Andreas Schneider [Tue, 9 Jul 2019 11:01:49 +0000 (13:01 +0200)]
s4:libnet: Use encode_rc4_passwd_buffer() in libnet_SetPassword_samr_handle_26()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
David Disseldorp [Mon, 15 Jul 2019 22:22:29 +0000 (00:22 +0200)]
SQUASH test_rc4_passwd_buffer: free
Signed-off-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Tue, 9 Jul 2019 11:06:49 +0000 (13:06 +0200)]
libcli:auth: Add test for encode_rc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Tue, 9 Jul 2019 11:01:10 +0000 (13:01 +0200)]
XXX libcli:auth: Add encode_rc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
XXX ddiss:
- nit: zero out pw_data.data on samba_gnutls_arcfour_confounded_md5()
failure
David Disseldorp [Mon, 15 Jul 2019 21:55:29 +0000 (23:55 +0200)]
SQUASH test_rc4_passwd_buffer: free password_decoded buf
Makes valgrind a little happier.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Tue, 9 Jul 2019 10:53:31 +0000 (12:53 +0200)]
libcli:auth: Pass samr_CryptPasswordEx to decode_rc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Fri, 5 Jul 2019 08:12:43 +0000 (10:12 +0200)]
libcli:auth: Rename encode_or_decode_arc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Fri, 5 Jul 2019 08:09:32 +0000 (10:09 +0200)]
libcli:auth: Use samba_gnutls_arcfour_confounded_md5() for rc4 passwd buffer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
David Disseldorp [Mon, 15 Jul 2019 09:21:35 +0000 (11:21 +0200)]
XXX s3:rpc_client: Use samba_gnutls_arcfour_confounded_md5 in init_samr_CryptPasswordEx
I think my comment is wrong - the pwbuf is used
- check zeroing on error
Andreas Schneider [Wed, 16 Jan 2019 12:15:08 +0000 (13:15 +0100)]
s3:rpc_client: Use GnuTLS RC4 in init_samr_CryptPassword()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Thu, 4 Jul 2019 14:22:48 +0000 (16:22 +0200)]
XXX s3:rpc_client: Use samba_gnutls_arcfour_confounded_md5 in init_samr_CryptPasswordEx
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
XXX ddiss:
- nit: add SAMBA_GNUTLS_DIGEST_ONLY(or similar) to avoid the unused
samba_gnutls_arcfour_confounded_md5()->encrypt_pwbuf calculation
Andreas Schneider [Fri, 5 Jul 2019 07:39:02 +0000 (09:39 +0200)]
libcli:auth: Add test for decoding an RC4 password buffer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Wed, 29 May 2019 12:57:52 +0000 (14:57 +0200)]
XXX libcli:auth: Return NTSTATUS for encode_or_decode_arc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
ddiss XXX:
- nit encode_or_decode_arc4_passwd_buffer() whitespace
- future: drop dump_data(100,...) after call
David Disseldorp [Fri, 12 Jul 2019 17:29:23 +0000 (19:29 +0200)]
netlogon: fix potential use of uninitialized variable
The _netr_NetrEnumerateTrustedDomains()->dcerpc_lsa_open_policy2() error
path checks the policy handle and closes it if non-empty. The policy
handle may be uninitialized in this code-path - fix this.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Andreas Schneider [Wed, 29 May 2019 15:16:26 +0000 (17:16 +0200)]
XXX s3:rpc_client: Return NTSTATUS for init_samr_CryptPasswordEx()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
ddiss XXX:
- confounded_session_key should be freed in init_samr_CryptPasswordEx()
error path
- libnet_join_joindomain_rpc() should goto error!
- nit: lib/crypto/gnutls_helpers.h include belongs in this commit, not
the previous one.
- nit: netr_set_machine_account_password() leaks onto mem_ctx in error path.
- nit: cmd_samr_setuserinfo_int() leaks onto mem_ctx in error path
Andreas Schneider [Wed, 29 May 2019 14:22:11 +0000 (16:22 +0200)]
XXX s3:rpc_client: Return NTSTATUS for init_samr_CryptPassword()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
ddiss:
XXX
- set_user_info_USER_INFO_X() leaks onto talloc_tos()
- encode_pw_buffer() errors ignored (fixed later?)
- nit: cmd_samr_setuserinfo_int() leaks onto mem_ctx in error path
- nit: rpc_trustdom_add_internals() leaks onto mem_ctx in error path and
also leaves connect, domain and user policy handles open
Follow ups:
- libnet_join_joindomain_rpc()->dcerpc_samr_SetUserInfo2 could use same
error path (after old_timeout revert).
- dcerpc_samr_DeleteUser() should only be called in
libnet_join_joindomain_rpc() error path if created!?
Garming Sam [Mon, 8 Jul 2019 04:59:33 +0000 (16:59 +1200)]
ldap_server: Regression in
0559430ab6e5c48d6e853fda0d8b63f2e149015c
Extended DN requests seem to have been incorrectly handled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Thu Jul 11 05:25:26 UTC 2019 on sn-devel-184
Noel Power [Mon, 8 Jul 2019 15:19:51 +0000 (15:19 +0000)]
libcl/smb: clang: Fix 'Value stored to 'next_offset' is never read'
Fixes:
libcli/smb/smb2_create_blob.c:146:3: warning: Value stored to 'next_offset' is never read <--[clang]
next_offset += next_pad;
^ ~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Mon, 8 Jul 2019 15:16:57 +0000 (15:16 +0000)]
libcli/smb: clang: Fix 'value stored to 'p' is never read'
Fixes:
libcli/smb/smb1cli_session.c:226:2: warning: Value stored to 'p' is never read <--[clang]
p += ret;
^ ~~~
libcli/smb/smb1cli_session.c:517:2: warning: Value stored to 'p' is never read <--[clang]
p += ret;
^ ~~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Mon, 8 Jul 2019 13:52:26 +0000 (13:52 +0000)]
auth/gensec: clang: Fix 'Value stored to 'status' is never read'
Fixes:
auth/gensec/spnego.c:877:2: warning: Value stored to 'status' is never read <--[clang]
status = sub_status;
^ ~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Mon, 8 Jul 2019 13:49:30 +0000 (13:49 +0000)]
s4/auth/gensec: clang: Fix 'initialization value is never read'
Fixes:
source4/auth/gensec/gensec_gssapi.c:431:11: warning: Value stored to 'nt_status' during its initialization is never read <--[clang]
NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
^~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Mon, 8 Jul 2019 13:46:39 +0000 (13:46 +0000)]
nsswitch/libwbclient: clang: Fix Value stored to 'wbc_status' is never read
Fixes:
nsswitch/libwbclient/wbc_util.c:123:3: warning: Value stored to 'wbc_status' is never read <--[clang]
wbc_status = WBC_ERR_SUCCESS;
^ ~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Mon, 8 Jul 2019 13:43:20 +0000 (13:43 +0000)]
s4/dsdb/common: clang: Fix access results in null pointer deref.
Fixes:
source4/dsdb/common/util_trusts.c:2915:21: warning: Access to field 'sid' results in a dereference of a null pointer (loaded from field 'tdo') <--[clang]
d->di.domain_sid = d->tdo->sid;
^ ~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Mon, 8 Jul 2019 12:12:59 +0000 (12:12 +0000)]
nsswitch/libwbclient: clang Fix Potential leak of memory
Fixes:
nsswitch/libwbclient/wbc_sid.c:848:2: warning: Potential leak of memory pointed to by 'extra_data'
free(extra_data);
^
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Sun, 7 Jul 2019 00:49:57 +0000 (12:49 +1200)]
ldb ABI bump for pyldb_Ldb_AsLdbContext change
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Jul 10 05:48:52 UTC 2019 on sn-devel-184
Douglas Bagnall [Thu, 4 Jul 2019 04:43:12 +0000 (16:43 +1200)]
pyldb: ldb.register_module() checks arguments a little bit
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Thu, 4 Jul 2019 04:29:56 +0000 (16:29 +1200)]
pyldb: remove ldb.open, which was never survivable
There was no way to call ldb.open without evoking signal 11, so it is
unlikely anyone was using it.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Thu, 4 Jul 2019 03:59:42 +0000 (03:59 +0000)]
py segfault test: ldb.open
There seems to be no way of using ldb.open without causing a segfault
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Thu, 4 Jul 2019 03:59:11 +0000 (03:59 +0000)]
py segfault test: ldb.register_module
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Fri, 27 Apr 2018 01:15:01 +0000 (13:15 +1200)]
pyldb: rename pyldb_Dn_AsDn() to pyldb_Dn_AS_DN()
Following the python/C convention for checking vs non-checking
convertors.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Wed, 2 May 2018 23:17:55 +0000 (11:17 +1200)]
pyldb: check for errors in PyLdb_GetPyType()
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Fri, 20 Apr 2018 04:23:42 +0000 (16:23 +1200)]
pyldb: fork pyldb_Ldb_AsLdbContext macro to reflect unsafeness
In the Python/C API, conversion functions which check the types of their arguments
have names like:
double PyFloat_AsDouble(PyObject *pyfloat);
while conversion macros that don't check have names like:
PyFloat_AS_DOUBLE(pyfloat)
The pyldb_Ldb_AsLdbContext() macro looks like one of the checking functions
but it actually isn't. This has fooled us more than once. Here we fork
the macro into two -- one which performs checks and keeps the camel
case, and one with a shouty name that keeps the check-free behaviour.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Thu, 3 May 2018 00:10:21 +0000 (12:10 +1200)]
pyldb: add pyldb_check_type()
This will be used by pyldb_Ldb_AsLdbContext().
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Douglas Bagnall [Sat, 6 Jul 2019 11:24:43 +0000 (23:24 +1200)]
ldb: do not allow adding a DN as a base to itself
If you try to add a dn to itself, it expands as it goes. The resulting
loop cannot end well.
It looks like this in Python:
dn = ldb.Dn(ldb.Ldb(), 'CN=y,DC=x')
dn.add_base(dn)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Jeremy Allison [Mon, 8 Jul 2019 22:28:51 +0000 (15:28 -0700)]
s3: smbd: Remove ifdef'ed out dptr_close_oldest().
No longer used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 10 00:28:51 UTC 2019 on sn-devel-184
Jeremy Allison [Mon, 8 Jul 2019 22:26:59 +0000 (15:26 -0700)]
s3: smbd: Remove the 'close oldest' logic in SMB1 trans2 search processing.
Will be removed in next commit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 22:23:57 +0000 (15:23 -0700)]
s3: smbd: Remove the 'close oldest' logic in SMB1search processing.
Expect the client to manage their handles properly.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 22:20:42 +0000 (15:20 -0700)]
s3: smbd: Remove now unused parameter 'forclose' to dptr_get().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 22:16:21 +0000 (15:16 -0700)]
s3: smbd: globals - remove dirhandles_open from internal search struct.
It wasn't used for SMB2 anyway, and isn't useful for anything.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 22:15:24 +0000 (15:15 -0700)]
s3: smbd: We no longer need to keep a count of dirhandles open.
It's not per-connection struct anyway, so doesn't
help for anything.
Remove now unused variable struct smbd_server_connection *sconn
otherwise we get compile errors.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 22:06:30 +0000 (15:06 -0700)]
s3: smbd: Add a note explaining MAX_DIRECTORY_HANDLES only applies to SMB1.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 22:06:07 +0000 (15:06 -0700)]
s3: smbd: Remove now unused MAX_OPEN_DIRECTORIES define.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 22:35:20 +0000 (15:35 -0700)]
s3: smbd: Remove unused dptr_idleoldest() and dptr_idle() functions.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 22:34:41 +0000 (15:34 -0700)]
s3: smbd: Remove SMB1 idle unused directory handles code.
This is only needed for broken SMB1 DOS clients, and
we're a long way from needing this anymore.
ifdef out dptr_idleoldest() and dptr_idle()
functions as otherwise we get "unused function"
compile errors. Remove in next commit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 22:01:43 +0000 (15:01 -0700)]
s3: smbd: Remove MAX_OPEN_DIRECTORIES check in dptr_create().
This is a bug in that it's artificially limiting the number
of open directories an SMB2 client can have. If this code
was needed it should by SMB1 specific.
However we should allow the clients to decide for themselves
how many directory handles they need, not limit to MAX_OPEN_DIRECTORIES.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 21:58:44 +0000 (14:58 -0700)]
s3: smbd: Remove now unused dptr_idlecnum().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 21:57:17 +0000 (14:57 -0700)]
s3: smbd: Remove unused DPTR_IDLE_TIMEOUT.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 21:56:13 +0000 (14:56 -0700)]
s3: smbd: Don't idle SMB1 directory scans after DPTR_IDLE_TIMEOUT.
Only broken SMB1 clients leave directory scans hanging
and we shouldn't support that.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 21:55:09 +0000 (14:55 -0700)]
s3: smbd: Don't idle connections with active SMB1 directory scans.
When all scans are via file handles this code can
be removed.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 8 Jul 2019 21:46:20 +0000 (14:46 -0700)]
s3: smbd: Add dptr_activecnum(), not yet used.
Will be used to help remove the SMB1 idle directory
code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andreas Schneider [Wed, 15 May 2019 06:41:12 +0000 (08:41 +0200)]
s3:profile: Allow profile subsystem to use SHA1 in FIPS mode
This is non-cryptographic use.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jul 9 13:31:46 UTC 2019 on sn-devel-184
Andreas Schneider [Fri, 5 Jul 2019 08:38:44 +0000 (10:38 +0200)]
lib:crypto: Add GNUTLS_FIPS140_SET_(LAX|STRICT)_MODE to helpers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Fri, 5 Jul 2019 14:28:27 +0000 (16:28 +0200)]
lib:crypto: Fix path to header file in gnutls_helpers.h
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Andreas Schneider [Mon, 1 Jul 2019 14:54:15 +0000 (16:54 +0200)]
s3:profile: Use SHA1 for hashing in profiling functions.
This can use SHA NI instructions if the CPU supports it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Karolin Seeger [Tue, 9 Jul 2019 10:04:27 +0000 (12:04 +0200)]
WHATSNEW: Start release notes for Samba 4.12.0pre1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 9 Jul 2019 10:02:07 +0000 (12:02 +0200)]
VERSION: Bump version up to 4.12.0.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 9 Jul 2019 09:47:48 +0000 (11:47 +0200)]
VERSION: Bump version up to 4.12.0pre1...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 9 Jul 2019 09:45:52 +0000 (11:45 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.11.0rc1 release...
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 9 Jul 2019 09:43:22 +0000 (11:43 +0200)]
WHATSNEW: Fix typo.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Garming Sam [Tue, 9 Jul 2019 05:34:51 +0000 (17:34 +1200)]
WHATSNEW: Add link for >= and <= indexing
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Tim Beale <timbeale@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Jul 9 07:06:04 UTC 2019 on sn-devel-184
Gary Lockyer [Mon, 8 Jul 2019 04:14:26 +0000 (16:14 +1200)]
dsdb repl_meta_data: Don't print ldif on error
Don't call ldb_ldif_message_redacted_string when linked_attr_modify
fails. When joining a large domain this takes way to much time, in excess of 3
hours for a join on a 200k domain.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Tim Beale <timbeale@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Tue Jul 9 03:03:25 UTC 2019 on sn-devel-184
Ralph Boehme [Mon, 8 Jul 2019 13:26:02 +0000 (15:26 +0200)]
WHATSNEW.txt: change "mangled names" default to "illegal"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jul 8 17:56:50 UTC 2019 on sn-devel-184
Ralph Boehme [Mon, 8 Jul 2019 12:14:29 +0000 (14:14 +0200)]
docs/xml: change default for "mangled names" to "illegal"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 8 Jul 2019 13:26:25 +0000 (15:26 +0200)]
selftest: explicitly set "mangled names = yes"
This is the current default and what 'make test' assumes currently.
The next commit will change the default to "illegal".
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Wed, 12 Jun 2019 17:08:14 +0000 (19:08 +0200)]
WHATSNEW.txt: disable SMB1 by default!
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 6 Jun 2019 12:07:13 +0000 (14:07 +0200)]
docs-xml: change "client min protocol" to SMB2_02
It's time to disable SMB1 by default...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 8 Jul 2019 09:31:27 +0000 (11:31 +0200)]
selftest: explicitly set "client min protocol = CORE"
This is the current default and what 'make test' assumes currently.
The next commit will change the default to disable SMB1.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Thu, 6 Jun 2019 12:07:13 +0000 (14:07 +0200)]
docs-xml: change "server min protocol" to SMB2_02
SMB2_02 was available with Windows Vista.
It's time to turn SMB1 off by default.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 8 Jul 2019 09:55:13 +0000 (11:55 +0200)]
selftest: explicitly set "server min protocol = LANMAN1"
This is the current default and what 'make test' assumes currently.
The next commit will change the default to disable SMB1.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 5 Jul 2019 07:52:43 +0000 (09:52 +0200)]
smbd: Move fcb_or_dos_open() out of open_file_ntcreate()
This is SMB1-only and pre-ntcreate with only 3 callers that look at
NTCREATEX_OPTIONS_PRIVATE_DENY_[DOS|FCB]. It is a bit less efficient
if it kicks in (we have to recreate the fsp), but SMB1 is less and
less popular, and this particular share mode combination from the
open&x family of calls might not be worth optimizing for.
This adds smb1_utils.[ch] as a kitchen sink for functions that can go
away once we drop SMB1.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 4 Jul 2019 11:55:41 +0000 (13:55 +0200)]
smbd: Slightly simplify open_mode_check()
If there are no share modes, we'll just not enter the loop.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 4 Jul 2019 11:55:28 +0000 (13:55 +0200)]
vfs_fruit: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Thu, 4 Jul 2019 06:48:05 +0000 (08:48 +0200)]
smbd: Slightly simplify fsp_lease_update()
We have already dereferenced fsp->lease
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 3 Jul 2019 11:44:59 +0000 (13:44 +0200)]
smbd: Simplify smbd_smb2_setinfo_send()
Avoid an "else" branch
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 3 Jul 2019 13:33:02 +0000 (15:33 +0200)]
smbd: Make get_relative_fid_filename() static to open.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Volker Lendecke [Wed, 3 Jul 2019 09:25:41 +0000 (11:25 +0200)]
smbd: Make find_share_mode_entry() static to locking.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Noel Power [Thu, 4 Jul 2019 11:54:18 +0000 (11:54 +0000)]
auth/kerberos: clang: Fix same instances of 'Value stored is never read'
Fixes:
auth/kerberos/gssapi_pac.c:136:3: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer(&gss_min, &pac_buffer);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:137:3: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer(&gss_min, &pac_display_buffer);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:265:4: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer_set(&gss_min, &set);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:273:4: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer_set(&gss_min, &set);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:279:4: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer_set(&gss_min, &set);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:285:5: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer_set(&gss_min, &set);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:291:2: warning: Value stored to 'gss_maj' is never read <--[clang]
gss_maj = gss_release_buffer_set(&gss_min, &set);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
7 warnings generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Jul 8 11:04:15 UTC 2019 on sn-devel-184
Noel Power [Thu, 4 Jul 2019 11:50:29 +0000 (11:50 +0000)]
s4/dsdb/schema: clang: Fix Array access results in null pointer deref
Fixes:
source4/dsdb/schema/schema_query.c:223:15: warning: Array access (from variable 'attr_list') results in a null pointer dereference <--[clang]
attr_list[i] = NULL;
~~~~~~~~~ ^
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Wed, 3 Jul 2019 14:56:55 +0000 (14:56 +0000)]
s4/dsdb/schema: Fix 'Value stored to 'ret' is never read'
Fixes:
source4/dsdb/schema/schema_set.c:274:3: warning: Value stored to 'ret' is never read <--[clang]
ret = LDB_SUCCESS;
^ ~~~~~~~~~~~
source4/dsdb/schema/schema_set.c:327:3: warning: Value stored to 'ret' is never read <--[clang]
ret = LDB_SUCCESS;
^ ~~~~~~~~~~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Wed, 3 Jul 2019 12:51:01 +0000 (12:51 +0000)]
s4/dsdb/schema: Fix Access to field results in deference of null pointer
Fixes:
source4/dsdb/schema/schema_info_attr.c:207:38: warning: Access to field 'revision' results in a dereference of a null pointer (loaded from variable 'schema_info') <--[clang]
if (schema->schema_info->revision > schema_info->revision) {
^~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Wed, 3 Jul 2019 12:45:56 +0000 (12:45 +0000)]
s3/lib: Fix Access to field results in dereference of NULL pointer
Fixes:
ource3/lib/messages_dgm.c:176:29: warning: Access to field 'queue' results in a dereference of a null pointer (loaded from variable 'out') <--[clang]
qlen = tevent_queue_length(out->queue);
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Wed, 3 Jul 2019 11:34:19 +0000 (11:34 +0000)]
lib/param: clang: Fix Value stored is never read
Fixes:
lib/param/loadparm.c:2164:2: warning: Value stored to 'bRetval' is never read <--[clang]
bRetval = false;
^ ~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Wed, 3 Jul 2019 11:10:44 +0000 (11:10 +0000)]
lib/util: clang: Fix 'Null pointer passed as an argument'
Fixes lib/util/iov_buf.c:50:4: warning: Null pointer passed as an argument to a 'nonnull' parameter <--[clang]
memcpy(p, iov[i].iov_base, thislen);
^
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Björn Jacke [Sun, 7 Jul 2019 21:35:15 +0000 (23:35 +0200)]
WHATSNEW: changed default/deprecation of allocation roundup size
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Jul 8 09:29:33 UTC 2019 on sn-devel-184
Björn Jacke [Wed, 19 Jun 2019 11:20:34 +0000 (13:20 +0200)]
docs-xml: deprecate allocation roundup size parameter
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Sun Jul 7 23:21:55 UTC 2019 on sn-devel-184
Björn Jacke [Wed, 19 Jun 2019 11:04:55 +0000 (13:04 +0200)]
param: change default of "allocation roundup size" to 0
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Björn Jacke [Thu, 20 Jun 2019 14:10:52 +0000 (16:10 +0200)]
torture: fix durable open/alloc-size test
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Martin Schwenke [Thu, 27 Jun 2019 10:41:57 +0000 (20:41 +1000)]
WHATSNEW: Add CTDB updates for 4.11
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jul 5 08:05:00 UTC 2019 on sn-devel-184
Martin Schwenke [Wed, 3 Jul 2019 10:58:54 +0000 (20:58 +1000)]
ctdb-tools: CID
1449530 - Negative loop bound
Regression introduced by commit
2558f96da1f9be8034f26736c8050bb38a1f82a8. count should be signed
because list_of_connected_nodes() returns -1 on failure. Variable i
is used in both signed and unsigned contexts, so add new signed
variable j for use in signed context.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Rafael David Tinoco [Thu, 27 Jun 2019 20:12:25 +0000 (20:12 +0000)]
ctdb-config: depend on /etc/ctdb/nodes file
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14017
CTDB should start as a disabled unit (systemd) in most of the
distributions and, when trying to enable it for the first time, user
should get an unconfigured, or similar, error.
Depending on /etc/ctdb/nodes file will give a clear direction to final
user on what is needed in order to get cluster up and running. It should
work like previous ENABLED=NO variables in SySV like initialization
scripts.
Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Sun, 30 Jun 2019 21:04:19 +0000 (07:04 +1000)]
ctdb-tests: Rename local-daemon.sh dump-logs to print-log
This makes it consistent with print-socket.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jul 5 06:19:11 UTC 2019 on sn-devel-184
Martin Schwenke [Tue, 25 Jun 2019 00:03:44 +0000 (10:03 +1000)]
ctdb-build: Tweak hacking of rpcgen output
csbuild doesn't like the hack where variable buf is initialised to
itself to avoid an unused variable warning. buf is unused so remove
it instead.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 24 Jun 2019 20:35:04 +0000 (06:35 +1000)]
ctdb-daemon: Don't check if lock_ctx->ctdb_db is NULL
This can never be NULL. It could probably be NULL in the past when
"all database" locks existed.
There are paths where is is checked for NULL and then later
dereferenced, causing static analysers to produce spurious warnings.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 24 Jun 2019 07:01:07 +0000 (17:01 +1000)]
ctdb-common: Mark ctdb_fatal() and ctdb_die() as _NORETURN_
This avoids static analysers continuing analysis after calls to these
functions and producing incorrect warnings.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 24 Jun 2019 06:45:06 +0000 (16:45 +1000)]
ctdb-event: Fix signed/unsigned comparisons by casting
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 24 Jun 2019 06:44:37 +0000 (16:44 +1000)]
ctdb-database: Fix signed/unsigned comparison by casting
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 24 Jun 2019 06:42:58 +0000 (16:42 +1000)]
ctdb-event: Assign missing return value
Otherwise ret == 0 is returned from successful call to
ctdb_int32_pull().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 24 Jun 2019 06:42:21 +0000 (16:42 +1000)]
ctdb-common: Fix signed/unsigned comparisons by declaring as unsigned
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 24 Jun 2019 06:36:47 +0000 (16:36 +1000)]
ctdb-common: Fix error handling
According to the documentation, sendto() should either send the packet
as given or return with an error. However, given that it can return
the number of bytes sent, treat the theoretical error of a short
packet send separately, since errno would not be set in this case.
Similarly, treat a short packet recv() separately from an error where
errno is set.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Mon, 24 Jun 2019 06:35:01 +0000 (16:35 +1000)]
ctdb-common: Fix signed/unsigned comparisons by casting
One case needs an extra variable declared.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>