David Disseldorp [Mon, 3 Oct 2016 23:09:37 +0000 (01:09 +0200)]
smbd/ioctl: match WS2016 ReFS get compression behaviour
ReFS doesn't support compression, but responds to get-compression FSCTLs
with a successful COMPRESSION_FORMAT_NONE response. set-compression
results in NT_STATUS_NOT_SUPPORTED.
This commit modifies Samba to match the ReFS behaviour, when run atop
a VFS that doesn't expose compression support.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12144
Reported-by: Nick Barrett
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 5 Oct 2016 06:39:20 +0000 (08:39 +0200)]
s3-rpcclient: Fix initializing rpcclient
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 5 Oct 2016 06:33:03 +0000 (08:33 +0200)]
s3-param: Add comment to call lp_load_global() after popt processing
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Wed, 5 Oct 2016 06:22:54 +0000 (08:22 +0200)]
s3-utils: Fix loading smb.conf in smbcquotas
Pair-Programmed-With: Uri Simchoni <uri@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Tue, 4 Oct 2016 16:14:50 +0000 (18:14 +0200)]
s3-libnet: Pass enum value names to dcerpc_samr_SetUserInfo2()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Tue, 4 Oct 2016 16:09:54 +0000 (18:09 +0200)]
s4-libnet: Use SetUserInfo2 to set the account flags
[MS-WKST] states that SetUserInfo2 should be used to set the account
flags. We already call this a few lines down to set the password.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 5 Oct 2016 17:46:13 +0000 (10:46 -0700)]
s3: lib: messaging. Add function comments I needed to understand this code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Oct 6 02:29:41 CEST 2016 on sn-devel-144
Björn Baumbach [Fri, 18 Nov 2011 17:54:56 +0000 (18:54 +0100)]
s3-printing: fix migrate printer code (bug 8618)
Removed path from driver files.
We only need the basenames.
(cherry picked from commit
d61993043fcb7676a58658476421f5f4ff1a3fea)
(cherry picked from commit
9f07ef2249dc21eab37cd5888623e6edc84b2b59)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=8618
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 5 19:19:39 CEST 2016 on sn-devel-144
Stefan Metzmacher [Wed, 5 Oct 2016 06:59:19 +0000 (08:59 +0200)]
tevent: version 0.9.31
* tevent_update_timer() and tevent_req_reset_endtime() have been added
* documentation updates
* it is now safe to talloc_free() a tevent_threaded_context,
all running threads keep running until they're finished,
but we no longer abort().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Oct 5 15:32:35 CEST 2016 on sn-devel-144
Volker Lendecke [Sat, 1 Oct 2016 04:53:44 +0000 (21:53 -0700)]
messaging: Add an indirection for messaging_dgm_register_tevent_context
Only one tevent_fd is possible for every file descriptor.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Sat, 1 Oct 2016 05:17:44 +0000 (22:17 -0700)]
messages_dgm: Avoid an unnecessary declaration
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Fri, 30 Sep 2016 13:42:40 +0000 (06:42 -0700)]
messaging: Avoid crashes
With the latest patches we defer messages to a messaging_context's default
context, the one that it was created with. This is another incarnation of
085542fc93b3 (I believe): messaging contexts can outlive their tevent contexts.
In this case, the tevent_schedule_immediate(msg_ctx->event_ctx) has nothing to
schedule on and will crash. This patch uses the fact that tevent_fd's can
outlive their event_contexts. When the tevent_context dies, all tevent_fd's
will get their flags set to 0. The tevent_handles in messages_dgm_ref always
have TEVENT_FD_READ set, so a 0 flags field indicates the tevent_context has
died.
Signed-off-by: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Oct 5 03:51:43 CEST 2016 on sn-devel-144
Volker Lendecke [Fri, 30 Sep 2016 13:42:40 +0000 (06:42 -0700)]
messaging: Avoid a default tevent_fd
Instead, rely on messaging_dgm_ref to always request a tevent_handle.
Signed-off-by: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 30 Sep 2016 13:42:40 +0000 (06:42 -0700)]
messaging: Disable the correct fde on error
We might be called from different event contexts and thus
via different fde's
Signed-off-by: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 30 Sep 2016 13:42:40 +0000 (06:42 -0700)]
messaging: Make messaging_dgm_register_tevent_context return a tevent_fd
Signed-off-by: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 28 Sep 2016 23:05:25 +0000 (16:05 -0700)]
messaging4: Postpone messages to the right tevent context
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 24 Sep 2016 02:35:10 +0000 (19:35 -0700)]
messaging: Act on messages within the right context
Only look at "classic" messaging_register handlers in the main event
context loop
If we're sitting in a nested event context, only act upon the
messaging_filtered_read ones that are registered in the nested context.
Postpone everything else via an immediate to the main tevent context
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 24 Sep 2016 02:28:10 +0000 (19:28 -0700)]
messaging: Pass "ev" to messaging_dispatch_rec
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 24 Sep 2016 01:36:15 +0000 (18:36 -0700)]
messages_dgm_ref: Pass receiving "ev" to recv_cb
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 24 Sep 2016 01:36:15 +0000 (18:36 -0700)]
messages_dgm: Pass receiving "ev" to recv_cb
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 24 Sep 2016 00:07:20 +0000 (17:07 -0700)]
messages_dgm: Pass down event_ctx one level
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 12 Sep 2016 12:12:10 +0000 (14:12 +0200)]
messages_dgm: Drop a segment if we can't ship it for 60 seconds
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 12 Sep 2016 11:02:26 +0000 (13:02 +0200)]
tevent: Add tevent_req_reset_endtime
We might decide at some point that we don't want a request to
time out
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 25 Jul 2016 14:31:18 +0000 (16:31 +0200)]
messaging: Optimize self-sends
We need to go through the event loop, which messaging_dgm_send does. We can
also use a tevent_immediate for the same purpose. Right now the main user is
messaging_ctdb: Here strace looks a bit weird when we receive a message.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 24 Sep 2016 02:06:56 +0000 (19:06 -0700)]
lib: Add messaging_rec_create
Essentially a wrapper around messaging_rec_dup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 9 Sep 2016 14:51:25 +0000 (16:51 +0200)]
messaging: add an overflow test
Send 1000 messages without picking them up. Then destroy the sending messaging
context.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 28 Sep 2016 21:44:03 +0000 (14:44 -0700)]
lib: Remove poll_funcs
unix_msg was the only user
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 28 Sep 2016 21:35:21 +0000 (14:35 -0700)]
lib: Remove unix_msg
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 9 Sep 2016 14:51:00 +0000 (16:51 +0200)]
messages_dgm: Convert to pthreadpool_tevent
This itself adds a lot of code, however it removes the unix_msg library.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 9 Sep 2016 14:42:05 +0000 (16:42 +0200)]
pthreadpool: Add a small test for pthreadpool_tevent
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 9 Sep 2016 11:28:51 +0000 (13:28 +0200)]
pthreadpool_tevent: Drop running jobs on talloc_free
Enable us to destroy a pthreadpool_tevent structure with active jobs
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 9 Sep 2016 11:27:13 +0000 (13:27 +0200)]
pthreadpool_tevent: Move the pthreadpool_tevent_job_state declaration
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 9 Sep 2016 13:18:41 +0000 (15:18 +0200)]
pthreadpool_pipe: Implement EBUSY for _destroy
Restore EBUSY on pthreadpool_pipe_destroy.
We need to count jobs in pthreadpool_pipe so that pthreadpool can exit with
active jobs. Unfortunately this makes pthreadpool_pipe_add_job non-threadsafe.
We could add mutexes around "num_jobs", but this would mean another set of
pthread_atfork functions. As we don't use threaded pthreadpool_pipe_add_job
except in the tests, just remove the tests...
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Fri, 9 Sep 2016 11:07:57 +0000 (13:07 +0200)]
pthreadpool: Use detached threads
So far we used joinable threads. This prevented pthreadpool_destroy with
blocked threads. This patch converts pthreadpool to detached threads. Now
pthreadpool_destroy does not have to wait for the idle threads to finish, it
can immediately return. pthreadpool_destroy will tell all threads to exit, and
the last active thread will actually free(pthreadpool).
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Sep 2016 18:37:21 +0000 (20:37 +0200)]
pthreadpool: Make "shutdown" a bool
Just a small cleanup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Sep 2016 18:25:36 +0000 (20:25 +0200)]
tevent: Make talloc_free safe when threaded_contexts exist
I did not find a way to do this safely without a mutex per threaded_context.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Sep 2016 17:47:55 +0000 (19:47 +0200)]
tevent: Add tevent_common_wakeup_fd()
This prepares tevent run-down with active threads.
It has the advantage to not depend on talloc'ed structs. It is needed to make
talloc_free(tevent_context) safe when tevent_threaded_contexts are still
around.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 7 Sep 2016 17:17:21 +0000 (19:17 +0200)]
tevent: Rename wakeup fds
This makes the reading end of the signalling pipe special: If we have eventfd,
this is the same as the write fd. Without eventfd, it will have to be a
separate fd. This moves the requirement to #ifdef from the writing end to the
reading end. Why? We'll use the writing end somewhere else too soon, and this
patch avoids an #ifdef in that new place.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 31 Aug 2016 13:39:59 +0000 (15:39 +0200)]
tevent: Add tevent_update_timer()
This will be a quicker way to time out sending sockets in messaging_dgm. Right
now cleanup of out-sockets is a bit coarse. The ideal would be to kill a socket
after being idle n seconds. This would mean to free and re-install a timer on
every packet. tevent_update_timer will be quite a bit cheaper.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 31 Aug 2016 13:03:16 +0000 (15:03 +0200)]
tevent: Factor out tevent_common_insert_timer
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 24 Sep 2016 01:43:04 +0000 (18:43 -0700)]
messaging4: Fix signed/unsigned hickups
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Sun, 2 Oct 2016 17:41:45 +0000 (20:41 +0300)]
README.Coding: Add clang-format style file
Add how the coding style is represented in clang-format directives.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 4 05:43:18 CEST 2016 on sn-devel-144
Uri Simchoni [Sun, 2 Oct 2016 17:40:06 +0000 (20:40 +0300)]
README.Coding: Add rule about function declaration indentation
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Sun, 2 Oct 2016 17:37:37 +0000 (20:37 +0300)]
README.Coding: Remove an extra space
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Tue, 20 Sep 2016 15:51:00 +0000 (18:51 +0300)]
smbcquotas: add -m option
Add the "standard" -m command line option that controls max
client protocol.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Wed, 21 Sep 2016 22:03:41 +0000 (01:03 +0300)]
cliquota: support setting file system quota via SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Wed, 21 Sep 2016 20:58:33 +0000 (23:58 +0300)]
cliquota: factor out building of FILE_FS_CONTROL_INFORMATION
add a service routine that builds FILE_FS_CONTROL_INFORMATION
with default quota and flags. This will be reused by SMB2 and
by server code.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Wed, 21 Sep 2016 16:35:39 +0000 (19:35 +0300)]
cliquota: support setting user quota via SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Wed, 21 Sep 2016 15:37:40 +0000 (18:37 +0300)]
cliquota: factor out building of FILE_QUOTA_INFORMATION
Add a function to build a FILE_QUOTA_INFORMATION buffer
out of a quota list, and a function that adds a record
to a quota list.
Some parameters of the new functions are unused by
client code, but will be used by server code.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Tue, 20 Sep 2016 03:46:28 +0000 (06:46 +0300)]
cliquota: support getting fs quota by SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Tue, 20 Sep 2016 03:45:03 +0000 (06:45 +0300)]
cliquota: factor out fs quota parsing
This code will be reused by SMB2 code.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Mon, 19 Sep 2016 19:17:10 +0000 (22:17 +0300)]
cliquota: implement quota listing in SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Mon, 19 Sep 2016 18:14:01 +0000 (21:14 +0300)]
cliquota: factor out parsing of a quota record buffer
In preparation for SMB2 support, take parsing of the return
buffer into a separate function.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Mon, 19 Sep 2016 15:24:58 +0000 (18:24 +0300)]
cliquota: some security hardening
Add some checks for validity of the offset in
the return buffer.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Sun, 18 Sep 2016 08:13:16 +0000 (11:13 +0300)]
cliquota: refactor and cleanup listing of user quotas
Split cli_list_user_quota into an outer loop function and
an inner loop function.
This simplifies the code somewhat, paves the way for SMB2
support, and fixes a couple of memory leaks in error
conditions. No functional changes.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Mon, 12 Sep 2016 19:38:15 +0000 (22:38 +0300)]
s3-libsmb: support getting user's quota in SMB2
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Mon, 12 Sep 2016 19:33:12 +0000 (22:33 +0300)]
s3-libsmb: make parse_user_quota_record() public
For reuse by SMB2 client code.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Tue, 20 Sep 2016 11:32:06 +0000 (14:32 +0300)]
s3-libsmb: Support getting fs attributes via SMB2
Add a wrapper function arounf GET_INFO to obtain
file system attributes, and plumb it in.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Sun, 18 Sep 2016 08:05:23 +0000 (11:05 +0300)]
smbd: free talloc context if no quota records are available
When generating a list of user quota records, free the memory
context that controls this list if the list is empty. Otherwise,
the context remains unreferenced and memory is leaked.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12289
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Thu, 22 Sep 2016 13:06:12 +0000 (16:06 +0300)]
cliquota: fix param count when setting fs quota
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12288
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Sun, 18 Sep 2016 08:09:54 +0000 (11:09 +0300)]
ntquotas: support "freeing" an empty quota list
This avoids dereferencing a null pointer if there's
an attempt to free an empty list.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12307
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Fri, 16 Sep 2016 19:01:46 +0000 (22:01 +0300)]
smbcquotas: fix error message listing quotas
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12270
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Fri, 16 Sep 2016 18:57:50 +0000 (21:57 +0300)]
s3-cliquota: correctly handle no-more-entries
When listing quota records, a Windows server would
return STATUS_SUCCESS until no more entries are available,
where it would return STATUS_NO_MORE_ENTRIES.
The fix keeps old behavior of empty answer also signifying
end of record, to maintain compatibility with Samba servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12270
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Tue, 20 Sep 2016 10:49:49 +0000 (11:49 +0100)]
s3/winbindd: using default domain with user@domain.com format fails
For example for samba client joined to a windows AD DC the following
commands fail if 'winbind use default domain = yes'
getent passwd user@domain.com
ssh -o user=user@domain.com localhost
The same commands succeed if the setting above has the default 'no' value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12298
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Oct 3 23:37:44 CEST 2016 on sn-devel-144
Noel Power [Thu, 29 Sep 2016 15:50:58 +0000 (16:50 +0100)]
Add a blackbox tests for id & getent to test domain@realm type credentials
Using domain@realm credentials has been problematic when
global conf setting "winbind use default domain" is enabled, this patch
creates a new s4member_dflt_domain environment (where
"winbind use default domain" is enabled) and runs getent & id against the
normal s4member & and new s4member_dflt_domain environments
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12298
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Volker Lendecke [Tue, 20 Sep 2016 17:52:46 +0000 (10:52 -0700)]
dbwrap_watch: Improve a debug message
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Uri Simchoni [Fri, 23 Sep 2016 16:28:10 +0000 (19:28 +0300)]
heimdal: revert
1f90983324b9f5804dc57f87c5f7695b0e53db8d
A different version has gone upstream, fixing the problem
elsewhere.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Mon Oct 3 11:12:29 CEST 2016 on sn-devel-144
Uri Simchoni [Fri, 30 Sep 2016 17:18:14 +0000 (20:18 +0300)]
heimdal-lib/krb5: keep a copy of config etypes in the context
When reading configuration file, keep an extra copy of
the encryption types, and use this when resetting the
encryption types to default.
GSSAPI always resets the enctypes to default before obtaining
a TGS, because the enctypes might have previously altered,
so this prevents changing the etypes from the configured ones
to the full set of supported etypes.
The same patch has gone into upstream heimdal as commit
a3bece1. It is a different solution to the problem fixed
here by commit
1f90983, so this commit will be reverted next
to keep compatibility with uptream.
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rowland Penny [Wed, 28 Sep 2016 18:28:23 +0000 (19:28 +0100)]
bug 12293: stop group.py throwing errors if group is unknown
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12293
Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Sep 30 05:53:17 CEST 2016 on sn-devel-144
Rowland Penny [Wed, 28 Sep 2016 14:39:52 +0000 (15:39 +0100)]
bug 12292: stop user.py throwing errors if user is unknown
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12292
Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Christof Schmitt [Mon, 26 Sep 2016 21:27:28 +0000 (14:27 -0700)]
winbind: Fix passing idmap failure from wb_sids2xids back to callers
If the idmap call in wb_sids2xids fails, the callers expect xid.type to
be set to ID_TYPE_NOT_SPECIFIED, not the internal type field that is
initialized from the lookupsids call.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12295
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 30 02:10:29 CEST 2016 on sn-devel-144
Christof Schmitt [Mon, 26 Sep 2016 21:40:28 +0000 (14:40 -0700)]
idmap_ad: Fix retrieving credentials from clustered secrets.tdb
cli_credentials_set_machine_account only reads from a local tdb. Change
that call to cli_credentials_set_machine_account_db_ctx to fix this for
clustered Samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12295
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Wed, 28 Sep 2016 18:26:04 +0000 (11:26 -0700)]
s3: winbind: Trust name2sid mappings from the PAC.
Don't refresh sequence number in parent as the
mapping comes from a trusted DC.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Günther Deschner [Tue, 27 Sep 2016 16:34:38 +0000 (18:34 +0200)]
s4-kdc: Fix Coverity ID #
1373385 (OVERRUN)
Guenther
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Sep 29 22:16:52 CEST 2016 on sn-devel-144
Günther Deschner [Tue, 27 Sep 2016 16:30:29 +0000 (18:30 +0200)]
s4-kdc: Fix Coverity ID #
1373386 (Resource Leak)
Guenther
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Günther Deschner [Mon, 26 Sep 2016 00:46:56 +0000 (02:46 +0200)]
autobuild: add system-mitkrb5 build environment.
We finally need to make sure the build with MIT Kerberos does not break all the
time.
Guenther
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Thu, 11 Aug 2016 09:29:53 +0000 (11:29 +0200)]
gensec_krb5: Implement smb_krb5_rd_req_decoded() with MIT Kerberos
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Sep 29 11:56:41 CEST 2016 on sn-devel-144
Andreas Schneider [Fri, 12 Aug 2016 07:21:42 +0000 (09:21 +0200)]
gensec_krb5: Create a MIT Kerberos gensec_krb5_session_info()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Jeremy Allison [Wed, 28 Sep 2016 17:12:36 +0000 (10:12 -0700)]
s3: winbind: refresh_sequence_number is only ever called with 'false'.
Remove redundant parameter.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Günther Deschner [Wed, 28 Sep 2016 17:19:06 +0000 (19:19 +0200)]
mit: make it possible to build with MIT kerberos and --picky-developer
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Steve French [Tue, 27 Sep 2016 02:12:07 +0000 (21:12 -0500)]
lib: Annotate well known SID names
Add Samba specific well known SIDs for
Unix UID and GID owner.
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Jeremy Allison [Tue, 27 Sep 2016 00:07:44 +0000 (17:07 -0700)]
s3: auth: Use wbcAuthenticateUserEx to prime the caches.
Idea by Volker - use WBC_AUTH_USER_LEVEL_PAC to pass
the PAC to winbind from smbd on auth, this allows
winbind to prime the user info via netsamlogon_cache_store()
and the name2sid cache *before* smbd looks up the user.
Note that as this is merely a cache prime having
winbind not available is not an error.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11259
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 28 22:45:27 CEST 2016 on sn-devel-144
Jeremy Allison [Tue, 27 Sep 2016 22:04:49 +0000 (15:04 -0700)]
s3: winbind: Make WBC_AUTH_USER_LEVEL_PAC prime the name2sid cache.
In addition to priming the netsamlogon cache.
This prevents a winbind AD-DC lookup for something
the PAC already told us.
Note we only do this in the case where the PAC successfully
passed signature verification.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11259
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Volker Lendecke [Tue, 27 Sep 2016 17:08:18 +0000 (10:08 -0700)]
lib: Fix bug 12291
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12291
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Sep 28 19:01:02 CEST 2016 on sn-devel-144
Volker Lendecke [Tue, 27 Sep 2016 16:28:51 +0000 (09:28 -0700)]
lib: Fix CID
1373388 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Volker Lendecke [Tue, 27 Sep 2016 16:28:33 +0000 (09:28 -0700)]
lib: Fix CID
1373389 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Volker Lendecke [Fri, 22 Jul 2016 13:59:32 +0000 (15:59 +0200)]
messaging: Add wrap check to messaging_rec_dup
Just paranoia
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 28 03:58:22 CEST 2016 on sn-devel-144
Volker Lendecke [Sun, 18 Sep 2016 12:06:24 +0000 (14:06 +0200)]
wbclient: "ev" is no longer used in wbc_xids_to_sids
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 18 Sep 2016 12:03:33 +0000 (14:03 +0200)]
wbclient: "ev" is no longer used in wbc_sids_to_xids
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 26 Sep 2016 15:16:15 +0000 (08:16 -0700)]
lib: Only return "rec" on demand in messaging_filtered_read_recv
The message could be just a trigger without contents.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Fri, 11 Dec 2015 23:29:13 +0000 (00:29 +0100)]
werror: removed WERR_RPC_E_INVALID_HEADER (unused, already known as HRES_RPC_E_INVALID_HEADER)
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Fri, 11 Dec 2015 23:16:05 +0000 (00:16 +0100)]
werror: removed WERR_RPC_E_REMOTE_DISABLED (replaced with HRES_RPC_E_REMOTE_DISABLED)
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Fri, 11 Dec 2015 23:15:45 +0000 (00:15 +0100)]
werror: replace WERR_RPC_E_REMOTE_DISABLED with HRES_RPC_E_REMOTE_DISABLED
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Wed, 9 Dec 2015 14:58:03 +0000 (15:58 +0100)]
werror: removed WERR_SEC_E_ALGORITHM_MISMATCH (unused, already known as HRES_SEC_E_ALGORITHM_MISMATCH)
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Wed, 9 Dec 2015 14:55:59 +0000 (15:55 +0100)]
werror: replace WERR_SEC_E_DECRYPT_FAILURE with HRES_SEC_E_DECRYPT_FAILURE
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Wed, 9 Dec 2015 14:53:22 +0000 (15:53 +0100)]
werror: remove WERR_SEC_E_ENCRYPT_FAILURE (there is HRES_SEC_E_ENCRYPT_FAILURE)
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Wed, 9 Dec 2015 14:12:49 +0000 (15:12 +0100)]
werror: replace WERR_CLASS_NOT_REGISTERED with HRES_REGDB_E_CLASSNOTREG
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Fri, 4 Dec 2015 08:39:13 +0000 (09:39 +0100)]
werror: remove two duplicate error mappings.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Thu, 3 Dec 2015 14:37:32 +0000 (15:37 +0100)]
werror: use autogenerated error codes.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Thu, 3 Dec 2015 14:24:43 +0000 (15:24 +0100)]
werror: removed WERR_SHUTDOWN_ALREADY_IN_PROGRESS (unused, already known as WERR_SHUTDOWN_IN_PROGRESS)
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>