VERSION: Disable GIT_SNAPSHOT for the 4.10.8 release.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.10.8.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035
CVE-2019-10197 [SECURITY][EMBARGOED] permissions check deny can allow user to
escape from the share.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

CVE-2019-10197: smbd: split change_to_user_impersonate() out of change_to_user_internal()

This makes sure we always call chdir_current_service() even
when we still impersonated the user. Which is important
in order to run the SMB* request within the correct working directory
and only if the user has permissions to enter that directory.

It makes sure we always update conn->lastused_count
in chdir_current_service() for each request.

Note that vfs_ChDir() (called from chdir_current_service())
maintains its own cache and avoids calling SMB_VFS_CHDIR()
if possible.

It means we still avoid syscalls if we get a multiple requests
for the same session/tcon tuple.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

CVE-2019-10197: test_smbclient_s3.sh: add regression test for the no permission on share root problem

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2019-10197: selftest: make fsrvp_share its own independent subdirectory

The next patch will otherwise break the fsrvp related tests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2019-10197: smbd: make sure we reset current_user.{need,done}_chdir in become_root()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze@samba.org>

CVE-2019-10197: smbd: make sure that change_to_user_internal() always resets current_user.done_chdir

We should not leave current_user.done_chdir as true if we didn't call
chdir_current_service() with success.

This caused problems in when calling vfs_ChDir() in pop_conn_ctx() when
chdir_current_service() worked once on one share but later failed on another
share.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

CVE-2019-10197: smbd: separate out impersonation debug info into a new function.

Will be called on elsewhere on successful impersonation.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

VERSION: Bump version up to 4.10.8...

and re-eanble GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger@samba.org>
(cherry picked from commit baafb6fc060c0b61f3e744c041be871303fa9c66)

VERSION: Disable GIT_SNAPSHOT for the 4.10.7 release.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.10.7.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

smbtorture: extend rpc.lsa to lookup machine over forest-wide LookupNames

Add a simple test to resolve DOMAIN\MACHINE$ via LSA LookupNames3
using LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 level. This level would pass
zero lookup flags to lookup_name().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14091

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Aug 14 13:07:42 UTC 2019 on sn-devel-184

(cherry picked from commit 4d276a93fc624dc04d880f5b4157f272d3555be6)

Autobuild-User(v4-10-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-10-test): Fri Aug 16 14:24:42 UTC 2019 on sn-devel-144

lookup_name: allow own domain lookup when flags == 0

In 2007, we've added support for multiple lookup levels for LSA
LookupNames family of calls. However, forest-wide lookups, as described
in MS-LSAT 2.2.16, never worked because flags passed to lookup_name()
were always set to zero, expecting at least default lookup on a DC to
apply. lookup_name() was instead treating zero flags as 'skip all
checks'.

Allow at least own domain lookup in case domain name is the same.
This should allow FreeIPA DC to respond to LSA LookupNames3 calls from a
trusted AD DC side.

For the reference, below is a request Windows Server 2016 domain
controller sends to FreeIPA domain controller when attempting to look up
a user from a trusted forest root domain that attemps to login to the
domain controller. Notice the level in the lsa_LookupNames3 call and
resulting flags in lookup_name().

[2019/08/03 07:14:24.156065,  1, pid=23639, effective(967001000, 967001000), real(967001000, 0), class=rpc_parse] ../../librpc/ndr/ndr.c:471(ndr_print_function_debug)
       lsa_LookupNames3: struct lsa_LookupNames3
          in: struct lsa_LookupNames3
              handle                   : *
                  handle: struct policy_handle
                      handle_type              : 0x00000000 (0)
                      uuid                     : 0000004c-0000-0000-455d-3018575c0000
              num_names                : 0x00000001 (1)
              names: ARRAY(1)
                  names: struct lsa_String
                      length                   : 0x000a (10)
                      size                     : 0x000c (12)
                      string                   : *
                          string                   : 'XS\ab'
              sids                     : *
                  sids: struct lsa_TransSidArray3
                      count                    : 0x00000000 (0)
                      sids                     : NULL
              level                    : LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 (6)
              count                    : *
                  count                    : 0x00000000 (0)
              lookup_options           : LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
              client_revision          : LSA_CLIENT_REVISION_2 (2)
[2019/08/03 07:14:24.156189,  6, pid=23639, effective(967001000, 967001000), real(967001000, 0), class=rpc_srv] ../../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal)
  Found policy hnd[0] [0000] 00 00 00 00 4C 00 00 00   00 00 00 00 45 5D 30 18   ....L... ....E]0.
  [0010] 57 5C 00 00                                        W\..
[2019/08/03 07:14:24.156228,  4, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../source3/smbd/sec_ctx.c:215(push_sec_ctx)
  push_sec_ctx(967001000, 967001000) : sec_ctx_stack_ndx = 2
[2019/08/03 07:14:24.156246,  4, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../source3/smbd/uid.c:552(push_conn_ctx)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2019/08/03 07:14:24.156259,  4, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../source3/smbd/sec_ctx.c:319(set_sec_ctx_internal)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2019/08/03 07:14:24.156273,  5, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../libcli/security/security_token.c:53(security_token_debug)
  Security token: (NULL)
[2019/08/03 07:14:24.156285,  5, pid=23639, effective(967001000, 967001000), real(967001000, 0)] ../../source3/auth/token_util.c:865(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2019/08/03 07:14:24.156311,  5, pid=23639, effective(0, 0), real(0, 0), class=rpc_srv] ../../source3/rpc_server/lsa/srv_lsa_nt.c:244(lookup_lsa_sids)
  lookup_lsa_sids: looking up name XS\ab
[2019/08/03 07:14:24.156327, 10, pid=23639, effective(0, 0), real(0, 0)] ../../source3/passdb/lookup_sid.c:112(lookup_name)
  lookup_name: XS\ab => domain=[XS], name=[ab]
[2019/08/03 07:14:24.156340, 10, pid=23639, effective(0, 0), real(0, 0)] ../../source3/passdb/lookup_sid.c:114(lookup_name)
  lookup_name: flags = 0x00

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14091

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 685bb03de6ab733590831d1df4f5fd60d2ac427d)

torture/rpc/lsa: allow testing different lookup levels

Convert torture/rpc/lsa LookupNames/LookupSids code to allow testing
different LSA_LOOKUP_NAMES_* levels. Keep existing level 1
(LSA_LOOKUP_NAMES_ALL) for the current set of tests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14091

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 317bc6a7342edfa2c503f5932142bf5883485cc9)

tests/drs_no_dns: Check dbcheck and ldapcmp pass

When joining a DC without DNS partitions, make sure that the alternate
flow of creating them afterwards results in a database with everything
that is necessary.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051
RN: Allow a DC join without DNS partitions, to add them later

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 35c54007e6183829d9d85a24b3bd95f469739ad3)

Autobuild-User(v4-10-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-10-test): Thu Aug  8 11:15:54 UTC 2019 on sn-devel-144

tests: Add samba_upgradedns to the list of possible cmds

This will be used to test the replication scenario with no DNS partitions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 7d2875bd70cf727730be8dc705bfd01eacaaaa6f)

netcmd: Allow drs replicate --local to create partitions

Currently, neither the offline (--local) or online (normal replica sync)
methods allow partition creation post-join. This overrides the Python
default to not create the DB, which allows TDB + MDB to work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit d90ccce59754bc833027c06683afac25f7a8d474)

join: Use a specific attribute order for the DsAddEntry nTDSDSA object

Joining a Windows domain can throw an error if the HasMasterNCs
attribute occurs before msDS-HasMasterNCs. This patch changes the
attribute order so that msDS-HasMasterNCs is always first.

Previously on python2, the dictionary hash order was arbitrary but
constant. By luck, msDS-HasMasterNCs was always before HasMasterNCs, so
we never noticed any problem. With python3, the dictionary hash order
now changes everytime you run the command, so the order is
unpredictable.

To enforce a order, we can change to use an OrderedDict, which will
return the keys in the order they're added.

I've asked Microsoft to clarify the protocol requirement here WRT
attribute order. However, in the meantime we may as well fix the problem
for users.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14046
RN: When trying to join a Windows domain (with functional level 2008R2)
as an AD domain controller, the 'samba-tool domain join' command could
throw a python exception: 'RuntimeError ("DsAddEntry failed")'. When
this problem occurred, you would also see the message "DsAddEntry failed
with status WERR_ACCESS_DENIED info (8363, 'WERR_DS_NO_CROSSREF_FOR_NC')"
in the command output. This issue has now been resolved. Note that this
problem would only occur on Samba v4.10 when using the Python3 packages.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 24 04:18:21 UTC 2019 on sn-devel-184

(cherry picked from commit 256684c7a86301d26d6cf7298fb70e647bf45cf5)

ctdb-config: depend on /etc/ctdb/nodes file

CTDB should start as a disabled unit (systemd) in most of the
distributions and, when trying to enable it for the first time, user
should get an unconfigured, or similar, error.

Depending on /etc/ctdb/nodes file will give a clear direction to final
user on what is needed in order to get cluster up and running. It should
work like previous ENABLED=NO variables in SySV like initialization
scripts.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14017
RN: ctdb.service should only start if /etc/ctdb/nodes is not empty
Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit c5803507df7def388edcd5b6cbfee30cd217b536)

vfs_catia: pass stat info to synthetic_smb_fname()

This doesn't cause visible damage in vanilla Samba, but would affect downstream
consumers that add additional fields to struct smb_filename.

For the same reason there's no test.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14015
RN: Ensure vfs_catia passes stat info to stacked VFS modules

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit ae6dd4853e3e651f6e56ce735bcb0a2264857385)

samba-tool: add 'import samba.drs_utils' to fsmo.py

On some systems we're seeing this:

 ERROR(<type 'exceptions.AttributeError'>): uncaught exception - 'module' object has no attribute 'drs_utils'
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 185, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 533, in run
     transfer_dns_role(self.outf, sambaopts, credopts, role, samdb)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 136, in transfer_dns_role
     except samba.drs_utils.drsException as e:

E.g. it happens on debian stretch (9.9) with python 2.7.13 (on 4.10.4)

While it doesn't happen on ubuntu 18.04 with python 2.7.15rc1 or
with python 3.6.7.

There were also some reports on the mailing lists, see:
https://lists.samba.org/archive/samba-technical/2019-May/133624.html

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Björn Baumbach <bbaumbach@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu May 30 08:27:24 UTC 2019 on sn-devel-184

(cherry picked from commit 320a5c5425e6ced18b1a9bf19b4f361ee16821ed)

samba-tool: use only one LDAP modify for dns partition fsmo role transfer

We should not risk that we end with no role owner.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 6a2e3a15585086bcceb18283216978a2fcb30da3)

s4:torture:fsmo.py: remove unused 'net_cmd' variable

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973

Signed-off-by: Björn Baumbach <bbaumbach@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 0fbb013bef886e425602fdbbef14a4029719818f)

samba-tool: fix replication after dns partition fsmo role transfer

The new role owner need to replicate from the old role owner.

Before we told the old role owner to replicate from itself.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 4793f8ed584a4e6d8a26b06b691ec636e77d8f2a)

s4:torture:fsmo.py: test role transfers of dns partitions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Björn Baumbach <bbaumbach@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 5e000a8487d788dd196980b77ec7299c8be74abf)

dnsp.idl: fix payload for DSPROPERTY_ZONE_DELETED_FROM_HOSTNAME

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13969

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 21 11:02:21 UTC 2019 on sn-devel-184

(cherry picked from commit aa2a3d95098231f48d7c308881bf66418164111e)

dnsp.idl: fix the dnsp_dns_addr_array definition

The endian changes are needed in order to get the following result
from the blobs Windows generated (see the torture test):

  AddrArray: ARRAY(3)
      AddrArray: struct dnsp_dns_addr
          family                   : 0x0002 (2)
          port                     : 0x0035 (53)
          ipv4                     : 172.31.99.33
          ipv6                     : 0000:0000:0000:0000:0000:0000:0000:0000

[MS-DNSP] states that the port is supposed to be ignored, but it's still
good to decode it as port '53' (0x0035) instead of '13568' (0x3500).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13969

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 6fc7cc15048673d109042d7b40684ed63eb4ff9e)

dnsp.idl: fix dnsp_ip4_array definition

In future we should use ipv4address, but that would result in a much
larger change.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13969

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 6d958af0b4cb6fd45cfda0298243859b3b043c6f)

s4:torture: add local.ndr.dnsp tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13969

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 9a0c3a475f29138c0c49e0d22cf52ab45178d16b)

dbcheck: fallback to the default tombstoneLifetime of 180 days

If a domain was provisioned by Windows 2000 this value is missing in the
database.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13967

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue May 28 08:32:10 UTC 2019 on sn-devel-184

(cherry picked from commit 2ef79a4c1d695a3e498b142810a1317d85b9b6da)

third_party: Update waf to version 2.0.17

This fixes building Samba, libtalloc, libtevent, libtdb and libldb with
Python 3.8.

     wget https://waf.io/waf-2.0.17.tar.bz2
     tar -xf waf-2.0.17.tar.bz2
     git rm third_party/waf/waflib/ -r
     mkdir third_party/waf -p
     rsync -a waf-2.0.17/waflib/ third_party/waf/waflib/
     git add third_party/waf/waflib/

(Then update version number in buildtools/bin/waf and
buildtools/wafsamba/wafsamba.py)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13960

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit aabdcc91513e242c4f191e1bbbb70c890416d213)

lib/util: set current_msg_{level,class} also during a DEBUGADD[C]() call

In some situations we use DEBUGADDC() in order to print out content
without a related debug header line.

This is important with the new per class logfile with:

 log level = 1 dsdb_json_audit:10@/var/log/samba/log.dsdb_json_audit

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13915

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 0da12ff93d213ac742eeb865bfa5697ca8a2280a)

lib/util: remove unused prototypes in debug.h

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13915

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit d98a971247450d494c581c5454e6c270ad1b6880)

lib/util: fix call to dbghdrclass() for DEBUGC()

dbghdrclass() sets the global 'current_msg_class' and for that
DEBUGC() should pass the given dbgc_class instead of the per file
DBGC_CLASS.

This is important with the new per class logfile with:

 log level = 1 dsdb_audit:10@/var/log/samba/log.dsdb_audit

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13915

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit bb0ffbf38cb1955c9e400003add680eabcf706a6)

s4/libnet: Fix joining a Windows pre-2008R2 DC

From v4.8 onwards, Samba may not be able join a DC older than 2008R2
because the Windows DC doesn't support GET_TGT.

If the dsdb repl_md code can't resolve a link target it returns an
error, and the calling code (e.g. drs_util.py) should retry with
GET_TGT. However, GET_TGT is only supported on Windows 2008R2 and later,
so if you try to join an earlier Windows DC, the join will throw an
error that you can't work-around.

We can avoid this problem by setting the same DSDB flag that GET_TGT
sets to indicate that the link targets are as up-to-date as possible,
and so there's no point retrying. Missing targets are still logged, so
this at least allows the admin to fix up any problems after the join
completed.

I've only done this for the join case (problems during periodic
replication are probably still worth escalating to an error).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14021
RN: From Samba v4.8 onwards, joining a Windows 2003 or 2008 (non-R2) AD
DC may not have worked. When this problem occurred, the following
message would be displayed:
 'Failed to commit objects: DOS code 0x000021bf'
This particular issue has now been resolved. Note that there may still
be other potential problems that occur when joining an older Windows DC.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit b3a2508f2ad79e2f1007464da7dbe918933038a0)

Autobuild-User(v4-10-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-10-test): Tue Jul  9 10:31:40 UTC 2019 on sn-devel-144

vfs:glusterfs_fuse: treat ENOATTR as ENOENT

The original implementation of the virtual xattr get_real_filename
in gluster was misusing the ENOENT errno as the authoritative anwer
that the file/dir that we were asking the real filename for does not
exist. But since the getxattr call is done on the parent directory,
this is a violation of the getxattr API which uses ENOENT for the
case that the file/dir that the getxattr call is done against does
not exist.

Now after a recent regression for fuse-mount re-exports due to
gluster mapping ENOENT to ESTALE in the fuse-bridge, the gluster
implementation is changed to more correctly return ENOATTR if the
requested file does not exist.

This patch changes the glusterfs_fuse vfs module to treat ENOATTR as
ENOENT to be fully functional again with latest gluster.

- Without this patch, samba against a new gluster will work correctly,
  but the get_real_filename optimization for a non-existing entry
  is lost.

- With this patch, Samba will not work correctly any more against
  very old gluster servers: Those (correctly) returned ENOATTR
  always, which Samba originally interpreted as EOPNOTSUPP, triggering
  the expensive directory scan. With this patch, ENOATTR is
  interpreted as ENOENT, the authoritative answer that the requested
  entry does not exist, which is wrong unless it really does not exist.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14010

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jun 28 12:52:03 UTC 2019 on sn-devel-184

(cherry picked from commit fee8cf326bfe240d3a8720569eab43f474349aff)

vfs:glusterfs: treat ENOATTR as ENOENT

The original implementation of the virtual xattr get_real_filename
in gluster was misusing the ENOENT errno as the authoritative anwer
that the file/dir that we were asking the real filename for does not
exist. But since the getxattr call is done on the parent directory,
this is a violation of the getxattr API which uses ENOENT for the
case that the file/dir that the getxattr call is done against does
not exist.

Now after a recent regression for fuse-mount re-exports due to
gluster mapping ENOENT to ESTALE in the fuse-bridge, the gluster
implementation is changed to more correctly return ENOATTR if the
requested file does not exist.

This patch changes the glusterfs vfs module to treat ENOATTR as ENOENT
to be fully functional again with latest gluster.

- Without this patch, samba against a new gluster will work correctly,
  but the get_real_filename optimization for a non-existing entry
  is lost.

- With this patch, Samba will not work correctly any more against
  very old gluster servers: Those (correctly) returned ENOATTR
  always, which Samba originally interpreted as EOPNOTSUPP, triggering
  the expensive directory scan. With this patch, ENOATTR is
  interpreted as ENOENT, the authoritative answer that the requested
  entry does not exist, which is wrong unless it really does not exist.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14010

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 8899eb21d48b7077328ae560490f9fb9715a6b83)

dsdb: Handle DB corner-case where PSO container doesn't exist

A 2003 AD DB with functional level set to >= 2008 was non-functional
due to the PSO checks.

We already check the functional level is >= 2008 before checking for the
PSO container. However, users could change their functional level
without ensuring their DB conforms to the corresponding base schema.

The objectclass DSDB module should prevent the PSO container from ever
being deleted. So the only way we should be able to hit this case is
through upgrading the functional level (but not the underlying schema
objects). If so, log a low-priority message and continue without errors.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14008
RN: Previously, AD operations such as user authentication could fail
completely with the message 'Error 32 determining PSOs in system' logged
on the samba server. This problem would only affect a domain that was
created using a pre-2008 AD base schema and then had its functional
level manually raised to 2008 or greater. This issue has now been
resolved.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 295bf73e9b24b1f2b4594320a6501dc7410d4b43)

s3:rpc_server:netlogon: simplify AUTH_TYPE_SCHANNEL check in netr_creds_server_step_check()

The gensec schannel module already asserts that at least
AUTH_LEVEL_INTEGRITY is used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13949

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 0b6e37c9e801435e094194dd60d9213b4868c3de)

s3:rpc_server:netlogon: don't require NEG_AUTHENTICATED_RPC in netr_ServerAuthenticate*()

The domain join with VMWare Horizon Quickprep seems to use
netr_ServerAuthenticate3() with just the NEG_STRONG_KEYS
(and in addition the NEG_SUPPORTS_AES) just to verify a password.

Note: NETLOGON_NEG_SCHANNEL is an alias to NEG_AUTHENTICATED_RPC.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13464 (maybe)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13949

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit fa5215ce5b93fb032df341e718d7011e619f0916)

s4:rpc_server:netlogon: don't require NEG_AUTHENTICATED_RPC in netr_ServerAuthenticate*()

The domain join with VMWare Horizon Quickprep seems to use
netr_ServerAuthenticate3() with just the NEG_STRONG_KEYS
(and in addition the NEG_SUPPORTS_AES) just to verify a password.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13464 (maybe)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13949

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit ead9b93ce5c2c67bbdb778232805d6d9e70112fc)

s4 librpc rpc pyrpc: Fix flapping dcerpc.bare tests

Commit d65b7641c84976c543ded8f0de5ab2da3c19b407 had the parameters to
talloc_reparent reversed.  This caused the dcerpc.bare tests to flap.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13932

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Wed May 22 03:03:43 UTC 2019 on sn-devel-184

(cherry picked from commit 3e6661fd73bb24ef5700a98f676f1df5eeca408b)

s4 librpc rpc pyrpc: Ensure tevent_context deleted last

Ensure that the tevent_context is deleted after the connection, to
prevent a use after free.

Note: Py_DECREF calls dcerpc_interface_dealloc so the
TALLOC_FREE(ret->mem_ctx) calls in the error paths of
py_dcerpc_interface_init_helper needed removal.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13932

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit d65b7641c84976c543ded8f0de5ab2da3c19b407)

s4/pyrpc_util: appropriately decrement refcounts on failure

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
(cherry picked from commit e23b9f88cc1c8a8c8cda07fb25d639218c12d91a)

build: Allow build when --disable-gnutls is set

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13844

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Mar 20 05:25:48 UTC 2019 on sn-devel-144

(cherry picked from commit a40b0f452af5f393aa33c9d52673994effd0e31f)

VERSION: Bump version up to 4.10.7...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

VERSION: Disable GIT_SNAPSHOT for the 4.10.6 release.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.10.6.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

ldb: Release ldb 1.5.5

Compared to 1.5.4:

* LDAP_REFERRAL_SCHEME_OPAQUE was added
  to ldb_module.h in order to fix bug #12478.
  It means that Samba >= 4.10.6 will no longer be able to
  build with ldb 1.5.4.

* We Skip @ records early in a search full scan
  in order to address bug #13893.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12478

Signed-off-by: Stefan Metzmacher <metze@samba.org>

python/ntacls: use correct "state directory" smb.conf option instead of "state dir"

samba-tool ntacl get testfile --xattr-backend=tdb --use-ntvfs
Fixes: Unknown parameter encountered: "state dir"
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 670a12df52df63a067b638d37bec71341bf18bdd)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14002

Autobuild-User(v4-10-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-10-test): Wed Jun 26 11:37:29 UTC 2019 on sn-devel-144

selftest: add test for samba-tool ntacl get/set --use-ntvfs --xattr-backend=tdb

Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 1b0184a9562689a658e75a0cfc69bdd23277cff6)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14002

docs: Document DCEPRC binding string for rpcclient

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb  4 02:03:56 CET 2019 on sn-devel-144

(cherry picked from commit cca48c1a1029685672e1c25e39e8be2be947238f)

s3:client: Link smbspool_krb5_wrapper against krb5samba

Heimdal doesn't provide krb5_free_unparsed_name(), so we need to use the
function we provide in krb5samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13939

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 9268919e046190c7b423133de3f9d0edada3f1b8)

wafsamba: Use native waf timer

  __main__:1: DeprecationWarning: time.clock has been deprecated in Python 3.3
  and will be removed from Python 3.8: use time.perf_counter
  or time.process_time instead

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13998

Signed-off-by: Lukas Slebodnik <lslebodn@fedoraproject.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 8f082904ce580f1a6b8a06ebcc323c99e892bd1f)

Autobuild-User(v4-10-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-10-test): Fri Jun 21 11:14:16 UTC 2019 on sn-devel-144

s3:mdssvc: fix flex compilation error

[4440/4495] Compiling bin/default/source3/rpc_server/mdssvc/sparql_lexer.lex.c
../../source3/rpc_server/mdssvc/sparql_lexer.l:26: error: "yyalloc" redefined [-Werror]
26 | #define yyalloc SMB_MALLOC

Looks like the dirty redefine trick doesn't work anymore with newer flex
versions. According to the flex manual the right thing to do is to provide own
functions for yyalloc and yyrealloc when passing the options "noyyalloc
noyyrealloc".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13987

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue May 28 11:49:06 UTC 2019 on sn-devel-184

(cherry picked from commit 9053391f86a529e0a7dbcd23fa3a555d85c2207c)

ctdb-scripts: Fix tcp_tw_recycle existence check

net.ipv4.tcp_tw_recycle has been removed from Linux 4.12 but, still,
makes sense to check its existence. Unfortunately, current check does
not test for the procfs file existence. This commit fixes the issue.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13984

Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jun  4 23:31:24 UTC 2019 on sn-devel-184

(cherry picked from commit 843fbb1207ee7ac84f3282974b66b9290d8da0ac)

docs: Improve documentation of "lanman auth" and "ntlm auth" connection

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13981

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit dbf3e81f7f0b28c69dca004b32ea3a7344b0cad3)

vfs_fruit: remove a now unnecessary include

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 30 22:12:50 UTC 2019 on sn-devel-184

(cherry picked from commit 9a2c9834cb1b77547b8b932c35870301afb9fc25)

vfs_fruit: use VFS functions in ad_read_rsrc_adouble()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 9fe84a6345bf5d9fdb1df87a853db3380e6fb0f7)

vfs_fruit: use fsp and remove syscalls from ad_convert_blank_rfork()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 70c4a8f0ac307009c26e857523192c95b42a92f5)

vfs_fruit: use VFS function in ad_convert_truncate()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 3739ad90cf2bbaa2094a34197c894363d2e24a5a)

vfs_fruit: add VFS handle to ad_convert_truncate()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 4e44b1da9357120f0ad74e24c650bc6386085c47)

vfs_fruit: use fsp and remove mmap in ad_convert_xattr()

No need to mmap() anyway, the xattr data is already available in ad->ad_data.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 4ff7ea0e0312c737aefd350f7b8fbed4c8602325)

vfs_fruit: remove use of mmap() from ad_convert_move_reso()

We now have an fsp that we can use, so we can get rid of mmap() and
sys_pread()/sys_pwrite().

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 0041855af0b05d6c47558880d6eebd1970179272)

vfs_fruit: convert ad_open_rsrc() to open a proper fsp with SMB_VFS_CREATE_FILE()

A first step in converting all raw syscalls to use proper VFS functions. All
existing users of the raw system filedescriptor continue to use the fd from
fsp->fh for now.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 29418c726be74feb1d8c3ac9f7b8c983901a2aab)

vfs_fruit: only do cross protocol locking on non-internal opens

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f5f7d1e9bf7e39933ccf7c874e682f9df80a6fec)

vfs_fruit: remove a layer of indirection

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 97d485ff2cda85edeba163ea01b6abfa705db20f)

vfs_fruit: pass VFS handle to ad_convert_move_reso()

Not used for now, that comes next.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 3919ea048fe3b763657e14cdfb5920184a900d27)

vfs_fruit: remove xattr code from the AppleDouble subsystem

The subsystem consumers have been reworked in the previous commits, so this is
not used anymore. ad_init() doesn't need a handle argument anymore due to this,
remove it as well.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e3cb1cb24f2a31d7fd03f3bdf417f4704fb4ac7c)

vfs_fruit: remove now unused AppleDouble code for resource fork in xattr

This was only needed to get the resourcefork size via the ad_* AppleDouble
function. This is now done with a fstat on the low level xattr fd (remember,
this is Solaris only code...), so we can remove the xattr special casing from
the AppleDouble functions.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit cb9dffa1c66294b6eed85e7576aa99c642d0b541)

vfs_fruit: use stream code for resource fork size calculation in readdir_attr_rfork_size()

This works as well, using an fstat() on the filehandle to get the size. This is
tested by the torture test "vfs.fruit.SMB2/CREATE context AAPL".

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit a23bcc1916a49bf3e0edece190e5434e39862d2c)

vfs_fruit: use correct case FRUIT_RSRC_STREAM in readdir_attr_rfork_size()

This is a genuine bug, but luckily this would only impact configs which nobody
uses:

  fruit:metadata = netatalk
  fruit:resource = stream

With the above configuration the switch in readdir_attr_rfork_size() would hit
the default case and so always report resource forks as 0 bytes in size.

All deployment that I've seen that use fruit:resource=stream also use
fruit:metadata=stream, so the switch takes FRUIT_META_STREAM case which runs the
correct code readdir_attr_rfork_size_stream().

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 83179a74119de84d20f796c241aae6bccb83a68b)

vfs_fruit: ignore AppleDouble files in fruit_unlink()

Otherwise, if SMB_VFS_UNLINK() is called for an AppleDouble path "._file", we
try to delete "._._file" which doesn't make sense. AppleDouble files don't have
AppleDouble themselves.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 797dc649456f39add4af8b54b60db0268ad4e90e)

vfs_fruit: add a missing else

Luckily the missing else has the same control flow due to the previous if and
else blocks calling return.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 44d8568001c87d28962dfc4e3fde6d0f7f409997)

vfs_fruit: add and use is_adouble_file()

This adds a helper function that checks whether the last component of a path is
an AppleDouble sidecar file with "._" name prefix.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit ad70c947c759aa0965ee57f973fb8dc1909e0e39)

vfs_fruit: finally, remove ad_handle from struct adouble

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit e266daaed149561b746dbb8d5e9523862f0057b5)

vfs_fruit: pass handle to ad_convert_delete_adfile()

On the course of removing ad_handle from struct adouble, step 10.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 5f4d16b40e07acf8d27fee62f1a56de175663a1d)

vfs_fruit: pass handle to ad_convert_finderinfo()

On the course of removing ad_handle from struct adouble, step 9.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 50874c1548d62ab0ddaaa6dd4124279ee5029fcf)

vfs_fruit: pass handle to ad_convert_blank_rfork()

On the course of removing ad_handle from struct adouble, step 8.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit adc7ac38b849b4dce4a85fd6442c8d4b9da57686)

vfs_fruit: pass handle to ad_convert_xattr()

On the course of removing ad_handle from struct adouble, step 7.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit fd2f4cf828ee4c31e3b5a27a79d3a0ee12a5877a)

vfs_fruit: indentation fix

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 400b3c2f8c82b1defe1e321e0cdae486b930344f)

vfs_fruit: pass handle to ad_read_rsrc() and all the way down

On the course of removing ad_handle from struct adouble, step 5.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 661dfa4a19673fdb30d5bf36279cdf867454b947)

vfs_fruit: use proper VFS function in ad_read_meta()

Continuing to ignore a possible error for now, this is in an error codepath
anyway.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 30ca328c698c2e035e240359bda7c9dcbeb646df)

vfs_fruit: indentation fix

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 47721d8d359ef78b8dd4f77f92c30c2caf2c4a80)

vfs_fruit: pass handle to ad_read_meta()

On the course of removing ad_handle from struct adouble, step 4.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f8df09157f31b53dbe73eaf4349fc071bfcc1b90)

vfs_fruit: pass handle to ad_read()

On the course of removing ad_handle from struct adouble, step 3.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit d0abf945e683766029d28915541a4baf9f3879ab)

vfs_fruit: pass handle to ad_set()

On the course of removing ad_handle from struct adouble, step 2.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit c78ba30ac4534b7037b979ac96b77b834b2eb2fe)

vfs_fruit: pass handle to ad_fset()

On the course of removing ad_handle from struct adouble, step 1.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13968

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 585d4d49770b4ddc3f7d9dcbb3e322f072767781)

s3:auth: explicitly add BUILTIN\Guests to the guest token

This changes ensures that smbd always adds BUILTIN\Guests to the guest token
which is required for guest authentication.

Currently the guest token depends on the on-disk configured group mappings. If
there's an existing group mapping for BUILTIN\Guests, but LOCALSAM\Guest is not
a member, the final guest token won't contain BUILTIN\Guests.

For SMB2 the flag SMB2_SESSION_FLAG_IS_GUEST will not be set in the final SMB2
SESSION_SETUP response, because smbd sets it based on the token containing the
BUILTIN\Guests SID S-1-5-32-546.

At the same time, the packet is not signed which causes Windows clients and
smbclient to reject the unsigned SMB2 SESSION_SETUP response.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13944

Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun  5 16:55:26 UTC 2019 on sn-devel-184

(cherry picked from commit a66af4c96accba4ee64eeb1958458b69f3ccec1d)

tests: add a test for guest authentication

This verifies that smbd always adds BUILTIN\Guests to the guest token which is
required for guest authentication.

Currently the guest token depends on the on-disk configured group mappings. If
there's an existing group mapping for BUILTIN\Guests, but LOCALSAM\Guest is not
a member, the final guest token won't contain BUILTIN\Guests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13944

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 0e88f98855e24cfddb55bef65c5910b8e662c630)

selftest: allow guest login in the ad_member_idmap_rid env

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13944

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit ac2167eb2349dc1c453e14a65692f16c8ba6532e)

s3:smbd: call reinit_guest_session_info() in the conf updated handler

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13944

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit f4e340a48b6f059a1daa66deb9c26da9e8fcd5e7)

s3:auth: add reinit_guest_session_info()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13944

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 8096cc7eb2b36b074ff17a52dc3540be4ecff6bb)

dsdb:audit_log: avoid printing "... remote host [Unknown] SID [(NULL SID)] ..."

We better print "... remote host [Unknown] SID [S-1-5-18] ..."
in 'dsdb_audit' message, this matches what we print for
'dsdb_json_audit'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13916

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 706aba5bf62e674ae12786f6ab275752b8714464)

ldb_kv: Skip @ records early in a search full scan

@ records like @IDXLIST are only available via a base search on the specific name
but the method by which they were excluded was expensive, after the unpack the
DN is exploded and ldb_match_msg_error() would reject it for failing to match the
scope.

This uses the fact that @ records have the DN=@ prefix on their TDB/LMDB key
to quickly exclude them from consideration.

Based on analysis by Garming Sam.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13893

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Apr 10 06:23:39 UTC 2019 on sn-devel-144

(cherry picked from commit 49b77d8df2d7113ac7ddb75e78de6628933ff852)

samba-tool domain provision: Fix --interactive module in python3

The prompts were not being printed to the screen because the stream
was not being flushed.

As reported on the samba mailing list by Adam Xu:
https://lists.samba.org/archive/samba/2019-March/221753.html

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13828

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Tim Beale <timbeale@catalyst.net.nz>
(cherry picked from commit 31aecee1446c5006771aaa535ae85810bbfb5db0)

ldap server: generate correct referral schemes

Ensure that the referrals returned in a search request use the same
scheme as the request, i.e. referrals recieved via ldap are prefixed
with "ldap://" and those over ldaps are prefixed with "ldaps://"

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12478

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 24 05:12:14 UTC 2019 on sn-devel-184

(cherry picked from commit 1958cd8a7fb81ec51b81944ecf4dd0fb5c4208fa)

ldap tests: test scheme for referrals

Ensure that the referrals returned in a search request use the same
scheme as the request, i.e. referrals recieved via ldap are prefixed
with "ldap://" and those over ldaps are prefixed with "ldaps://"

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12478

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 6ccf74cf878c295903673e3a1d1ed924a5e87547)

s3/vfs_glusterfs_fuse: Avoid using NAME_MAX directly

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jun 11 00:29:19 UTC 2019 on sn-devel-184

s3/vfs_glusterfs: Avoid using NAME_MAX directly

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>