/TIOCOUTQ/FIONWRITE explicitly
via c95b7cb socket_wrapper.c: make FIONREAD handling more robust in
swrap_vioctl()
via a37c017 test_echo_tcp_socket_options.c: add tests for TCP_INFO
via 300de6e socket_wrapper.c: implement getsockopt(TCP_INFO) if the
platform supports it
from bbc1d65 tests: do not truncate pid to 16 bits
https://git.samba.org/?p=socket_wrapper.git;a=shortlog;h=master
- Log -----
commit 49aeafa2c530e35a43358977766899d45a0c8b28
Author: Stefan Metzmacher
Date: Fri Jun 19 23:26:28 2020 +0200
Revert "socket_wrapper.c: implement getsockopt(TCP_INFO) if the platform
supports it"
This reverts commit 300de6e099ea82ee5361918de8c3abb389e0782d.
This got merged automatically by gitlab without review.
Signed-off-by: Stefan Metzmacher
commit a6f95ed59e2bc5a5d732738be7046e1e8422fb26
Author: Stefan Metzmacher
Date: Fri Jun 19 23:26:25 2020 +0200
Revert "test_echo_tcp_socket_options.c: add tests for TCP_INFO"
This reverts commit a37c0175492fb1b35257b785c71dea4e4f6d4750.
This got merged automatically by gitlab without review.
Signed-off-by: Stefan Metzmacher
commit f13db2b166dd9cc0ee31b5cdffdacb34945d615a
Author: Stefan Metzmacher
Date: Fri Jun 19 23:26:22 2020 +0200
Revert "socket_wrapper.c: make FIONREAD handling more robust in
swrap_vioctl()"
This reverts commit c95b7cb1d7b9348472276edceff71889aa676d25.
This got merged automatically by gitlab without review.
Signed-off-by: Stefan Metzmacher
commit 22cfac3bfca20eedbd0e3e428f085b24fb553047
Author: Stefan Metzmacher
Date: Fri Jun 19 23:25:40 2020 +0200
Revert "socket_wrapper.c: let swrap_vioctl() handle
SIOCOUTQ/TIOCOUTQ/FIONWRITE explicitly"
This reverts commit f317ebcdcdd626ed9e06de2eb60031306994c803.
This got merged automatically by gitlab without review.
Signed-off-by: Stefan Metzmacher
commit f4fc52be79edc74bd24b3ee968c5358af81b17bd
Merge: bbc1d65 f317ebc
Author: Stefan Metzmacher
Date: Fri Jun 19 21:07:09 2020 +
Merge branch 'tcp_info' into 'master'
Add support for TCP_INFO and SIOCOUTQ/TIOCOUTQ/FIONWRITE
See merge request cwrap/socket_wrapper!11
commit f317ebcdcdd626ed9e06de2eb60031306994c803
Author: Stefan Metzmacher
Date: Mon Jun 8 14:21:25 2020 +0200
socket_wrapper.c: let swrap_vioctl() handle SIOCOUTQ/TIOCOUTQ/FIONWRITE
explicitly
They are used to ask for the number of unacked bytes in the send queue,
with AF_UNIX sockets get strange result, on linux 5.3 I get more bytes
reported than I sent into the socket. All bytes reach the destination
directly, so we can just always report 0 unacked bytes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher
commit c95b7cb1d7b9348472276edceff71889aa676d25
Author: Stefan Metzmacher
Date: Mon Jun 8 14:18:44 2020 +0200
socket_wrapper.c: make FIONREAD handling more robust in swrap_vioctl()
We should only dereference the va args when the kernel already checked
they are valid.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher
commit a37c0175492fb1b35257b785c71dea4e4f6d4750
Author: Stefan Metzmacher
Date: Fri Jun 19 20:52:23 2020 +0200
test_echo_tcp_socket_options.c: add tests for TCP_INFO
Signed-off-by: Stefan Metzmacher
commit 300de6e099ea82ee5361918de8c3abb389e0782d
Author: Stefan Metzmacher
Date: Mon Jun 8 10:32:28 2020 +0200
socket_wrapper.c: implement getsockopt(TCP_INFO) if the platform supports it
This just implements a few basics, which are required by Samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher
---
Summary of changes:
Changeset truncated at 500 lines:
--
Socket Wrapper Repository
[SCM] Socket Wrapper Repository - branch master updated
The branch, master has been updated via b94af54 socket_wrapper.c: let swrap_vioctl() handle SIOCOUTQ/TIOCOUTQ/FIONWRITE explicitly via 64cee56 socket_wrapper.c: make FIONREAD handling more robust in swrap_vioctl() via 309103f test_echo_tcp_socket_options.c: add tests for TCP_INFO via c73d8a4 socket_wrapper.c: implement getsockopt(TCP_INFO) if the platform supports it via 1c20b95 doc: Document SOCKET_WRAPPER_DIR_ALLOW_ORIG via 19c3e87 swrap: Add SOCKET_WRAPPER_DIR_ALLOW_ORIG to allow fall back via dd42895 swrap: Abort if socket wrapper directory is too long to be usable via fc1e98f swrap: Add abstractions to construct Unix domain socket paths via 80e0f42 swrap: Abort on failure to use SOCKET_WRAPPER_DIR from 49aeafa Revert "socket_wrapper.c: implement getsockopt(TCP_INFO) if the platform supports it" https://git.samba.org/?p=socket_wrapper.git;a=shortlog;h=master - Log - commit b94af548f42e561207db7cacbe09c9e3286de2d3 Author: Stefan Metzmacher Date: Mon Jun 8 14:21:25 2020 +0200 socket_wrapper.c: let swrap_vioctl() handle SIOCOUTQ/TIOCOUTQ/FIONWRITE explicitly They are used to ask for the number of unacked bytes in the send queue, with AF_UNIX sockets get strange result, on linux 5.3 I get more bytes reported than I sent into the socket. All bytes reach the destination directly, so we can just always report 0 unacked bytes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit f317ebcdcdd626ed9e06de2eb60031306994c803) commit 64cee569a77e9d9d92e0dc0d2793536c9fb4a45e Author: Stefan Metzmacher Date: Mon Jun 8 14:18:44 2020 +0200 socket_wrapper.c: make FIONREAD handling more robust in swrap_vioctl() We should only dereference the va args when the kernel already checked they are valid. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit c95b7cb1d7b9348472276edceff71889aa676d25) commit 309103f464af19d6190f89de959c6dc41ba58c85 Author: Stefan Metzmacher Date: Fri Jun 19 20:52:23 2020 +0200 test_echo_tcp_socket_options.c: add tests for TCP_INFO Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit a37c0175492fb1b35257b785c71dea4e4f6d4750) commit c73d8a43c07ffbd9f4a7010b99363ffa53b4723c Author: Stefan Metzmacher Date: Mon Jun 8 10:32:28 2020 +0200 socket_wrapper.c: implement getsockopt(TCP_INFO) if the platform supports it This just implements a few basics, which are required by Samba. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit 300de6e099ea82ee5361918de8c3abb389e0782d) commit 1c20b9596422c9cb92fc539493df45b03d91457b Author: Martin Schwenke Date: Thu May 14 09:57:24 2020 +1000 doc: Document SOCKET_WRAPPER_DIR_ALLOW_ORIG Signed-off-by: Martin Schwenke Reviewed-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit 19c3e87570954cb7fb4f6c105cbec9eabf4539b0 Author: Martin Schwenke Date: Thu May 14 10:01:54 2020 +1000 swrap: Add SOCKET_WRAPPER_DIR_ALLOW_ORIG to allow fall back Instead of failing when the path returned by realpath(3) is too long, if SOCKET_WRAPPER_DIR_ALLOW_ORIG is set then fall back to the original value. If this original path is too long or something else fails then abort. Signed-off-by: Martin Schwenke Reviewed-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit dd428959713998d3f973bcf2762d489ef27d9f13 Author: Martin Schwenke Date: Wed May 13 13:45:02 2020 +1000 swrap: Abort if socket wrapper directory is too long to be usable If the socket wrapper directory path is too long to allow reliable construction of the required Unix domain socket paths then convert_in_un_alloc() can return ENFILE if paths are truncated in unfortunate ways. This can be very hard to debug since, for example, bind(2) should never return ENFILE. Instead, abort if the path returned by realpath(3) is unusable. The code structure is slightly weird but this accommodates an additional change. Signed-off-by: Martin Schwenke Reviewed-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit fc1e98f8ca51ca4de7551e61b6b9c6c99d183b10 Author: Martin Schwenke Date: Wed May 13 13:23:21 2020 +1000 swrap: Add abstractions to construct Unix domain socket paths These include overflow checks but the results of the checks are not yet used. Signed-off-by: Martin Schwenke Reviewed-by: Andreas
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 05d4466a6d1 smbd: check for stale pid in get_lease_type()
via 3f4a865821d smbd: let get_lease_type() take a non-const
share_mode_entry
via e4328db1c94 smbd: inverse if/else logic in get_lease_type()
via 383a2457bd6 s3/leases: log NDR decoding failure with level 0 in
leases_db_get_fn()
via fbb8bbe1243 smbd: increase loglevel when leases_db_del() with
anything then NT_STATUS_NOT_FOUND
via f3f330f61db s3:smbd: make sure vfs_ChDir() always sets
conn->cwd_fsp->fh->fd = AT_FDCWD
via b2b5ae090ee s3:smbd: reformat if statement for caching in
vfs_ChDir()
via bcba4bb210d s4:torture/smb2: add smb2.delete-on-close-perms.BUG14427
via b5b801026ed s3:winbind:idmap_ad - make failure to get attrnames for
schema mode fatal
from 71488b812fe lib/debug: set the correct default backend loglevel to
MAX_DEBUG_LEVEL
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 05d4466a6d1ad048fa86aea09ec0a56a7b961369
Author: Ralph Boehme
Date: Thu Jul 2 14:47:12 2020 +0200
smbd: check for stale pid in get_lease_type()
If leases_db_get() failed the leases_db record might have been cleaned up
for
stale processes. Check if the share-mode-entry owner is stale in this case
and
return a 0 lease state. In any other case, log a debug messages and panic.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Ralph Boehme
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Thu Jul 2 16:45:42 UTC 2020 on sn-devel-184
commit 3f4a865821da27efbed4f7c38ad3efbcaae77a02
Author: Ralph Boehme
Date: Thu Jul 2 14:45:59 2020 +0200
smbd: let get_lease_type() take a non-const share_mode_entry
We're going to add a call to share_entry_stale_pid(share_mode_entry) which
takes
a non-const pointer (in order to eventually set e->state = true).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Ralph Boehme
Reviewed-by: Stefan Metzmacher
commit e4328db1c94837a8ea5652971cea20055d3d24ff
Author: Ralph Boehme
Date: Thu Jul 2 14:08:44 2020 +0200
smbd: inverse if/else logic in get_lease_type()
No change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Ralph Boehme
Reviewed-by: Stefan Metzmacher
commit 383a2457bd6cbe0acd571a8d601f8bdc5365f0b4
Author: Ralph Boehme
Date: Thu Jul 2 14:10:05 2020 +0200
s3/leases: log NDR decoding failure with level 0 in leases_db_get_fn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Ralph Boehme
commit fbb8bbe1243eb2a0351dc2422929278f85a99e26
Author: Ralph Boehme
Date: Thu Jul 2 14:09:15 2020 +0200
smbd: increase loglevel when leases_db_del() with anything then
NT_STATUS_NOT_FOUND
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428
Signed-off-by: Ralph Boehme
Reviewed-by: Stefan Metzmacher
commit f3f330f61db983f6d213a097d9a4d91b1057ecb1
Author: Stefan Metzmacher
Date: Wed Jul 1 09:38:58 2020 +0200
s3:smbd: make sure vfs_ChDir() always sets conn->cwd_fsp->fh->fd = AT_FDCWD
This is what all consumers of conn->cwd_fsp->fh->fd expect!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
commit b2b5ae090ee8796609eb0b5794bc4e62c24414ef
Author: Stefan Metzmacher
Date: Thu Jul 2 12:06:28 2020 +0200
s3:smbd: reformat if statement for caching in vfs_ChDir()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
commit bcba4bb210d9482be4c2c8dadfb5cc185046cbaa
Author: Stefan Metzmacher
Date: Thu Jul 2 14:32:34 2020 +0200
s4:torture/smb2: add smb2.delete-on-close-perms.BUG14427
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14427
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
commit b5b801026edd3a8fd8d0ba1752e891453cf675c9
Author: Andrew
Date: Tue Jun 30 06:54:06 2020 -0400
s3:winbind:idmap_ad - make failure to get attrnames for schema mode fatal
Add check for failure to resolve the OID array for the schema mode into
names.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14425
Signed-off-by: Andrew
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
source3/locking/leases_db.c| 4 +--
source3/locking/locking.c | 9 +--
source3/smbd/oplock.c | 48 ++
source3/smbd/proto.h | 2 +-
source3/smbd/vfs.c | 40 ++--
source3/
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 2a7317e0b25 s3:wscript: vfs_gpfs needs kernel oplock support
from 58adf349edf s3:smbd: check for stale pid in delay_for_oplock_fn()
when leases_db_get() fails
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 2a7317e0b25ff231951b960e8f0a835d4bb724e7
Author: Stefan Metzmacher
Date: Fri May 29 01:39:00 2020 -0700
s3:wscript: vfs_gpfs needs kernel oplock support
It uses symbols, which are only available if we have
HAVE_KERNEL_OPLOCKS_LINUX defined.
This is not the case when building withing the
Windows Subsystem for Liux (WSL). So we better don't try to
build the vfs_gpfs module there.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Volker Lendecke
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Tue Jul 7 09:37:37 UTC 2020 on sn-devel-184
---
Summary of changes:
source3/wscript | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source3/wscript b/source3/wscript
index 2a341df7c3e..5e94c6f6c71 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -1999,7 +1999,7 @@ main() {
if conf.CONFIG_SET('DARWINOS'):
default_static_modules.extend(TO_LIST('charset_macosxfs'))
-if conf.CONFIG_SET('HAVE_GPFS'):
+if conf.CONFIG_SET('HAVE_GPFS') and
conf.CONFIG_SET('HAVE_KERNEL_OPLOCKS_LINUX'):
default_shared_modules.extend(TO_LIST('vfs_gpfs'))
if (conf.CONFIG_SET('HAVE_LINUX_IOCTL')
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 31d187be0f4 s4:selftest: test for smbtorture subunit names with and
without --fullname
via 32f05b05ac9 s4:torture/local: Add new test to check smbtorture
--fullname
via 8902eb82d98 s4:torture: Add command line parameter --fullname
via 4e39e43730c s4:torture: avoid multiple recursions into the test
lists
via 9025192333e s4:torture: use prefix_name() for all names in
run_matching()
via 0e0d89b55cd lib/torture: fix subunit names of nested suites
via a4a6c03bf84 lib/torture: add back links to the parent objects
via f6eb56bff29 lib/torture: make torture_subunit_test_name() public
via b7832c2c80b selftest/Samba4: split out _setup_ad_dc()
from 2a7317e0b25 s3:wscript: vfs_gpfs needs kernel oplock support
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 31d187be0f45737d3996a1e843de98f92953c305
Author: Sachin Prabhu
Date: Fri Jun 26 16:35:38 2020 +
s4:selftest: test for smbtorture subunit names with and without --fullname
We check the output with both --fullname and with the default shortname
to ensure it works as expected.
We also do tests for each level and test relative names are used.
Pair-Programmed-With: Stefan Metzmacher
Signed-off-by: Sachin Prabhu
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
Autobuild-User((no branch)): Stefan Metzmacher
Autobuild-Date((no branch)): Tue Jul 7 12:16:34 UTC 2020 on sn-devel-184
commit 32f05b05ac9b39cd205daf0a9b93821f93636a5d
Author: Sachin Prabhu
Date: Thu Jun 25 18:02:28 2020 +0100
s4:torture/local: Add new test to check smbtorture --fullname
Add new always pass test to test smbtorture --fullname.
Since we test the printing of the fullname of the test, the test is
placed at the bottom of several levels of test suites.
test : local.smbtorture.level1.level2.level3.always_pass
Signed-off-by: Sachin Prabhu
Reviewed-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 8902eb82d981e07812134285e199b47b22acd815
Author: Sachin Prabhu
Date: Fri Jul 3 14:17:43 2020 +0200
s4:torture: Add command line parameter --fullname
This argument is used to print out the the full name which includes the
name of the test suite.
For example, the name in the output for the test smb2.read.dir is "dir".
By using the --fullname parameter, the name used will be
"smb2.read.dir".
The default continues to be to use the shortname.
Pair-Programmed-With: Stefan Metzmacher
Signed-off-by: Sachin Prabhu
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 4e39e43730ceaf79b5927f542ccd2f31c66ffb28
Author: Stefan Metzmacher
Date: Fri Jul 3 15:58:38 2020 +0200
s4:torture: avoid multiple recursions into the test lists
torture_run_suite_restricted() and torture_run_tcase_restricted()
already handle recursion. If we call them from smbtorture
we should avoid our own recursion.
Without this passing 'smb2.multichannel.*' results in running
tests more than once.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 9025192333e391a2b8cde7d3e75077f5830b2731
Author: Stefan Metzmacher
Date: Fri Jul 3 15:53:18 2020 +0200
s4:torture: use prefix_name() for all names in run_matching()
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit 0e0d89b55cd3fa348af609fb33828a35d4affca1
Author: Stefan Metzmacher
Date: Fri Jul 3 15:40:31 2020 +0200
lib/torture: fix subunit names of nested suites
E.g. passing 'smb2.multichannel.generic' to smbtorture results in
- interface_info
- num_channels
While passing 'smb2.multichannel' to smbtorture results in:
- generic.interface_info
- genetic.num_channels
- oplocks.test1
...
- leases.test1
...
Before we got this:
- interface_info
- num_channels
- test1
...
- test1
That made it impossible to add knownfail entries for
leases.test1 vs. oplocks.test1
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit a4a6c03bf8448923525a4997e4a7a3bd1f29c70f
Author: Stefan Metzmacher
Date: Fri Jul 3 15:37:25 2020 +0200
lib/torture: add back links to the parent objects
This makes would allow the full name of a test to be constructed
if needed in future.
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
commit f6eb56bff29f73732048b31b4caa4138ada0e100
Author: Stefan Metzmacher
Date: Fri Jul 3 14:41:16 2020 +0200
lib/torture: make torture_subunit_test_name() public
This makes i
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 3afdf2a8618 s3:smbd: skip ctdb public ips in
fsctl_network_iface_info()
via 79eaa196dc8 s3:smbd: disconnect the all client connections if a
ctdb public ip dropped
via af51b75c611 s3:smbd: make smbXsrv_client_connection_pass_loop()
more robust
via ab14a0d1624 s3:smbd: make sure
smbXsrv_connection_disconnect_transport() closes the socket fd
via ecef3fe077d s3:smbd: make sure we detect stale smbXsrv_connection
pointers in smbXsrv_session_auth0
via 876a84493bb s3:smbd: fill in xconn->client early in
smbd_add_connection()
via dbe27672131 s3:smbd: handle NETWORK_ACCESS_DENIED in
smbXsrv_client_connection_pass_loop()
via ad3c5c1a626 s3:smbd: consistently use DLIST_ADD* to fill
client->connections in smbd_add_connection()
via 4d924528905 s3:ctdbd_conn: add ctdbd_control_get_public_ips() and
ctdbd_find_in_public_ips()
via 57515a43fbd s3:ctdbd_conn: make use of samba_sockaddr in
ctdbd_connect()
via ba66abef888 s3:ctdbd_conn: make use of ctdbd_control_local() in
ctdbd_register_ips()
via 883657a7cfe selftest/Samba3: make use of 'smbd:FSCTL_SMBTORTURE =
yes'
via bd1285d40d0 s3:smbd: implement
FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
via 88b0da10627 s3:smbd: make use of the new ack infrastructure for
oplock/lease breaks
via 8b8c5c4154f s3:smbd: force multi-channel to be turned off without
FreeBSD/Linux support
via 3cd775af053 s3:smbd: add infrastructure to wait for TCP acks
via 557adf8 s3:smbd: add logic to retry break notifications on all
available channels
via bc10e5039a9 docs-xml/smbdotconf: add "smb2 disable oplock break
retry"
via 4230bcdf7e0 s3:smbd: convert smbd_smb2_send_break() into async
smbd_smb2_break_send/recv()
via 37c52c2d498 s3:smbd: add smbd_smb2_send_queue.sendfile_body_size
via 61b9418784f s3:smbd: introduce smbXsrv_pending_break infrastructure
via 36812aadbd8 s3:smbd: avoid dereferencing client->connections
via c66110cf337 s3:smbd: setup client->global->client_guid even without
multichannel support
via 66c0888d2e9 s3:smbd: pass down smbXsrv_client to
smbd_smb2_send_{oplock,lease}_break()
via 42497b86399 s3:smbd: pass smbXsrv_client to downgrade_lease()
via 54bd3a46c84 s3:smbd: add smbd_server_disconnect_client[_ex]()
via 60d7f059a40 s3:smbd: remove unused session,tcon parameters from
smbd_smb2_send_oplock_break()
via a1e5b8c77c1 s3:smbd: pass down session_id to smbd_smb2_send_break()
via acf80fd9437 s3:smbd: remove dead code from smbd_smb2_send_break()
via 5ad618bc67a s4:torture/smb2: add
smb2.multichannel.oplocks.test3{_windows,specification}
via 5bb9da8cd78 s4:torture/smb2: (re-)add smb2.multichannel.leases.test4
via 2da65bed806 s4:torture/smb2: remove useless
'smb2.multichannel.leases.test4'
via f92f24ee266 s4:torture/smb2: fix smb2.multichannel.leases.test2
against windows
via 31e2b7f04ba s4:torture/smb2: split smb2.oplock.batch22 into a and b
via 3d7f81979c2 s4:torture/smb2: move smb2_transport blocking to the
generic block.[ch]
via 68a351b7620 s4:torture/smb2: make use of
FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
via 8c7bb245ff8 s4:torture/smb2: refactor block.c to block the OUTPUT
path
via a52e7114df6 s4:torture/smb2: add break_info.oplock_skip_ack
via 2181f728edf s4:torture/smb2: move interface_info test to
smb2.multichannel.generic
via 3559a1df9bc s4:torture/smb2: make use of
transport_options.only_negprot for multichannel connections
via d2b8274438f s4:torture/smb2: simplify code to generate list of smb2
channels
via 5451882004c s4:torture/smb2: add const to options for
test_multichannel_create_channel()
via ce7eaca7353 s4:libcli/smb2: add const to struct smbcli_options
*options for smb2_connect()
via 7d06874478e s4:libcli/smb2: allow smb2_connect*() to fake session
and tcon
via fe6a6ec4d48 s4:param: use struct initializer in
lpcfg_smbcli_session_options()
via 9f3ab6a113d s4:param: use struct initializer in
lpcfg_smbcli_options()
via 0d2566210a8 libcli/smb: define
FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
via 816528923e9 s3:includes: change OPLOCK_BREAK_TIMEOUT from 30 to 35
seconds
via bd71d2d92c2 lib/util: allow to set TCP_USER_TIMEOUT socket option
from 4faab2a77a6 s3:dbwrap_watch: avoid recursion into
dbwrap_do_locked() from dbwrap_watched_do_locked_{storev,delete}()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 3afdf2a8618ef9ca7cfba279e87ab59c8ae3d662
Author: Stefan Metzmacher
Date: Thu Jun 25 15:32:11 2020 +0200
s3:smbd: skip ctdb public ips in fsctl_network_iface_info()
[SCM] Samba Shared Repository - annotated tag v4-13-test created
The annotated tag, v4-13-test has been created at a0f16d24071deb61e20deb6dac0b878b4761fca4 (tag) tagging 8c86998910d0520a09dee729c2892f26dccc4b65 (commit) replaces ldb-2.1.1 tagged by Karolin Seeger on Thu Jul 9 10:56:07 2020 +0200 - Log - samba: tag release samba-4.13.0rc1 -BEGIN PGP SIGNATURE- iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCXwbbpwAKCRBvM5FbZWi3 6qCzAJ0WXcHsrf5LzCZot34Ec0Y0AsqQ+gCgs8OAJjX86U5BHsBG3f7c2jbul9k= =Km5z -END PGP SIGNATURE- Alexander Bokovoy (4): s3: pass DCE RPC handle type to create_policy_hnd s3 rpc server: set on-wire handle type explicitly lib/ldb: add unit test for ldb_ldap internal code ldb_ldap: fix off-by-one increment in lldb_add_msg_attr Amit Kumar (2): Add a test for smbclient -l basename lib:util: Fix smbclient -l basename dir Amitay Isaacs (8): ctdb-recovery: Fetched vnnmap is never used, so don't fetch it ctdb-recovery: Consolidate node state ctdb-recovery: Don't trust nodemap obtained from local node ctdb-recovery: Refactor banning a node into separate computation lib/messaging: Move messages_dgm out of source3 wscript_build: Remove duplicate recursion in source4/smbd lib/util: Build genrand for util core ctdb-build: Add messages_dgm build to ctdb Andreas Schneider (69): autobuild: Run the none env in the samba-o3 build selftest: Set KRB5RCACHETYPE to none for selftest lib:crypto: Add samba_gnutls_weak_crypto() s3:utils: Add weak crypto information to testparm lib:param: Add lp(cfg)_weak_crypto() gensec: Add a check if a gensec module implements weak crypto auth:ntlmssp: Mark as weak_crypto waf: Check if GnuTLS has support for crypto policies tests: Add test for weak crypto bootstrap: Add podman command to readme third_party: Update nss_wrapper to version 1.1.10 gitlab-ci: Remove Fedora 29 which is already EOL gitlab-ci: Remove Fedora 30 gitlab-ci: Add Fedora 32 (Beta) selftest: Fix string compare in DnsHandler() of dns_hub.py third_party: Update pam_wrapper to version 1.1.2 gitlab-ci: Add ccache and wget gitlab-ci: Use a shared ccache for the runners gitlab-ci: Add coverity scan runner third_party: Update nss_wrapper to version 1.1.11 s3:libads: Fix ads_get_upn() testprogs: Add 'net ads join createupn' test also verifying the keytab s4:samdb: Do not create WDdigests for HTTP if weak crypto is disabled s4:tls: Fix generating TLS RSA certs with FIPS140-2 selftest: Add an ad_dc_fips environment selftest: Pass extra_provision_options to provision_raw_prepare() selftest: Pass force_fips_mode to provision_ad_dc() selftest: Pass force_fips to provision() selftest: Pass force_fips_mode to provision_raw_prepare() selftest: Start ad_dc_fips with forced fips mode tests: Add test to check the server doesn't allow NTLM selftest: Force fips mode for openssl in ad_dc_fips gitlab-ci: Add runner for fips compliance testing docs-xml: Fix usernames in pam_winbind manpages s4:torture: Print account and authority name testprogs: Add client kerberos test testprogs: Add 'net ads join' test for fips lib:util: Add path_expand_tilde() lib:util: Add test for path_expand_tilde() s3:gencache: Allow to open gencache as read-only selftest: Use Kerberos to join an ad_member selftest: Split out a provision_ad_member() function selftest: Add force_fips_mode support to provision_ad_member() selftest: Add ad_member_fips target selftest: Run some tests against ad_member_fips autobuild: Add ad_member_fips target autobuild: Use sane random sleep values for samba-admem-mit gitlab-ci: Add new runner for samba-admem-fips gitlab-ci: Create a single samba-fips runner s3:rpcclient: Rename creds to trust_creds talloc: Mark ptr of talloc_unlink() not as a tainted scalar Revert "s3:libsmb: add a cache for cli_session_creds_prepare_krb5()" s3:rpc_server: Pass a pointer to add_filemeta() s3:lib: Avoid a NULL pointer deref on log level 10 s3:notifyd: Check return value of lp_load_initial_only() s3:samr: Add missing NULL pointer check s3:rpc_server: Check return code of set_blocking() s3:locking: Remove dead code s4:torture: Make sure that ctx is initialized to NULL s3:smbd: Fix a possibile null pointer dereference s3:lib: Make sure that have_rsrc is initialized s3:lib:tls: Use better priority lists for modern GnuTLS python: Run cmdline tools for default docs test in parallel python: Run cmdline tools for arbitary docs test in parallel python: Fix get_max_worker_count() to always have two runners bootstrap: Add back quota-devel on Cen
[SCM] Samba Shared Repository - annotated tag v4-13-stable created
The annotated tag, v4-13-stable has been created at a0f16d24071deb61e20deb6dac0b878b4761fca4 (tag) tagging 8c86998910d0520a09dee729c2892f26dccc4b65 (commit) replaces ldb-2.1.1 tagged by Karolin Seeger on Thu Jul 9 10:56:07 2020 +0200 - Log - samba: tag release samba-4.13.0rc1 -BEGIN PGP SIGNATURE- iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCXwbbpwAKCRBvM5FbZWi3 6qCzAJ0WXcHsrf5LzCZot34Ec0Y0AsqQ+gCgs8OAJjX86U5BHsBG3f7c2jbul9k= =Km5z -END PGP SIGNATURE- Alexander Bokovoy (4): s3: pass DCE RPC handle type to create_policy_hnd s3 rpc server: set on-wire handle type explicitly lib/ldb: add unit test for ldb_ldap internal code ldb_ldap: fix off-by-one increment in lldb_add_msg_attr Amit Kumar (2): Add a test for smbclient -l basename lib:util: Fix smbclient -l basename dir Amitay Isaacs (8): ctdb-recovery: Fetched vnnmap is never used, so don't fetch it ctdb-recovery: Consolidate node state ctdb-recovery: Don't trust nodemap obtained from local node ctdb-recovery: Refactor banning a node into separate computation lib/messaging: Move messages_dgm out of source3 wscript_build: Remove duplicate recursion in source4/smbd lib/util: Build genrand for util core ctdb-build: Add messages_dgm build to ctdb Andreas Schneider (69): autobuild: Run the none env in the samba-o3 build selftest: Set KRB5RCACHETYPE to none for selftest lib:crypto: Add samba_gnutls_weak_crypto() s3:utils: Add weak crypto information to testparm lib:param: Add lp(cfg)_weak_crypto() gensec: Add a check if a gensec module implements weak crypto auth:ntlmssp: Mark as weak_crypto waf: Check if GnuTLS has support for crypto policies tests: Add test for weak crypto bootstrap: Add podman command to readme third_party: Update nss_wrapper to version 1.1.10 gitlab-ci: Remove Fedora 29 which is already EOL gitlab-ci: Remove Fedora 30 gitlab-ci: Add Fedora 32 (Beta) selftest: Fix string compare in DnsHandler() of dns_hub.py third_party: Update pam_wrapper to version 1.1.2 gitlab-ci: Add ccache and wget gitlab-ci: Use a shared ccache for the runners gitlab-ci: Add coverity scan runner third_party: Update nss_wrapper to version 1.1.11 s3:libads: Fix ads_get_upn() testprogs: Add 'net ads join createupn' test also verifying the keytab s4:samdb: Do not create WDdigests for HTTP if weak crypto is disabled s4:tls: Fix generating TLS RSA certs with FIPS140-2 selftest: Add an ad_dc_fips environment selftest: Pass extra_provision_options to provision_raw_prepare() selftest: Pass force_fips_mode to provision_ad_dc() selftest: Pass force_fips to provision() selftest: Pass force_fips_mode to provision_raw_prepare() selftest: Start ad_dc_fips with forced fips mode tests: Add test to check the server doesn't allow NTLM selftest: Force fips mode for openssl in ad_dc_fips gitlab-ci: Add runner for fips compliance testing docs-xml: Fix usernames in pam_winbind manpages s4:torture: Print account and authority name testprogs: Add client kerberos test testprogs: Add 'net ads join' test for fips lib:util: Add path_expand_tilde() lib:util: Add test for path_expand_tilde() s3:gencache: Allow to open gencache as read-only selftest: Use Kerberos to join an ad_member selftest: Split out a provision_ad_member() function selftest: Add force_fips_mode support to provision_ad_member() selftest: Add ad_member_fips target selftest: Run some tests against ad_member_fips autobuild: Add ad_member_fips target autobuild: Use sane random sleep values for samba-admem-mit gitlab-ci: Add new runner for samba-admem-fips gitlab-ci: Create a single samba-fips runner s3:rpcclient: Rename creds to trust_creds talloc: Mark ptr of talloc_unlink() not as a tainted scalar Revert "s3:libsmb: add a cache for cli_session_creds_prepare_krb5()" s3:rpc_server: Pass a pointer to add_filemeta() s3:lib: Avoid a NULL pointer deref on log level 10 s3:notifyd: Check return value of lp_load_initial_only() s3:samr: Add missing NULL pointer check s3:rpc_server: Check return code of set_blocking() s3:locking: Remove dead code s4:torture: Make sure that ctx is initialized to NULL s3:smbd: Fix a possibile null pointer dereference s3:lib: Make sure that have_rsrc is initialized s3:lib:tls: Use better priority lists for modern GnuTLS python: Run cmdline tools for default docs test in parallel python: Run cmdline tools for arbitary docs test in parallel python: Fix get_max_worker_count() to always have two runners bootstrap: Add back quota-devel on C
[SCM] Samba Shared Repository - branch v4-13-test created
The branch, v4-13-test has been created at 8c86998910d0520a09dee729c2892f26dccc4b65 (commit) - Log - --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-13-stable created
The branch, v4-13-stable has been created at 8c86998910d0520a09dee729c2892f26dccc4b65 (commit) - Log - --- -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag ldb-2.2.0 created
The annotated tag, ldb-2.2.0 has been created at 93a3abc51ae9e3653726a243e2ec80567340a2c8 (tag) tagging 9f3d2ba7ee9e41ddeee376aa74785199ef3dc8a2 (commit) replaces ldb-2.1.1 tagged by Stefan Metzmacher on Thu Jul 9 14:09:46 2020 +0200 - Log - ldb: tag release ldb-2.2.0 -BEGIN PGP SIGNATURE- iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl8HCQoACgkQR5ORYRMI QCUOhgf+J3clc9kfzDHab5HMqfWD1efX5FXMCQr4t/CcxQSWrC6sIpMbBiGbVHHO 9fTvPDAyNQafdbkeuBz4RrLai4gG8EDvaCCwyf2QssJ0JOe59ExPhnyDWCq36PUS +ZA6LbqlgIMSTPoLSOD4M5RxU8/MON0ep3p++SKQK228auZlTfDZnJc87zGON1qR d0ioSPXQfhQc2fy7GGtSDLcmitpqERkiuXKshfpFMVnk3f8vY/v44n6PUsYJd4x1 pY4WFaTahoYCW+fdaPgUzdvmS6ZpYH5N2W81kmMea0H4iQqYSd3Kizjb1PgrtT4S 0Cbi0d9QDznKiJaT5bbK9b81mhnuHA== =1xhG -END PGP SIGNATURE- Alexander Bokovoy (4): s3: pass DCE RPC handle type to create_policy_hnd s3 rpc server: set on-wire handle type explicitly lib/ldb: add unit test for ldb_ldap internal code ldb_ldap: fix off-by-one increment in lldb_add_msg_attr Amit Kumar (2): Add a test for smbclient -l basename lib:util: Fix smbclient -l basename dir Amitay Isaacs (8): ctdb-recovery: Fetched vnnmap is never used, so don't fetch it ctdb-recovery: Consolidate node state ctdb-recovery: Don't trust nodemap obtained from local node ctdb-recovery: Refactor banning a node into separate computation lib/messaging: Move messages_dgm out of source3 wscript_build: Remove duplicate recursion in source4/smbd lib/util: Build genrand for util core ctdb-build: Add messages_dgm build to ctdb Andreas Schneider (69): autobuild: Run the none env in the samba-o3 build selftest: Set KRB5RCACHETYPE to none for selftest lib:crypto: Add samba_gnutls_weak_crypto() s3:utils: Add weak crypto information to testparm lib:param: Add lp(cfg)_weak_crypto() gensec: Add a check if a gensec module implements weak crypto auth:ntlmssp: Mark as weak_crypto waf: Check if GnuTLS has support for crypto policies tests: Add test for weak crypto bootstrap: Add podman command to readme third_party: Update nss_wrapper to version 1.1.10 gitlab-ci: Remove Fedora 29 which is already EOL gitlab-ci: Remove Fedora 30 gitlab-ci: Add Fedora 32 (Beta) selftest: Fix string compare in DnsHandler() of dns_hub.py third_party: Update pam_wrapper to version 1.1.2 gitlab-ci: Add ccache and wget gitlab-ci: Use a shared ccache for the runners gitlab-ci: Add coverity scan runner third_party: Update nss_wrapper to version 1.1.11 s3:libads: Fix ads_get_upn() testprogs: Add 'net ads join createupn' test also verifying the keytab s4:samdb: Do not create WDdigests for HTTP if weak crypto is disabled s4:tls: Fix generating TLS RSA certs with FIPS140-2 selftest: Add an ad_dc_fips environment selftest: Pass extra_provision_options to provision_raw_prepare() selftest: Pass force_fips_mode to provision_ad_dc() selftest: Pass force_fips to provision() selftest: Pass force_fips_mode to provision_raw_prepare() selftest: Start ad_dc_fips with forced fips mode tests: Add test to check the server doesn't allow NTLM selftest: Force fips mode for openssl in ad_dc_fips gitlab-ci: Add runner for fips compliance testing docs-xml: Fix usernames in pam_winbind manpages s4:torture: Print account and authority name testprogs: Add client kerberos test testprogs: Add 'net ads join' test for fips lib:util: Add path_expand_tilde() lib:util: Add test for path_expand_tilde() s3:gencache: Allow to open gencache as read-only selftest: Use Kerberos to join an ad_member selftest: Split out a provision_ad_member() function selftest: Add force_fips_mode support to provision_ad_member() selftest: Add ad_member_fips target selftest: Run some tests against ad_member_fips autobuild: Add ad_member_fips target autobuild: Use sane random sleep values for samba-admem-mit gitlab-ci: Add new runner for samba-admem-fips gitlab-ci: Create a single samba-fips runner s3:rpcclient: Rename creds to trust_creds talloc: Mark ptr of talloc_unlink() not as a tainted scalar Revert "s3:libsmb: add a cache for cli_session_creds_prepare_krb5()" s3:rpc_server: Pass a pointer to add_filemeta() s3:lib: Avoid a NULL pointer deref on log level 10 s3:notifyd: Check return value of lp_load_initial_only() s3:samr: Add missing NULL pointer check s3:rpc_server: Check return code of set_blocking() s3:locking: Remove dead code s4:torture: Make sure that ctx is initialized to NULL s3:smbd: Fix a possibile null pointer dereference s3:lib: Make sure t
