ldb: version 1.1.20

- Bug 9810 - validate_ldb of String(Generalized-Time) does not accept millisecond format ".000Z"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

lib/ldb: fix logic in ldb_val_to_time()

040408072012Z should represent 20040408072012.0Z
as well as 20040408072012.000Z or
20040408072012.RandomIgnoredCharaters...Z

Bug: https://bugzilla.samba.org/show_bug.cgi?id=9810

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

Update the tevent_data.dox tutrial stuff to fix some errors, including white
space problems.

Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Ralph Boehme <rb@sernet.de>
Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Sat Jan 24 09:33:03 CET 2015 on sn-devel-104

vfs_glusterfs: Add comments to the pipe(2) code.

The guarantees around read(2) and write(2) and pipes are critical
to understanding this code.  Hopefully these comments will help.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 23 20:58:51 CET 2015 on sn-devel-104

selftest: Run krb5.kdc test against users with a UPN

This tests both a UPN in our own realm, and a UPN with a non-realm suffix.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jan 23 08:10:07 CET 2015 on sn-devel-104

torture-krb5: Check for UPN hanlding in krb5.kdc.canon test

This allows us to confirm correct behaviour when a UPN is in use, particularly
with the canonicalize flag and with enterprise principal names

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

kdc: Correctly return the krbtgt/realm@REALM principal from our KDC

This needs to vary depending on if the client requested the canonicalize flag

This was found by our new krb5.kdc test

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture-krb5: Move checking of server and client names to krb5.kdc.canon

This keeps this test in one place, rather than duplicated between krb5.kdc and krb5.kdc.canon

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture-krb5: Move test of krb5_get_init_creds_opt_set_win2k to krb5.kdc.canon

This allows the impact of this to be verified with the other options we are setting

This also removes duplication in the kdc.c testsuite.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture-krb5: Split the expected behaviour of the RODC up

The expectations of the cached accounts are different to those of the RODC in general.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture-kdc: Skip the request-pac behaviour for now against an RODC

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture-krb5: Add comments

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

kdc: Add TODO to remind us where we need to hook for RODC to get secrets

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

kdc: Fix Samba's KDC to only change the principal in the right cases

If we are set to canonicalize, we get back the fixed UPPER
case realm, and the real username (ie matching LDAP
samAccountName)

Otherwise, if we are set to enterprise, we
get back the whole principal as-sent

Finally, if we are not set to canonicalize, we get back the
fixed UPPER case realm, but the as-sent username

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture-krb5: Add tests for combinations of enterprise, cannon, and different input principals

This combinational test confirms the interactions between a number of differnet
kerberos flags and principal types.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>

torture: Extend krb5.kdc test to confirm correct RODC proxy behaviour

The RODC should answer some requests locally, and others it should defer to the main DC.

We can tell which KDC we talk do by the KVNO of the encrypted parts that are returned
to the KDC.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

sefltest: Add test for enterprise UPN in a different domain

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

kdc: Fix enterpise principal name handling

Based on a patch by Samuel Cabrero <scabrero@zentyal.com>

This ensures we write the correct (implict, samAccountName) based UPN into
the ticket, rather than the userPrincipalName, which will have a different
realm.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>

heimdal: Ensure that HDB_ERR_NOT_FOUND_HERE, critical for the RODC, is not overwritten

This change ensures that our RODC will correctly proxy when asked to provide
a ticket for a service or user where the keys are not on this RODC.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

heimdal: Really bug in KDC handling of enterprise princs

The value of this commit to Samba is to continue to match Heimdal's
upstream code in this area.  Because we set HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL
there is no runtime difference.

(commit message by Andrew Bartlett)

Cherry-pick of Heimdal commit 9aa7883ff2efb3e0a60016c9090c577acfd0779f

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

heimdal: Fix bug in KDC handling of enterprise principals

The useful change in Samba from this commit is that we gain
validation of the enterprise principal name.

(commit message by Andrew Bartlett)

Cherry-pick of Heimdal commit c76ec8ec6a507a6f34ca80c11e5297146acff83f

Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

torture: Extend KDC test to cover more options and modes

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture: Decode expected packets and test KDC behaviour for wrong passwords

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture: Additionally run testsuite for krb5 and KDC behaviour against all the DC envs

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture: Additionally run testsuite for krb5 and KDC behaviour with unprivileged accounts

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture: Run new testsuite for krb5 and KDC behaviour with machine account also

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

torture: Start a new testsuite for krb5 and KDC behaviour

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

s3-pam_smbpass: Correctly initialize variables.

This fixes a coverity warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 22 22:51:59 CET 2015 on sn-devel-104

s3-pam_smbpass: Remove superfluous NULL check for pam functions.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3-pam_smbpass: Make sure PAM_MAXTRIES can be returned.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3-pam_smbpass: Check the return code of secrets_init().

This fixes a coverity warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3-pam_smbpass: Fix set_ctrl() return value.

This fixes a cppcheck warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3-pam_smbpass: Make sure variables are initialized.

This fixes cppcheck warnings.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3-smbspool: Use strtol() instead of atoi().

This fixes a coverity warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

winbind: Fix idmap initialization

The fix is in the sscanf line: %u in the sscanf format mandates the use of
a pointer to an "unsigned". idmap_domain->[low|high]_id are uint32_t. On
little endian 64-bit this might at least put the correct values into
low_id and high_id, but might overwrite the read_only bit set earlier,
depending on structure alignment and packing. On big endian 64-bit,
this will just fail.

Automatic conversion to uint32_t will happen only at assignment, not
when you take a pointer of such a thing.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 22 17:58:16 CET 2015 on sn-devel-104

s3-pam_smbpass: Fix memory leak in pam_sm_authenticate().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11066

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

vfs: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 22 13:14:38 CET 2015 on sn-devel-104

Remove use of the "staticforward" macro

This macro was used for compatibility with broken compilers.
Since Python 2.3, it is always defined as `static`, and only exists
"for source compatibility with old C extensions".

Signed-off-by: Petr Viktorin <pviktori@redhat.com>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

dsdb-tests: Clarify that accounts really do fall back to UF_NORMAL_ACCOUNT if no account set

Also confirm what bits have to be ignored, or otherwise processed

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jan 22 10:16:42 CET 2015 on sn-devel-104

dsdb-samldb: Clarify userAccountControl manipulation code by always using UF_ flags

The use of ACB_ flags was required before msDS-User-Account-Control-Computed was implemented

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb-samldb: Clarify that accounts really do fall back to UF_NORMAL_ACCOUNT if no account set

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb-samldb: Only allow known and settable userAccountControl bits to be set

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb-tests: Show that we can not change the primaryGroupID of a DC

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

s4:dsdb/samldb: let samldb_prim_group_change() protect DOMAIN_RID_{READONLY_,}DCS

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb: Improve userAccountControl handling

We now always check the ACL and invarient rules using the same function

The change to libds is because UF_PARTIAL_SECRETS_ACCOUNT is a flag,
not an account type

This list should only be of the account exclusive account type bits.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb-tests: Add new test samba4.user_account_control.python

This confirms security behaviour of the userAccountControl attribute
as well as the behaviour on ADD as well as MODIFY, for every
userAccountControl bit.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Change-Id: I8cd0e0b3c8d40e8b8aea844189703c756cc372f0
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb: Default to UF_NORMAL_ACCOUNT when no account type is specified

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

libds: UF_PARTIAL_SECRETS_ACCOUNT is a flag, not an account type

This list should only be of the account exclusive account type bits.

Note, this corrects the behaviour in samldb modifies of
userAccountControl.

This reverts 6cb91a8f33516a33210a25e4019f3f3fbbfe61f2

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

dsdb-tests: Align sam.py with Windows 2012R2 and uncomment userAccountControl tests

These tests now pass against Samba and Windows 2012R2.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Change-Id: I1d7ba5e6a720b8da88c667bbbf3a4302c54642f4
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

vfs:glusterfs: whitespace fix.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 22 03:20:17 CET 2015 on sn-devel-104

vfs_snapper: encode and decode Snapper DBus strings

Snapper uses a special character encoding for strings used in DBus
requests and responses. This change ensures that Samba packs and unpacks
strings in the corresponding format, using the previously added
encode/decode helper functions.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11055

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_snapper: add DBus string encoding and decoding helpers

Snapper uses the following mechanism for encoding and decoding strings
used in DBus traffic:
Characters above 127 (0x7F - ASCII DEL) must be encoded hexadecimal as
"\x??". As a consequence "\" must be encoded as "\\".

This change adds string encoding and decoding helpers to vfs_snapper.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11055

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_snapper: free dbus req messages in error paths

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11055

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_glusterfs: Replace eventfd with pipes, for AIO use

Pipes clean up the AIO implementation substantially, due to the fact
that they implement a natural ithread safe queue instead of us
creating our own queue.

Signed-off-by: Ira Cooper <ira@samba.org>
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Wed Jan 21 20:40:11 CET 2015 on sn-devel-104

libcli/auth: add netlogon_creds_cli_GetForestTrustInformation*()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jan 21 17:19:33 CET 2015 on sn-devel-104

libcli/auth: add netlogon_creds_cli_ServerGetTrustInfo*()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

s4:kdc/db-glue: fix supported_enctypes samba_kdc_trust_message2entry()

This avoids writing invalid memory, because num_keys was calculated
in a wrong way...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

libsmb: provide authinfo domain for encrypted session referrals

6c9de0cd056afc0b478c02f1bdb0e06532388037 requires this extra change.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 21 04:29:06 CET 2015 on sn-devel-104

CodingStyle: Update example to use our coding practice.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Jan 20 18:51:55 CET 2015 on sn-devel-104

tdb_wrap: don't let tdb_wrap_open() segfault with name==NULL

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11032

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Jan 19 16:17:28 CET 2015 on sn-devel-104

selftest: use env.SELFTEST_PREFIX to define subunit_cache

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

README.Coding: Add hint for if-statments

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jan 19 13:25:12 CET 2015 on sn-devel-104

docs/idmap_rid: remove deprecated base_rid from example

The base_rid option has been deprecated for some time. Specifying a
value of 1000 (as recommended in the parameter description and example
section) can result in failed mapping of group SIDs, where RIDs do not
start at 1000.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Jan 19 09:09:22 CET 2015 on sn-devel-104

libsmb: provide authinfo domain for DFS referral auth

libsmbclient uses the smbc_init->smbc_get_auth_data_fn() provided
workgroup/domain in initial connections, but then switches to the
default smb.conf workgroup/domain when handling DFS referrals.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libsmb: reuse connections derived from DFS referrals

[MS-DFSC] 3.2.1.1 and 3.2.1.2 states that DFS targets with the same site
location or relative cost are placed in random order in a DFS referral
response.

libsmbclient currently resolves DFS referrals on every API call, always
using the first entry in the referral response. With random ordering,
libsmbclient may open a new server connection, rather than reuse an
existing (cached) connection established in a previous DFS referred API
call.

This change sees libsmbclient check the connection cache for any of the
DFS referral response entries before creating a new connection.

This change is based on a patch by Har Gagan Sahai
<SHarGagan@novell.com>.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10123

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

utils: Fix 'net time' segfault.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058

This is part two of the bugfix. Make sure we pass the IP we found to
cli_servertime(). Hence we always pass at least one of name or IP.

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

cli_connect_nb_send: don't segfault on host == NULL.

The functions called futher down can cope with host == NULL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058

This is part one of the bugfix:
This ensures that it is enough to pass one of host or address to the function.

Pair-Programmed-With: Andreas Schneider <asn@samba.org>

Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

wafsamba: create unique names when building shared modules

After commit 76fdcf5c15bd904c3686f0c2dd93d27486c61ca4, we could endup
with bin/default/source3/auth/libauth-samba4.so being created two times.
Once by SAMBA3_LIBRARY('auth',...) and once again by SAMBA3_MODULE('auth_samba4', ...).

As a result bin/default/source3/auth/libauth-samba4.so gets randomly
overwritten.

SAMBA3_MODULE('auth_samba4', ...) results in
bin/default/source3/auth/libauth_module_samba4.so now.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jan 19 04:43:53 CET 2015 on sn-devel-104

wafsamba: remove unused variable in SAMBA_MODULE()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>

wafsamba: passing 'subsystem' to SAMBA_MODULE() is not optional

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>

wafsamba: make it possible to pass bundled_name to SAMBA_LIBRARY()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>

lib/util: add missing commas to statfs_types

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jan 16 13:24:16 CET 2015 on sn-devel-104

samba3.py: Correctly initialize cache directory for passdb test

Running 'make test TESTS=tests.samba3' succeeds, but the log shows that
it tried to open the gencache tdb in the wrong directory:
Unable to create directory /usr/local/samba/var/cache for file gencache.tdb. Error was No such file or directory

Fix this by correctly initializing the cache directory.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Fri Jan 16 02:36:39 CET 2015 on sn-devel-104

smbd: Stop using vfs_Chdir after SMB_VFS_DISCONNECT.

This sequencing is causing problems for vfs_ceph, and likely
other vfs modules.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 16 00:13:17 CET 2015 on sn-devel-104

CVE-2014-8143:dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl

This requires an additional control to be used in the
LSA server to add domain trust account objects.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Jan 15 14:54:47 CET 2015 on sn-devel-104

CVE-2014-8143:dsdb: Allow use of dsdb_autotransaction_request outside util.c

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Change-Id: If6bc90305a1e9a5a92562a01ba7e44330de91cc1
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

CVE-2014-8143:pydsdb: Pull in UF_USE_AES_KEYS flag

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Change-Id: I36ad5ebc5d8a4811c41b59af90a3add4ae5fd857
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

CVE-2014-8143:auth: Force talloc type of session_info pointer to match

This helps us keep things safe in LDB where we put this in a opaque pointer.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Andrew Bartlett

Change-Id: I46fe53ba655ca0810c276b72fbca524884cdf22d
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

s3: auth - tests: Add test for "force user" being a unix-only user, not in passdb.

https://bugzilla.samba.org/show_bug.cgi?id=11044

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jan 14 08:46:08 CET 2015 on sn-devel-104

s3: auth: Add previously missing allocation fail check.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

s3: auth: Plumb in the SamInfo3_handle_sids() utility function into passwd_to_SamInfo3().

Core fix for:

https://bugzilla.samba.org/show_bug.cgi?id=11044

Based on code from Michael Zeis <mzeis.quantum@gmail.com>

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

s3: auth: Convert samu_to_SamInfo3() to use the new utility function.

Based on code from Michael Zeis <mzeis.quantum@gmail.com>

https://bugzilla.samba.org/show_bug.cgi?id=11044

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

s3: auth: Add a utility function - SamInfo3_handle_sids() that factors out the code to handle "Unix Users" and "Unix Groups".

Based on code from Michael Zeis <mzeis.quantum@gmail.com>

https://bugzilla.samba.org/show_bug.cgi?id=11044

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

rwrap: Bump version to 1.1.2.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jan 13 19:19:25 CET 2015 on sn-devel-104

rwrap: Fix ns_name_compress detection.

On some platforms it is a macro and not a function. So we need to
check if the macro exists.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

rwrap: Bump version to 1.1.1.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

rwrap: Fix a possible NULL dereference.

CID: #84271

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Guenther Deschner <gd@samba.org>

rwrap: If we do not have ns_name_compress() use dn_comp().

This should fix older Linux versions which do not export
ns_name_compress(). In newer glibc versions dn_comp() calls
ns_name_compress().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11019

Reviewed-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>

net: Fix sam addgroupmem

Domain local groups come across as SID_TYPE_ALIAS and are sent to us in the
PAC/Info3 struct. We should allow this in net sam addgroupmem.

Volker

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jan 13 15:28:16 CET 2015 on sn-devel-104

s3-util: Fix authentication with long hostnames.

If the hostname is longer than MAX_NETBIOSNAME_LEN we fail to correctly
check the hostname.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11008

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jan 12 23:10:30 CET 2015 on sn-devel-104

leases_db: don't leak lock_path onto talloc tos

Also check for allocation failures.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jan 12 19:22:31 CET 2015 on sn-devel-104

smbd: Fix a small leak on talloc_tos()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sun Jan 11 20:34:56 CET 2015 on sn-devel-104

smbd: Fix an uninitialized variable read

If dbwrap_fetch_locked failed, we did a TALLOC_FREE(value). Fix this with a
talloc hierarchy.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Make talloc_report of smb_filename more readable

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

vfs_unityed_media: VFS module for sharing AVID projects

Based on <https://code.google.com/p/vfs-unityed-media/>.

The existing VFS module media_harmony has some problems relative to Avid
media sharing:

Avid looks at the modification time of the ingest directory. Since
media_harmony has everyone using the same directory, users (or client
systems) have to somehow create "fake" directories with special names
and then media_harmony returns the mod time of those fake directories
for the different clients rather than the actual mod time of the
communal ingest directory.

To make matters worse, users then have to have a special utility or
understand how to update the modtime on these specially named
directories. Otherwise, their client system will never update the
indexes to show new media.

To make it even worse than that, Avid creates new directories on the
fly, so you can't just set this up statically at the beginning. Avid
will silently create a new directory and your reindexing problems will
start all over until you create new fake directories.

With unityed_media:

* there are no reindexes between clients

* clients don't need to know which directories have been created for
  them, it's automatic.

* clients never have to reindex other systems directories.

* unityed_media let's each client have their own directories.

* unityed_media works much more like Avid's own ISIS servers work.

A module option controls which name is appended to client specific
paths: the username, the hostname (will not work with OS X) or the
client's IP.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jan 10 04:15:04 CET 2015 on sn-devel-104

lib: Simplify iov_buf

According to

https://www.securecoding.cert.org/confluence/display/seccode/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap

we only need to check against one operand.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan  9 23:42:49 CET 2015 on sn-devel-104

unix_msg: Fix 80-line formatting

This is pretty fresh code, so hope this change does not fall under the "no
reformatting" rule yet

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Make sure response->extra_data.data is always cleared out

Otherwise a bad read can sometimes cause the function to return -1 with
an invalid pointer in extra_data.data, which is attempted to be freed
by the caller (e.g. libwbclient/wbc_pam.c wbcAuthenticateUserEx())
by calling winbindd_free_response().

Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

test: Fix quoting

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jan  9 17:33:31 CET 2015 on sn-devel-104

s3-vfs: Fix developer build of vfs_ceph module.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>