[SCM] Samba Shared Repository - branch v4-6-test updated
The branch, v4-6-test has been updated via d0c6802 Revert "HEIMDAL:kdc: fix memory leak when decryption AuthorizationData" via c190c37 Revert "HEIMDAL:kdc: decrypt b->enc_authorization_data in tgs_build_reply()" via e1a5f80 Revert "HEIMDAL:kdc: if we don't have an authenticator subkey for S4U2Proxy we need to use the additional tickets key" via 542382a Revert "s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blob" via fb65808 Revert "HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the server key" via 4afb9bd Revert "HEIMDAL:hdb: export a hdb_enctype_supported() helper function" via cb60d1c Revert "s4:kdc: use the strongest possible tgs session key" via 0cd6906 Revert "TODO s4:kdc: msDS-SupportedEncryptionTypes only on computers" via 89f27fa Revert "TODO s4:kdc: indicate support for new encryption types by adding empty keys" via 3a54a04 Revert "HEIMDAL:kdc: use the correct authtime from addtitional ticket for S4U2Proxy tickets" from 56a40ab samba: Only use async signal-safe functions in signal handler https://git.samba.org/?p=samba.git;a=shortlog;h=v4-6-test - Log - commit d0c6802bd6f5be279b95858a6a6920a1745c32a8 Author: Karolin Seeger Date: Wed Feb 21 10:15:23 2018 +0100 Revert "HEIMDAL:kdc: fix memory leak when decryption AuthorizationData" This reverts commit 678a7a32473b1f64421cd905b7d535878eb11cab. Autobuild-User(v4-6-test): Karolin Seeger Autobuild-Date(v4-6-test): Wed Feb 21 15:14:49 CET 2018 on sn-devel-144 commit c190c375403ec80c2c9b34f195c1c0fb6a172595 Author: Karolin Seeger Date: Wed Feb 21 10:15:23 2018 +0100 Revert "HEIMDAL:kdc: decrypt b->enc_authorization_data in tgs_build_reply()" This reverts commit e8988e614aaf269b24b072e483047bdcd80fef33. commit e1a5f808c571a8c0d66c5407f8327d4648045847 Author: Karolin Seeger Date: Wed Feb 21 10:15:23 2018 +0100 Revert "HEIMDAL:kdc: if we don't have an authenticator subkey for S4U2Proxy we need to use the additional tickets key" This reverts commit ec57c13dc378d15dad98efd59e86bcc2775c5b0a. commit 542382aa2fba9ce43f77882963ccb13f84574a4f Author: Karolin Seeger Date: Wed Feb 21 10:15:22 2018 +0100 Revert "s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blob" This reverts commit 2557d5c6235f7d24866163124fc254cfe81d3871. commit fb65808bb2d1daf5bbf56b59ac3d9501da101cb4 Author: Karolin Seeger Date: Wed Feb 21 10:15:22 2018 +0100 Revert "HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the server key" This reverts commit 03484706e4ff546fc7fe41124d896e9f7840fe80. commit 4afb9bddeb074ecd3d8b3c704cfd91907f34c9fb Author: Karolin Seeger Date: Wed Feb 21 10:15:22 2018 +0100 Revert "HEIMDAL:hdb: export a hdb_enctype_supported() helper function" This reverts commit 18d7cf191718b3a30165a43271e503cc07ca5b50. commit cb60d1c2175c32a4b3879d2c9e39a4760d17f78a Author: Karolin Seeger Date: Wed Feb 21 10:15:22 2018 +0100 Revert "s4:kdc: use the strongest possible tgs session key" This reverts commit 9fdf175905efde803941a5876ce7e060013fc9a0. commit 0cd690617547366562fb1deed049f0c7ab129b3e Author: Karolin Seeger Date: Wed Feb 21 10:15:22 2018 +0100 Revert "TODO s4:kdc: msDS-SupportedEncryptionTypes only on computers" This reverts commit fe146338f304a52f861777ada5774887fe0776e3. commit 89f27fab18020c5b236a684359a1172981528425 Author: Karolin Seeger Date: Wed Feb 21 10:15:22 2018 +0100 Revert "TODO s4:kdc: indicate support for new encryption types by adding empty keys" This reverts commit bf07697273017014516010475f79be3e59a2ce07. commit 3a54a0497315430501a13f6397f3e2889197158a Author: Karolin Seeger Date: Wed Feb 21 10:15:22 2018 +0100 Revert "HEIMDAL:kdc: use the correct authtime from addtitional ticket for S4U2Proxy tickets" This reverts commit 9ecdf21e174ba7525b77035664428fbdcbf53690. --- Summary of changes: source4/heimdal/kdc/kerberos5.c| 20 ++--- source4/heimdal/kdc/krb5tgs.c | 127 ++--- source4/heimdal/lib/hdb/hdb.c | 30 +-- source4/heimdal/lib/hdb/version-script.map | 1 - source4/kdc/db-glue.c | 73 + source4/kdc/kdc-heimdal.c | 6 +- source4/kdc/pac-glue.c | 6 +- 7 files changed, 80 insertions(+), 183 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index c6ec65e..3282d5e 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -131,7 +131,7 @@ _kdc_find_etype(krb5_context context, krb5_boolean use_strongest_se
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5d113f8 s4:rpc_server: fix call_id truncation in
dcesrv_find_fragmented_call()
via 65e8edb tests:dcerpc/raw_protocol: reproduce call_id truncation bug
via 3a7ebd0 heimdal_build: use closefrom from libreplace
via e9d5b8b s4:rpc_server/lsa: implement forwarding
lsa_Lookup{Sids,Names}() requests to winbindd
via 3ffebee winbindd: implement wb_irpc_lsa_{LookupNames4,LookupSids3}()
via 3801c41 s4:rpc_server/lsa: rewrite lookup sids/names code to honor
the given lookup level
via 475a761 test_trust_ntlm.sh: add lookup name tests
via d7780c6 libcli/security: add dom_sid_lookup_predefined_{sid,name}()
via e9ace18 s4:dsdb: add dsdb_trust_domain_by_{sid,name}()
via 9b6a0b1 s4:rpc_server/lsa: prepare dcesrv_lsa_LookupNames* for
async processing
via ab7988a s4:rpc_server/lsa: prepare dcesrv_lsa_LookupSids* for async
processing
via e6c9984 s4:rpc_server/lsa: base dcesrv_lsa_LookupNames2() on
dcesrv_lsa_LookupNames_common()
via 37cb34d s4:rpc_server/lsa: base dcesrv_lsa_LookupNames() on
dcesrv_lsa_LookupNames_common()
via ec55c18 s4:rpc_server/lsa: rename 'state' variable to
'policy_state' in dcesrv_lsa_LookupNames2()
via c78c17d s4:rpc_server/lsa: rename 'state' variable to
'policy_state' in dcesrv_lsa_LookupSids2()
via c0f6103 s4:rpc_server/lsa: rename 'state' variable to
'policy_state' in dcesrv_lsa_LookupSids_common()
via 7c1c9bf s4:rpc_server/lsa: simplify [ref] pointer handling in
dcesrv_lsa_LookupNames()
via 5d868fd s4:rpc_server/lsa: simplify [ref] pointer handling in
dcesrv_lsa_LookupSids()
via e8a0223 s4:rpc_server/lsa: remove unused 'status' variable in
dcesrv_lsa_LookupSids_common()
via fe43dd8 s4:rpc_server/lsa: make sure dcesrv_lsa_LookupNames2() gets
prepared [ref] pointers
via 3339a1c s4:rpc_server/lsa: expect prepared [ref] pointers in
dcesrv_lsa_LookupNames_common()
via f6e60d2 s4:rpc_server/lsa: make sure dcesrv_lsa_LookupSids_common()
gets prepared [ref] pointers
via 3909f8f s4:rpc_server/lsa: use
LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES/LSA_CLIENT_REVISION_1 in compat code
via 7686881 rpcclient: add lookupsids_level command
via 9ccc6ee rpcclient: fix variable initialisation and add parenthesis
to if clauses
via b02de5a provision: fix the 'dnsdomain' for the local sam of a
domain member
via 1a258b6 traffic_packets.py: let Lookup{Sids,Names}() work against a
sane server
via da78430 nsswitch: fix double free errors in nsstest.c
via 7b86b94 s4:torture: zero initialize variables in
test_LookupSidsReply()
via c376ab2 winbindd: make use of talloc_zero_array() in
wb_lookupsids*()
via 569c910 s3:cli_lsarpc: use talloc_zero_array() in
dcerpc_lsa_lookup_names_generic()
via 5cae7da s3:cli_lsarpc: use talloc_zero_array() in
dcerpc_lsa_lookup_sids_generic()
via b5ffa0e winbindd: initialize type = SID_NAME_UNKNOWN in
wb_lookupsids_single_done()
via 17c48f2 winbindd: don't split the rid for SID_NAME_DOMAIN sids in
wb_lookupsids
via 86e63d2 replace: remove some duplicate checks
via 29aa5c9 wscript: drop checks for setnetgrent/endnetgrent/getnetgrent
via 14f798c s3: remove dead already commented code
from 0b63f26 selftest: change technique for running specific envs
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5d113f80944f2e1d2a7e80f73aea7a4cfdfbd140
Author: Stefan Metzmacher
Date: Wed Feb 21 00:49:55 2018 +0100
s4:rpc_server: fix call_id truncation in dcesrv_find_fragmented_call()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13289
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Wed Feb 21 19:02:56 CET 2018 on sn-devel-144
commit 65e8edb382fbc7450919aad8b42cfcae9e779d11
Author: Stefan Metzmacher
Date: Wed Feb 21 00:50:26 2018 +0100
tests:dcerpc/raw_protocol: reproduce call_id truncation bug
We need to make sure the server handles call_id values > UINT16_MAX.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13289
Signed-off-by: Stefan Metzmacher
Reviewed-by: Ralph Boehme
commit 3a7ebd0e940e80b185a9240c093e1fee6795fd5b
Author: Bjoern Jacke
Date: Wed Feb 21 01:51:42 2018 -0800
heimdal_build: use closefrom from libreplace
this silences a lot of "... has been redefined" compiler warnings on
platforms that don't have closefrom
Signed-off-by: Bjoern Jacke
Reviewed-by: Stefan Metzmacher
commit e9d5b8b6b41155a8a043275ae497bdb87044d476
Author: Stefan Metzmacher
Date: Fri Jan 19 13:42:40 2018 +0100
s4:rpc_server/lsa: implement forwarding lsa_Lookup{Sids,Names}() requests
to w
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8c83347 util/rfc1738: update preamble via 7a06cfa util/rfc1738: simplify and fix rfc1738_escape_part() via d99a075 util/rfc1738: remove unused versions of rfc1738_escape via c20a369 util/rfc1738: simplify and fix rfc1738_unescape() via 9f3e20d util/tests: add rfc1738 cmocka tests via a4c853a util/rfc1738_unescape(): return end pointer or NULL on error via 6ef6ddc shift read_hex_bytes() and parse_guid_string() into lib/util via 33ef0e5 selftest/tests.py: remove always-needed, never-set with_cmocka flag via cb5f1f3 unittests.lib_util_modules: test module probe with "skel", not "unix" via 7d79575 selftest: subunithelper needs to follow the subunit spec more closely from 5d113f8 s4:rpc_server: fix call_id truncation in dcesrv_find_fragmented_call() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8c833470fc52332c62220ec9cc38c8a4fd7721f1 Author: Douglas Bagnall Date: Mon Feb 19 14:24:42 2018 +1300 util/rfc1738: update preamble Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett Autobuild-User(master): Douglas Bagnall Autobuild-Date(master): Thu Feb 22 06:13:49 CET 2018 on sn-devel-144 commit 7a06cfa2e2caed2067bf9030408cf56de7b89d65 Author: Douglas Bagnall Date: Tue Feb 20 23:56:11 2018 +1300 util/rfc1738: simplify and fix rfc1738_escape_part() We now encode according to RFC 3986 (section 2.1 - 2.3). Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit d99a075239588170be5a26453219d3cac5425885 Author: Douglas Bagnall Date: Sat Feb 17 11:23:44 2018 +1300 util/rfc1738: remove unused versions of rfc1738_escape Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit c20a3699075369e5516af47100220dab18435a91 Author: Douglas Bagnall Date: Mon Feb 19 14:12:03 2018 +1300 util/rfc1738: simplify and fix rfc1738_unescape() Improvements: * NULL is returned when the string is incorrectly formed. * Badly formed escapes like "% b" that were accepted by sscanf() are now rejected. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit 9f3e20d98bdc04d6301ab0560cc7fde6ec9cc796 Author: Douglas Bagnall Date: Sun Feb 18 09:53:32 2018 +1300 util/tests: add rfc1738 cmocka tests These don't pass yet. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit a4c853a7deb080dd44e3c54eb45935ff0df91baf Author: Douglas Bagnall Date: Sat Feb 17 10:46:44 2018 +1300 util/rfc1738_unescape(): return end pointer or NULL on error At present we don't detect errors, but when we do we'll return NULL. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit 6ef6ddce5a64c55729c2e3d423757f504b0ab15e Author: Douglas Bagnall Date: Fri Feb 16 17:53:15 2018 +1300 shift read_hex_bytes() and parse_guid_string() into lib/util read_hex_bytes() is going to be used in lib/util/rfc1738.c. parse_guid_string() is shifted for two reasons: Firstly, it is called very often in some operations, sometimes constituting a few percent of the CPU load, and it makes several calls to read_hex_bytes(). We want the compiler to be able to inline those calls if it thinks that is wise. Secondly, there are other places that could do with fast GUID parsing. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit 33ef0e57a4f08eae5ea06f482374fbc0a1014de6 Author: Douglas Bagnall Date: Thu Feb 22 11:54:45 2018 +1300 selftest/tests.py: remove always-needed, never-set with_cmocka flag We have cmocka in third_party, so we are never without it. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit cb5f1f3b262467faba59b3b323e240d1351d5fc0 Author: Douglas Bagnall Date: Thu Feb 22 11:26:00 2018 +1300 unittests.lib_util_modules: test module probe with "skel", not "unix" The unix module is not available as a module on some systems. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett commit 7d79575de8e47a0ce03e30c3ea84176be696269f Author: Douglas Bagnall Date: Thu Feb 22 12:46:47 2018 +1300 selftest: subunithelper needs to follow the subunit spec more closely In particular allow ]\n without \n]\n as used by cmocka Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett --- Summary of changes: lib/util/rfc1738.c | 289 +-- lib/util/samba_util.h | 18 +- lib/util/tests/rfc1738.c| 411 lib/util/util_str_hex.c | 100 ++
