Jule Anger [Wed, 27 Mar 2024 16:12:54 +0000 (17:12 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.20.0 release.
Signed-off-by: Jule Anger <janger@samba.org>
Jule Anger [Wed, 27 Mar 2024 16:10:58 +0000 (17:10 +0100)]
WHATSNEW: Add release notes for Samba 4.20.0.
Signed-off-by: Jule Anger <janger@samba.org>
Björn Jacke [Wed, 24 Jan 2024 23:46:38 +0000 (00:46 +0100)]
Revert "token_util.c: prefer capabilities over become_root"
This reverts commit
944cb51506a94084d7ab52ee044fe6f66e1aaeb9.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Mar 27 10:47:23 UTC 2024 on atb-devel-224
(cherry picked from commit
0dec2ef188a93504da873d927ca2b26f8c491fb8)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Wed Mar 27 16:51:00 UTC 2024 on atb-devel-224
Björn Jacke [Mon, 25 Mar 2024 16:04:45 +0000 (17:04 +0100)]
Revert "dosmode.c: prefer use of capabilities at two places over become_root"
This reverts commit
c1e2fbb1b9a7551becf5caa0f08d434edf9ad862.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
32aa11e9b570ce1c0bec889b699bc4897c9d9843)
Björn Jacke [Mon, 25 Mar 2024 16:04:23 +0000 (17:04 +0100)]
Revert "nfs4_acls.c: prefer capabilities over become_root"
This reverts commit
06e5c1e32ea7907523cc19f021225e7541e2075f.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
33e88911ee7a8974d52021632ca25c1ddfcb6f45)
Björn Jacke [Mon, 25 Mar 2024 16:04:17 +0000 (17:04 +0100)]
Revert "vfs_acl_common.c: prefer capabilities over become_root"
This reverts commit
12734848dc9901b932644139aaa7e3f78e55c8dc.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
af7b930e2bfe2275cee14dc2154f2aea8875fa63)
Björn Jacke [Mon, 25 Mar 2024 16:03:57 +0000 (17:03 +0100)]
Revert "vfs_default.c: prefer capabilities over become_root"
This reverts commit
62464bd2db2a95b1253364f4493bbb6770b73193.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
52ad635b2705bcfc8166bd90b1ad35ebb9cbc986)
Björn Jacke [Mon, 25 Mar 2024 16:03:50 +0000 (17:03 +0100)]
Revert "vfs_posix_eadb.c: prefer capabilities over become_root"
This reverts commit
92278418dc885ed411f545e73c800ce93f858090.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
10c7a3e47c62dcb1dfe7e384960d60cafcb9e44e)
Björn Jacke [Mon, 25 Mar 2024 16:03:44 +0000 (17:03 +0100)]
Revert "vfs_recycle.c: prefer capabilities over become_root"
This reverts commit
4227b011f6ada97a4cd72a440ed887ffdb3f219e.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
7f19afbd40d3ad3c8d186d0a2a64d07a2a8bd00a)
Björn Jacke [Mon, 25 Mar 2024 16:03:35 +0000 (17:03 +0100)]
Revert "open.c: prefer capabilities over become_root"
This reverts commit
b250f25fe407f9a6269b804382de4854501f2d86.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
88eb58af6783ad23d2e2b602ee9fdbbdf556b354)
Björn Jacke [Mon, 25 Mar 2024 16:03:28 +0000 (17:03 +0100)]
Revert "posix_acls.c: prefer capabilities over become_root"
This reverts commit
1edf9ecaf56f3312e199e633bff0804243042e33.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
87479544381e103ee2b1def574a5865a3f6a93d9)
Björn Jacke [Mon, 25 Mar 2024 16:03:14 +0000 (17:03 +0100)]
Revert "dosmode: prefer capabilities over become_root"
This reverts commit
5e925f9755fad180863861157aa7548d83dd3fde.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15583
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
58ea952fd0c716f94b1b79b8ed1829bb72732ccc)
Noel Power [Tue, 20 Feb 2024 09:26:29 +0000 (09:26 +0000)]
s3/smbd: If we fail to close file_handle ensure we should reset the fd
if fsp_flags.fstat_before_close == true then close_file_smb will call
vfs_stat which can fail. If it does fail then the fd associated
with the file handle will still be set (and we will hit an assert
is the file handle destructor) when calling file_free.
We need to set fd to -1 to avoid that. To achieve that we capture and
return the vfs_stat_fsp failure status while still processing the rest
of the fd_close logic.
[2024/02/20 09:23:48.454671, 0, pid=9744] ../../source3/smbd/smb2_close.c:226(smbd_smb2_close)
smbd_smb2_close: close_file[]: NT_STATUS_ACCESS_DENIED
[2024/02/20 09:23:48.454757, 0, pid=9744] ../../source3/smbd/fd_handle.c:40(fd_handle_destructor)
PANIC: assert failed at ../../source3/smbd/fd_handle.c(40): (fh->fd == -1) || (fh->fd == AT_FDCWD)
[2024/02/20 09:23:48.454781, 0, pid=9744] ../../lib/util/fault.c:178(smb_panic_log)
===============================================================
[2024/02/20 09:23:48.454804, 0, pid=9744] ../../lib/util/fault.c:185(smb_panic_log)
INTERNAL ERROR: assert failed: (fh->fd == -1) || (fh->fd == AT_FDCWD) in smbd (smbd[192.168.10) (client [192.168.100.15]) pid 9744 (4.21.0pre1-DEVELOPERBUILD)
[2024/02/20 09:23:48.454844, 0, pid=9744] ../../lib/util/fault.c:190(smb_panic_log)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
[2024/02/20 09:23:48.454869, 0, pid=9744] ../../lib/util/fault.c:191(smb_panic_log)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15527
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Wed Mar 13 10:34:45 UTC 2024 on atb-devel-224
(cherry picked from commit
6ee3f809a54d7b833ff798e68a93ada00a215d4d)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Wed Mar 27 15:41:37 UTC 2024 on atb-devel-224
Ralph Boehme [Mon, 5 Feb 2024 14:03:48 +0000 (15:03 +0100)]
smbd: simplify handling of failing fstat() after unlinking file
close_remove_share_mode() already called vfs_stat_fsp(), so we can skip the
fstat() triggered in fd_close() by fsp->fsp_flags.fstat_before_close being true.
This avoids getting an EACCESS error when doing an fstat() on the removed file
which seems to happen with some FUSE filesystems.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15527
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
6e6324cff29089a636823786183222a73fe7cb28)
Douglas Bagnall [Fri, 22 Mar 2024 19:27:41 +0000 (08:27 +1300)]
ndr: always attempt ACE coda pull if ACE type suggests a coda
We were skipping the pull in cases where the coda size was calculated
to be zero. This has the right result for empty conditional ACEs, but
not for Resource Attribute ACEs where the
CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 coda was not intialised.
The situation is made a bit worse, because the function that
calculates the coda size (ndr_subcontext_size_of_ace_coda()) can
return zero in conditions that are not exactly errors, but in which
the would-be calculated value makes so little sense that zero is
thought to be a safer default.
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66577
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15613
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 25 06:00:21 UTC 2024 on atb-devel-224
(cherry picked from commit
6fb98f70c6274e172787c8d5f73aa93920171e7c)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Tue Mar 26 11:17:58 UTC 2024 on atb-devel-224
Jo Sutton [Tue, 2 May 2023 03:42:24 +0000 (15:42 +1200)]
tests/krb5: Add tests for AllowedToAuthenticateTo with an AS-REQ
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15607
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Mar 21 04:19:18 UTC 2024 on atb-devel-224
(cherry picked from commit
4f0ed9b00389fa641a423b88ab5462b32dd7bbca)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Fri Mar 22 11:06:51 UTC 2024 on atb-devel-224
Douglas Bagnall [Sun, 17 Mar 2024 10:08:23 +0000 (23:08 +1300)]
libcli/security: check again for NULL values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=156067
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 18 02:51:08 UTC 2024 on atb-devel-224
(cherry picked from commit
b815abe77991d7929717ea3ed4b9d7bef7179715)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Wed Mar 20 12:03:45 UTC 2024 on atb-devel-224
Douglas Bagnall [Sun, 17 Mar 2024 10:07:17 +0000 (23:07 +1300)]
libcli/security: claims_conversions: check for NULL in claims array
If by mistake we end up with a NULL in our array of claims pointers,
it is better to return an error than crash.
There can be NULLs in the array if a resource attribute ACE has a
claim that uses 0 as a relative data pointer. Samba assumes this means
a NULL pointer, rather than a zero offset.
Credit to OSS-Fuzz.
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66777
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15606
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
78f728063a1e510966a45f7f1d9515ea3bd16214)
Stefan Metzmacher [Fri, 15 Mar 2024 22:17:36 +0000 (23:17 +0100)]
WHATSNEW: announce Service Witness Protocol [MS-SWN] and related options
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(v4-20-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-20-test): Tue Mar 19 13:30:31 UTC 2024 on atb-devel-224
Andreas Schneider [Tue, 5 Mar 2024 12:17:19 +0000 (13:17 +0100)]
libgpo: Do not segfault if we don't have a valid security descriptor
Program received signal SIGSEGV, Segmentation fault.
ndr_push_security_descriptor (ndr=ndr@entry=0x555555bf41b0, ndr_flags=ndr_flags@entry=768, r=r@entry=0x0) at librpc/gen_ndr/ndr_security.c:713
713 NDR_CHECK(ndr_push_security_descriptor_revision(ndr, NDR_SCALARS, r->revision));
Thread 1 (Thread 0x7ffff7ece740 (LWP 21460) "python3"):
#0 ndr_push_security_descriptor (ndr=ndr@entry=0x555555bf41b0, ndr_flags=ndr_flags@entry=768, r=r@entry=0x0) at librpc/gen_ndr/ndr_security.c:713
_flags_save_STRUCT = 0
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
_status = <optimized out>
__FUNCTION__ = "ndr_push_security_descriptor"
#1 0x00007ffff617237f in ndr_push_struct_blob (blob=blob@entry=0x7fffffffdb20, mem_ctx=0x555555aa3bd0, p=0x0, fn=0x7ffff6074ad0 <ndr_push_security_descriptor>, fn@entry=0x7ffff60706c8 <ndr_push_security_descriptor@plt>) at ../../librpc/ndr/ndr.c:1438
_status = <optimized out>
ndr = 0x555555bf41b0
#2 0x00007ffff607cccf in marshall_sec_desc (mem_ctx=<optimized out>, secdesc=<optimized out>, data=data@entry=0x7fffffffdb80, len=len@entry=0x7fffffffdb78) at ../../libcli/security/secdesc.c:241
blob = {data = 0x7fffffffdb40 "`\333\377\377\377\177", length =
140737352374299}
ndr_err = <optimized out>
__FUNCTION__ = "marshall_sec_desc"
#3 0x00007ffff29edd94 in GPO_marshall_get_sec_desc_buf (self=<optimized out>, args=<optimized out>, kwds=<optimized out>) at ../../libgpo/pygpo.c:119
gpo_ptr = <optimized out>
status = <optimized out>
data = 0x0
len = 0
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15599
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
(cherry picked from commit
b13d4359f2f16e391763d1dc6a5718def973fabb)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Fri Mar 15 10:29:54 UTC 2024 on atb-devel-224
Andreas Schneider [Mon, 4 Mar 2024 15:42:38 +0000 (16:42 +0100)]
libgpo: Fix trailing spaces in pygpo.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
(cherry picked from commit
6fb86a0fa62d93c1c84c2000f01c381a9e8217e1)
Jule Anger [Mon, 11 Mar 2024 14:54:24 +0000 (15:54 +0100)]
VERSION: Bump version up to Samba 4.20.0rc5...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger@samba.org>
Jule Anger [Mon, 11 Mar 2024 14:53:57 +0000 (15:53 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc4 release.
Signed-off-by: Jule Anger <janger@samba.org>
Jule Anger [Mon, 11 Mar 2024 14:53:16 +0000 (15:53 +0100)]
WHATSNEW: Add release notes for Samba 4.20.0rc4.
Signed-off-by: Jule Anger <janger@samba.org>
Andreas Schneider [Wed, 21 Feb 2024 08:10:47 +0000 (09:10 +0100)]
python:gp: Implement client site lookup in site_dn_for_machine()
This is [MS-GPOL] 3.2.5.1.4 Site Search.
The netr_DsRGetSiteName() needs to run over local rpc, however we do not
have the call implemented in our rpc_server. What netr_DsRGetSiteName()
actually does is an ldap query to get the sitename, we can just do the
same.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15588
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
e4c3c61302b12419f041867b58350f11dc800318)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Fri Mar 1 09:01:06 UTC 2024 on atb-devel-224
Andreas Schneider [Wed, 21 Feb 2024 07:56:06 +0000 (08:56 +0100)]
librpc:idl: Make netlogon_samlogon_response public
This is required that we can use it with ndrdump or in python to decode
a NETLOGON_SAM_LOGON_RESPONSE_EX ldap response.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15588
Signed-off-by: Andreas Schneider <asn@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
e758425869729a43136ae51e6baecb2061d1525b)
Jule Anger [Mon, 26 Feb 2024 11:36:59 +0000 (12:36 +0100)]
VERSION: Bump version up to Samba 4.20.0rc4...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger@samba.org>
Jule Anger [Mon, 26 Feb 2024 11:36:25 +0000 (12:36 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc3 release.
Signed-off-by: Jule Anger <janger@samba.org>
Jule Anger [Mon, 26 Feb 2024 11:35:56 +0000 (12:35 +0100)]
WHATSNEW: Add release notes for Samba 4.20.0rc3.
Signed-off-by: Jule Anger <janger@samba.org>
Noel Power [Thu, 8 Feb 2024 14:05:43 +0000 (14:05 +0000)]
s3/rpc_client: Fix array offset check
Previous to this commit we were modifying the offset before
the array offset check. This was causing a spurious debug
message indicating the offset was out of bounds. An second
problem is that upon detecting the error we don't exit the loop.
A third problem was that when reading the offset the check
didn't cater for the size of the integer address about to be read.
This commit moves the offset check to before the first read,
additionally when an error is detected now we actually exit the loop
and the offset have been corrected to include the size of the
integer to be read
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Feb 17 17:58:43 UTC 2024 on atb-devel-224
(cherry picked from commit
885850b6aaabf089f422b1b015481a0ccff4f90e)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Mon Feb 26 10:37:37 UTC 2024 on atb-devel-224
Noel Power [Wed, 14 Feb 2024 11:19:39 +0000 (11:19 +0000)]
s3/rpc_client: Ensure max possible row buffer size is not exceeded
The max buf size of rows buffer should not exceed 0x00004000.
Ensuring this value is within limits means we can safely use
uint32_t offsets.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
f487211706a74d516bf447ed393222b4c0dce7b0)
Noel Power [Wed, 14 Feb 2024 12:01:28 +0000 (12:01 +0000)]
idl: Add constant for max rows buffer size
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15579
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
01e901ef869a1a87fba0e67bce311dbeb199b717)
Noel Power [Wed, 10 Jan 2024 14:43:58 +0000 (14:43 +0000)]
s3/rpc_client: cleanup unmarshalling of variant types from row columns
Prior to this change fn 'extract_variant_addresses' actually returns offsets
to the variant stored not the addresses, additionally the param in the
signature of the method is named offset where the param in reality is a
base address.
This change makes fn 'extract_variant_addresses' actually return addresses
instead of offsets and also changes the name of the incoming param. The
resulting changes are propaged to callers which hopefully makes what the
code is actually doing a little clearer
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jan 30 17:22:37 UTC 2024 on atb-devel-224
(cherry picked from commit
9b2f2302ee4828ae54f5903a3bf649ffd255fb4a)
Noel Power [Mon, 8 Jan 2024 15:56:38 +0000 (15:56 +0000)]
s3/utils: use full 64 bit address for getrows (with 64bit offsets)
if 64bit offsets are used the hi 32-bits of address are stored in
the ulreserved2 member of the message header field and the low 32-bits
are stored in the ulclientbase member of the cpmgetrows message
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
6ecb614b8ec6953ba15e8061fce9b395615b035a)
Noel Power [Wed, 10 Jan 2024 10:59:23 +0000 (10:59 +0000)]
s3/rpc_client: Remove stray unnecessary comment
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
efa60ff3105ac80ffff6d2a5d82dd0615ddb7578)
Noel Power [Mon, 8 Jan 2024 15:12:35 +0000 (15:12 +0000)]
s3/rpc_client: change type of offset to uint64_t
Offset can be a 32 or 64 bit address depending on the indexing addressing
mode negotiated by the client
With a 32 bit param we can only specify a 32 bit base address. This change
alone doesn't affect anything as it is the client itself that choses and
passes the base address offset and wspsearch is the only current user of
this code.
In this case even with 64bit addressing negotiated the address passed
represents only the lower 32-bits part of the address.
However, for coverage purposes it would be better for the client to use an
address that covers the full 64bit range of the address (when 64 bit
addressing is negotiated).
This change will alow the wspsearch client in a future commit to pass a
base address value with both the hi and low 32 bits values set to make up
the full 64 bit address.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
a61eb7032896265eaef3ba225aafd6f293e7569d)
Martin Schwenke [Fri, 9 Feb 2024 06:29:46 +0000 (17:29 +1100)]
ctdb-protocol: Add missing push support for new controls
CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and
CTDB_CONTROL_TCP_CLIENT_PASSED were added in commits
c6602b686b4e50d93272667ef86d3904181fb1ab and
037e8e449deb136ad5ed5e4de05439411b545b6d. They were missing test
support for the packet push/pull. While adding the testing (for
completeness, before adding another new control) I noticed that the
push functionality was absent. This adds that, along with the test
support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15580
Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Feb 19 10:21:48 UTC 2024 on atb-devel-224
(cherry picked from commit
dd9b11acbc4fbde1941719968aeb463b853b0ffb)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Tue Feb 20 13:46:47 UTC 2024 on atb-devel-224
Jo Sutton [Thu, 1 Feb 2024 23:23:58 +0000 (12:23 +1300)]
python: Remove ‘typing.Final’
This is only present in Python 3.8 and above.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15575
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
d6fe66ddeeb99c550fa9a0f1abb845e6daf71f8a)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Mon Feb 19 15:35:39 UTC 2024 on atb-devel-224
Rob van der Linde [Thu, 1 Feb 2024 23:54:41 +0000 (12:54 +1300)]
python: do not make use of typing.Final for python 3.6
Python 3.6 does not have typing.Final yet
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15575
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
ecc84aa448a962f1a224144bbb65f0cef36a4279)
Stefan Metzmacher [Thu, 8 Feb 2024 14:43:39 +0000 (15:43 +0100)]
docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Feb 13 21:06:24 UTC 2024 on atb-devel-224
(cherry picked from commit
7a674ee9ffeca047ceed7ac046db1b168d4025a6)
Stefan Metzmacher [Thu, 8 Feb 2024 14:31:10 +0000 (15:31 +0100)]
smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
32b84c5bce00c4f91191596dc00d9824e82e0f24)
Stefan Metzmacher [Thu, 8 Feb 2024 14:15:28 +0000 (15:15 +0100)]
smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run
rpcd_witness needs ncacn_ip_tcp support and that's only
available if samba-dcerpcd is not started on demand.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
d8bfdaaaa737032c6a8623512fcb2cd01850628a)
Stefan Metzmacher [Thu, 8 Feb 2024 13:25:05 +0000 (14:25 +0100)]
docs-xml: add details for 'net witness'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
1d0938d6fe46c06432ae5fda9e7491b908a9ac56)
Stefan Metzmacher [Thu, 8 Feb 2024 14:07:42 +0000 (15:07 +0100)]
s3:utils: fix help string for 'net witness force-response'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
7a23429ed6a04bb14509758492bfaee5db6dbd0d)
Stefan Metzmacher [Fri, 2 Feb 2024 12:54:20 +0000 (13:54 +0100)]
ctdb/events: add 47.samba-dcerpcd.script
If someone wants to enable the witness service
samba-dcerpcd needs to be started as standalone service
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
f1f68108cc303b92b8a88728d12c2b699fdfc731)
Stefan Metzmacher [Fri, 2 Feb 2024 12:54:20 +0000 (13:54 +0100)]
ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script
We can easily monitor if the service is running at all,
that better than no monitoring at all...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit
ff8f778e39af563d97b1d38f89368a3c148532f2)
Jule Anger [Mon, 12 Feb 2024 13:05:12 +0000 (14:05 +0100)]
VERSION: Bump version up to Samba 4.20.0rc3...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger@samba.org>
Jule Anger [Mon, 12 Feb 2024 13:04:39 +0000 (14:04 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc2 release.
Signed-off-by: Jule Anger <janger@samba.org>
Jule Anger [Mon, 12 Feb 2024 13:01:59 +0000 (14:01 +0100)]
WHATSNEW: Add release notes for Samba 4.20.0rc2.
Signed-off-by: Jule Anger <janger@samba.org>
Andrew Bartlett [Wed, 31 Jan 2024 22:33:27 +0000 (11:33 +1300)]
WHATSNEW: Explain new AD DC Claims, authentication policies and Silos
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15566
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Mon Feb 12 11:55:51 UTC 2024 on atb-devel-224
Douglas Bagnall [Mon, 15 Jan 2024 02:21:11 +0000 (15:21 +1300)]
WHATSNEW: Add some information about new conditional aces feature
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15566
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Douglas Bagnall [Mon, 15 Jan 2024 02:22:27 +0000 (15:22 +1300)]
WHATSNEW: note "acl_claims evaluation" smb.conf option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15566
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Douglas Bagnall [Mon, 8 Jan 2024 02:05:35 +0000 (15:05 +1300)]
ndr: ignore trailing bytes in ndr_pull_security_ace()
This returns the behaviour with ordinary ACEs to where it was with 4.19.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
0c1f421c107be3156b3f1db75aced24a1bca3d2f)
Douglas Bagnall [Mon, 8 Jan 2024 01:50:30 +0000 (14:50 +1300)]
ndr: ndr_push_security_ace: calculate coda size once
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
a72c198921f64f2502f543c7158762c64cb3074e)
Douglas Bagnall [Sun, 31 Dec 2023 21:21:55 +0000 (10:21 +1300)]
ndr: avoid object ACE push overhead for non-object ACE
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
ecb5da3e49283ca3a03dea81d22db4a081e192e4)
Douglas Bagnall [Sun, 31 Dec 2023 21:21:33 +0000 (10:21 +1300)]
ndr: avoid object ACE pull overhead for non-object ACE
When an ACE is not an object ACE, which is common, setting the switch
value and attempting the object ACE GUID pull is just going to do
nothing, and we know that ahead of time. By noticing that we can save
a bit of time on a common operation.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
fce4d51eb492a6fc807c6849cd4bd65ca7714509)
Douglas Bagnall [Sun, 31 Dec 2023 04:45:36 +0000 (17:45 +1300)]
ndr: do not push ACE->coda.ignored blob
From
1e80221b2340de5ef5e2a17f10511bbc2c041163 (2008) until
c73034cf7c4392f5d3505319948bc84634c20fa5 (conditional ACEs, etc, 2023)
we had a manual ndr_pull_security_ace() that would discard trailing
bytes, which are those bytes that we now call the coda. The ACE types
that we handled then are those that end up with a coda.ignored data
blob.
With this we effectively restore the long-standing behaviour in the
event that we push and pull an ACE -- though now we discard the
ignored bytes on push rather than pull.
This change is not because the trailing bytes caused any problems (as
far as is known), but because it is much faster to not do the push.
It may be that such ACEs no longer occur.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
2a60ec98409b161cfeb4b51414ba61feb26c01b9)
Douglas Bagnall [Fri, 29 Dec 2023 02:27:08 +0000 (15:27 +1300)]
ndr: mark invalid pull ndr_flags as unlikely
This might have little effect, but sometimes we see primatives like
ndr_pull_uint32() taking a few percent of the CPU time, and this is in
all those functions.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
4face258dee93dcd01dce71fcb7448b285ff4860)
Douglas Bagnall [Fri, 29 Dec 2023 02:15:48 +0000 (15:15 +1300)]
ndr: skip talloc when pulling empty DATA_BLOB
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
c2673b02a7a51761e8b6631eb0c0e7062cbbed7b)
Douglas Bagnall [Sun, 31 Dec 2023 04:39:23 +0000 (17:39 +1300)]
ndr: ACE push avoids no-op coda pushes
We don't expect an ordinary ACE to have a non-empty coda, and we don't
really want to push it if it does, but for this patch we still will.
This will not change the data on the wire.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
ee1b8ae04b10306c059174a5b4b637b080fe23fd)
Douglas Bagnall [Sun, 31 Dec 2023 04:30:47 +0000 (17:30 +1300)]
ndr: make security_ace push manual
This will allow some optimisations; in this commit we just copy the
code.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
dc08e7924c2e359afeb4b86f306868cad00189a0)
Douglas Bagnall [Sun, 31 Dec 2023 00:06:40 +0000 (13:06 +1300)]
ndr: short-circuit ace coda if no bytes left
The overwhelmingly common case is that there are no bytes left, and
regardless of the ACE type we want to store an empty blob.
We know the blob will be empty if there are no bytes, so we don't need
to allocate a sub-ndr and tokens list and so forth.
This can save almost half the time of a security descriptor pull.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
ac0c8ee01ea624e9c486251da2132710c2a43ddc)
Douglas Bagnall [Sun, 31 Dec 2023 00:03:32 +0000 (13:03 +1300)]
ndr: shift ndr_pull_security_ace to manual code
This was manual until commit
c73034cf7c4392f5d3505319948bc84634c20fa5
(a few months ago).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
1e6a876c2cc4b3b54895dde879492e756bb9b963)
Douglas Bagnall [Thu, 28 Dec 2023 10:07:56 +0000 (23:07 +1300)]
pidl: calculate subcontext_size only once per pull
For security_ace_coda in security.idl, the sub-context size is
involves a slightly non-trivial function call which returns a constant
value.
In all other cases, a constant expression is used, and this makes
no difference.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
9811762775b28e16035afb2c319b55c4bf3699d3)
Douglas Bagnall [Fri, 5 Jan 2024 00:19:39 +0000 (13:19 +1300)]
perftest: ndr_pack runs in none environment
This is worth changing, because having a server running in the
background can only add noise to the results.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
5fa663766548eac2cc5932ae03d03b79ad1751b5)
Douglas Bagnall [Wed, 3 Jan 2024 12:54:29 +0000 (01:54 +1300)]
perftest:ndr_pack: spin in do_nothing for a while
The idea was to get a less jittery idea of the underlying noise, but
ut is still almost instant. This I suppose is useful in indicating
that this much of the test has very little overhead.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
93e6ea4cff2cb6bd084db27139addeea06945ea5)
Douglas Bagnall [Wed, 3 Jan 2024 12:52:39 +0000 (01:52 +1300)]
perftest:ndr_pack: use a valid dummy SID
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
2f68545087f25e5d4c7a7742d99527c7ebbd02ab)
Douglas Bagnall [Wed, 3 Jan 2024 12:51:56 +0000 (01:51 +1300)]
perftest:ndr_pack_performance: remove irrelevant imports, options
This includes removing the ANCIENT_SAMBA switch for pre-4.3, as
nobody cares anymore and many tests would not run correctly anyway.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
ceb5389260c4469a8f03ee884325ca981c18a36a)
Douglas Bagnall [Tue, 2 Jan 2024 20:43:01 +0000 (09:43 +1300)]
perftest:ndr_pack: slightly reduce python overhead
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
d25fe2447b553087f6285c80907ca5d0debcd827)
Douglas Bagnall [Mon, 1 Jan 2024 08:48:15 +0000 (21:48 +1300)]
perftest: ndr_pack_performance gets more SD types
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
e802611743a9b899c18d6eeaa0a46323b676c296)
Douglas Bagnall [Tue, 2 Jan 2024 20:26:51 +0000 (09:26 +1300)]
perftest:ndr_pack: rename SD tests with object ACEs
We are looking at an optimisation for non-object ACEs, which
are more common, but these tests are overwhelmed by object
(OA) ACEs.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15574
(cherry picked from commit
d5371f6bcd2fe991d08fcf2006ce62e6a7449ae9)
Anoop C S [Tue, 30 Jan 2024 09:03:07 +0000 (14:33 +0530)]
docs-xml: Build and install man page for wspsearch
Commit
49b6137f7c2244aeb3cf9b65fc9d46fcf0b8dc55 switched the default
to install `wspsearch` client from False to True but missed to build
and install the corresponding man page. Therefore adding wspsearch.1
to the list of man pages to be built and installed by default.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15565
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Tue Jan 30 14:38:58 UTC 2024 on atb-devel-224
(cherry picked from commit
a48f8ae30775bb2dc07768c3df88968800f51470)
Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Mon Feb 5 14:05:01 UTC 2024 on atb-devel-224
Andreas Schneider [Mon, 29 Jan 2024 16:46:30 +0000 (17:46 +0100)]
python:gp: Fix logging with gp
This allows enable INFO level logging with: `samba-gpupdate -d3`
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15558
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
145194071b10c4c1857f28fe79c57fd63ffab889)
Jule Anger [Mon, 29 Jan 2024 16:31:31 +0000 (17:31 +0100)]
VERSION: Bump version up to Samba 4.20.0rc2...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Jule Anger <janger@samba.org>
Jule Anger [Mon, 29 Jan 2024 14:28:20 +0000 (15:28 +0100)]
VERSION: Disable GIT_SNAPSHOT for the Samba 4.20.0rc1 release.
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jule Anger [Mon, 29 Jan 2024 14:26:37 +0000 (15:26 +0100)]
WHATSNEW: Up to Samba 4.20.0rc1.
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jule Anger [Mon, 29 Jan 2024 14:08:08 +0000 (15:08 +0100)]
ldb: release 2.9.0 for use in Samba 4.20.x
- documentation fixes
- build with Python 3.12 (bug #15513)
- a lot of additional error checking in
the python bindings
- minor code fixes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jule Anger [Mon, 29 Jan 2024 14:08:08 +0000 (15:08 +0100)]
tevent: release 0.16.1
- build with Python 3.12 (bug #15513)
- documentation fixes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jule Anger [Mon, 29 Jan 2024 14:08:08 +0000 (15:08 +0100)]
tdb: release 1.4.10
- build with Python 3.12 (bug #15513)
- documentation fixes
- minor build fixes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jule Anger [Mon, 29 Jan 2024 14:08:08 +0000 (15:08 +0100)]
talloc: release 2.4.2
- build with Python 3.12 (bug #15513)
- documentation fixes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15513
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andreas Schneider [Mon, 22 Jan 2024 14:46:24 +0000 (15:46 +0100)]
python:gp: Improve working of log messages to avoid confusion
We should not use the word "Failed". We are totally fine if we can't
connect to NDES in the meantime. This logs:
Try to get root or server certificates.
Unable to install root certificates (requires NDES).
Installing the server certificate only.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15559
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jan 29 10:37:29 UTC 2024 on atb-devel-224
Andreas Schneider [Mon, 22 Jan 2024 14:05:24 +0000 (15:05 +0100)]
python:gp: Log an error if update fails
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15559
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Andreas Schneider [Mon, 22 Jan 2024 14:05:02 +0000 (15:05 +0100)]
python:gp: Do not print an error if template already exists
We will get an exit status for duplicate in future:
https://www.pagure.io/certmonger/issue/269
We can't really fix that right now, as older version of certmonger
don't support the `-v` option.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15559
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Andreas Schneider [Mon, 22 Jan 2024 14:04:36 +0000 (15:04 +0100)]
python:gp: Do not print an error, if CA already exists
We will get an exit status for duplicate in future:
https://www.pagure.io/certmonger/issue/269
We can't really fix that right now, as older version of certmonger
don't support the `-v` option.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15559
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Andreas Schneider [Mon, 22 Jan 2024 13:07:47 +0000 (14:07 +0100)]
python:gp: Improve logging for certificate enrollment
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15559
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Andreas Schneider [Mon, 22 Jan 2024 13:14:30 +0000 (14:14 +0100)]
python:gp: Avoid path check for cepces-submit
find_cepces_submit() uses which(), which returns None if not found.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15559
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Anoop C S [Tue, 16 Jan 2024 06:17:27 +0000 (11:47 +0530)]
vfs_ceph: Use ceph_fdopendir() when available for SMB_VFS_FDOPENDIR
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Sat Jan 27 00:01:12 UTC 2024 on atb-devel-224
Stefan Metzmacher [Tue, 31 Jul 2012 06:55:20 +0000 (08:55 +0200)]
smb2_tcon: add "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" options
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jan 26 18:04:10 UTC 2024 on atb-devel-224
Stefan Metzmacher [Mon, 22 Jan 2024 18:27:03 +0000 (19:27 +0100)]
python:tests/rpcd_witness_samba_only: add tests for 'net witness force-response'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 15 Dec 2023 13:49:37 +0000 (14:49 +0100)]
s3:utils: add 'net witness force-response'
This allows generating any possible AsyncNotify response
for the specified selection of witness registrations
from rpcd_witness_registration.tdb.
This can be used by developers to test the (windows)
client behavior to specific AsyncNotify responses.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2024 13:20:00 +0000 (14:20 +0100)]
python:tests/rpcd_witness_samba_only: add tests for 'net witness force-unregister'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 15 Dec 2023 13:49:37 +0000 (14:49 +0100)]
s3:utils: add 'net witness force-unregister'
This allows removing of the specified selection
of witness registrations from rpcd_witness_registration.tdb.
Any pending AsyncNotify will get WERR_NOT_FOUND.
Typically this triggers a clean re-registration on the client.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Mon, 15 Jan 2024 13:20:00 +0000 (14:20 +0100)]
python:tests/rpcd_witness_samba_only: add tests for 'net witness {client,share}-move'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 15 Dec 2023 13:49:37 +0000 (14:49 +0100)]
s3:utils: add 'net witness client-move' and 'net witness share-move'
These can be used to generate CLIENT_MOVE or SHARE_MOVE message
to the specified selection of witness registrations from
rpcd_witness_registration.tdb
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Wed, 20 Dec 2023 18:22:25 +0000 (19:22 +0100)]
s3:rpc_server/witness: add handling of MSG_RPCD_WITNESS_REGISTRATION_UPDATE messages
This implements the server side features for the
'net witness [client-move,...]' commands in the end.
These are administrator driven notifications for the witness client.
RPCD_WITNESS_REGISTRATION_UPDATE_FORCE_RESPONSE and
RPCD_WITNESS_REGISTRATION_UPDATE_FORCE_UNREGISTER will be very useful
for later automated testing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 21 Dec 2023 14:03:05 +0000 (15:03 +0100)]
s3:rpcd_witness.idl: add rpcd_witness_registration_updateB message definitions
This will be used for rpcd_witness_registration_updateB messages
in 'net witness [client-move,...]' commands later.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Thu, 21 Dec 2023 14:03:05 +0000 (15:03 +0100)]
messaging.idl: add MSG_RPCD_WITNESS_REGISTRATION_UPDATE
This will be used for rpcd_witness_registration_updateB messages
in 'net witness [client-move,...]' commands later.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 12 Jan 2024 16:30:41 +0000 (17:30 +0100)]
python:tests/rpcd_witness_samba_only: add tests for 'net witness list'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 15 Dec 2023 13:49:37 +0000 (14:49 +0100)]
s3:utils: add 'net witness list' command
It lists the entries from the rpcd_witness_registration.tdb.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Stefan Metzmacher [Fri, 24 Nov 2023 16:15:36 +0000 (17:15 +0100)]
s3:rpc_server/witness: let Register[Ex] store rpcd_witness_registration.tdb records
This will allow 'net witness list' to be implemented in the end.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
git.samba.org / samba.git / log