VERSION: Disable GIT_SNAPSHOT for the 4.11.0rc1 release...

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Fix typo.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add link for >= and <= indexing

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Tim Beale <timbeale@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Jul  9 07:06:04 UTC 2019 on sn-devel-184

dsdb repl_meta_data: Don't print ldif on error

Don't call ldb_ldif_message_redacted_string when linked_attr_modify
fails.  When joining a large domain this takes way to much time, in excess of 3
hours for a join on a 200k domain.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Tim Beale <timbeale@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Tue Jul  9 03:03:25 UTC 2019 on sn-devel-184

WHATSNEW.txt: change "mangled names" default to "illegal"

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jul  8 17:56:50 UTC 2019 on sn-devel-184

docs/xml: change default for "mangled names" to "illegal"

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

selftest: explicitly set "mangled names = yes"

This is the current default and what 'make test' assumes currently.

The next commit will change the default to "illegal".

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

WHATSNEW.txt: disable SMB1 by default!

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

docs-xml: change "client min protocol" to SMB2_02

It's time to disable SMB1 by default...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

selftest: explicitly set "client min protocol = CORE"

This is the current default and what 'make test' assumes currently.

The next commit will change the default to disable SMB1.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

docs-xml: change "server min protocol" to SMB2_02

SMB2_02 was available with Windows Vista.
It's time to turn SMB1 off by default.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

selftest: explicitly set "server min protocol = LANMAN1"

This is the current default and what 'make test' assumes currently.

The next commit will change the default to disable SMB1.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Move fcb_or_dos_open() out of open_file_ntcreate()

This is SMB1-only and pre-ntcreate with only 3 callers that look at
NTCREATEX_OPTIONS_PRIVATE_DENY_[DOS|FCB]. It is a bit less efficient
if it kicks in (we have to recreate the fsp), but SMB1 is less and
less popular, and this particular share mode combination from the
open&x family of calls might not be worth optimizing for.

This adds smb1_utils.[ch] as a kitchen sink for functions that can go
away once we drop SMB1.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

smbd: Slightly simplify open_mode_check()

If there are no share modes, we'll just not enter the loop.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

vfs_fruit: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

smbd: Slightly simplify fsp_lease_update()

We have already dereferenced fsp->lease

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

smbd: Simplify smbd_smb2_setinfo_send()

Avoid an "else" branch

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

smbd: Make get_relative_fid_filename() static to open.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

smbd: Make find_share_mode_entry() static to locking.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

auth/kerberos: clang: Fix same instances of 'Value stored is never read'

Fixes:

auth/kerberos/gssapi_pac.c:136:3: warning: Value stored to 'gss_maj' is never read <--[clang]
                gss_maj = gss_release_buffer(&gss_min, &pac_buffer);
                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:137:3: warning: Value stored to 'gss_maj' is never read <--[clang]
                gss_maj = gss_release_buffer(&gss_min, &pac_display_buffer);
                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:265:4: warning: Value stored to 'gss_maj' is never read <--[clang]
                        gss_maj = gss_release_buffer_set(&gss_min, &set);
                        ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:273:4: warning: Value stored to 'gss_maj' is never read <--[clang]
                        gss_maj = gss_release_buffer_set(&gss_min, &set);
                        ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:279:4: warning: Value stored to 'gss_maj' is never read <--[clang]
                        gss_maj = gss_release_buffer_set(&gss_min, &set);
                        ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:285:5: warning: Value stored to 'gss_maj' is never read <--[clang]
                                gss_maj = gss_release_buffer_set(&gss_min, &set);
                                ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
auth/kerberos/gssapi_pac.c:291:2: warning: Value stored to 'gss_maj' is never read <--[clang]
        gss_maj = gss_release_buffer_set(&gss_min, &set);
        ^         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
7 warnings generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Mon Jul  8 11:04:15 UTC 2019 on sn-devel-184

s4/dsdb/schema: clang: Fix Array access results in null pointer deref

Fixes:
source4/dsdb/schema/schema_query.c:223:15: warning: Array access (from variable 'attr_list') results in a null pointer dereference <--[clang]
        attr_list[i] = NULL;
        ~~~~~~~~~    ^
1 warning generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

s4/dsdb/schema: Fix 'Value stored to 'ret' is never read'

Fixes:

source4/dsdb/schema/schema_set.c:274:3: warning: Value stored to 'ret' is never read <--[clang]
                ret = LDB_SUCCESS;
                ^     ~~~~~~~~~~~
source4/dsdb/schema/schema_set.c:327:3: warning: Value stored to 'ret' is never read <--[clang]
                ret = LDB_SUCCESS;
                ^     ~~~~~~~~~~~

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

s4/dsdb/schema: Fix Access to field results in deference of null pointer

Fixes:

source4/dsdb/schema/schema_info_attr.c:207:38: warning: Access to field 'revision' results in a dereference of a null pointer (loaded from variable 'schema_info') <--[clang]
        if (schema->schema_info->revision > schema_info->revision) {
                                            ^~~~~~~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

s3/lib: Fix Access to field results in dereference of NULL pointer

Fixes:

ource3/lib/messages_dgm.c:176:29: warning: Access to field 'queue' results in a dereference of a null pointer (loaded from variable 'out') <--[clang]
        qlen = tevent_queue_length(out->queue);

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

lib/param: clang: Fix Value stored is never read

Fixes:
lib/param/loadparm.c:2164:2: warning: Value stored to 'bRetval' is never read <--[clang]
        bRetval = false;
        ^         ~~~~~
1 warning generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

lib/util: clang: Fix 'Null pointer passed as an argument'

Fixes lib/util/iov_buf.c:50:4: warning: Null pointer passed as an argument to a 'nonnull' parameter <--[clang]
                        memcpy(p, iov[i].iov_base, thislen);
                        ^
1 warning generated.

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

WHATSNEW: changed default/deprecation of allocation roundup size

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Karolin Seeger <kseeger@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Jul  8 09:29:33 UTC 2019 on sn-devel-184

docs-xml: deprecate allocation roundup size parameter

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Sun Jul  7 23:21:55 UTC 2019 on sn-devel-184

param: change default of "allocation roundup size" to 0

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>

torture: fix durable open/alloc-size test

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>

WHATSNEW: Add CTDB updates for 4.11

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jul  5 08:05:00 UTC 2019 on sn-devel-184

ctdb-tools: CID 1449530 - Negative loop bound

Regression introduced by commit
2558f96da1f9be8034f26736c8050bb38a1f82a8.  count should be signed
because list_of_connected_nodes() returns -1 on failure.  Variable i
is used in both signed and unsigned contexts, so add new signed
variable j for use in signed context.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-config: depend on /etc/ctdb/nodes file

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14017

CTDB should start as a disabled unit (systemd) in most of the
distributions and, when trying to enable it for the first time, user
should get an unconfigured, or similar, error.

Depending on /etc/ctdb/nodes file will give a clear direction to final
user on what is needed in order to get cluster up and running. It should
work like previous ENABLED=NO variables in SySV like initialization
scripts.

Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Rename local-daemon.sh dump-logs to print-log

This makes it consistent with print-socket.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jul  5 06:19:11 UTC 2019 on sn-devel-184

ctdb-build: Tweak hacking of rpcgen output

csbuild doesn't like the hack where variable buf is initialised to
itself to avoid an unused variable warning.  buf is unused so remove
it instead.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Don't check if lock_ctx->ctdb_db is NULL

This can never be NULL.  It could probably be NULL in the past when
"all database" locks existed.

There are paths where is is checked for NULL and then later
dereferenced, causing static analysers to produce spurious warnings.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-common: Mark ctdb_fatal() and ctdb_die() as _NORETURN_

This avoids static analysers continuing analysis after calls to these
functions and producing incorrect warnings.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-event: Fix signed/unsigned comparisons by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-database: Fix signed/unsigned comparison by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-event: Assign missing return value

Otherwise ret == 0 is returned from successful call to
ctdb_int32_pull().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-common: Fix signed/unsigned comparisons by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-common: Fix error handling

According to the documentation, sendto() should either send the packet
as given or return with an error.  However, given that it can return
the number of bytes sent, treat the theoretical error of a short
packet send separately, since errno would not be set in this case.

Similarly, treat a short packet recv() separately from an error where
errno is set.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-common: Fix signed/unsigned comparisons by casting

One case needs an extra variable declared.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Drop unused function ctdb_vfork_with_logging()

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-protocol: Avoid signed/unsigned comparison by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-protocol: Variable for return value of strlcpy() should be size_t

This avoids an unnecessary signed/unsigned comparison issue.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-protocol: Fix signed/unsigned comparison by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-protocol: Do not ignore return value of ctdb_g_lock_pull()

clang reports:

  ctdb/protocol/protocol_types.c:5191:3: warning: Value stored to 'ret' is never read

Found by csbuild.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Don't index by PNN when initialising node flags

Indexing by PNN is wrong.

This also removes a signed/unsigned comparison because the PNN is not
compared to -1 anymore.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Replace function ctdb_ip_to_nodeid() with ctdb_ip_to_pnn()

Node ID is a poorly defined concept, indicating the slot in the node
map where the IP address was found.  This signed value also ends up
compared to num_nodes, which is unsigned, producing unwanted warnings.

Just return the PNN because this what both callers really want.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tcp: Fix signed/unsigned comparisons by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Avoid warning about NULL dereference

Static analysis finds that earlier in the call path, ctdb_string_len()
checks for NULL, so complains that a NULL value can be passed to
strlen() here.  Avoid this by adding an assert().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Don't compare an unsigned value with -1

The dummy reader should never be called, so contains an assert on the
buffer length that should always trigger.  Just abort() instead.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Fix signed/unsigned comparisons by casting

These are all cases comparing a number of bytes written (int or
ssize_t) with a size_t, so casting to size_t is appropriate.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Fix signed/unsigned comparisons by declaring as unsigned

Change declarations of variable and parameters, usually loop variables
and limits, from int to unsigned int, size_t or uint32_t.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Fix signed/unsigned comparisons by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Add a local variable for repeated calculation

This improves readability.  Also, the asserts involving this
expression get more complicated in the next commit, so this will keep
those asserts within a single line.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Declare variable for return value of write(2) as ssize_t

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tests: Fix signed/unsigned comparison by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-cluster-mutex: Ensure that the configured command is not empty

... and does not just contain whitespace.

Otherwise NULL can be passed as the first argument to execv().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Drop unused values assigned to variable

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Fix signed/unsigned comparisons by using constant

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Fix signed/unsigned comparisons by casting

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Fix signed/unsigned comparisons by declaring as unsigned

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Make type of list_of_nodes() consistent with callers

Instead of taking exclude_pnn as a parameter, calculate it from an
include_self_parameter, which is passed through from the 2 calling
functions.

While doing this, fix a signed/unsigned comparison issue by declaring
the new exclude_pnn local variable as an unsigned type.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-daemon: Make old list_of_nodes() function static

The next commit will change the type of this function, which is only
used in this file.  So, make it static to isolate the change.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tools: Drop separate parallel+verbose stdout/stderr filtering

This has been broken for 10 years since commit
9616959bd6938e4c5c3713fe986c1e17cbdc574c, which introduced the
separate filtering.  This commit was missing a redirect of the output
of stderr_filter() to stderr.

Since nobody depends on the separate filtering (i.e. nobody reported a
bug), just return to combining stdout and stderr, and filtering them
together.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tools: Drop no-op stdout-filter from non-parallel case

This filter no longer does anything useful in this context.  By
default it adds a pipeline with trailing cat process.  In many
contexts, stdout of the process being run is still open so the cat
process will stay around and will stop onnode from exiting.

The filters should all go away because they are simply an example of
code that is trying to be too clever while causing unfortunate corner
cases.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

ctdb-tools: Drop onnode -o option

I don't think anyone uses this and it causes complications.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

s3:tests: Add test for manual smbtorture zero-data

Ensure that these tests keep working.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  5 05:02:12 UTC 2019 on sn-devel-184

smbtorture: Add smb2.ioctl.zero_data

Allow to manually issue the FSCTL_ZERO_DATA call and verify the
state of the file in the file system.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

smbtorture: Add smb2.ioctl.sparse_set_sparse

This allows for manual testing of changing the sparse setting on a file
and verifying the flag in the file system.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

winexe: Add support for connecting to a host on an alternate port

This commit allows an optional port number to be specified after the
hostname on the winexe command line. If no port is given, it defaults
to port 445, just like it used before. Although this is probably a
pretty uncommon use-case, it allows port-forwarding the service through
a firewall to an alternate port, which can occassionally be helpful.

$ ./bin/winexe -U karl%password1 //127.0.0.1:5445 cmd.exe
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

s4 heimdal_build: Fix static heimdal builds with replacement closefrom()

If Samba was configured with "--nonshared-binary=winexe" to build
winexe as a static binary, and the replacement closefrom() function
was used (which is default on most GNU/Linux systems without the libbsd
development package installed), then winexe would fail to link with the
error message shown below.

[2631/3059] Linking bin/default/examples/winexe/winexe
source4/heimdal/lib/roken/closefrom.c.1.o: In function `rep_closefrom':
closefrom.c:(.text+0x0): multiple definition of `rep_closefrom'
lib/replace/closefrom.c.2.o:closefrom.c:(.text+0x292): first defined here
collect2: error: ld returned 1 exit status

The real problem here was not with the winexe build itself - that was
merely the application that I was attempting to build statically when I
encountered it. As Andrew Bartlett very helpfully pointed out to me, this
regression was introduced when "lib/replace/closefrom.c" was added in
commit 55529d0f and, more to the point, when the heimdal build started
using it in commit 3a7ebd0e. From that point on, any time that Samba's
embedded copy of heimdal was statically linked into an application, it
would fail to link because heimdal's own rep_closefrom() function in its
"roken" library would conflict with the rep_closefrom() function in the
"replace" library used elsewhere in Samba - a library which the "roken"
library itself depends on. To further compound the problem, heimdal's
own "roken" library is also compiled for the host (a necessary
distinction for cross-compiled builds) and linked into a small number of
utility applications used during the heimdal build. However, they can't
link directly against the "replace" library, unlike the main "roken"
library build which carries that dependency, because the "replace"
library is _not_ built for the host.

I solved this problem by eliminating heimdal's version of rep_closefrom()
and making it use the one from "lib/replace" everywhere. That wasn't a
problem for the main heimdal library that is built for the target because
it was already linking in "lib/replace" (that's what caused this problem
in the first place!), but to solve the aforementioned issue with
"lib/replace" not being built for the host, I added
"lib/replace/closefrom.c" to the list of "source4/heimdal/lib/roken"
sources to be built for the host to satisfy heimdal's host utilities.
Everyone wins, I think.

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

winexe: Fix translation of the winexesvc binaries to C

Two small Windows binaries that winexe uses to execute commands on a
remote system, winexesvc32.exe and winexesvc64.exe, are compiled then
translated into a C byte array as hex so that they can be embedded into
the winexe binary. Although the winexesvc binaries were built properly,
the Python method that does the translation to C tried to open them in
text mode, which would have worked in Python 2 before the concept of
bytearrays was introduced, but instead raises an exception in Python 3.
The exception was unfortunately suppressed, so the build didn't stop,
and the winexe binary that was produced was effectively useless because
it didn't contain either winexesvc binary as expected. After winexe
successfully authenticated with a Windows host, it showed the error
message below rather than executing the given command on the remote
system.

$ ./bin/winexe -U karl%password1 -d 2 //192.168.56.3 cmd
winexe_svc_install: dcerpc_svcctl_StartServiceW failed: WERR_BAD_EXE_FORMAT
main: winexe_svc_install failed: NT_STATUS_BAD_INITIAL_PC

This commit fixes that problem by opening the winexesvc binaries in
binary mode rather than text mode when the winexe build script reads
them to translate them to C. Furthermore it adds an additional
sanity check that will cause the winexesvc binary generator commands to
fail if the winexesvc binaries cannot be opened or read correctly to
guarantee that the build does not silently "succeed" if something like
this ever happens again.

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

util: Fix off-by-one error in message about overflow

len includes space for the NUL character, so the calculation needs to
take the NUL character into account.

While touching this, drop unnecessary casts by updating format string
and update to modern debug macro.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  5 02:24:52 UTC 2019 on sn-devel-184

util: Avoid localised underflow

Avoid parenthesising an unsigned subtraction that can be negative and,
therefore, underflow.  There is no need for the parentheses and
removing them results in an expression that is evaluated left-to-right
and can not underflow.

It isn't clear that the underflow matters.  lp <= ls, so if (li - lp)
underflows then ls + (li - lp) will always overflow.  This should
produce the correct answer.  However, depending on this seems wrong.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s4/scripting/smbstatus: begone

Untested and unused.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s4/torture: remove autoidl

This has been turned off by default for 10 years
(since 26e114b83ce1de7515bfbf365), and is only interesting for
nostalgia purposes.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s4/scripting/autoidl: remove it

What does it even do? Possibly nothing, not least because nobody ever
runs it.

It was introduced as source4/scripting/bin/autoidl.py in
a2446e5f8550582c0d4353bb85874dea17cf1d98 ("initial work for script
that uses probing to figure out IDL"). Since then it has only had
superficial patches, generally aimed at Python 3.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/usage: test for --help consistency

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/samba-tool: test --help consistency

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

python/tests: helper function for checking --help consistency

Check that --help output doesn't contradict itself by assigning the same
option string to different meanings (which *does* happen in the ldb tools).

This will be used in the samba-tool help tests and the usage tests.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/usage: generalise to cover non-python scripts

It is not as simple as running everything executable, because for example
.so library files are marked as executable.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests/usage: python scripts --help should be helpful

We want to be sure it says *something* and returns success.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s4/scripting/samba_dnsupdate: print usage with no arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s4/scripting/demodirsync: print usage if no host named

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s4/scripting/mymachinepw: print usage with bad arguments

Also, use sys.exit() function, not exit(), because sys.exit() reliably
exists.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s4/scripting/get-descriptors: print usage with insufficient arguments

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

script/compare_cc_results: print usage on too few args

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

dns_hub: print usage with too few args

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

tests: ensure that most python scripts have usage text

When a script is run with the wrong arguments, it should at least say
something like this:

    Usage: samba-foo [OPTIONS]

For many samba scripts, especially without a server environment, having
no arguments is the wrong arguments.

Here we look for every executable file with '#![...]python[3]' on the
first line, and exclude certain files and directories that have excuses
to fail the test. For example, many selftest scripts are stream-oriented
and will hang forever waiting for stdin, which is not an error. Some
test modules are designed so they can be optionally run from the command
line, but this option is typically only used by the developer who is
writing them.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

WHATSNEW: entries for gnutls and samba-tool

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul  5 00:05:15 UTC 2019 on sn-devel-184

s4/libnet: Fix joining a Windows pre-2008R2 DC

From v4.8 onwards, Samba may not be able join a DC older than 2008R2
because the Windows DC doesn't support GET_TGT.

If the dsdb repl_md code can't resolve a link target it returns an
error, and the calling code (e.g. drs_util.py) should retry with
GET_TGT. However, GET_TGT is only supported on Windows 2008R2 and later,
so if you try to join an earlier Windows DC, the join will throw an
error that you can't work-around.

We can avoid this problem by setting the same DSDB flag that GET_TGT
sets to indicate that the link targets are as up-to-date as possible,
and so there's no point retrying. Missing targets are still logged, so
this at least allows the admin to fix up any problems after the join
completed.

I've only done this for the join case (problems during periodic
replication are probably still worth escalating to an error).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14021
RN: From Samba v4.8 onwards, joining a Windows 2003 or 2008 (non-R2) AD
DC may not have worked. When this problem occurred, the following
message would be displayed:
 'Failed to commit objects: DOS code 0x000021bf'
This particular issue has now been resolved. Note that there may still
be other potential problems that occur when joining an older Windows DC.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

s3: smbd: SMB1 add range checks to reply_fclose().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jul  4 15:40:31 UTC 2019 on sn-devel-184

s3: smbd: SMB1 add range checks to reply_search().

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

vfs_nfs4acl_xattr: fix setting of permissions via NFS

via NFS root may not be priviledged user, so we should not call become_root()
here. The normal NFS4 permissions already handle permission modify right, no
need to do more magic things for Samba here.

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Don't store num_read_oplocks in brlock.tdb

This removes a kludgy implementation that worked around a locking
hierarchy problem: Setting a byte range lock had to contend the level2
oplocks, which are stored in locking.tdb/leases.tdb. We could not
access locking.tdb in the brlock.tdb code, as brlock.tdb might have
been locked first without locking.tdb, violating the locking hierarchy
locking.tdb->brlock.tdb. Now that that problem is gone (see the commit
wrapping do_lock() in share_mode_do_locked()), we can remove this
kludge.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Use share_mode's flags in contend_level2_oplocks

Here we traverse the oplocks and leases when breaking read leases. We
find out here whether any of those are still left.

As it's the receivers of the messages that downgrade the database
entries, we might do that more than once. Possible future
optimization?

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Set SHARE_MODE_HAS_READ_LEASE when downgrading an oplock

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>