Stefan Metzmacher [Mon, 19 Jan 2015 16:17:13 +0000 (17:17 +0100)]
ldb: version 1.1.20
- Bug 9810 - validate_ldb of String(Generalized-Time) does not accept millisecond format ".000Z"
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 19 Jan 2015 14:47:58 +0000 (15:47 +0100)]
lib/ldb: fix logic in ldb_val_to_time()
040408072012Z should represent
20040408072012.0Z
as well as
20040408072012.000Z or
20040408072012.RandomIgnoredCharaters...Z
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9810
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Richard Sharpe [Sat, 24 Jan 2015 05:56:19 +0000 (21:56 -0800)]
Update the tevent_data.dox tutrial stuff to fix some errors, including white
space problems.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Ralph Boehme <rb@sernet.de>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Sat Jan 24 09:33:03 CET 2015 on sn-devel-104
Ira Cooper [Thu, 22 Jan 2015 22:14:31 +0000 (17:14 -0500)]
vfs_glusterfs: Add comments to the pipe(2) code.
The guarantees around read(2) and write(2) and pipes are critical
to understanding this code. Hopefully these comments will help.
Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 23 20:58:51 CET 2015 on sn-devel-104
Andrew Bartlett [Fri, 23 Jan 2015 04:19:41 +0000 (17:19 +1300)]
selftest: Run krb5.kdc test against users with a UPN
This tests both a UPN in our own realm, and a UPN with a non-realm suffix.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jan 23 08:10:07 CET 2015 on sn-devel-104
Andrew Bartlett [Fri, 23 Jan 2015 03:43:48 +0000 (16:43 +1300)]
torture-krb5: Check for UPN hanlding in krb5.kdc.canon test
This allows us to confirm correct behaviour when a UPN is in use, particularly
with the canonicalize flag and with enterprise principal names
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 23 Jan 2015 03:41:50 +0000 (16:41 +1300)]
kdc: Correctly return the krbtgt/realm@REALM principal from our KDC
This needs to vary depending on if the client requested the canonicalize flag
This was found by our new krb5.kdc test
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 23 Jan 2015 01:28:56 +0000 (14:28 +1300)]
torture-krb5: Move checking of server and client names to krb5.kdc.canon
This keeps this test in one place, rather than duplicated between krb5.kdc and krb5.kdc.canon
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 23 Jan 2015 01:38:51 +0000 (14:38 +1300)]
torture-krb5: Move test of krb5_get_init_creds_opt_set_win2k to krb5.kdc.canon
This allows the impact of this to be verified with the other options we are setting
This also removes duplication in the kdc.c testsuite.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 23 Jan 2015 01:28:28 +0000 (14:28 +1300)]
torture-krb5: Split the expected behaviour of the RODC up
The expectations of the cached accounts are different to those of the RODC in general.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 23 Jan 2015 01:09:33 +0000 (14:09 +1300)]
torture-kdc: Skip the request-pac behaviour for now against an RODC
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 23 Jan 2015 01:07:41 +0000 (14:07 +1300)]
torture-krb5: Add comments
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Fri, 23 Jan 2015 04:39:45 +0000 (17:39 +1300)]
kdc: Add TODO to remind us where we need to hook for RODC to get secrets
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 22 Jan 2015 01:11:52 +0000 (14:11 +1300)]
kdc: Fix Samba's KDC to only change the principal in the right cases
If we are set to canonicalize, we get back the fixed UPPER
case realm, and the real username (ie matching LDAP
samAccountName)
Otherwise, if we are set to enterprise, we
get back the whole principal as-sent
Finally, if we are not set to canonicalize, we get back the
fixed UPPER case realm, but the as-sent username
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 21 Jan 2015 04:27:09 +0000 (17:27 +1300)]
torture-krb5: Add tests for combinations of enterprise, cannon, and different input principals
This combinational test confirms the interactions between a number of differnet
kerberos flags and principal types.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Wed, 21 Jan 2015 02:57:40 +0000 (15:57 +1300)]
torture: Extend krb5.kdc test to confirm correct RODC proxy behaviour
The RODC should answer some requests locally, and others it should defer to the main DC.
We can tell which KDC we talk do by the KVNO of the encrypted parts that are returned
to the KDC.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 18 Dec 2014 04:23:43 +0000 (17:23 +1300)]
sefltest: Add test for enterprise UPN in a different domain
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 17 Dec 2014 04:02:53 +0000 (17:02 +1300)]
kdc: Fix enterpise principal name handling
Based on a patch by Samuel Cabrero <scabrero@zentyal.com>
This ensures we write the correct (implict, samAccountName) based UPN into
the ticket, rather than the userPrincipalName, which will have a different
realm.
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Andrew Bartlett [Tue, 20 Jan 2015 22:45:45 +0000 (11:45 +1300)]
heimdal: Ensure that HDB_ERR_NOT_FOUND_HERE, critical for the RODC, is not overwritten
This change ensures that our RODC will correctly proxy when asked to provide
a ticket for a service or user where the keys are not on this RODC.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Nicolas Williams [Wed, 17 Dec 2014 03:57:40 +0000 (16:57 +1300)]
heimdal: Really bug in KDC handling of enterprise princs
The value of this commit to Samba is to continue to match Heimdal's
upstream code in this area. Because we set HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL
there is no runtime difference.
(commit message by Andrew Bartlett)
Cherry-pick of Heimdal commit
9aa7883ff2efb3e0a60016c9090c577acfd0779f
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Nicolas Williams [Wed, 17 Dec 2014 03:55:34 +0000 (16:55 +1300)]
heimdal: Fix bug in KDC handling of enterprise principals
The useful change in Samba from this commit is that we gain
validation of the enterprise principal name.
(commit message by Andrew Bartlett)
Cherry-pick of Heimdal commit
c76ec8ec6a507a6f34ca80c11e5297146acff83f
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 6 Jan 2015 00:24:04 +0000 (13:24 +1300)]
torture: Extend KDC test to cover more options and modes
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 5 Jan 2015 04:48:50 +0000 (17:48 +1300)]
torture: Decode expected packets and test KDC behaviour for wrong passwords
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 5 Jan 2015 03:48:08 +0000 (16:48 +1300)]
torture: Additionally run testsuite for krb5 and KDC behaviour against all the DC envs
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 5 Jan 2015 03:32:23 +0000 (16:32 +1300)]
torture: Additionally run testsuite for krb5 and KDC behaviour with unprivileged accounts
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 5 Jan 2015 03:07:42 +0000 (16:07 +1300)]
torture: Run new testsuite for krb5 and KDC behaviour with machine account also
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Mon, 5 Jan 2015 01:54:45 +0000 (14:54 +1300)]
torture: Start a new testsuite for krb5 and KDC behaviour
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 22 Jan 2015 09:16:28 +0000 (10:16 +0100)]
s3-pam_smbpass: Correctly initialize variables.
This fixes a coverity warning.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 22 22:51:59 CET 2015 on sn-devel-104
Andreas Schneider [Thu, 22 Jan 2015 09:13:37 +0000 (10:13 +0100)]
s3-pam_smbpass: Remove superfluous NULL check for pam functions.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 22 Jan 2015 09:05:41 +0000 (10:05 +0100)]
s3-pam_smbpass: Make sure PAM_MAXTRIES can be returned.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 22 Jan 2015 08:51:10 +0000 (09:51 +0100)]
s3-pam_smbpass: Check the return code of secrets_init().
This fixes a coverity warning.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 22 Jan 2015 08:50:01 +0000 (09:50 +0100)]
s3-pam_smbpass: Fix set_ctrl() return value.
This fixes a cppcheck warning.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 22 Jan 2015 08:40:53 +0000 (09:40 +0100)]
s3-pam_smbpass: Make sure variables are initialized.
This fixes cppcheck warnings.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Thu, 22 Jan 2015 08:57:58 +0000 (09:57 +0100)]
s3-smbspool: Use strtol() instead of atoi().
This fixes a coverity warning.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 22 Jan 2015 12:08:52 +0000 (12:08 +0000)]
winbind: Fix idmap initialization
The fix is in the sscanf line: %u in the sscanf format mandates the use of
a pointer to an "unsigned". idmap_domain->[low|high]_id are uint32_t. On
little endian 64-bit this might at least put the correct values into
low_id and high_id, but might overwrite the read_only bit set earlier,
depending on structure alignment and packing. On big endian 64-bit,
this will just fail.
Automatic conversion to uint32_t will happen only at assignment, not
when you take a pointer of such a thing.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 22 17:58:16 CET 2015 on sn-devel-104
Andreas Schneider [Thu, 22 Jan 2015 09:27:59 +0000 (10:27 +0100)]
s3-pam_smbpass: Fix memory leak in pam_sm_authenticate().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11066
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Volker Lendecke [Wed, 21 Jan 2015 19:49:24 +0000 (20:49 +0100)]
vfs: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 22 13:14:38 CET 2015 on sn-devel-104
Petr Viktorin [Wed, 3 Dec 2014 12:59:58 +0000 (13:59 +0100)]
Remove use of the "staticforward" macro
This macro was used for compatibility with broken compilers.
Since Python 2.3, it is always defined as `static`, and only exists
"for source compatibility with old C extensions".
Signed-off-by: Petr Viktorin <pviktori@redhat.com>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Andrew Bartlett [Tue, 6 Jan 2015 03:49:14 +0000 (16:49 +1300)]
dsdb-tests: Clarify that accounts really do fall back to UF_NORMAL_ACCOUNT if no account set
Also confirm what bits have to be ignored, or otherwise processed
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jan 22 10:16:42 CET 2015 on sn-devel-104
Andrew Bartlett [Tue, 6 Jan 2015 03:48:40 +0000 (16:48 +1300)]
dsdb-samldb: Clarify userAccountControl manipulation code by always using UF_ flags
The use of ACB_ flags was required before msDS-User-Account-Control-Computed was implemented
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 6 Jan 2015 03:47:36 +0000 (16:47 +1300)]
dsdb-samldb: Clarify that accounts really do fall back to UF_NORMAL_ACCOUNT if no account set
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 6 Jan 2015 03:43:37 +0000 (16:43 +1300)]
dsdb-samldb: Only allow known and settable userAccountControl bits to be set
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 10 Dec 2014 02:54:11 +0000 (15:54 +1300)]
dsdb-tests: Show that we can not change the primaryGroupID of a DC
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 1 Apr 2014 17:22:35 +0000 (19:22 +0200)]
s4:dsdb/samldb: let samldb_prim_group_change() protect DOMAIN_RID_{READONLY_,}DCS
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 10 Dec 2014 01:15:54 +0000 (14:15 +1300)]
dsdb: Improve userAccountControl handling
We now always check the ACL and invarient rules using the same function
The change to libds is because UF_PARTIAL_SECRETS_ACCOUNT is a flag,
not an account type
This list should only be of the account exclusive account type bits.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 8 Dec 2014 02:07:59 +0000 (15:07 +1300)]
dsdb-tests: Add new test samba4.user_account_control.python
This confirms security behaviour of the userAccountControl attribute
as well as the behaviour on ADD as well as MODIFY, for every
userAccountControl bit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Change-Id: I8cd0e0b3c8d40e8b8aea844189703c756cc372f0
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 10 Dec 2014 01:26:28 +0000 (14:26 +1300)]
dsdb: Default to UF_NORMAL_ACCOUNT when no account type is specified
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Wed, 10 Dec 2014 01:15:54 +0000 (14:15 +1300)]
libds: UF_PARTIAL_SECRETS_ACCOUNT is a flag, not an account type
This list should only be of the account exclusive account type bits.
Note, this corrects the behaviour in samldb modifies of
userAccountControl.
This reverts
6cb91a8f33516a33210a25e4019f3f3fbbfe61f2
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 8 Dec 2014 01:31:42 +0000 (14:31 +1300)]
dsdb-tests: Align sam.py with Windows 2012R2 and uncomment userAccountControl tests
These tests now pass against Samba and Windows 2012R2.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Change-Id: I1d7ba5e6a720b8da88c667bbbf3a4302c54642f4
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Michael Adam [Wed, 21 Jan 2015 21:07:53 +0000 (22:07 +0100)]
vfs:glusterfs: whitespace fix.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 22 03:20:17 CET 2015 on sn-devel-104
David Disseldorp [Wed, 21 Jan 2015 17:16:57 +0000 (18:16 +0100)]
vfs_snapper: encode and decode Snapper DBus strings
Snapper uses a special character encoding for strings used in DBus
requests and responses. This change ensures that Samba packs and unpacks
strings in the corresponding format, using the previously added
encode/decode helper functions.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11055
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Wed, 21 Jan 2015 17:16:56 +0000 (18:16 +0100)]
vfs_snapper: add DBus string encoding and decoding helpers
Snapper uses the following mechanism for encoding and decoding strings
used in DBus traffic:
Characters above 127 (0x7F - ASCII DEL) must be encoded hexadecimal as
"\x??". As a consequence "\" must be encoded as "\\".
This change adds string encoding and decoding helpers to vfs_snapper.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11055
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Wed, 21 Jan 2015 17:16:55 +0000 (18:16 +0100)]
vfs_snapper: free dbus req messages in error paths
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11055
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ira Cooper [Tue, 20 Jan 2015 04:08:17 +0000 (23:08 -0500)]
vfs_glusterfs: Replace eventfd with pipes, for AIO use
Pipes clean up the AIO implementation substantially, due to the fact
that they implement a natural ithread safe queue instead of us
creating our own queue.
Signed-off-by: Ira Cooper <ira@samba.org>
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Wed Jan 21 20:40:11 CET 2015 on sn-devel-104
Stefan Metzmacher [Mon, 22 Dec 2014 21:02:04 +0000 (22:02 +0100)]
libcli/auth: add netlogon_creds_cli_GetForestTrustInformation*()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jan 21 17:19:33 CET 2015 on sn-devel-104
Stefan Metzmacher [Mon, 22 Dec 2014 20:48:18 +0000 (21:48 +0100)]
libcli/auth: add netlogon_creds_cli_ServerGetTrustInfo*()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Stefan Metzmacher [Tue, 20 Jan 2015 10:52:22 +0000 (10:52 +0000)]
s4:kdc/db-glue: fix supported_enctypes samba_kdc_trust_message2entry()
This avoids writing invalid memory, because num_keys was calculated
in a wrong way...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
David Disseldorp [Mon, 19 Jan 2015 12:39:35 +0000 (13:39 +0100)]
libsmb: provide authinfo domain for encrypted session referrals
6c9de0cd056afc0b478c02f1bdb0e06532388037 requires this extra change.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 21 04:29:06 CET 2015 on sn-devel-104
Andreas Schneider [Tue, 20 Jan 2015 11:07:38 +0000 (12:07 +0100)]
CodingStyle: Update example to use our coding practice.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Jan 20 18:51:55 CET 2015 on sn-devel-104
Stefan Metzmacher [Mon, 19 Jan 2015 11:37:13 +0000 (12:37 +0100)]
tdb_wrap: don't let tdb_wrap_open() segfault with name==NULL
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11032
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Jan 19 16:17:28 CET 2015 on sn-devel-104
Stefan Metzmacher [Sat, 10 Jan 2015 08:51:45 +0000 (09:51 +0100)]
selftest: use env.SELFTEST_PREFIX to define subunit_cache
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Mon, 19 Jan 2015 09:48:20 +0000 (10:48 +0100)]
README.Coding: Add hint for if-statments
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jan 19 13:25:12 CET 2015 on sn-devel-104
David Disseldorp [Fri, 16 Jan 2015 15:21:24 +0000 (16:21 +0100)]
docs/idmap_rid: remove deprecated base_rid from example
The base_rid option has been deprecated for some time. Specifying a
value of 1000 (as recommended in the parameter description and example
section) can result in failed mapping of group SIDs, where RIDs do not
start at 1000.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Jan 19 09:09:22 CET 2015 on sn-devel-104
David Disseldorp [Fri, 16 Jan 2015 15:21:23 +0000 (16:21 +0100)]
libsmb: provide authinfo domain for DFS referral auth
libsmbclient uses the smbc_init->smbc_get_auth_data_fn() provided
workgroup/domain in initial connections, but then switches to the
default smb.conf workgroup/domain when handling DFS referrals.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
David Disseldorp [Fri, 16 Jan 2015 15:21:22 +0000 (16:21 +0100)]
libsmb: reuse connections derived from DFS referrals
[MS-DFSC] 3.2.1.1 and 3.2.1.2 states that DFS targets with the same site
location or relative cost are placed in random order in a DFS referral
response.
libsmbclient currently resolves DFS referrals on every API call, always
using the first entry in the referral response. With random ordering,
libsmbclient may open a new server connection, rather than reuse an
existing (cached) connection established in a previous DFS referred API
call.
This change sees libsmbclient check the connection cache for any of the
DFS referral response entries before creating a new connection.
This change is based on a patch by Har Gagan Sahai
<SHarGagan@novell.com>.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10123
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Andreas Schneider [Tue, 13 Jan 2015 16:04:26 +0000 (17:04 +0100)]
utils: Fix 'net time' segfault.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058
This is part two of the bugfix. Make sure we pass the IP we found to
cli_servertime(). Hence we always pass at least one of name or IP.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Michael Adam [Fri, 16 Jan 2015 15:18:45 +0000 (16:18 +0100)]
cli_connect_nb_send: don't segfault on host == NULL.
The functions called futher down can cope with host == NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058
This is part one of the bugfix:
This ensures that it is enough to pass one of host or address to the function.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Stefan Metzmacher [Fri, 16 Jan 2015 23:24:53 +0000 (00:24 +0100)]
wafsamba: create unique names when building shared modules
After commit
76fdcf5c15bd904c3686f0c2dd93d27486c61ca4, we could endup
with bin/default/source3/auth/libauth-samba4.so being created two times.
Once by SAMBA3_LIBRARY('auth',...) and once again by SAMBA3_MODULE('auth_samba4', ...).
As a result bin/default/source3/auth/libauth-samba4.so gets randomly
overwritten.
SAMBA3_MODULE('auth_samba4', ...) results in
bin/default/source3/auth/libauth_module_samba4.so now.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jan 19 04:43:53 CET 2015 on sn-devel-104
Stefan Metzmacher [Fri, 16 Jan 2015 23:24:53 +0000 (00:24 +0100)]
wafsamba: remove unused variable in SAMBA_MODULE()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Stefan Metzmacher [Fri, 16 Jan 2015 23:24:53 +0000 (00:24 +0100)]
wafsamba: passing 'subsystem' to SAMBA_MODULE() is not optional
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Stefan Metzmacher [Fri, 16 Jan 2015 23:24:53 +0000 (00:24 +0100)]
wafsamba: make it possible to pass bundled_name to SAMBA_LIBRARY()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Ralph Boehme [Thu, 15 Jan 2015 20:08:47 +0000 (21:08 +0100)]
lib/util: add missing commas to statfs_types
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jan 16 13:24:16 CET 2015 on sn-devel-104
Christof Schmitt [Thu, 15 Jan 2015 21:31:19 +0000 (14:31 -0700)]
samba3.py: Correctly initialize cache directory for passdb test
Running 'make test TESTS=tests.samba3' succeeds, but the log shows that
it tried to open the gencache tdb in the wrong directory:
Unable to create directory /usr/local/samba/var/cache for file gencache.tdb. Error was No such file or directory
Fix this by correctly initializing the cache directory.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Fri Jan 16 02:36:39 CET 2015 on sn-devel-104
Ira Cooper [Thu, 15 Jan 2015 16:41:50 +0000 (11:41 -0500)]
smbd: Stop using vfs_Chdir after SMB_VFS_DISCONNECT.
This sequencing is causing problems for vfs_ceph, and likely
other vfs modules.
Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 16 00:13:17 CET 2015 on sn-devel-104
Andrew Bartlett [Thu, 4 Dec 2014 04:23:29 +0000 (17:23 +1300)]
CVE-2014-8143:dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl
This requires an additional control to be used in the
LSA server to add domain trust account objects.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Jan 15 14:54:47 CET 2015 on sn-devel-104
Andrew Bartlett [Mon, 8 Dec 2014 01:20:21 +0000 (14:20 +1300)]
CVE-2014-8143:dsdb: Allow use of dsdb_autotransaction_request outside util.c
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Change-Id: If6bc90305a1e9a5a92562a01ba7e44330de91cc1
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sun, 7 Dec 2014 23:19:19 +0000 (12:19 +1300)]
CVE-2014-8143:pydsdb: Pull in UF_USE_AES_KEYS flag
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Change-Id: I36ad5ebc5d8a4811c41b59af90a3add4ae5fd857
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 11 Nov 2014 02:23:02 +0000 (15:23 +1300)]
CVE-2014-8143:auth: Force talloc type of session_info pointer to match
This helps us keep things safe in LDB where we put this in a opaque pointer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993
Andrew Bartlett
Change-Id: I46fe53ba655ca0810c276b72fbca524884cdf22d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Tue, 13 Jan 2015 21:49:58 +0000 (13:49 -0800)]
s3: auth - tests: Add test for "force user" being a unix-only user, not in passdb.
https://bugzilla.samba.org/show_bug.cgi?id=11044
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jan 14 08:46:08 CET 2015 on sn-devel-104
Jeremy Allison [Tue, 13 Jan 2015 21:49:36 +0000 (13:49 -0800)]
s3: auth: Add previously missing allocation fail check.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Tue, 13 Jan 2015 21:45:16 +0000 (13:45 -0800)]
s3: auth: Plumb in the SamInfo3_handle_sids() utility function into passwd_to_SamInfo3().
Core fix for:
https://bugzilla.samba.org/show_bug.cgi?id=11044
Based on code from Michael Zeis <mzeis.quantum@gmail.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Tue, 13 Jan 2015 21:39:21 +0000 (13:39 -0800)]
s3: auth: Convert samu_to_SamInfo3() to use the new utility function.
Based on code from Michael Zeis <mzeis.quantum@gmail.com>
https://bugzilla.samba.org/show_bug.cgi?id=11044
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Jeremy Allison [Tue, 13 Jan 2015 21:35:56 +0000 (13:35 -0800)]
s3: auth: Add a utility function - SamInfo3_handle_sids() that factors out the code to handle "Unix Users" and "Unix Groups".
Based on code from Michael Zeis <mzeis.quantum@gmail.com>
https://bugzilla.samba.org/show_bug.cgi?id=11044
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Andreas Schneider [Tue, 13 Jan 2015 14:14:25 +0000 (15:14 +0100)]
rwrap: Bump version to 1.1.2.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jan 13 19:19:25 CET 2015 on sn-devel-104
Andreas Schneider [Tue, 13 Jan 2015 14:13:40 +0000 (15:13 +0100)]
rwrap: Fix ns_name_compress detection.
On some platforms it is a macro and not a function. So we need to
check if the macro exists.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Andreas Schneider [Mon, 12 Jan 2015 16:36:44 +0000 (17:36 +0100)]
rwrap: Bump version to 1.1.1.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Mon, 12 Jan 2015 16:33:58 +0000 (17:33 +0100)]
rwrap: Fix a possible NULL dereference.
CID: #84271
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Andreas Schneider [Mon, 12 Jan 2015 16:32:45 +0000 (17:32 +0100)]
rwrap: If we do not have ns_name_compress() use dn_comp().
This should fix older Linux versions which do not export
ns_name_compress(). In newer glibc versions dn_comp() calls
ns_name_compress().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11019
Reviewed-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Volker Lendecke [Tue, 13 Jan 2015 11:51:13 +0000 (12:51 +0100)]
net: Fix sam addgroupmem
Domain local groups come across as SID_TYPE_ALIAS and are sent to us in the
PAC/Info3 struct. We should allow this in net sam addgroupmem.
Volker
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jan 13 15:28:16 CET 2015 on sn-devel-104
Andreas Schneider [Mon, 12 Jan 2015 17:12:13 +0000 (18:12 +0100)]
s3-util: Fix authentication with long hostnames.
If the hostname is longer than MAX_NETBIOSNAME_LEN we fail to correctly
check the hostname.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11008
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jan 12 23:10:30 CET 2015 on sn-devel-104
David Disseldorp [Mon, 12 Jan 2015 15:49:54 +0000 (16:49 +0100)]
leases_db: don't leak lock_path onto talloc tos
Also check for allocation failures.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jan 12 19:22:31 CET 2015 on sn-devel-104
Volker Lendecke [Fri, 9 Jan 2015 14:47:18 +0000 (15:47 +0100)]
smbd: Fix a small leak on talloc_tos()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sun Jan 11 20:34:56 CET 2015 on sn-devel-104
Volker Lendecke [Fri, 9 Jan 2015 14:45:41 +0000 (15:45 +0100)]
smbd: Fix an uninitialized variable read
If dbwrap_fetch_locked failed, we did a TALLOC_FREE(value). Fix this with a
talloc hierarchy.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Volker Lendecke [Fri, 9 Jan 2015 14:38:19 +0000 (15:38 +0100)]
smbd: Make talloc_report of smb_filename more readable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Wed, 22 Oct 2014 17:17:12 +0000 (19:17 +0200)]
vfs_unityed_media: VFS module for sharing AVID projects
Based on <https://code.google.com/p/vfs-unityed-media/>.
The existing VFS module media_harmony has some problems relative to Avid
media sharing:
Avid looks at the modification time of the ingest directory. Since
media_harmony has everyone using the same directory, users (or client
systems) have to somehow create "fake" directories with special names
and then media_harmony returns the mod time of those fake directories
for the different clients rather than the actual mod time of the
communal ingest directory.
To make matters worse, users then have to have a special utility or
understand how to update the modtime on these specially named
directories. Otherwise, their client system will never update the
indexes to show new media.
To make it even worse than that, Avid creates new directories on the
fly, so you can't just set this up statically at the beginning. Avid
will silently create a new directory and your reindexing problems will
start all over until you create new fake directories.
With unityed_media:
* there are no reindexes between clients
* clients don't need to know which directories have been created for
them, it's automatic.
* clients never have to reindex other systems directories.
* unityed_media let's each client have their own directories.
* unityed_media works much more like Avid's own ISIS servers work.
A module option controls which name is appended to client specific
paths: the username, the hostname (will not work with OS X) or the
client's IP.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jan 10 04:15:04 CET 2015 on sn-devel-104
Volker Lendecke [Sun, 21 Dec 2014 13:52:17 +0000 (14:52 +0100)]
lib: Simplify iov_buf
According to
https://www.securecoding.cert.org/confluence/display/seccode/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap
we only need to check against one operand.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 9 23:42:49 CET 2015 on sn-devel-104
Volker Lendecke [Tue, 25 Nov 2014 17:50:25 +0000 (18:50 +0100)]
unix_msg: Fix 80-line formatting
This is pretty fresh code, so hope this change does not fall under the "no
reformatting" rule yet
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Matthew Newton [Thu, 8 Jan 2015 15:11:15 +0000 (15:11 +0000)]
Make sure response->extra_data.data is always cleared out
Otherwise a bad read can sometimes cause the function to return -1 with
an invalid pointer in extra_data.data, which is attempted to be freed
by the caller (e.g. libwbclient/wbc_pam.c wbcAuthenticateUserEx())
by calling winbindd_free_response().
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 8 Dec 2014 16:12:24 +0000 (17:12 +0100)]
test: Fix quoting
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jan 9 17:33:31 CET 2015 on sn-devel-104
Günther Deschner [Fri, 9 Jan 2015 11:54:51 +0000 (12:54 +0100)]
s3-vfs: Fix developer build of vfs_ceph module.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>