Karolin Seeger [Wed, 15 Aug 2018 09:42:37 +0000 (11:42 +0200)]
VERISON: Disable GIT_SNAPSHOT for 4.9.0rc3 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Wed, 15 Aug 2018 09:40:05 +0000 (11:40 +0200)]
WHATSNEW: Add release notes for Samba 4.9.0rc3.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Volker Lendecke [Wed, 8 Aug 2018 08:14:26 +0000 (10:14 +0200)]
libsmb: Fix CID
1438243 Unchecked return value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Aug 8 23:10:22 CEST 2018 on sn-devel-144
Autobuild-User(v4-9-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-9-test): Tue Aug 14 20:49:09 CEST 2018 on sn-devel-144
Volker Lendecke [Wed, 8 Aug 2018 08:08:38 +0000 (10:08 +0200)]
libsmb: Fix CID
1438244 Unsigned compared against 0
ndr_size_dom_sid returns a size_t, so that can't be <0. Also, the only
case that ndr_size_dom_sid returns 0 is a NULL sid
pointer. ndr_size_dom_sid can reasonably be assumed to not overflow, the
number of sub-auths is a uint8. That times 4 plus 8 always fits into a
size_t.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 7 Aug 2018 20:50:52 +0000 (22:50 +0200)]
smbd: Fix CID
1438245 Dereference before null check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 7 Aug 2018 20:49:16 +0000 (22:49 +0200)]
smbd: Fix CID
1438246 Unchecked return value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 7 Aug 2018 20:48:58 +0000 (22:48 +0200)]
smbd: Align integer types
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Fri, 20 Jul 2018 15:20:08 +0000 (17:20 +0200)]
ctdb: add expiry test for ctdb_mutex_ceph_rados_helper
Kill the ctdb_mutex_ceph_rados_helper with SIGKILL and then confirm
that the lock is automatically released following expiry.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Thu Aug 9 16:26:36 CEST 2018 on sn-devel-144
(cherry picked from commit
4abf348ec4cbb78d3216d5e8c5f3020d4499f10a)
David Disseldorp [Thu, 19 Jul 2018 09:55:23 +0000 (11:55 +0200)]
ctdb_mutex_ceph_rados_helper: fix deadlock via lock renewals
RADOS locks without expiry persist indefinitely. This results in CTDB
deadlock during failover if the recovery master dies unexpectedly, as
subsequently elected recovery master nodes can't obtain the recovery
lock.
Avoid deadlock by using a lock expiration time (10s by default), and
renewing it periodically.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13540
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
ce289e89e5c469cf2c5626dc7f2666b945dba3bd)
David Disseldorp [Tue, 17 Jul 2018 21:36:36 +0000 (23:36 +0200)]
ctdb_mutex_ceph_rados_helper: rename timer_ev to ppid_timer_ev
In preparation for adding a lock refresh timer.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
91a89c146453ca203a83dc2ba555bb93276c4d7f)
David Disseldorp [Thu, 19 Jul 2018 16:46:27 +0000 (18:46 +0200)]
ctdb_mutex_ceph_rados_helper: use talloc destructor for cleanup
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
8d30fd591600ac17c742cd78c7bc4056bba6b877)
Samuel Cabrero [Fri, 15 Jun 2018 16:15:53 +0000 (18:15 +0200)]
ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler
Set a handler for SIGINT to release the lock.
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
85706bd27535eaa4ec653f99b1910fbd8f2aab88)
David Disseldorp [Mon, 9 Jul 2018 12:53:00 +0000 (14:53 +0200)]
ctdb/build: link ctdb_mutex_ceph_rados_helper against ceph-common
ceph-common linkage is needed with new versions of Ceph.
Also respect the --libcephfs_dir=<path> parameter when provided.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
bd64af6b8861f892e6ae2840a493f037d1e0a06c)
Jeremy Allison [Thu, 9 Aug 2018 17:02:26 +0000 (10:02 -0700)]
s3: tests: smbclient. Regression test to ensure we get NT_STATUS_DIRECTORY_NOT_EMPTY on rmdir.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 10 21:08:14 CEST 2018 on sn-devel-144
(cherry picked from commit
bca400847f2fcc3dd1398e166c1964cb88822071)
Anoop C S [Thu, 9 Aug 2018 14:32:05 +0000 (20:02 +0530)]
s4/torture: Add new test for DELETE_ON_CLOSE on non-empty directories
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
6a7f11746c9cc3cdc5307e540bdd1f3f10fed05b)
Anoop C S [Thu, 9 Aug 2018 06:58:41 +0000 (12:28 +0530)]
s3/libsmb: Explicitly set delete_on_close token for rmdir
The current implementation of `rmdir` hopes to get the directory deleted
on closing last open handle when FILE_DELETE_ON_CLOSE is set on it. But
for non-empty directories Windows doesn't error out during an open call.
Following that we internally refuse to set initial delete_on_close while
opening a non-empty directory. This prevents us from trying to delete
the directory when last open handle is closed.
Instead of relying on FILE_DELETE_ON_CLOSE during an open we explicitly
set delete_on_close token on directory handle once it is available. This
ensures that NT_STATUS_DIRECTORY_NOT_EMPTY is returned for `rmdir` on
non-empty directories while closing open directory handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
6b68e3eca631c04d6d57c489daf60f64732fc86d)
Andrew Bartlett [Mon, 30 Jul 2018 02:00:18 +0000 (14:00 +1200)]
cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user
This regression was introduced in Samba 4.7 by bug 12842 and in
master git commit
eb2e77970e41c1cb62c041877565e939c78ff52d.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13552
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Jeremy Allison [Fri, 15 Jun 2018 22:08:17 +0000 (15:08 -0700)]
libsmb: Harden smbc_readdir_internal() against returns from malicious servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453
CVE-2018-10858: Insufficient input validation on client directory
listing in libsmbclient.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 15 Jun 2018 22:07:17 +0000 (15:07 -0700)]
libsmb: Ensure smbc_urlencode() can't overwrite passed in buffer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13453
CVE-2018-10858: Insufficient input validation on client directory
listing in libsmbclient.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Tim Beale [Wed, 1 Aug 2018 01:51:42 +0000 (13:51 +1200)]
CVE-2018-10919 tests: Add extra test for dirsync deleted object corner-case
The acl_read.c code contains a special case to allow dirsync to
work-around having insufficient access rights. We had a concern that
the dirsync module could leak sensitive information for deleted objects.
This patch adds a test-case to prove whether or not this is happening.
The new test case is similar to the existing dirsync test except:
- We make the confidential attribute also preserve-on-delete, so it
hangs around for deleted objcts. Because the attributes now persist
across test case runs, I've used a different attribute to normal.
(Technically, the dirsync search expressions are now specific enough
that the regular attribute could be used, but it would make things
quite fragile if someone tried to add a new test case).
- To handle searching for deleted objects, the search expressions are
now more complicated. Currently dirsync adds an extra-filter to the
'!' searches to exclude deleted objects, i.e. samaccountname matches
the test-objects AND the object is not deleted. We now extend this to
include deleted objects with lastKnownParent equal to the test OU.
The search expression matches either case so that we can use the same
expression throughout the test (regardless of whether the object is
deleted yet or not).
This test proves that the dirsync corner-case does not actually leak
sensitive information on Samba. This is due to a bug in the dirsync
code - when the buggy line is removed, this new test promptly fails.
Test also passes against Windows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Tim Beale [Fri, 20 Jul 2018 03:42:36 +0000 (15:42 +1200)]
CVE-2018-10919 acl_read: Fix unauthorized attribute access via searches
A user that doesn't have access to view an attribute can still guess the
attribute's value via repeated LDAP searches. This affects confidential
attributes, as well as ACLs applied to an object/attribute to deny
access.
Currently the code will hide objects if the attribute filter contains an
attribute they are not authorized to see. However, the code still
returns objects as results if confidential attribute is in the search
expression itself, but not in the attribute filter.
To fix this problem we have to check the access rights on the attributes
in the search-tree, as well as the attributes returned in the message.
Points of note:
- I've preserved the existing dirsync logic (the dirsync module code
suppresses the result as long as the replPropertyMetaData attribute is
removed). However, there doesn't appear to be any test that highlights
that this functionality is required for dirsync.
- To avoid this fix breaking the acl.py tests, we need to still permit
searches like 'objectClass=*', even though we don't have Read Property
access rights for the objectClass attribute. The logic that Windows
uses does not appear to be clearly documented, so I've made a best
guess that seems to mirror Windows behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Tim Beale [Mon, 30 Jul 2018 04:00:15 +0000 (16:00 +1200)]
CVE-2018-10919 acl_read: Flip the logic in the dirsync check
This better reflects the special case we're making for dirsync, and gets
rid of a 'if-else' clause.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Tim Beale [Thu, 26 Jul 2018 00:20:49 +0000 (12:20 +1200)]
CVE-2018-10919 acl_read: Small refactor to aclread_callback()
Flip the dirsync check (to avoid a double negative), and use a helper
boolean variable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Tim Beale [Fri, 20 Jul 2018 01:52:24 +0000 (13:52 +1200)]
CVE-2018-10919 acl_read: Split access_mask logic out into helper function
So we can re-use the same logic laster for checking the search-ops.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Tim Beale [Fri, 20 Jul 2018 01:01:00 +0000 (13:01 +1200)]
CVE-2018-10919 security: Fix checking of object-specific CONTROL_ACCESS rights
An 'Object Access Allowed' ACE that assigned 'Control Access' (CR)
rights to a specific attribute would not actually grant access.
What was happening was the remaining_access mask for the object_tree
nodes would be Read Property (RP) + Control Access (CR). The ACE mapped
to the schemaIDGUID for a given attribute, which would end up being a
child node in the tree. So the CR bit was cleared for a child node, but
not the rest of the tree. We would then check the user had the RP access
right, which it did. However, the RP right was cleared for another node
in the tree, which still had the CR bit set in its remaining_access
bitmap, so Samba would not grant access.
Generally, the remaining_access only ever has one bit set, which means
this isn't a problem normally. However, in the Control Access case there
are 2 separate bits being checked, i.e. RP + CR.
One option to fix this problem would be to clear the remaining_access
for the tree instead of just the node. However, the Windows spec is
actually pretty clear on this: if the ACE has a CR right present, then
you can stop any further access checks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Gary Lockyer [Fri, 3 Aug 2018 03:51:28 +0000 (15:51 +1200)]
CVE-2018-10919 tests: test ldap searches for non-existent attributes.
It is perfectly legal to search LDAP for an attribute that is not part
of the schema. That part of the query should simply not match.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tim Beale [Tue, 24 Jul 2018 22:08:34 +0000 (10:08 +1200)]
CVE-2018-10919 tests: Add test case for object visibility with limited rights
Currently Samba is a bit disclosive with LDB_OP_PRESENT (i.e.
attribute=*) searches compared to Windows.
All the acl.py tests are based on objectClass=* searches, where Windows
will happily tell a user about objects they have List Contents rights,
but not Read Property rights for. However, if you change the attribute
being searched for, suddenly the objects are no longer visible on
Windows (whereas they are on Samba).
This is a problem, because Samba can tell you about which objects have
confidential attributes, which in itself could be disclosive.
This patch adds a acl.py test-case that highlights this behaviour. The
test passes against Windows but fails against Samba.
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Tim Beale [Mon, 9 Jul 2018 03:57:59 +0000 (15:57 +1200)]
CVE-2018-10919 tests: Add tests for guessing confidential attributes
Adds tests that assert that a confidential attribute cannot be guessed
by an unprivileged user through wildcard DB searches.
The tests basically consist of a set of DB searches/assertions that
get run for:
- basic searches against a confidential attribute
- confidential attributes that get overridden by giving access to the
user via an ACE (run against a variety of ACEs)
- protecting a non-confidential attribute via an ACL that denies read-
access (run against a variety of ACEs)
- querying confidential attributes via the dirsync controls
These tests all pass when run against a Windows Dc and all fail against
a Samba DC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Tim Beale [Fri, 20 Jul 2018 01:13:50 +0000 (13:13 +1200)]
CVE-2018-10919 security: Add more comments to the object-specific access checks
Reading the spec and then reading the code makes sense, but we could
comment the code more so it makes sense on its own.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Tim Beale [Thu, 19 Jul 2018 04:03:36 +0000 (16:03 +1200)]
CVE-2018-10919 security: Move object-specific access checks into separate function
Object-specific access checks refer to a specific section of the
MS-ADTS, and the code closely matches the spec. We need to extend this
logic to properly handle the Control-Access Right (CR), so it makes
sense to split the logic out into its own function.
This patch just moves the code, and should not alter the logic (apart
from ading in the boolean grant_access return variable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Kai Blin [Fri, 8 Jun 2018 16:20:16 +0000 (18:20 +0200)]
CVE-2018-1140 dns: Add a test to trigger the LDB casefolding issue on invalid chars
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13466
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Tue, 14 Aug 2018 01:59:45 +0000 (13:59 +1200)]
Release LDB 1.4.2 for CVE-2018-1140
* Security fix for CVE-2018-1140 (NULL pointer de-reference, bug 13374)
* Fix memory leaks and missing error checks (bug 13459, 13471, 13475)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Andrew Bartlett [Mon, 21 May 2018 03:25:58 +0000 (15:25 +1200)]
CVE-2018-1140 ldb: Add tests for search add and rename with a bad dn= DN
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
Andrew Bartlett [Mon, 21 May 2018 03:23:53 +0000 (15:23 +1200)]
CVE-2018-1140 ldb_tdb: Check for DN validity in add, rename and search
This ensures we fail with a good error code before an eventual ldb_dn_get_casefold() which
would otherwise fail.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
Andrew Bartlett [Mon, 21 May 2018 03:20:26 +0000 (15:20 +1200)]
CVE-2018-1140 ldb_tdb: Ensure the dn in distinguishedName= is valid before use
ldb_dn_from_ldb_val() does not validate this untrusted input, so a later
call to ldb_dn_get_casefold() can fail if the input is not valid.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
Andrew Bartlett [Mon, 21 May 2018 02:50:50 +0000 (14:50 +1200)]
CVE-2018-1140 ldb: Check for ldb_dn_get_casefold() failure in ldb_sqlite
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
Andrej Gessel [Fri, 6 Apr 2018 16:18:33 +0000 (18:18 +0200)]
CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr()
Signed-off-by: Andrej Gessel <Andrej.Gessel@janztec.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13374
Günther Deschner [Tue, 13 Mar 2018 15:56:20 +0000 (16:56 +0100)]
CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth".
This fixes a regression that came in via
00db3aba6cf9ebaafdf39ee2f9c7ba5ec2281ea0.
Found by Vivek Das <vdas@redhat.com> (Red Hat QE).
In order to demonstrate simply run:
smbclient //server/share -U user%password -mNT1 -c quit \
--option="client ntlmv2 auth"=no \
--option="client use spnego"=no
against a server that uses "ntlm auth = ntlmv2-only" (our default
setting).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Günther Deschner [Fri, 16 Mar 2018 16:25:12 +0000 (17:25 +0100)]
CVE-2018-1139 selftest: verify whether ntlmv1 can be used via SMB1 when it is disabled.
Right now, this test will succeed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Günther Deschner [Wed, 14 Mar 2018 14:35:01 +0000 (15:35 +0100)]
CVE-2018-1139 s3-utils: use enum ntlm_auth_level in ntlm_password_check().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Günther Deschner [Wed, 14 Mar 2018 14:36:05 +0000 (15:36 +0100)]
CVE-2018-1139 libcli/auth: fix debug messages in hash_password_check()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Thu, 26 Jul 2018 20:44:24 +0000 (08:44 +1200)]
CVE-2018-1139 libcli/auth: Add initial tests for ntlm_password_check()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Tue, 7 Aug 2018 10:06:34 +0000 (11:06 +0100)]
s3/smbd: Ensure quota code is only called when quota support detected
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13563
Signed-off-by: Noel Power <noel.power@suse.com>
Autobuild-User(v4-9-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-9-test): Mon Aug 13 15:53:27 CEST 2018 on sn-devel-144
Justin Stephenson [Mon, 6 Aug 2018 15:24:18 +0000 (11:24 -0400)]
Shorten description in vfs_linux_xfs_sgid manual
this fixes a lexgrog parse error, the NAME subheader description
of the vfs_linux_xfs_sgid(8) manual was too long, this will shorten
the description and allow it to be correctly detected by mandb.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13562
Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
9b105651c754c7c98297a23c0c1e43d7d2e28139)
Andreas Schneider [Mon, 6 Aug 2018 15:32:17 +0000 (17:32 +0200)]
s3:waf: Install eventlogadm to /usr/sbin
The eventlogadm binary needs write access to the registry which, by
default, is only possible as root.
https://bugzilla.samba.org/show_bug.cgi?id=13561
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
0530cccc41f683cb35d065ddcb3968cf4ef759f4)
Oleksandr Natalenko [Fri, 3 Aug 2018 12:34:47 +0000 (14:34 +0200)]
systemd: Only start smb when network interfaces are up
For smb, if the smb.conf contains explicit bindings to the network
interfaces, the service must wait till network interfaces are up,
otherwise the service won't be operational.
The
0e571054a61e commit and the BZ 13184 have fixed this for nmb and
samba, so do exactly the same here, for smb.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13559
Signed-off-by: Oleksandr Natalenko <oleksandr@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit
a3d248f284eb2e5f4fe886310e481b28c9f1c392)
Amitay Isaacs [Tue, 31 Jul 2018 07:44:25 +0000 (17:44 +1000)]
ctdb-eventd: Fix CID
1438155
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13554
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Aug 3 11:14:01 CEST 2018 on sn-devel-144
(cherry picked from commit
f7b2e5eec5ba1fa5f26694e6555a98cab0594a27)
Volker Lendecke [Tue, 31 Jul 2018 19:53:39 +0000 (21:53 +0200)]
ctdb: Fix a cut&paste error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13554
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
33d012c3cebb5625e02450ac3b08c4245a3e985d)
Noel Power [Thu, 28 Jun 2018 15:04:24 +0000 (16:04 +0100)]
s3/utils: fix regression where specifying -Unetbios/root works
Usually you need to be root on a linux server to modify quotas. Even
with a linux server joined to a windows AD you could always log in as
local root with smbcquotas. However in recent builds this has changed.
This patch fixes this
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jul 31 19:45:59 CEST 2018 on sn-devel-144
Noel Power [Wed, 22 Mar 2017 20:06:13 +0000 (20:06 +0000)]
s3/smbd: allow set quota for non root user (when built with --enable-selftest)
Currently it appears you need to be root to set quotas, for test purposes
this requirement needs to be relaxed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Tue, 21 Mar 2017 08:29:59 +0000 (08:29 +0000)]
s3/script/tests: Add simple (smb1 & smb2) get/set/list tests for smbcquotas
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Wed, 8 Mar 2017 14:27:27 +0000 (14:27 +0000)]
s3/script/test: modify existing smbcquota test to use SMB2 in addition to SMB1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 26 May 2017 15:02:33 +0000 (16:02 +0100)]
s3/smbd: smb2 server implementation for query get/set info.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 26 May 2017 15:01:53 +0000 (16:01 +0100)]
s3/smbd: adjust smb1 server to use idl structs and generated ndr push/pull funcs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 26 May 2017 14:50:18 +0000 (15:50 +0100)]
s3/libsmb: adjust smb2 code for new idl structs & generated ndr push/pull funcs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 26 May 2017 14:01:17 +0000 (15:01 +0100)]
s3/libsmb: adjust smb1 cli code to use idl structs and ndr push/pull funcs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Thu, 2 Mar 2017 09:20:24 +0000 (09:20 +0000)]
librpc/idl Add some query [getset]info quota related structures
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Tue, 28 Feb 2017 11:36:47 +0000 (11:36 +0000)]
s3/smbd: Don't stat when doing a quota operation (as it's a fake file)
calling SMB_VFS_STAT on the quota fake file fails and caused
FS_INFO/FileFsControlInfo request to error out early, in turn stopped a
Win8.1 client from proceeding with quota queries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Tue, 28 Feb 2017 15:04:16 +0000 (15:04 +0000)]
s3/libsmb: Avoid potential smbpanic calling parse_user_quota_list.
Calling parse_user_quota_list with a NULL buffer can cause a panic, while
this shouldn't happen, I managed to trigger this with an early implementation
of SMB2 quota support in smbd which didn't pass back NT_STATUS_NO_MORE_ENTRIES
when handling a SMB2_0_INFO_QUOTA GETINFO message.
OTHOH the Windows client handled the same situation gracefully.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Wed, 22 Mar 2017 14:53:22 +0000 (14:53 +0000)]
s3/lib: Fix misleading typo in debug message
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Günther Deschner [Thu, 12 Jul 2018 21:32:36 +0000 (23:32 +0200)]
s3-tldap: do not install test_tldap
Guenther
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13529
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jul 14 03:09:00 CEST 2018 on sn-devel-144
(cherry picked from commit
26fd7096b1f99a2754f634669d5432109023bfa5)
Karolin Seeger [Tue, 31 Jul 2018 11:30:44 +0000 (13:30 +0200)]
VERSION: Bump version up to 4.9.0rc3...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 31 Jul 2018 11:29:49 +0000 (13:29 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.9.0rc2 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 31 Jul 2018 11:29:05 +0000 (13:29 +0200)]
WHATSNEW: Add release notes for Samba 4.9.0rc2.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Martin Schwenke [Mon, 23 Jul 2018 04:07:08 +0000 (14:07 +1000)]
ctdb-docs: Update documentation for "ctdb event" command
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Sat Jul 28 20:03:52 CEST 2018 on sn-devel-144
(cherry picked from commit
e3ce1a2dfc4cbba4bf22381b91e9a14c8f240f5d)
Autobuild-User(v4-9-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-9-test): Tue Jul 31 15:27:32 CEST 2018 on sn-devel-144
Martin Schwenke [Thu, 12 Jul 2018 03:47:51 +0000 (13:47 +1000)]
ctdb-event: Implement event tool "script list" command
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
5017325c2ef84b10ccd23328f5d62ac5b246bbb3)
Martin Schwenke [Thu, 12 Jul 2018 03:27:16 +0000 (13:27 +1000)]
ctdb-event: Change event-tool script enable/disable to chmod file directly
They no longer go over the socket to eventd to enable and disable
scripts. Use the event script abstraction to chmod them directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
295826f1b83b6e59d24e4da43b290242c17f44af)
Martin Schwenke [Thu, 12 Jul 2018 03:26:27 +0000 (13:26 +1000)]
ctdb-common: Use script abstraction in run_event
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
82e62488027302e541739628210292c2d95717e1)
Martin Schwenke [Thu, 12 Jul 2018 03:20:55 +0000 (13:20 +1000)]
ctdb-common: Factor out basic script abstraction
Provides for listing of scripts and chmod enable/disable.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
a7a4ee439dc1cf262b4da9fbcb38a2f69c62744c)
Martin Schwenke [Thu, 12 Jul 2018 00:44:20 +0000 (10:44 +1000)]
ctdb-event: Fix "ctdb event status" usage message
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13551
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
56e248de6072063308786ea83282aaecc8d7e62a)
Martin Schwenke [Thu, 12 Jul 2018 10:10:35 +0000 (20:10 +1000)]
ctdb-doc: Provide an example script for migrating old configuration
Include an example ctdbd.conf-style file for testing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13550
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Jul 30 14:30:06 CEST 2018 on sn-devel-144
(cherry picked from commit
4fcbaae57b129deaacfab0a226cefca99aa78256)
Martin Schwenke [Tue, 31 Jul 2018 03:06:15 +0000 (13:06 +1000)]
WHATSNEW: Add further CTDB updates for 4.9
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Martin Schwenke [Thu, 12 Jul 2018 07:38:38 +0000 (17:38 +1000)]
ctdb-docs: Replace obsolete reference to CTDB_DEBUG_HUNG_SCRIPT option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13546
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sat Jul 28 07:26:24 CEST 2018 on sn-devel-144
(cherry picked from commit
a44e6987b1e469ae202777cd575fd81c19e1ac6c)
Martin Schwenke [Thu, 26 Jul 2018 01:01:30 +0000 (11:01 +1000)]
ctdb-protocol: Fix compilation issue with strncpy()
When configured with --picky-developer and using -O3 with gcc 8.1:
../protocol/protocol_util.c: In function ‘ctdb_sock_addr_from_string’:
../protocol/protocol_util.c:282:2: error: ‘strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
strncpy(s, str, len+1);
^~~~~~~~~~~~~~~~~~~~~~
../protocol/protocol_util.c:277:8: note: length computed here
len = strlen(str);
^~~~~~~~~~~
Use strlcpy() instead and check the result.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13545
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
3b56f2002a35b55b46958178c79aee519f0c5880)
Martin Schwenke [Thu, 26 Jul 2018 01:00:28 +0000 (11:00 +1000)]
ctdb-common: Fix compilation issue with strncpy()
When configured with --picky-developer and using -O3 with gcc 8.1:
../common/system_socket.c: In function ‘parse_ip_mask’:
../common/system_socket.c:229:2: error: ‘strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
strncpy(s, str, len+1);
^~~~~~~~~~~~~~~~~~~~~~
../common/system_socket.c:223:8: note: length computed here
len = strlen(str);
^~~~~~~~~~~
Use strlcpy() instead and check the result.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13545
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
5dd84bf5d73e4afab094834bc317da7884b9b9b3)
Amitay Isaacs [Thu, 26 Jul 2018 04:51:44 +0000 (14:51 +1000)]
ctdb-common: Fix the TCP packet length check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
be43e08072ebce937ed0a02cd8d9d1c6072b178d)
Amitay Isaacs [Thu, 19 Jul 2018 07:41:55 +0000 (17:41 +1000)]
ctdb-tests: Strip all spaces from od output
On freebsd, there are trailing spaces in od output.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
3047202ce733d1a767fbc83c7021cb83bb83e0e1)
Amitay Isaacs [Thu, 19 Jul 2018 07:41:07 +0000 (17:41 +1000)]
ctdb-tests: Fix a typo
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
6f5ed2b8b829e01fc675537e47095868ff8b5aa2)
Amitay Isaacs [Thu, 19 Jul 2018 07:40:40 +0000 (17:40 +1000)]
ctdb-tests: Use errcode to translate ETIMEDOUT
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
65cc36f24d8a92c749dbc3700802e1d83a9ceb9f)
Amitay Isaacs [Thu, 19 Jul 2018 06:10:15 +0000 (16:10 +1000)]
ctdb-tests: Replace md5sum with posix cksum
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
22c3078c8b10c88f8aff22caa7c92a06f387f17d)
Amitay Isaacs [Thu, 19 Jul 2018 05:27:51 +0000 (15:27 +1000)]
ctdb-tests: Use portable wc -c instead of stat -c "%s"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
07844c2ec9583362594241e607d81aaead8f1a99)
Amitay Isaacs [Thu, 19 Jul 2018 04:43:09 +0000 (14:43 +1000)]
ctdb-scripts: date "+%N" is non-portable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
96d5c7de82f795e33e9998e0fe94ddcb50e7421d)
Amitay Isaacs [Thu, 19 Jul 2018 02:08:20 +0000 (12:08 +1000)]
ctdb-tests: Simplify pattern matching for ctime output
On freebsd, sed does not accept multiple pattern strings.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
68542dbb5ab7b9d17b476937d1c84fe19d893255)
Amitay Isaacs [Thu, 19 Jul 2018 04:30:17 +0000 (14:30 +1000)]
ctdb-tests: Do not try to match pstree output in eventd tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
4152e98c0e95a938e17f95c543c2114bbf54b136)
Amitay Isaacs [Wed, 18 Jul 2018 09:00:42 +0000 (19:00 +1000)]
ctdb-common: Add fd argument to ctdb_connection_list_read()
This makes testing easier.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
3bf753e830c20183ef4f3278880d3be362e53bef)
Amitay Isaacs [Wed, 11 Jul 2018 08:35:46 +0000 (18:35 +1000)]
ctdb-protocol: Avoid fgets in ctdb_connection_list_read
C library buffering API can behave in unexpected fashion if underlying
fd for stdin, stdout or stderr is closed and re-opened.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
c9b42d27e6cf9e6ae36f44970f0a388edc737a7a)
Amitay Isaacs [Wed, 18 Jul 2018 08:42:10 +0000 (18:42 +1000)]
ctdb-common: Add line based I/O
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
c7041b0faf490661818244dd032ad413ce906e5c)
Amitay Isaacs [Wed, 11 Jul 2018 07:23:43 +0000 (17:23 +1000)]
ctdb-tests: Porting tests should ignore unsupported features
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
0273171c30a5bcfdfc0b3f74c1d5a89dbaa5b204)
Amitay Isaacs [Tue, 10 Jul 2018 09:11:18 +0000 (19:11 +1000)]
ctdb-tests: Use sigcode to match signals
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
23952c9165bbdcae8f34b7dfefdbb4a499a55362)
Amitay Isaacs [Tue, 10 Jul 2018 09:09:00 +0000 (19:09 +1000)]
ctdb-tests: Add signal code matching utility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
b0028dd5bf2d5466a50dfd12a82a23f30e9ccf48)
Amitay Isaacs [Tue, 10 Jul 2018 08:54:11 +0000 (18:54 +1000)]
ctdb-tests: Add ps output filter for freebsd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
b7dbe9f306fda0d8f1dcc8dd81864539f6ff2632)
Amitay Isaacs [Tue, 10 Jul 2018 08:48:53 +0000 (18:48 +1000)]
ctdb-client: Switch to ETIMEDOUT instead of ETIME
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
e1236a855ffc493efb5e9cb7b295034376e56d3a)
Amitay Isaacs [Tue, 10 Jul 2018 08:18:33 +0000 (18:18 +1000)]
ctdb-daemon: Switch to using ETIMEDOUT instead of ETIME
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
b886a95eca306d0062240e5710ae0ed4505b1068)
Amitay Isaacs [Tue, 10 Jul 2018 08:34:13 +0000 (18:34 +1000)]
ctdb-event: Switch to ETIMEDOUT instead of ETIME
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
c8756ec17be11e40bc7e75aac7afdb323acb42e2)
Amitay Isaacs [Tue, 10 Jul 2018 08:19:09 +0000 (18:19 +1000)]
ctdb-common: Switch to ETIMEDOUT from ETIME
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
a42a7232990fa163d046fb07be351ea3e0467046)
Amitay Isaacs [Tue, 10 Jul 2018 08:47:27 +0000 (18:47 +1000)]
ctdb-tests: Add required_error() to match on error codes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
e8a1b3db7abfa9e4a53e98a0aa21dfc268a21c92)
Amitay Isaacs [Tue, 10 Jul 2018 07:38:42 +0000 (17:38 +1000)]
ctdb-tests: Add errno matching utility
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
af8c31ead80d6c74b0e9d057cb47dff6552178a9)
Martin Schwenke [Sun, 1 Jul 2018 03:39:57 +0000 (13:39 +1000)]
ctdb-tests: Switch some test stubs to use /bin/sh
They don't use any bash features.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
f13824b291fca9cdaa936c238d7e9bcb73927da7)
Martin Schwenke [Sun, 1 Jul 2018 03:28:40 +0000 (13:28 +1000)]
ctdb-tests: Improve portability by not using mktemp --tmpdir option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
2f2c35a1cb4afe38e869882e8f18a62d4daac981)
Martin Schwenke [Sun, 1 Jul 2018 09:58:02 +0000 (19:58 +1000)]
ctdb-tests: Avoid use of non-portable getopt in stubs
getopt is being used with non-portable options. In most cases use
simpler, POSIX-compliant getopts instead.
In the case of the ctdb test stub command, options can appear after
other arguments, so this requires an additional nested loop.
In the case of smnotify, there are no short options, so handle the
long options manually.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13520
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
896c77df1ce2645c6dd7898b59ea802e204dc7d9)