[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3a01ef710d4 tests: Add a test for the idmap_nss : use_upn setting via 086a90d52b0 idmap_nss: Install a messaging filter to reload the configuration via a7a4d8e5333 idmap_nss: Add a parameter to use UPNs instead of plain names via c8e4777a921 idmap_nss: Increase debug on failures via de2f59c61a0 docs: Document idmap_nss "range" option via 8e1f2ee5f7c s3:winbind: Register a messaging filter foreach domain child via c35937054cd s3:winbind: talloc the static locator child via e3d0574d796 s3:winbind: talloc the static idmap child from f642aff5544 buildtools: Remove ‘keep_underscore’ parameter https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3a01ef710d4f0c11013214a4f8637ebdac8d9f5e Author: Samuel Cabrero Date: Tue Dec 12 21:17:50 2023 +0100 tests: Add a test for the idmap_nss : use_upn setting Signed-off-by: Samuel Cabrero Reviewed-by: Alexander Bokovoy Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Wed Dec 13 16:05:19 UTC 2023 on atb-devel-224 commit 086a90d52b0c4bd388bf5707159ae1a727f8e400 Author: Samuel Cabrero Date: Tue Dec 12 16:02:33 2023 +0100 idmap_nss: Install a messaging filter to reload the configuration Signed-off-by: Samuel Cabrero Reviewed-by: Alexander Bokovoy commit a7a4d8e53332f8cae68462afab7dec86c991d96f Author: Samuel Cabrero Date: Mon Nov 27 08:05:29 2023 +0100 idmap_nss: Add a parameter to use UPNs instead of plain names idmap config : backend = nss idmap config : use_upn = yes|no When translating a Unix ID to a SID the module calls get[pwu|grg]id() but the name returned by some NSS modules might be a UPN instead of a plain name. If the new parameter is enabled the returned name will be parsed and correctly handled. On the other hand, when translating a SID to a Unix ID the module first resolves the SID to a domain + name, and then calls get[pw|gr]name() with the plain name, or the UPN if the new parameter is enabled. Signed-off-by: Samuel Cabrero Reviewed-by: Alexander Bokovoy commit c8e4777a921132082ee6421b2b456c82028fed46 Author: Samuel Cabrero Date: Wed Nov 29 12:55:13 2023 +0100 idmap_nss: Increase debug on failures Signed-off-by: Samuel Cabrero Reviewed-by: Alexander Bokovoy commit de2f59c61a0549c54546704c07a1f41410fc50d7 Author: Samuel Cabrero Date: Mon Nov 27 10:20:05 2023 +0100 docs: Document idmap_nss "range" option Signed-off-by: Samuel Cabrero Reviewed-by: Alexander Bokovoy commit 8e1f2ee5f7c5b3ee4edfa7beca289889a4e99cca Author: Samuel Cabrero Date: Tue Dec 12 15:55:20 2023 +0100 s3:winbind: Register a messaging filter foreach domain child Instead of registering the "classic" callback for MSG_SMB_CONF_UPDATED, install a message filter to allow other parts of the code to also listen for this message because classic callbacks are delivered only once (see commit a2436b67e5dd47d955a3bea2b83e0693b627ab96). Signed-off-by: Samuel Cabrero Reviewed-by: Alexander Bokovoy commit c35937054cd69580bbf5e3252fd9a1e8958f2f7b Author: Samuel Cabrero Date: Tue Dec 12 15:49:07 2023 +0100 s3:winbind: talloc the static locator child Next commits will use talloc_get_type_abort() to get the reference. Signed-off-by: Samuel Cabrero Reviewed-by: Alexander Bokovoy commit e3d0574d7969b00723a6b3041a796dd4f29726e8 Author: Samuel Cabrero Date: Tue Dec 12 15:44:21 2023 +0100 s3:winbind: talloc the static idmap child Next commits will use talloc_get_type_abort() to get the reference. Signed-off-by: Samuel Cabrero Reviewed-by: Alexander Bokovoy --- Summary of changes: docs-xml/manpages/idmap_nss.8.xml| 38 + nsswitch/tests/test_idmap_nss_use_upn.sh | 79 ++ source3/selftest/tests.py| 4 +- source3/winbindd/idmap_nss.c | 249 +-- source3/winbindd/winbindd.c | 13 +- source3/winbindd/winbindd_dual.c | 34 +++-- source3/winbindd/winbindd_idmap.c| 29 ++-- source3/winbindd/winbindd_locator.c | 21 ++- source3/winbindd/winbindd_proto.h| 4 +- 9 files changed, 425 insertions(+), 46 deletions(-) create mode 100755 nsswitch/tests/test_idmap_nss_use_upn.sh Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/idmap_nss.8.xml b/docs-xml/manpages/idmap_nss.8.xml index fc03445df2c..a9c6eceedbc 100644 --- a/docs-xml/manpages/idmap_nss.8.xml +++ b/docs-xml/manpages/idmap_nss.8.xml @@ -27,6 +27,44 @@ + + IDMAP OPTIONS + + + +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fcecdfa8e5c s4:dnsserver: Rename dns_name_equal() to samba_dns_name_equal() from 872ea49ac6d kdc: Don't reference ENODATA in platform-independent code https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fcecdfa8e5c651d4a27f8fcd5df6e9bce37ed8a7 Author: Samuel Cabrero Date: Wed Jan 18 17:25:29 2023 +0100 s4:dnsserver: Rename dns_name_equal() to samba_dns_name_equal() This function already exists in bind9 but takes different arguments, so when the DLZ is loaded and this function is called bind crashes: named[1523]: samba_dlz: allowing update of signer=DESKTOP-8BUKMBK\$\@AFOREST.AD name=118.101.168.192.in-addr.arpa tcpaddr=192.168.101.118 type=PTR key=1264-ms-7.1-2ac9.9ef238e1-9747-11ed-9f95-525400dc6981/159/0 named[1523]: samba_dlz: allowing update of signer=DESKTOP-8BUKMBK\$\@AFOREST.AD name=118.101.168.192.in-addr.arpa tcpaddr=192.168.101.118 type=PTR key=1264-ms-7.1-2ac9.9ef238e1-9747-11ed-9f95-525400dc6981/159/0 named[1523]: client @0x7f26caa90f68 192.168.101.118#58223/key DESKTOP-8BUKMBK\$\@AFOREST.AD: updating zone '101.168.192.in-addr.arpa/NONE': deleting rrset at '118.101.168.192.in-addr.ar named[1523]: name.c:664: REQUIRE(((name1) != ((void *)0) && ((const isc__magic_t *)(name1))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n') failed, back trace Backtrace: #0 0x7f2716c957ec in __pthread_kill_implementation () from /lib64/libc.so.6 #1 0x7f2716c42816 in raise () from /lib64/libc.so.6 #2 0x7f2716c2b81c in abort () from /lib64/libc.so.6 #3 0x55d4de847995 in assertion_failed (file=, line=, type=, cond=) at /usr/src/debug/bind-9.18.10/bin/named/main.c:237 #4 0x7f27176388fc in isc_assertion_failed (file=file@entry=0x7f27173b0df6 "name.c", line=line@entry=664, type=type@entry=isc_assertiontype_require, cond=cond@entry=0x7f27173b0268 "((name1) != ((void *)0) && ((const isc__magic_t *)(name1))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | ('n'") at /usr/src/debug/bind-9.18.10/lib/isc/assertions.c:48 #5 0x7f27172946f9 in dns_name_equal (name1=, name2=) at /usr/src/debug/bind-9.18.10/lib/dns/name.c:664 Here bind's dns_name_equal() is called instead of samba's dns_name_equal() #6 0x7f27077ad6f2 in dns_record_match (rec1=0x7f26f8042d70, rec2=0x7f26f8044d10) at ../../source4/dns_server/dnsserver_common.c:1346 #7 0x7f271404732c in b9_record_match (rec1=0x7f26f8042d70, rec2=0x7f26f8044d10) at ../../source4/dns_server/dlz_bind9.c:1830 #8 0x7f2714047daa in dlz_subrdataset (name=0x7f2706ff82f0 "118.101.168.192.in-addr.arpa", rdatastr=0x7f26c9c1 "118.101.168.192.in-addr.arpa.\t1200\tIN\tPTR\tDESKTOP-8BUKMBK.aforest.ad.", dbdata=0x7f271003d300, version=0x7f26f8044b20) at ../../source4/dns_server/dlz_bind9.c:2077 #9 0x55d4de84afb4 in dlopen_dlz_subrdataset (name=0x7f2706ff82f0 "118.101.168.192.in-addr.arpa", rdatastr=, driverarg=, dbdata=0x7f270430f680, version=) at /usr/src/debug/bind-9.18.10/bin/named/dlz_dlopen_driver.c:483 #10 0x7f271738e734 in modrdataset.constprop.0 (db=0x7f2704291740, node=0x7f26c9c006e0, version=0x7f26f8044b20, rdataset=0x7f2706ff8830, mod_function=0x55d4de84af80 , options=) at /usr/src/debug/bind-9.18.10/lib/dns/sdlz.c:1107 #11 0x7f2717251855 in diff_apply (diff=diff@entry=0x7f2706ff8df0, db=db@entry=0x7f2704291740, ver=ver@entry=0x7f26f8044b20, warn=warn@entry=true) at /usr/src/debug/bind-9.18.10/lib/dns/diff.c:370 #12 0x7f2717251c8a in dns_diff_apply (diff=diff@entry=0x7f2706ff8df0, db=db@entry=0x7f2704291740, ver=ver@entry=0x7f26f8044b20) at /usr/src/debug/bind-9.18.10/lib/dns/diff.c:465 #13 0x7f2717d105aa in do_one_tuple (tuple=tuple@entry=0x7f2706ff8e50, db=db@entry=0x7f2704291740, ver=ver@entry=0x7f26f8044b20, diff=diff@entry=0x7f2706ff9400) at /usr/src/debug/bind-9.18.10/lib/ns/update.c:454 #14 0x7f2717d10fff in update_one_rr (rdata=0x7f2706ff8ee8, ttl=, name=, op=DNS_DIFFOP_DEL, diff=0x7f2706ff9400, ver=0x7f26f8044b20, db=0x7f2704291740) at /usr/src/debug/bind-9.18.10/lib/ns/update.c:505 #15 delete_if_action (data=, rr=0x7f2706ff8ee0) at /usr/src/debug/bind-9.18.10/lib/ns/update.c:1427 #16 0x7f2717d10ccd in foreach_rr (db=0x7f2704291740, ver=, name=0x7f26caa61d00, type=, covers=, rr
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 17f8ec6f57a s4:mitkdc: Always set SDB_F_FOR_{TGS,AS}_REQ flag for DAL >= 9 from 96b77d87639 s3:dbwrap_ctdb: improve the error handling in ctdb_async_ctx_init_internal() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 17f8ec6f57a831de90bf66fd7523b4d1148cb397 Author: Samuel Cabrero Date: Mon Jun 27 16:04:56 2022 +0200 s4:mitkdc: Always set SDB_F_FOR_{TGS,AS}_REQ flag for DAL >= 9 The KRB5_KDB_FLAG_REFERRAL_OK is to indicate wether a realm referral is allowed. In AD this is always allowed. Also there is no way to pass that indication to the SamDB layer. Pair-Programmed-With: Andreas Schneider Signed-off-by: Samuel Cabrero Signed-off-by: Andreas Schneider Reviewed-by: Andreas Schneider Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Mon Jul 4 12:22:16 UTC 2022 on sn-devel-184 --- Summary of changes: source4/kdc/mit_samba.c | 10 ++ 1 file changed, 2 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c index c264191bf6b..e316c57ee31 100644 --- a/source4/kdc/mit_samba.c +++ b/source4/kdc/mit_samba.c @@ -234,10 +234,7 @@ int mit_samba_get_principal(struct mit_samba_context *ctx, if (kflags & KRB5_KDB_FLAG_CLIENT) { sflags |= SDB_F_GET_CLIENT; - - if (!(kflags & KRB5_KDB_FLAG_REFERRAL_OK)) { - sflags |= SDB_F_FOR_AS_REQ; - } + sflags |= SDB_F_FOR_AS_REQ; } else { int equal = smb_krb5_principal_is_tgs(ctx->context, principal); if (equal == -1) { @@ -248,10 +245,7 @@ int mit_samba_get_principal(struct mit_samba_context *ctx, sflags |= SDB_F_GET_KRBTGT; } else { sflags |= SDB_F_GET_SERVER; - - if (!(kflags & KRB5_KDB_FLAG_REFERRAL_OK)) { - sflags |= SDB_F_FOR_TGS_REQ; - } + sflags |= SDB_F_FOR_TGS_REQ; } } #else /* KRB5_KDB_DAL_MAJOR_VERSION < 9 */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 971441ca524 third_party/heimdal: Fix build with gcc version 12.1 via 89e0c732b1c replace: Check for -Wuse-after-free from 3dcdd13a250 tests/krb5: Use object() rather than auto() to initialise enums https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 971441ca5244b0e56f6b664d785fcefa3867ede1 Author: Samuel Cabrero Date: Thu Jun 9 10:51:54 2022 +0200 third_party/heimdal: Fix build with gcc version 12.1 Split lib/krb5/crypto to its own subsystem to built with its own CFLAGS and avoid the following error: [1510/4771] Compiling third_party/heimdal/lib/krb5/crypto.c ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘_krb5_internal_hmac’: ../../third_party/heimdal/lib/krb5/crypto.c:302:24: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 302 | iov[0].data.data = (void *) data; |^ ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘derive_key_sp800_hmac’: ../../third_party/heimdal/lib/krb5/crypto.c:2427:18: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 2427 | label.data = (void *)constant; | ^ ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘decrypt_internal_derived’: ../../third_party/heimdal/lib/krb5/crypto.c:1280:9: error: pointer ‘p’ may be used after ‘realloc’ [-Werror=use-after-free] 1280 | free(p); | ^~~ ../../third_party/heimdal/lib/krb5/crypto.c:1278:20: note: call to ‘realloc’ here 1278 | result->data = realloc(p, l); |^ ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘decrypt_internal_enc_then_cksum’: ../../third_party/heimdal/lib/krb5/crypto.c:1365:9: error: pointer ‘p’ may be used after ‘realloc’ [-Werror=use-after-free] 1365 | free(p); | ^~~ ../../third_party/heimdal/lib/krb5/crypto.c:1363:20: note: call to ‘realloc’ here 1363 | result->data = realloc(p, l); |^ ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘decrypt_internal’: ../../third_party/heimdal/lib/krb5/crypto.c:1431:9: error: pointer ‘p’ may be used after ‘realloc’ [-Werror=use-after-free] 1431 | free(p); | ^~~ ../../third_party/heimdal/lib/krb5/crypto.c:1429:20: note: call to ‘realloc’ here 1429 | result->data = realloc(p, l); |^ ../../third_party/heimdal/lib/krb5/crypto.c: In function ‘decrypt_internal_special’: ../../third_party/heimdal/lib/krb5/crypto.c:1478:9: error: pointer ‘p’ may be used after ‘realloc’ [-Werror=use-after-free] 1478 | free(p); | ^~~ ../../third_party/heimdal/lib/krb5/crypto.c:1476:20: note: call to ‘realloc’ here 1476 | result->data = realloc(p, sz); |^~ cc1: all warnings being treated as errors BUG: https://bugzilla.samba.org/show_bug.cgi?id=15095 Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Tue Jun 14 10:16:18 UTC 2022 on sn-devel-184 commit 89e0c732b1c45f6498ed0f39add77c2a52afddce Author: Samuel Cabrero Date: Wed Jun 1 11:56:19 2022 +0200 replace: Check for -Wuse-after-free BUG: https://bugzilla.samba.org/show_bug.cgi?id=15095 Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett --- Summary of changes: lib/replace/wscript | 3 +++ third_party/heimdal_build/wscript_build | 17 ++--- 2 files changed, 17 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/replace/wscript b/lib/replace/wscript index 827d74f19cb..2808db2e518 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -128,6 +128,9 @@ def configure(conf): if conf.CHECK_CFLAGS('-Wno-strict-overflow'): conf.define('HAVE_WNO_STRICT_OVERFLOW', '1') +if conf.CHECK_CFLAGS('-Wuse-after-free=1'): +conf.define('HAVE_WUSE_AFTER_FREE_1', '1') + # Check for process set name support conf.CHECK_CODE(''' #include diff --git a/third_party/heimdal_build/wscript_build b/third_party/heimdal_build/wscript_build index a395430c28f..fc136bc4116 100644 --- a/third_party/heimdal_build/wscript_build +++ b/third_party/he
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via aa2ab7feb10 s3: VFS: Remove SMB_VFS_NTIMES(), no longer used via 34f5594f2e3 s3: VFS: default: Remove SMB_VFS_NTIMES() via adb952f01c0 s3: VFS: unityed_media: Remove SMB_VFS_NTIMES() via b60693cbd79 s3: VFS: time_audit: Remove SMB_VFS_NTIMES() via f2d1eb3870a s3: VFS: snapper: Remove SMB_VFS_NTIMES() via 395c3922c24 s3: VFS: shadow_copy2: Remove SMB_VFS_NTIMES() via 0b9ead076e5 s3: VFS: not_implemented: Remove SMB_VFS_NTIMES() via bec491dd651 s3: VFS: media_harmony: Remove SMB_VFS_NTIMES() via bc4bef5e6a4 gpfswrap: Remove wrapper for gpfs_set_times_path() via fad792aa5ca s3: VFS: gpfs: Remove SMB_VFS_NTIMES() via bd01e5a4556 s3: VFS: glusterfs: Remove SMB_VFS_NTIMES() via 7c70be05048 s3: VFS: full_audit: Remove SMB_VFS_NTIMES() via 23c27b7f822 s3: VFS: fruit: Remove SMB_VFS_NTIMES() via 059b565abab s3: VFS: delay_inject: Remove SMB_VFS_NTIMES() via 248151bac65 s3: VFS: ceph_snapshots: Remove SMB_VFS_NTIMES() via 0456cad10cc s3: VFS: ceph: Remove SMB_VFS_NTIMES() via 2e3608b040d s3: VFS: catia: Remove SMB_VFS_NTIMES() via 17a7f2cadb6 s3: VFS: cap: Remove SMB_VFS_NTIMES() via ae9044395f5 s3: torture: Change cmd_utime to use SMB_VFS_FNTIMES() via 1e677da50b4 s3: VFS: recycle: set the recycled file times using SMB_VFS_FNTIMES() via 0a13237db9c s3: smbd: Use SMB_VFS_FNTIMES() instead of SMB_VFS_NTIMES() via 11969032310 s3: smbd: Pass full fsp to file_ntimes() via bccbc5bb1ec s3: smbd: Update file times right before closing the underlying fd via ed287c35d7a s3: smbd: Use new debug macros via c942e2bd399 s3: VFS: snapper: Implement SMB_VFS_FNTIMES() via 6d9fc8de56b s3: VFS: shadow_copy2: Implement VFS_SMB_FNTIMES() via 02d624c46f2 s3: VFS: gpfs: Implement SMB_VFS_FNTIMES() via 28174fc1e7c gpfswrap: Add wrapper for gpfs_set_times() via 7125279a1e0 s3: VFS: glusterfs: Implement SMB_VFS_FNTIMES() via 5d84ad711a3 s3: VFS: fruit: Implement SMB_VFS_FNTIMES() via 5e0def5e320 s3: VFS: delay_inject: Implement SMB_VFS_FNTIMES() via 31091cc5382 s3: VFS: ceph_snapshots: Implement SMB_VFS_FNTIMES() via f07f3a5c22c s3: VFS: ceph: Implement SMB_VFS_FNTIMES() via c7712ec0e61 s3: VFS: catia: Implement SMB_VFS_FNTIMES() via ee3ea1bc745 VFS: Add SMB_VFS_FNTIMES via 4cc06106998 build: Do not check for unused functions futimes() and futimens() via 564e066024d s3: VFS: default: ntimes profile not ended when times not changed from fbf95a641bb auth4: Remove unused auth_unix https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit aa2ab7feb10f7c8bc0d84e3dabb484f728f6f3ba Author: Samuel Cabrero Date: Tue Apr 13 18:00:29 2021 +0200 s3: VFS: Remove SMB_VFS_NTIMES(), no longer used --- / \ / REST \ /IN \ /PEACE\ / \ | | | SMB_VFS_NTIMES| | | | | | 13 April| | 2021 | | | | | *| * * * | * _)/\\_//(\/(/\)/\//\/\|_)___ Signed-off-by: Samuel Cabrero Reviewed-by: Ralph Boehme Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Mon Apr 19 13:19:35 UTC 2021 on sn-devel-184 commit 34f5594f2e3cbf76fb88e6d5210a66a542e59f1b Author: Samuel Cabrero Date: Tue Apr 13 17:18:20 2021 +0200 s3: VFS: default: Remove SMB_VFS_NTIMES() Signed-off-by: Samuel Cabrero Reviewed-by: Ralph Boehme commit adb952f01c04e097279b52532ec917517d9fb727 Author: Samuel Cabrero Date: Tue Apr 13 17:45:51 2021 +0200 s3: VFS: unityed_media: Remove SMB_VFS_NTIMES() Signed-off-by: Samuel Cabrero Reviewed-by: Ralph Boehme commit b60693cbd79ee393c7aa6b2d79e7aada27abdd06 Author: Samuel Cabrero Date: Tue Apr 13 17:45:12 2021 +0200 s3: VFS: time_audit: Remove SMB_VFS_NTIMES() Signed-off-by: Samuel Cabrero Reviewed-by: Ralph Boehme commit f2d1eb3870ab35f20ab29d899370e55a149da2ca Author: Samuel Cabrero Date: Tue Apr 13 17:42:56 2021 +0200 s3: VFS: snapper: Remove SMB_VFS_NTIMES() Signed-off-by: Samuel Cabrero Reviewed-by: Ralph Boehme commit
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 49a0f6170bf oss-fuzz: Update build script to be compatible with rpm distros from 11aac9d0433 smbd: reduce loglevel for failed openat_pathref_fsp() calls https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 49a0f6170bf6b914bb7d513664c6cfc6b3864bb5 Author: Samuel Cabrero Date: Tue Mar 30 16:17:31 2021 +0200 oss-fuzz: Update build script to be compatible with rpm distros The /etc/default/locale file does not exists in the rpm family distros so the do_build.sh script failed with: ./lib/fuzzing/oss-fuzz/do_build.sh: line 31: /etc/default/locale: No such file or directory Signed-off-by: Samuel Cabrero Reviewed-by: David Mulder Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Tue Apr 6 15:54:54 UTC 2021 on sn-devel-184 --- Summary of changes: lib/fuzzing/oss-fuzz/do_build.sh | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/lib/fuzzing/oss-fuzz/do_build.sh b/lib/fuzzing/oss-fuzz/do_build.sh index f1f830ec34c..4c6796d2350 100755 --- a/lib/fuzzing/oss-fuzz/do_build.sh +++ b/lib/fuzzing/oss-fuzz/do_build.sh @@ -28,7 +28,11 @@ set -u # It is critical that this script, just as the rest of Samba's GitLab # CI docker has LANG set to en_US.utf8 (oss-fuzz fails to set this) -. /etc/default/locale +if [ -f /etc/default/locale ]; then + . /etc/default/locale +elif [ -f /etc/locale.conf ]; then + . /etc/locale.conf +fi export LANG export LC_ALL -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 41b2beeffb9 bootstrap: Add OpenSUSE 15.2 from 6ac16232de7 autobuild: Encode text/plain into base64 to wrap long-lines https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 41b2beeffb94dac3679abc7b5c1187c1494f4970 Author: Samuel Cabrero Date: Tue Nov 17 13:32:19 2020 +0100 bootstrap: Add OpenSUSE 15.2 Signed-off-by: Samuel Cabrero Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Tue Nov 17 18:50:05 UTC 2020 on sn-devel-184 --- Summary of changes: .gitlab-ci.yml | 12 +- bootstrap/.gitlab-ci.yml | 4 ++-- bootstrap/config.py| 14 +-- bootstrap/generated-dists/Vagrantfile | 14 +-- bootstrap/generated-dists/opensuse150/Dockerfile | 27 -- .../{debian10 => opensuse152}/Dockerfile | 2 +- .../{opensuse150 => opensuse152}/bootstrap.sh | 2 ++ .../{opensuse150 => opensuse152}/locale.sh | 0 .../{opensuse150 => opensuse152}/packages.yml | 2 ++ bootstrap/sha1sum.txt | 2 +- 10 files changed, 27 insertions(+), 52 deletions(-) delete mode 100644 bootstrap/generated-dists/opensuse150/Dockerfile copy bootstrap/generated-dists/{debian10 => opensuse152}/Dockerfile (91%) rename bootstrap/generated-dists/{opensuse150 => opensuse152}/bootstrap.sh (97%) rename bootstrap/generated-dists/{opensuse150 => opensuse152}/locale.sh (100%) rename bootstrap/generated-dists/{opensuse150 => opensuse152}/packages.yml (96%) Changeset truncated at 500 lines: diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 77c57135b86..d65f4d2b769 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -32,7 +32,7 @@ variables: # Set this to the contents of bootstrap/sha1sum.txt # which is generated by bootstrap/template.py --render # - SAMBA_CI_CONTAINER_TAG: 446341a5c66a0cd04cac694991e4522385389e0f + SAMBA_CI_CONTAINER_TAG: d4867986881a9601c4620baf9a3bf28f5d1d1343 # # We use the ubuntu1804 image as default as # it matches what we have on sn-devel-184. @@ -48,8 +48,8 @@ variables: SAMBA_CI_CONTAINER_IMAGE_ubuntu2004: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-ubuntu2004:${SAMBA_CI_CONTAINER_TAG} SAMBA_CI_CONTAINER_IMAGE_debian9: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-debian9:${SAMBA_CI_CONTAINER_TAG} SAMBA_CI_CONTAINER_IMAGE_debian10: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-debian10:${SAMBA_CI_CONTAINER_TAG} - SAMBA_CI_CONTAINER_IMAGE_opensuse150: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-opensuse150:${SAMBA_CI_CONTAINER_TAG} SAMBA_CI_CONTAINER_IMAGE_opensuse151: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-opensuse151:${SAMBA_CI_CONTAINER_TAG} + SAMBA_CI_CONTAINER_IMAGE_opensuse152: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-opensuse152:${SAMBA_CI_CONTAINER_TAG} SAMBA_CI_CONTAINER_IMAGE_fedora32: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-fedora32:${SAMBA_CI_CONTAINER_TAG} SAMBA_CI_CONTAINER_IMAGE_fedora33: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-fedora33:${SAMBA_CI_CONTAINER_TAG} SAMBA_CI_CONTAINER_IMAGE_centos7: ${SAMBA_CI_CONTAINER_REGISTRY}/samba-ci-centos7:${SAMBA_CI_CONTAINER_TAG} @@ -330,14 +330,14 @@ debian10-samba-o3: extends: .samba-o3-template image: $SAMBA_CI_CONTAINER_IMAGE_debian10 -opensuse150-samba-o3: - extends: .samba-o3-template - image: $SAMBA_CI_CONTAINER_IMAGE_opensuse150 - opensuse151-samba-o3: extends: .samba-o3-template image: $SAMBA_CI_CONTAINER_IMAGE_opensuse151 +opensuse152-samba-o3: + extends: .samba-o3-template + image: $SAMBA_CI_CONTAINER_IMAGE_opensuse152 + centos7-samba-o3: extends: .samba-o3-template image: $SAMBA_CI_CONTAINER_IMAGE_centos7 diff --git a/bootstrap/.gitlab-ci.yml b/bootstrap/.gitlab-ci.yml index e9249f151a6..5f79ac1fbf2 100644 --- a/bootstrap/.gitlab-ci.yml +++ b/bootstrap/.gitlab-ci.yml @@ -116,8 +116,8 @@ centos7: # We install a compat-gnutls34 package for GnuTLS >= 3.4.7 PKG_CONFIG_PATH: /usr/lib64/compat-gnutls34/pkgconfig:/usr/lib64/compat-nettle32/pkgconfig -opensuse150: +opensuse151: extends: .build_image_template -opensuse151: +opensuse152: extends: .build_image_template diff --git a/bootstrap/config.py b/bootstrap/config.py index fa313728f55..ecbc614f056 100644 --- a/bootstrap/config.py +++ b/bootstrap/config.py @@ -490,9 +490,9 @@ RPM_DISTS = { 'policycoreutils-python': 'python3-policycoreutils', } }, -'opensuse150': { -'docker_image': 'opensuse/leap:15.0', -'vagrant_box': 'opensuse/openSUSE-15.0-x86_64', +'opensuse151': { +'docker_image': 'opensuse/leap
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d08a6b42004 librpc/dcesrv_core: let dcesrv_call_dispatch_local() call context->iface->reply() via 7bd321e71b7 librpc/dcesrv_core: assert that dcesrv_call_dispatch_local() never gets async. via 42e79cee3d3 librpc/dcesrv_core: make use of dcerpc_fault_to_nt_status() in dcesrv_call_dispatch_local() via 7c8a7e8a15b librpc/dcesrv_core: move two rpcint_dispatch() copies into dcesrv_call_dispatch_local() from 3b5b23ea848 examples:auth: Do not install example plugin https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d08a6b420044c0b9a8fa46dd6acd91d47476 Author: Stefan Metzmacher Date: Fri Oct 23 11:56:19 2020 +0200 librpc/dcesrv_core: let dcesrv_call_dispatch_local() call context->iface->reply() This is needed in order to get NDR_PRINT_FUNCTION_DEBUG(..., NDR_OUT) called. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14551 Signed-off-by: Stefan Metzmacher Reviewed-by: Samuel Cabrero Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Fri Oct 23 17:24:37 UTC 2020 on sn-devel-184 commit 7bd321e71b7f38994236d84795e08d3818b69dc1 Author: Stefan Metzmacher Date: Fri Oct 23 11:54:29 2020 +0200 librpc/dcesrv_core: assert that dcesrv_call_dispatch_local() never gets async. This is just not supported for now... We would need a dcesrv_call_dispatch_local_send/recv in order to support async calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14551 Signed-off-by: Stefan Metzmacher Reviewed-by: Samuel Cabrero commit 42e79cee3d306a92243cc6c4898c5e280535d67b Author: Stefan Metzmacher Date: Fri Oct 23 11:52:57 2020 +0200 librpc/dcesrv_core: make use of dcerpc_fault_to_nt_status() in dcesrv_call_dispatch_local() The caller wants to get a useful NTSTATUS instead of a generic NT_STATUS_NET_WRITE_FAULT. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14551 Signed-off-by: Stefan Metzmacher Reviewed-by: Samuel Cabrero commit 7c8a7e8a15b433cd151afff0b52e9e5096a2c230 Author: Stefan Metzmacher Date: Fri Oct 23 11:42:14 2020 +0200 librpc/dcesrv_core: move two rpcint_dispatch() copies into dcesrv_call_dispatch_local() We only need this function once, so that we need to fix bugs only once... BUG: https://bugzilla.samba.org/show_bug.cgi?id=14551 Signed-off-by: Stefan Metzmacher Reviewed-by: Samuel Cabrero --- Summary of changes: librpc/rpc/dcesrv_core.c | 76 librpc/rpc/dcesrv_core.h | 2 + source3/rpc_server/rpc_ncacn_np.c| 65 +- source3/winbindd/winbindd_dual_ndr.c | 65 +- 4 files changed, 80 insertions(+), 128 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c index a12bf134077..064ad38b8d6 100644 --- a/librpc/rpc/dcesrv_core.c +++ b/librpc/rpc/dcesrv_core.c @@ -2971,3 +2971,79 @@ _PUBLIC_ NTSTATUS dcesrv_connection_loop_start(struct dcesrv_connection *conn) return NT_STATUS_OK; } + +_PUBLIC_ NTSTATUS dcesrv_call_dispatch_local(struct dcesrv_call_state *call) +{ + NTSTATUS status; + struct ndr_pull *pull = NULL; + struct ndr_push *push = NULL; + struct data_blob_list_item *rep = NULL; + + pull = ndr_pull_init_blob(&call->pkt.u.request.stub_and_verifier, + call); + if (pull == NULL) { + return NT_STATUS_NO_MEMORY; + } + + pull->flags |= LIBNDR_FLAG_REF_ALLOC; + + call->ndr_pull = pull; + + /* unravel the NDR for the packet */ + status = call->context->iface->ndr_pull(call, call, pull, &call->r); + if (!NT_STATUS_IS_OK(status)) { + DBG_ERR("DCE/RPC fault in call %s:%02X - %s\n", + call->context->iface->name, + call->pkt.u.request.opnum, + dcerpc_errstr(call, call->fault_code)); + return dcerpc_fault_to_nt_status(call->fault_code); + } + + status = call->context->iface->local(call, call, call->r); + if (!NT_STATUS_IS_OK(status)) { + DBG_ERR("DCE/RPC fault in call %s:%02X - %s\n", + call->context->iface->name, + call->pkt.u.request.opnum, + dcerpc_errstr(call, call->fault_code)); + return dcerpc_fault_to_nt_status(call->fault_code); + } + + /* This can never go async for now! */ + SMB_ASSERT(!(call->state_flags & DCESRV_CALL_STATE_FL
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 61e93698e59 s4:rpc_server: Implement epmapper LookupHandleFree via 072cdbd3713 s4:torture: Do not skip epmapper lookup terminate test in samba4 via 054f58e468c selftest: Split samba4 epmapper expected failures into individual tests from 31d187be0f4 s4:selftest: test for smbtorture subunit names with and without --fullname https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 61e93698e597ad9e2480464df94b5f2ceb57bb24 Author: Samuel Cabrero Date: Mon Jun 29 12:49:33 2020 +0200 s4:rpc_server: Implement epmapper LookupHandleFree Signed-off-by: Samuel Cabrero Reviewed-by: David Mulder Reviewed-by: Andreas Schneider Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Tue Jul 7 13:43:14 UTC 2020 on sn-devel-184 commit 072cdbd371312311377f7a4449dddb18e4605462 Author: Samuel Cabrero Date: Mon Jun 29 12:46:50 2020 +0200 s4:torture: Do not skip epmapper lookup terminate test in samba4 Signed-off-by: Samuel Cabrero Reviewed-by: David Mulder Reviewed-by: Andreas Schneider commit 054f58e468c48e1223441db73e33302454646699 Author: Samuel Cabrero Date: Mon Jun 29 12:45:33 2020 +0200 selftest: Split samba4 epmapper expected failures into individual tests Signed-off-by: Samuel Cabrero Reviewed-by: David Mulder Reviewed-by: Andreas Schneider --- Summary of changes: selftest/knownfail | 4 +++- source4/rpc_server/epmapper/rpc_epmapper.c | 11 ++- source4/torture/rpc/epmapper.c | 4 3 files changed, 13 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index 9b25d22eae0..c5f1f447838 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -87,7 +87,9 @@ ^samba4.local.registry.*.local.security ^samba4.rpc.wkssvc ^samba4.rpc.handles.*.lsarpc-shared -^samba4.rpc.epmapper +^samba4.rpc.epmapper.*.Lookup_simple +^samba4.rpc.epmapper.*.Map_simple +^samba4.rpc.epmapper.*.Map_full ^samba4.rpc.lsalookup on ncalrpc ^samba4.rpc.lsalookup on ncacn_np ^samba4.rpc.lsalookup with seal,padcheck diff --git a/source4/rpc_server/epmapper/rpc_epmapper.c b/source4/rpc_server/epmapper/rpc_epmapper.c index 462553dfe6f..1634b9f4eaf 100644 --- a/source4/rpc_server/epmapper/rpc_epmapper.c +++ b/source4/rpc_server/epmapper/rpc_epmapper.c @@ -261,7 +261,16 @@ failed: static error_status_t dcesrv_epm_LookupHandleFree(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct epm_LookupHandleFree *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + struct dcesrv_handle *h = NULL; + + r->out.entry_handle = r->in.entry_handle; + + DCESRV_PULL_HANDLE_FAULT(h, r->in.entry_handle, HTYPE_LOOKUP); + TALLOC_FREE(h); + + ZERO_STRUCTP(r->out.entry_handle); + + return EPMAPPER_STATUS_OK; } static error_status_t dcesrv_epm_InqObject(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, diff --git a/source4/torture/rpc/epmapper.c b/source4/torture/rpc/epmapper.c index f32d122b36e..be0acc0946e 100644 --- a/source4/torture/rpc/epmapper.c +++ b/source4/torture/rpc/epmapper.c @@ -437,10 +437,6 @@ static bool test_LookupHandleFree(struct torture_context *tctx, NTSTATUS status; struct epm_LookupHandleFree r; - if (torture_setting_bool(tctx, "samba4", false)) { - torture_skip(tctx, "Skip Insert test against Samba4"); - } - if (ndr_policy_handle_empty(entry_handle)) { torture_comment(tctx, "epm_LookupHandleFree failed - empty policy_handle\n"); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c012f924382 third_party: Update nss_wrapper to version 1.1.11 from 53324c35d13 selftest: add two more nbt.dgram flapping tests https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c012f924382bc694d3ddcc2946bb2c1d92742aff Author: Andreas Schneider Date: Thu Apr 2 13:43:44 2020 +0200 third_party: Update nss_wrapper to version 1.1.11 This fixes strict aliasing which leads to segfaults on certain architectures, e.g. armv7hl. Signed-off-by: Andreas Schneider Reviewed-by: Samuel Cabrero Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Mon Apr 6 17:34:53 UTC 2020 on sn-devel-184 --- Summary of changes: buildtools/wafsamba/samba_third_party.py | 2 +- third_party/nss_wrapper/nss_wrapper.c| 878 +++ third_party/nss_wrapper/wscript | 2 +- 3 files changed, 554 insertions(+), 328 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_third_party.py b/buildtools/wafsamba/samba_third_party.py index 181d0b352a5..fae9029002d 100644 --- a/buildtools/wafsamba/samba_third_party.py +++ b/buildtools/wafsamba/samba_third_party.py @@ -29,7 +29,7 @@ Build.BuildContext.CHECK_SOCKET_WRAPPER = CHECK_SOCKET_WRAPPER @conf def CHECK_NSS_WRAPPER(conf): -return conf.CHECK_BUNDLED_SYSTEM_PKG('nss_wrapper', minversion='1.1.10') +return conf.CHECK_BUNDLED_SYSTEM_PKG('nss_wrapper', minversion='1.1.11') Build.BuildContext.CHECK_NSS_WRAPPER = CHECK_NSS_WRAPPER @conf diff --git a/third_party/nss_wrapper/nss_wrapper.c b/third_party/nss_wrapper/nss_wrapper.c index d90264c6d24..17c87321d4d 100644 --- a/third_party/nss_wrapper/nss_wrapper.c +++ b/third_party/nss_wrapper/nss_wrapper.c @@ -185,6 +185,8 @@ typedef nss_status_t NSS_STATUS; pthread_mutex_unlock(&( m ## _mutex)); \ } while(0) +static pthread_mutex_t libc_symbol_binding_mutex = PTHREAD_MUTEX_INITIALIZER; +static pthread_mutex_t nss_module_symbol_binding_mutex = PTHREAD_MUTEX_INITIALIZER; static bool nwrap_initialized = false; static pthread_mutex_t nwrap_initialized_mutex = PTHREAD_MUTEX_INITIALIZER; @@ -201,6 +203,8 @@ static pthread_mutex_t nwrap_sp_global_mutex = PTHREAD_MUTEX_INITIALIZER; * nwrap_init() function. */ # define NWRAP_LOCK_ALL do { \ + NWRAP_LOCK(libc_symbol_binding); \ + NWRAP_LOCK(nss_module_symbol_binding); \ NWRAP_LOCK(nwrap_initialized); \ NWRAP_LOCK(nwrap_global); \ NWRAP_LOCK(nwrap_gr_global); \ @@ -216,6 +220,8 @@ static pthread_mutex_t nwrap_sp_global_mutex = PTHREAD_MUTEX_INITIALIZER; NWRAP_UNLOCK(nwrap_gr_global); \ NWRAP_UNLOCK(nwrap_global); \ NWRAP_UNLOCK(nwrap_initialized); \ + NWRAP_UNLOCK(nss_module_symbol_binding); \ + NWRAP_UNLOCK(libc_symbol_binding); \ } while (0); static void nwrap_init(void); @@ -311,107 +317,278 @@ static void nwrap_log(enum nwrap_dbglvl_e dbglvl, buffer); } -struct nwrap_libc_fns { - struct passwd *(*_libc_getpwnam)(const char *name); - int (*_libc_getpwnam_r)(const char *name, struct passwd *pwd, - char *buf, size_t buflen, struct passwd **result); - struct passwd *(*_libc_getpwuid)(uid_t uid); - int (*_libc_getpwuid_r)(uid_t uid, struct passwd *pwd, char *buf, size_t buflen, struct passwd **result); - void (*_libc_setpwent)(void); - struct passwd *(*_libc_getpwent)(void); +/* + * LIBC + */ + +#define LIBC_NAME "libc.so" + +typedef struct passwd *(*__libc_getpwnam)(const char *name); + +typedef int (*__libc_getpwnam_r)(const char *name, +struct passwd *pwd, +char *buf, +size_t buflen, +struct passwd **result); + +typedef struct passwd *(*__libc_getpwuid)(uid_t uid); + +typedef int (*__libc_getpwuid_r)(uid_t uid, +struct passwd *pwd, +char *buf, +size_t buflen, +struct passwd **result); + +typedef void (*__libc_setpwent)(void); + +typedef struct passwd *(*__libc_getpwent)(void); + #ifdef HAVE_GETPWENT_R -# ifdef HAVE_SOLARIS_GETPWENT_R - struct passwd *(*_libc_getpwent_r)(struct passwd *pwbuf, char *buf, size_t buflen); -# else /* HAVE_SOLARIS_GETPWENT_R */ - int (*_libc_getpwent_r)(struct passwd *pwbuf, char *buf, size_t buflen, struct passwd **pwbufp); -# endif /* HAVE_SOLARIS_GETPWENT_R */ +# ifdef HAVE_SOLARIS_GETPWENT_R +typedef struct passwd *(*__libc_getpwent_r)(struct passwd *pwbuf,
[SCM] Samba Shared Repository - branch master updated
via 3692290e3b0 s3:rpc_server: Register endpoint servers in external spoolssd daemon via 612c7fa341b s3:rpc_server: Register endpoint servers in external fssd daemon via 909cf570d46 s3:rpc_server: Register endpoint servers in external lsasd daemon via da5aabde57f s3:rpc_server: Register endpoint servers in external epmd daemon via d77a4e553da s3:rpc_server: Register endpoint servers for embedded services via 06f1bad0518 s3:rpc_server: Provide LSA ncacn_np secondary endpoint and LSA over Netlogon via 9331772e4ce selftests: Tests only appropiate RPC interfaces are available in smb pipes via 3bcbad0c573 selftests: Test lsa over netlogon in nt4 dc environment via dc1d34d388f s3:rpc_server: Include generated boilerplate code via 1903467014a pidl:NDR/ServerCompat: Compat server PIDL parser via d809da3acef selftest: Run python.samba.tests.dcerpc.raw_protocol against S3 ad_member from bce99f59332 gitlab-ci: Add Fedora 32 (Beta) https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9496e0523ea156b5705b1d3866f0d887a6fc4d2d Author: Samuel Cabrero Date: Tue May 28 17:15:19 2019 +0200 s3:rpc_server: Remove dead code Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Fri Mar 20 17:11:28 UTC 2020 on sn-devel-184 commit 93224d4184dfbc369667d6a56c08ff217d839d93 Author: Samuel Cabrero Date: Tue May 28 16:54:52 2019 +0200 s3:rpc_server: Remove unused RPC module init and shutdown callbacks The setup function registers the endpoint server and RPC core routines initialize and shutdown it. Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett commit e8e4ecfb8b92b99b6d566ea79a4268738e486f6a Author: Samuel Cabrero Date: Tue May 28 17:01:36 2019 +0200 s3:rpc_server: Do not generate and build s3 RPC server code Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett commit 4c09839ec9991bd7c1019242d5691fce123a0ec3 Author: Samuel Cabrero Date: Tue May 28 16:12:51 2019 +0200 s3:rpc_server: Do not include s3 autogenerated headers Prototype is generated by the server compat parser. Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett commit f6d41e5b44fd68c6f47828930bdd9f1a621a5c02 Author: Samuel Cabrero Date: Tue May 28 16:32:39 2019 +0200 s3:rpc_server: Remove api_struct Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett commit d891c2d389b39d1535c30ab759f1a0dd48787ec0 Author: Samuel Cabrero Date: Thu Mar 7 11:37:48 2019 +0100 s3:rpc_server: Remove dead code and unused struct members Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett commit 04172e966b899763d6b982a688ff6564f3deaa28 Author: Samuel Cabrero Date: Thu Feb 28 14:04:08 2019 +0100 s3:rpc_server: Remove s3 rpc server loop Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett commit c647c13a5487512ee198e1564a543d8156869196 Author: Samuel Cabrero Date: Mon Sep 9 18:22:43 2019 +0200 s3:rpc_server: Remove call to s3 rpc services shutdown code The rpc__shutdown function unregisters the legacy api_struct from the local dispatch table, which is not longer used as local dispatching is done through dcesrv_interface and will be removed in following commits. The dcesrv_shutdown_registered_ep_servers will unregister endpoint servers. Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett commit 9bdf3ccde6550093daf7e5bdf4dc25cbd2c9a41d Author: Samuel Cabrero Date: Thu Dec 5 11:45:54 2019 +0100 s3:rpc_server: Switch to core dcerpc server loop This commit finally switches the RPC server implementation. At the same we have to do other related changes to keep code compiling and test environments running. First avoid moving the session_info into the allocated pipes_struct memory context as it is owned now by the core RPC server, and the s3compat pidl compiler will update the pipes_struct session_info before dispatching the call with dcesrv_call->auth_state->session_info. Also, fix a segfault in the endpoint mapper daemon when it tries to delete the endpoints previously registered over a NCALRPC connection. If we have: rpc_server : epmapper = external rpc_server : lsarpc = external rpc_daemon : epmd = fork rpc_daemon : lsasd = fork The sequence is: * The endpoint mapper starts (start_epmd in source3/smbd/server.c) * The lsarpc daemon starts (start_lsasd in source3/smbd/server.c) * The lsarpc daemon creates the sockets and registers its endpoints (rpc_ep_register in source3/rpc_server/lsasd.c) * The endpoint registration code
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f9eaf4dc713 dns: Always return SOA record for records we should know via 8dbb8643499 dns: Extend DNS tests to check the SOA record is always returned from f5f89b1b990 ctdb: Use TALLOC_FREE() in a few places https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f9eaf4dc713bab48703a053c9446b6becabe18dc Author: Samuel Cabrero Date: Tue Oct 8 13:30:18 2019 +0200 dns: Always return SOA record for records we should know Regression introduced by commit 4b54e14b7cf456e327b176b365e8471e0899210b, where the number of returned records is not set by talloc_array_length when the record is not found. Found by DELL EMC at SDC SMB3 plugfest trying to perform a secure DNS update. Signed-off-by: Samuel Cabrero Reviewed-by: Andreas Schneider Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Fri Nov 8 12:31:30 UTC 2019 on sn-devel-184 commit 8dbb8643499c495474f28071750cbfc2da5b60f0 Author: Samuel Cabrero Date: Tue Oct 8 13:29:28 2019 +0200 dns: Extend DNS tests to check the SOA record is always returned Signed-off-by: Samuel Cabrero Reviewed-by: Andreas Schneider --- Summary of changes: python/samba/tests/dns.py | 19 +++ source4/dns_server/dns_query.c | 33 + 2 files changed, 44 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py index 275d4fcd692..1dd1f549a33 100644 --- a/python/samba/tests/dns.py +++ b/python/samba/tests/dns.py @@ -264,6 +264,25 @@ class TestSimpleQueries(DNSTest): # But we do respond with an authority section self.assertEqual(response.nscount, 1) +def test_soa_unknown_hostname_query(self): +"create a SOA query for an unknown hostname" +p = self.make_name_packet(dns.DNS_OPCODE_QUERY) +questions = [] + +name = "foobar.%s" % (self.get_dns_domain()) +q = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN) +questions.append(q) + +self.finish_name_packet(p, questions) +(response, response_packet) =\ +self.dns_transaction_udp(p, host=server_ip) +self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN) +self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY) +# We don't get SOA records for single hosts +self.assertEquals(response.ancount, 0) +# But we do respond with an authority section +self.assertEqual(response.nscount, 1) + def test_soa_domain_query(self): "create a SOA query for a domain" p = self.make_name_packet(dns.DNS_OPCODE_QUERY) diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c index b75fabe7e82..762bcca6fb6 100644 --- a/source4/dns_server/dns_query.c +++ b/source4/dns_server/dns_query.c @@ -645,20 +645,12 @@ static void handle_authoritative_done(struct tevent_req *subreq) static WERROR handle_authoritative_recv(struct tevent_req *req) { - struct handle_authoritative_state *state = tevent_req_data( - req, struct handle_authoritative_state); WERROR werr; if (tevent_req_is_werror(req, &werr)) { return werr; } - werr = add_zone_authority_record(state->dns, state, state->question, -state->nsrecs); - if (!W_ERROR_IS_OK(werr)) { - return werr; - } - return WERR_OK; } @@ -1091,6 +1083,7 @@ static void dns_server_process_query_got_auth(struct tevent_req *subreq) struct dns_server_process_query_state *state = tevent_req_data( req, struct dns_server_process_query_state); WERROR werr; + WERROR werr2; werr = handle_authoritative_recv(subreq); TALLOC_FREE(subreq); @@ -1103,6 +1096,20 @@ static void dns_server_process_query_got_auth(struct tevent_req *subreq) /* If you have run out of forwarders, simply finish */ if (state->forwarders == NULL) { + werr2 = add_zone_authority_record(state->dns, + state, + state->question, + &state->nsrecs); + if (tevent_req_werror(req, werr2)) { + DBG_WARNING("Failed to add SOA record: %s\n", + win_errstr(werr2)); + return; + } + + state->ancount