Karolin Seeger [Thu, 1 Mar 2018 20:02:59 +0000 (21:02 +0100)]
VERSION: Disable GIT_SNAPSHOT for the 4.8.0rc4 release.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Thu, 1 Mar 2018 20:02:15 +0000 (21:02 +0100)]
WHATSNEW: Add changes since rc4.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Ralph Boehme [Thu, 1 Mar 2018 11:10:56 +0000 (12:10 +0100)]
WHATSNEW: document changed wbinfo -m --verbose output
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 1 Mar 2018 08:52:51 +0000 (09:52 +0100)]
WHATSNEW: add 'Improved support for trusted domains (as AD DC)' section
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Mar 2018 08:32:23 +0000 (09:32 +0100)]
WHATSNEW: reference 'smbclient reparse point symlink parameters reversed' to 'UPGRADING'
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Mar 2018 08:31:17 +0000 (09:31 +0100)]
WHATSNEW: move descriptions of removed features to "REMOVED FEATURES"
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Stefan Metzmacher [Thu, 1 Feb 2018 10:06:10 +0000 (11:06 +0100)]
s4:kdc: disable support for CROSS_ORGANIZATION domains
We don't support selective authentication yet,
so we shouldn't silently allow domain wide authentication
for such a trust.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 28 19:45:13 CET 2018 on sn-devel-144
(cherry picked from commit
31b5328c46c5f510ba234f75688886987276ee9e)
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Thu Mar 1 06:08:56 CET 2018 on sn-devel-144
Stefan Metzmacher [Thu, 1 Feb 2018 10:10:14 +0000 (11:10 +0100)]
s4:kdc: only support LSA_TRUST_TYPE_UPLEVEL domains in samba_kdc_trust_message2entry()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
d0a813a173be630c2def93cc55e4514204d265a2)
Stefan Metzmacher [Thu, 1 Feb 2018 10:10:14 +0000 (11:10 +0100)]
s4:kdc: make use of dsdb_trust_parse_tdo_info() in samba_kdc_trust_message2entry()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
274209f5cd4eec2ffe4ffe12bfbb41eb8ed0c9df)
Stefan Metzmacher [Thu, 1 Feb 2018 10:06:10 +0000 (11:06 +0100)]
winbindd: disable support for CROSS_ORGANIZATION domains
We don't support selective authentication yet,
so we shouldn't silently allow domain wide authentication
for such a trust.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
afd97e72090aaf31b084646b5fcecaeb8cde653d)
Ralph Boehme [Thu, 22 Feb 2018 14:52:46 +0000 (15:52 +0100)]
vfs_fruit: use off_t, not size_t for TM size calculations
size_t is only a 32-bit integer on 32-bit platforms. We must use off_t
for file sizes.
https://bugzilla.samba.org/show_bug.cgi?id=13296
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
f9e2cb1369fa9636ff613a4e9c7387151409eafc)
Günther Deschner [Mon, 15 Jan 2018 22:20:39 +0000 (23:20 +0100)]
build: fix libceph-common detection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13277
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Feb 22 19:30:12 CET 2018 on sn-devel-144
(cherry picked from commit
6a59619844e0def505a6bfa778c17721c062e0ee)
Andrew Bartlett [Thu, 22 Feb 2018 01:01:07 +0000 (14:01 +1300)]
WHATSNEW: Explain implications of GUID index change
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 27 Feb 2018 09:44:44 +0000 (10:44 +0100)]
ldb: version 1.3.2
* Expose the SHOW_BINARY, ENABLE_TRACING and DONT_CREATE_DB flag constants
in the python api.
* Extend dn.is_child_of() test.
* Don't load LDB_MODULESDIR as a module file.
* Fix binary data in debug log (bug #13185).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 28 04:54:21 CET 2018 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13306
(cherry picked from commit
cb58e188008bf920df88dc0212b9f9bb23263179)
Gary Lockyer [Fri, 23 Feb 2018 02:04:36 +0000 (15:04 +1300)]
ldb_debug tests: Fix binary data in debug log
Tests to ensure:
When duplicate objects are added, the GUID was printed in the debug log
are passed through the escape function.
And that duplicate DN's do not generate debug log entries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13185
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb 26 07:29:49 CET 2018 on sn-devel-144
(cherry picked from commit
2a85bcb3f486ae6f473b934bbe920d1733b7f7a4)
Andrew Bartlett [Mon, 26 Feb 2018 01:31:24 +0000 (14:31 +1300)]
ldb_debug: Fix binary data in debug log
When duplicate objects were added, the GUID was printed in the debug log
The GUID was not escaped and therefore displayed as binary content.
This patch splits out the duplicate DN creation error and the duplicate
GIUD error. Duplicate DN's are a normal event and don't require debug
logging.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13185
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
(cherry picked from commit
c5a14306c82f702f4788faea262c9ec6ade584cb)
Gary Lockyer [Fri, 23 Feb 2018 02:03:20 +0000 (15:03 +1300)]
ldb tests: fix null test on incorrect variable
Fix up tests that were performing a null check on the wrong variable
after a call to ldb_msg_new
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Feb 24 15:50:35 CET 2018 on sn-devel-144
(cherry picked from commit
1ed693423d7a30c3810ddc1b6f052d376c8cd4e7)
Douglas Bagnall [Wed, 14 Feb 2018 04:15:07 +0000 (17:15 +1300)]
repl_md: avoid returning LDB_SUCCESS on failure
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
bc56913271e9d3a30143ef5a45d32430766d9dc3)
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Tue Feb 27 20:59:28 CET 2018 on sn-devel-144
Garming Sam [Wed, 14 Feb 2018 00:32:33 +0000 (13:32 +1300)]
repl_metadata: Avoid silent skipping an object during DRS (due to RODC rename collisions)
No error code was being set in this case, and so, we would commit the
HWM and UDV without actually having all the updates.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu Feb 15 10:18:42 CET 2018 on sn-devel-144
(cherry picked from commit
9952eda7a1923971f77f3183cfa4c505386b30ee)
Garming Sam [Wed, 14 Feb 2018 00:32:24 +0000 (13:32 +1300)]
repl_metadata: Avoid silent skipping an object during DRS (due to RODC name collisions)
No error code was being set in this case, and so, we would commit the
HWM and UDV without actually having all the updates.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
59fa9e7ecf84bd4c2469e9a6835855769c4f6287)
Garming Sam [Wed, 14 Feb 2018 00:30:26 +0000 (13:30 +1300)]
tests/replica_sync_rodc: Test conflict handling on an RODC
There are two cases we are interested in:
1) RODC receives two identical DNs which conflict
2) RODC receives a rename to a DN which already exists
Currently these issues are ignored, but the UDV and HWM are being
updated, leading to objects/updates being skipped.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
45d19167d52e42bd2f9369dbe37a233902cc81b0)
Garming Sam [Wed, 14 Feb 2018 00:27:27 +0000 (13:27 +1300)]
selftest: Add RODC variables to list of those exported
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
e694b8a1b993bf7213b191e1132c5d02e16ab85d)
Garming Sam [Wed, 14 Feb 2018 00:27:59 +0000 (13:27 +1300)]
tests/drs_base: Allow the net drs replicate to try with a single object
This eventually passes down the replicate single object exop.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
ff9e63f976ef76f7f70221d4f6276e221ecd167f)
Garming Sam [Wed, 14 Feb 2018 00:26:35 +0000 (13:26 +1300)]
tests/replica_sync: Add some additional replication in setUp
This should avoid some failures due to stale objects.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13269
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
19fcd872ec76afffbc4952266fdfad9a352c4871)
Stefan Metzmacher [Thu, 22 Feb 2018 09:19:58 +0000 (10:19 +0100)]
winbind: don't try to do an authenticated SMB connection as AD DC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 23 17:58:23 CET 2018 on sn-devel-144
(cherry picked from commit
06601b3a9293db35feda1b033fa864dc1a764164)
Stefan Metzmacher [Thu, 22 Feb 2018 10:24:38 +0000 (11:24 +0100)]
winbind: set_dc_type_and_flags() is not needed on a DC
On a DC we load the trusts in the parent in add_trusted_domains_dc()
from our local configuration. There's no need to find out the trust details
via network calls.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
55c3af89f1b0baecf5e2d6c2646902edd0684aa8)
Stefan Metzmacher [Fri, 2 Feb 2018 15:55:01 +0000 (16:55 +0100)]
winbind: make sure we don't contact trusted domains via LDAP as AD DC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
18f27b5385240852e537cd5010cedb09f0bf233d)
Stefan Metzmacher [Thu, 22 Feb 2018 09:33:48 +0000 (10:33 +0100)]
winbind: make sure we don't contact trusted domains via SAMR as AD DC
This is not needed for the normal operation of an AD DC.
Administrators should just use other tools instead of
wbinfo to list and query users and groups.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
32a63e3ea985c967ca2aadbcd9e0c60ade2d0367)
Stefan Metzmacher [Thu, 22 Feb 2018 09:40:19 +0000 (10:40 +0100)]
winbind: let cm_connect_netlogon_transport() only work against direct trust as AD DC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
532a14dc684e7a6d8c584d5671a4ebbad00aa4fc)
Stefan Metzmacher [Thu, 22 Feb 2018 09:40:19 +0000 (10:40 +0100)]
winbind: force the usage of schannel in cm_connect_lsa() as AD DC
This makes sure we only talk to direct trusts.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
3e17a3b7cd4083299037ba9377931bea792b2d18)
Stefan Metzmacher [Thu, 22 Feb 2018 09:03:23 +0000 (10:03 +0100)]
s3:smb_macros.h: add IS_AD_DC as addition to IS_DC
In the long run we should remove this again (as well as IS_DC).
But for now this makes some code changes in winbindd easier to
follow.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13278
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
c58f8c3cd84ab18d04bd39ad7d5f53676e092abb)
Stefan Metzmacher [Thu, 22 Feb 2018 14:56:45 +0000 (15:56 +0100)]
dsdb/encrypted_secrets: remove dependency to libnettle and use our own aes_gcm_128_*()
We already rely on gnutls in order to implement SSL/TLS, so using that
to speed up crypto like aes gcm 128 is fine, but as we already have
code for that algorithm, we should use that instead of adding a new
dependency to libnettle.
Some (I guess newer versions) of gnutls use nettle internally, so
we may end up using that code, but we should not have a direct dependency.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13276
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
07844a9a13506b4ca9181cfde05d9e4170208f88)
Stefan Metzmacher [Wed, 14 Feb 2018 14:04:01 +0000 (15:04 +0100)]
winbind: Use one queue for all domain children
If we have multiple domain children, it's important
that the first idle child takes over the next waiting request.
Before we had the problem that a request could get stuck in the
queue of a busy child, while later requests could get served fine by
other children.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 23 09:04:23 CET 2018 on sn-devel-144
(cherry picked from commit
7f2d45a6c2a88dd8833fc66d314ec21507dd52c3)
Volker Lendecke [Tue, 13 Feb 2018 15:04:44 +0000 (16:04 +0100)]
winbind: Maintain a binding handle per domain and always go via wb_domain_request_send()
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
b518cb0597d269002105644302c58ca8f9f0f717)
Stefan Metzmacher [Tue, 20 Feb 2018 13:43:38 +0000 (14:43 +0100)]
winbind: make choose_domain_child() static
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
5116aff286bdffe4abc9ddda09cf64ab999fd13e)
Stefan Metzmacher [Wed, 14 Feb 2018 12:24:54 +0000 (13:24 +0100)]
winbind: add locator_child_handle() and use it instead of child->binding_handle
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
44ebaaac8933f5fc16a043b8c15a9449746af47b)
Stefan Metzmacher [Wed, 14 Feb 2018 12:24:54 +0000 (13:24 +0100)]
winbind: add idmap_child_handle() and use it instead of child->binding_handle
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13292
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
c2d78a0a0a3f9b9ade61cf707f23e59a1a16c61b)
Stefan Metzmacher [Wed, 14 Feb 2018 14:11:50 +0000 (15:11 +0100)]
winbind: improve wb_domain_request_send() to use wb_dsgetdcname_send() for a foreign domain
Commit
ed3bc614cccec6167c64ac58d78344b6426cd019 got the logic wrong while
trying to implement the logic we had in init_child_connection(),
which was removed by commit
d61f3626b79e0523beadff355453145aa7b0195c.
Instead of doing a WINBINDD_GETDCNAME request (which would caused an error
because the implementation was removed in commit
958fdaf5c3ba17969a5110e6b2b08babb9096d7e), we sent the callers request
and interpreted the result as WINBINDD_GETDCNAME response, which
led to an empty dcname variable. As result the domain child
opened a connection to the primary domain in order to lookup
a dc.
If we want to connect the primary domain from the parent via
a domain child of the primary domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13295
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
1f41193e005df37401a28004f0a95d4d73b98ccd)
Stefan Metzmacher [Wed, 14 Feb 2018 14:09:51 +0000 (15:09 +0100)]
winbind: use state->{ev,request} in wb_domain_request_send()
This will reduce the diff for the following changes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13295
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
4d804f5f3e65df0e2f646d4f88793cab8e2f32d1)
Stefan Metzmacher [Thu, 15 Feb 2018 15:00:33 +0000 (16:00 +0100)]
winbind: avoid using fstrcpy(dcname,...) in _dual_init_connection
domain->dcname was converted from fstring to char * by commit
14bae61ba36814ea5eca7c51cf1cc039e9e6803f.
Luckily this was only ever called with an empty string in
state->request->data.init_conn.dcname.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13294
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
d73e3d451976e692c6c346f98547d7123f7b9006)
Stefan Metzmacher [Fri, 16 Feb 2018 15:13:16 +0000 (16:13 +0100)]
winbind: cleanup winbindd_cli_state->pwent_state if winbindd_getpwent_recv() returns an error
A client may skip the explicit endpwent() if getgrent() fails.
This allows client_is_idle() return true in more cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13293
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
b158d4e4c1c3fee0a8884bc5e8f0c5a5ce49687f)
Stefan Metzmacher [Fri, 16 Feb 2018 15:13:16 +0000 (16:13 +0100)]
winbind: cleanup winbindd_cli_state->grent_state if winbindd_getgrent_recv() returns an error
A client may skip the explicit endgrent() if getgrent() fails.
This allows client_is_idle() return true in more cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13293
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
b7789da8468c3f070727011639d5f74aca76cb59)
Stefan Metzmacher [Fri, 16 Feb 2018 15:09:58 +0000 (16:09 +0100)]
winbind: call lp_winbind_enum_{users,groups}() already in set{pw,gr}ent()
This way we don't keep winbindd_cli_state->{pw,gr}ent_state arround forever,
if the client forgets an explicit end{pw,gr}ent().
This allows client_is_idle() return true in more cases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13293
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
6548b82b5c1ed30ce14e17e4ba9d4bc24ab49c42)
Stefan Metzmacher [Fri, 16 Feb 2018 14:05:57 +0000 (15:05 +0100)]
winbind: protect a pending wb_child_request against a talloc_free()
If the (winbind) client gave up we call TALLOC_FREE(state->mem_ctx)
in remove_client(). This triggers a recursive talloc_free() for all
in flight requests.
In order to maintain the winbindd parent-child protocol, we need
to keep the orphaned wb_simple_trans request until the parent
got the response from the child.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13290
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
43af57d8728883c5ddbe169e1483181246fb68a8)
Stefan Metzmacher [Fri, 16 Feb 2018 14:02:42 +0000 (15:02 +0100)]
winbind: use tevent_queue_wait_send/recv in wb_child_request_*()
We need a way to keep the child->queue blocked without relying on
the current 'req' (wb_child_request_state).
The next commit will make use of this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13290
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
d29dda141e08af42c535e8718226f95c45aadab8)
Volker Lendecke [Fri, 9 Feb 2018 09:27:55 +0000 (10:27 +0100)]
winbind: Improve child selection
This improves the situation when a client request blocks a winbind
child. This might be a slow samlogon or lookupnames to a domain that's
far away. With random selection of the child for new request coming in
we could end up with a long queue when other, non-blocked children
could serve those new requests. Choose the shortest queue.
This is an immediate and simple fix. Step two will be to have a
per-domain and not a per-child queue. Right now we're pre-selecting
the check-out queue at Fry's randomly without looking at the queue
length. With this change we're picking the shortest queue. The better
change will be what Fry's really does: One central queue and red/green
lights on the busy/free checkout counters.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13290
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Feb 12 19:51:35 CET 2018 on sn-devel-144
(cherry picked from commit
b4384b7f0ecf3b47dd60acaf77636b679e3adc05)
Stefan Metzmacher [Tue, 20 Feb 2018 12:54:49 +0000 (13:54 +0100)]
tevent: version 0.9.36
* improve documentation of tevent_queue_add_optimize_empty()
* add tevent_queue_entry_untrigger()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13291
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
f00c7cf9f5f325de0b754b127fcc0f07bea2d825)
Stefan Metzmacher [Thu, 15 Feb 2018 13:47:25 +0000 (14:47 +0100)]
tevent: add tevent_queue_entry_untrigger()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13291
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
5c6f31697a8edb03d36eece5c79581b952743b5b)
Stefan Metzmacher [Fri, 16 Feb 2018 15:47:57 +0000 (16:47 +0100)]
tevent: improve documentation of tevent_queue_add_optimize_empty()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13291
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit
88d6703b89f9a7f847b6ec47d97569432927dcff)
Stefan Metzmacher [Tue, 9 Jan 2018 07:54:11 +0000 (08:54 +0100)]
s4:auth_sam: allow logons with an empty domain name
It turns out that an empty domain name maps to the local SAM.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Feb 23 04:08:26 CET 2018 on sn-devel-144
(cherry picked from commit
57762229da971e837b923f09ca01bad6151f9419)
Garming Sam [Mon, 8 Jan 2018 03:34:02 +0000 (16:34 +1300)]
tests/bind.py: Add a bind test with NTLMSSP with no domain
Confirmed to pass against Windows 2012 R2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
2e49a97777ebf5bffbeadca03517b4a21bca24c0)
Garming Sam [Mon, 8 Jan 2018 00:36:59 +0000 (13:36 +1300)]
tests/py_creds: Add a SamLogonEx test with an empty string domain
This test passes against 4.6, but failed against 4.7.5 and master.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
5c625eae3f54e8de434de26e9f6a0f2fde557c18)
Stefan Metzmacher [Tue, 9 Jan 2018 07:57:05 +0000 (08:57 +0100)]
s3:cliconnect.c: remove useless ';'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
e039e9b0d2a16b21ace019b028e5c8244486b8a3)
Stefan Metzmacher [Tue, 9 Jan 2018 07:55:48 +0000 (08:55 +0100)]
s3:libsmb: allow -U"\\administrator" to work
cli_credentials_get_principal() returns NULL in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
0786a65cabb92a812cf1c692d0d26914f74a6f87)
Stefan Metzmacher [Tue, 20 Feb 2018 23:49:55 +0000 (00:49 +0100)]
s4:rpc_server: fix call_id truncation in dcesrv_find_fragmented_call()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13289
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Feb 21 19:02:56 CET 2018 on sn-devel-144
(cherry picked from commit
5d113f80944f2e1d2a7e80f73aea7a4cfdfbd140)
Stefan Metzmacher [Tue, 20 Feb 2018 23:50:26 +0000 (00:50 +0100)]
tests:dcerpc/raw_protocol: reproduce call_id truncation bug
We need to make sure the server handles call_id values > UINT16_MAX.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13289
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
65e8edb382fbc7450919aad8b42cfcae9e779d11)
Stefan Metzmacher [Fri, 19 Jan 2018 12:42:40 +0000 (13:42 +0100)]
s4:rpc_server/lsa: implement forwarding lsa_Lookup{Sids,Names}() requests to winbindd
This might not be perfect yet, but it's enough to allow names from trusted
forests/domain to be resolved, which is very important for samba based
domain members.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
e9d5b8b6b41155a8a043275ae497bdb87044d476)
Stefan Metzmacher [Tue, 23 Jan 2018 12:19:37 +0000 (13:19 +0100)]
winbindd: implement wb_irpc_lsa_{LookupNames4,LookupSids3}()
This will be used by the LSA Server on an AD DC to request remote views
from trusts.
In future we should implement wb_lookupnames_send/recv similar to
wb_lookupsids_send/recv, but for now using wb_lookupname_send/recv in a loop
works as a first step.
We also need to make use of req->in.level and req->in.client_revision
once we want to support more than one domain within our own forest.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
3ffebee3de4aa313027779bc98cb6326fa17be85)
Stefan Metzmacher [Mon, 22 Jan 2018 23:52:50 +0000 (00:52 +0100)]
s4:rpc_server/lsa: rewrite lookup sids/names code to honor the given lookup level
[MS-LSAT] 2.2.16 LSAP_LOOKUP_LEVEL defines the which views each level should
consult.
Up to now we support some wellknown sids, the builtin domain and our
account domain, but all levels query all views.
This commit implements 3 views (predefined, builtin, account domain)
+ a dummy winbind view (which will later be used to implement the
gc, forest and trust views)..
Depending on the level we select the required views.
This might not be perfect in all details, but it's enough
to pass all existing tests, which already revealed bugs
during the development of this patch.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
3801c417db5891ee4a45b09e8841d8f1ff4500f9)
Stefan Metzmacher [Thu, 15 Feb 2018 09:30:28 +0000 (10:30 +0100)]
test_trust_ntlm.sh: add lookup name tests
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
475a761637bbcc93edbe8d83fc13037e1087941a)
Stefan Metzmacher [Mon, 20 Mar 2017 11:55:44 +0000 (12:55 +0100)]
libcli/security: add dom_sid_lookup_predefined_{sid,name}()
This basically implements [MS-LSAT] 3.1.1.1.1 Predefined Translation Database
and Corresponding View.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
d7780c66866144eba59408c03af50256825165ba)
Stefan Metzmacher [Fri, 16 Feb 2018 00:14:00 +0000 (01:14 +0100)]
s4:dsdb: add dsdb_trust_domain_by_{sid,name}()
This gets the lsa_ForestTrustDomainInfo for the searched
domain as well as the lsa_TrustDomainInfoInfoEx for the
direct trust (which might be the same for external trust or
the forest root domain).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
e9ace1852ff88ebb7778e8db9a49bc5c61512d16)
Stefan Metzmacher [Fri, 19 Jan 2018 12:42:40 +0000 (13:42 +0100)]
s4:rpc_server/lsa: prepare dcesrv_lsa_LookupNames* for async processing
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
9b6a0b1a63f2ebfbd578047401dfbe38606c8c44)
Stefan Metzmacher [Fri, 19 Jan 2018 12:42:40 +0000 (13:42 +0100)]
s4:rpc_server/lsa: prepare dcesrv_lsa_LookupSids* for async processing
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
ab7988aa2fd1a43f576a4b73a6893c61c7ef1957)
Stefan Metzmacher [Mon, 22 Jan 2018 19:21:14 +0000 (20:21 +0100)]
s4:rpc_server/lsa: base dcesrv_lsa_LookupNames2() on dcesrv_lsa_LookupNames_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
e6c9984bd563525dc312b67fe69ea7e4be04ee4e)
Stefan Metzmacher [Mon, 22 Jan 2018 19:21:14 +0000 (20:21 +0100)]
s4:rpc_server/lsa: base dcesrv_lsa_LookupNames() on dcesrv_lsa_LookupNames_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
37cb34d16406d27831be74e952ee744e58b79fb4)
Stefan Metzmacher [Mon, 22 Jan 2018 08:27:49 +0000 (09:27 +0100)]
s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupNames2()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
ec55c18ceda5c430eaec97c5d7e594941e3a31fc)
Stefan Metzmacher [Mon, 22 Jan 2018 08:27:49 +0000 (09:27 +0100)]
s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupSids2()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
c78c17dc2fbaf523d1957bb748aa75ecd81e793b)
Stefan Metzmacher [Mon, 22 Jan 2018 08:27:49 +0000 (09:27 +0100)]
s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in dcesrv_lsa_LookupSids_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
c0f6103ddea9a825f0f0dcf169e70a5f6a55c2e2)
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: simplify [ref] pointer handling in dcesrv_lsa_LookupNames()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
7c1c9bf53ffc24a25038326767e33f008c7a5552)
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: simplify [ref] pointer handling in dcesrv_lsa_LookupSids()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
5d868fd875803e361653ccca4e61c5c25dc114aa)
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: remove unused 'status' variable in dcesrv_lsa_LookupSids_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
e8a0223633fd2e6ebb3d864570b76932bc3e293a)
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: make sure dcesrv_lsa_LookupNames2() gets prepared [ref] pointers
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
fe43dd8678e4f598e0ae802e3d93ad9b28988783)
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: expect prepared [ref] pointers in dcesrv_lsa_LookupNames_common()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
3339a1c57266181570d5ca5e389719951f26b41d)
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: make sure dcesrv_lsa_LookupSids_common() gets prepared [ref] pointers
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
f6e60d2c2e1f0a4eb6426c7da683abaa11babd05)
Stefan Metzmacher [Mon, 20 Mar 2017 11:56:00 +0000 (12:56 +0100)]
s4:rpc_server/lsa: use LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES/LSA_CLIENT_REVISION_1 in compat code
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
3909f8fcfe6b82575ad8974acacde3270ce849fe)
Stefan Metzmacher [Thu, 25 Jan 2018 10:24:25 +0000 (11:24 +0100)]
rpcclient: add lookupsids_level command
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
76868818e8b98a0cd4881d319e0735de5091b8b1)
Ralph Boehme [Tue, 20 Feb 2018 14:57:37 +0000 (15:57 +0100)]
rpcclient: fix variable initialisation and add parenthesis to if clauses
Just a few README.Coding fixes.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit
9ccc6eef145c1f67e24cbb1c21402714f612c607)
Stefan Metzmacher [Fri, 2 Feb 2018 20:06:38 +0000 (21:06 +0100)]
provision: fix the 'dnsdomain' for the local sam of a domain member
A member has a local AD database, which should not use the 'dnsdomain'
as the one on domain controllers.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13285
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
b02de5ad3e04babe1565868c69422cfc778458d9)
Stefan Metzmacher [Thu, 25 Jan 2018 17:04:29 +0000 (18:04 +0100)]
traffic_packets.py: let Lookup{Sids,Names}() work against a sane server
In order to resolve predefined sids or names we need to use
level = LSA_LOOKUP_NAMES_ALL (1).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13284
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
1a258b6b0f667ec077639a7cfe826e5e25f46768)
Stefan Metzmacher [Sat, 10 Feb 2018 22:54:33 +0000 (23:54 +0100)]
nsswitch: fix double free errors in nsstest.c
We need to zero out static pointers on free.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13283
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
da784305e7b306664b79d30a734d45582f5bf4dd)
Stefan Metzmacher [Thu, 25 Jan 2018 23:38:32 +0000 (00:38 +0100)]
s4:torture: zero initialize variables in test_LookupSidsReply()
This avoids crashes if the server returns unexpected results. The test
should just report the failure in that case.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13282
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
7b86b94c71268cdab434ced74caedcdd5eb20e12)
Stefan Metzmacher [Tue, 23 Jan 2018 22:52:37 +0000 (23:52 +0100)]
winbindd: make use of talloc_zero_array() in wb_lookupsids*()
It just feels better for such a complex function.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13281
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
c376ab29d1d9f4b06fbb3a713029d79ecac80b59)
Stefan Metzmacher [Fri, 2 Feb 2018 11:07:11 +0000 (12:07 +0100)]
s3:cli_lsarpc: use talloc_zero_array() in dcerpc_lsa_lookup_names_generic()
It just feels better for such a complex function.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13281
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
569c910b950df24b22777c545fe9f6427a19b035)
Stefan Metzmacher [Fri, 2 Feb 2018 11:07:11 +0000 (12:07 +0100)]
s3:cli_lsarpc: use talloc_zero_array() in dcerpc_lsa_lookup_sids_generic()
It just feels better for such a complex function.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13281
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit
5cae7da1de302b38ee0059590b1e93a3d60ee42c)
Stefan Metzmacher [Tue, 23 Jan 2018 22:52:59 +0000 (23:52 +0100)]
winbindd: initialize type = SID_NAME_UNKNOWN in wb_lookupsids_single_done()
We check for !NT_STATUS_LOOKUP_ERR(), but wb_lookupsid_recv()
only initializes the results together with NT_STATUS_OK.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13280
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
b5ffa0e21f74fa0c452df38cf50e542eb278562d)
Stefan Metzmacher [Tue, 23 Jan 2018 13:34:45 +0000 (14:34 +0100)]
winbindd: don't split the rid for SID_NAME_DOMAIN sids in wb_lookupsids
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13279
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
17c48f26dea5701feed1c24769348f332695391c)
Volker Lendecke [Fri, 19 Jan 2018 12:15:58 +0000 (12:15 +0000)]
vfs_fileid: Fix the 32-bit build
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13305
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
c6999a248ad78f75cbfcc0f461298021b20905b4)
Alexander Bokovoy [Tue, 24 Oct 2017 09:01:39 +0000 (12:01 +0300)]
mit-kdb: support MIT Kerberos 1.16 KDB API changes
MIT Kerberos 1.16 adds ability to audit local and remote addresses
during AS_REQ processing. As result, audit_as_req callback signature
was changed to include the addresses and KDB API version was increased.
Change mit-kdb code to properly expose audit_as_req signature KDC
expects in 1.16 version. Also update #ifdefs to account for the new
KDB API version.
This commit does not add actual audit of the local and remote IP
addresses, it only makes it possible to compile against MIT Kerberos
1.16.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13304
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jan 19 01:36:22 CET 2018 on sn-devel-144
(cherry picked from commit
7c1c8c68174ed484fe86a0d9e429daad3a47a57d)
Poornima G [Thu, 22 Feb 2018 10:51:35 +0000 (16:21 +0530)]
vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13297
Pair-Programmed-With: Anoop C S <anoopcs@redhat.com>
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Feb 26 20:17:50 CET 2018 on sn-devel-144
(cherry picked from commit
46e6626f73f42c84f254507c3ec2b591e2e732ba)
Sachin Prabhu [Tue, 14 Nov 2017 10:21:44 +0000 (15:51 +0530)]
vfs_glusterfs: Add fallocate support for vfs_glusterfs
Adds fallocate support to the vfs glusterfs plugin.
v2: Add check for glusterfs-api version.
RHBZ:
1478875
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13303
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 17 06:09:29 CET 2018 on sn-devel-144
(cherry picked from commit
0edce86e97a49f4bd79f4431015ac2b788105e46)
Garming Sam [Wed, 20 Sep 2017 02:55:11 +0000 (14:55 +1200)]
subnet: Avoid a segfault when renaming subnet objects
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13031
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Tue Feb 20 17:54:43 CET 2018 on sn-devel-144
Martin Schwenke [Mon, 5 Feb 2018 04:45:09 +0000 (15:45 +1100)]
ctdb-tests: Set test timeout to an hour
The current 10 minute timeout is causing autobuild failures in some
environments.
This timeout is simply meant to stop a test run from hanging
indefinitely due to a broken test. A 1 hour timeout is better than no
timeout.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 8 04:42:56 CET 2018 on sn-devel-144
(cherry picked from commit
a3485c41b826e307b31a1113abcea9843ca78540)
The last 6 patches address https://bugzilla.samba.org/show_bug.cgi?id=13265
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Mon Feb 12 15:54:28 CET 2018 on sn-devel-144
Martin Schwenke [Tue, 23 Jan 2018 09:18:54 +0000 (20:18 +1100)]
ctdb-tests: Fix a typo
This typo causes the script to be run with the default shell. If this
is not bash then the shell will fail to parse integration.bash.
This is a regression caused by commit
c607989d91b64d837253aae794b1a3d6013eb3e0. Clearly nobody has run this
test on Debian for a long time. :-(
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Jan 24 10:28:52 CET 2018 on sn-devel-144
(cherry picked from commit
8b82d10856160d3b3f172bf7d45ac561002dbcac)
Martin Schwenke [Mon, 22 Jan 2018 08:48:02 +0000 (19:48 +1100)]
ctdb-tests: Add a UNIT pseudo-test-suite
This runs all of the unit tests.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
50150d75814de6a1e2cb28fb7af72caa31d73e3c)
Martin Schwenke [Mon, 22 Jan 2018 08:14:48 +0000 (19:14 +1100)]
ctdb-tests: Only use socket-wrapper for simple, local daemon tests
The run_tests.sh -S option now takes the path to the socker-wrapper
shared library.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
e17d02d4039001563d189b33200c30e3906ce845)
Martin Schwenke [Sat, 20 Jan 2018 06:05:37 +0000 (17:05 +1100)]
ctdb-tests: Add timeout for individual tests, default is 10 minutes
This will cause a hung test to time out and fail rather than letting a
test run hang indefinitely. Some tests can take 5 minutes to run, so
10 minutes should be plenty.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
da3aaf972ab5b339b51ba1e802329b69885ccfe4)
Amitay Isaacs [Mon, 22 Jan 2018 01:54:49 +0000 (12:54 +1100)]
ctdb-tests: Avoid race condition in sock_daemon test 5
This test fails when it takes more than 10s to run. This can occur
when the system is loaded and socket-wrapper is used.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
33c0f5599d93a34619c8f37945f79a6e399a1b5e)
Jamie McClymont [Mon, 15 Jan 2018 02:25:10 +0000 (15:25 +1300)]
selftest: fix envvars for creation of default user in wait_for_start
Resolves failure of ad_member to start up under ad_dc (if
the user is determined to be needed).
Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13225
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Jan 16 07:12:01 CET 2018 on sn-devel-144
(cherry picked from commit
7a3f97f2662c6197913aeb50e5e3c0c09ff8307f)
Karolin Seeger [Thu, 8 Feb 2018 10:47:22 +0000 (11:47 +0100)]
VERSION: Bump version up to 4.8.0rc4...
and disable GIT_SNAPSHOT.
Signed-off-by: Karolin Seeger <kseeger@samba.org>