1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

116754 Commits

Author SHA1 Message Date
Andreas Schneider
015e4d2dc2 libcli:smb: Use smb2_signing_key for smb2_signing_check_pdu()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:28 +00:00
Andreas Schneider
dcf37228e1 libcli:smb: Use smb2_signing_key for smb2_signing_sign_pdu()
This caches the gnutls hmac handle in the struct so we only allocate it
once.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:28 +00:00
Andreas Schneider
3f252816ad libcli:smb: Add smb2_signing_key_destructor()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:28 +00:00
Andreas Schneider
9e16adff08 s3:smbd: Start to use the smb2_signing_key structure
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:28 +00:00
Andreas Schneider
f7929c6630 s3:librpc: Add smb2_signing_key to smbXsrv.idl
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:28 +00:00
Andreas Schneider
d02f790724 s3:librpc: Rename the data blobs for keys in smbXsrv.idl
The original names will be used with a new structure to cache mac and
cipher handles for gnutls later.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:28 +00:00
Andreas Schneider
17e22e020f libcli:smb: Use 'struct smb2_signing_key' in smbXcli_base.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:28 +00:00
Andreas Schneider
11e3552c9f libcli:smb: Introduce a structure for the smb2_singing_key
This also adds a new function to validate the structure.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:28 +00:00
Andreas Schneider
604c0b2620 libcli:smb: Use GnuTLS SHA256 HMAC in smb2_signing_check_pdu()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
eca425ef5b libcli:smb: Use GnuTLS SHA256 HMAC in smb2_signing_sign_pdu()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
cda938cd9c libcli:smb: Use GnuTLS SHA256 HMAC in smb2_key_derivation()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
5d87610976 libcli:auth: Add return code for netlogon_creds_init_hmac_sha256()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
8bed91c999 libcli:auth: Use GnuTLS SHA256 HMAC for credentials
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
75d45f6d2b s4:libcli:smb2: Use GnuTLS SHA256 HMAC for signing
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
6fb7837385 s4:utils: Use gnutls SHA256 in oLschema2ldif
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
9bbb9f7bdf s3:modules: Use GnuTLS SHA256 in vfs_acl_common
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
712e464fb7 waf: Remove unused GNUTLS defines
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
155f697e87 waf: Move check for gnutls_aead_cipher_init to main gnutls wscript
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
e35a8598c6 waf: Add check for gnutls_x509_crt_set_subject_unique_id()
This is used by the GnuTLS backupkey implementation.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
324a2eec86 waf: Move gnutls_pkcs7_get_embedded_data_oid to main gnutls file
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
1fa3c9a3cc waf: Remove configure steps from source4/lib/tls
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
b63bf2956e s4:rpc_server: Remove obsolete gcrypt init
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:27 +00:00
Andreas Schneider
daa128f81b s3:tls: Remove #ifdef for GnuTLS
This is a requirement now.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:26 +00:00
Andreas Schneider
382d5908a4 waf: Add mandatory requirement for GnuTLS >= 3.2.0
We plan to move to GnuTLS for crypto in Samba, this is the first step to
make it mandatory and to require a version which is in LTS
distributions.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:26 +00:00
Andreas Schneider
8ad4c15758 lib:util: Sync memory.h with replace.h
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:26 +00:00
Andreas Schneider
9d1d44dcb7 replace: Add ZERO_ARRAY_LEN() macro
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-30 23:18:26 +00:00
Samuel Cabrero
4f2af93a7f .gitlab-ci.yml: Allow overriding the default image using a variable
This way one can run all tests in a different container without having
to modify the gitlab ci file, just setting the SAMBA_CI_CONTAINER_IMAGE
variable in the gitlab's GUI.

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-04-30 23:18:26 +00:00
Andreas Schneider
4dd8db321f gitlab-ci: Update for building new containers
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 30 18:48:18 UTC 2019 on sn-devel-184
2019-04-30 18:48:18 +00:00
Andreas Schneider
e48a6c846f bootstrap: Only install required packages on openSUSE
This should reduce the amount of packages installed. And make building
the image much faster!

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-04-30 17:34:21 +00:00
Andreas Schneider
9e29ddd4be bootstrap: Only install required packages on Fedora
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-04-30 17:34:21 +00:00
Christof Schmitt
09962c1b7e wafsamba: Add compiler check for missing field initializer check
The commit cf79ee15

    wafsamba: Enable warnings for missing field initializer

enabled a compiler check for warnings about missing initializers for all
developer builds. This fails with older compilers, e.g. gcc on RHEL7.
Add a waf check around adding the compiler option to avoid the failure
with older compilers.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-04-30 17:34:21 +00:00
Samuel Cabrero
d88f1c82b2 credentials: Workaround krb5_cc_remove_cred not implemented in MIT kerberos
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Apr 29 19:15:48 UTC 2019 on sn-devel-184
2019-04-29 19:15:48 +00:00
Samuel Cabrero
937ad9d2a0 credentials: Initialize krb5 client to retrieve creds from ccache
MIT kerberos require krb5_creds.client to be initialized to match
krb5_creds.server with the cached credentials.

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-29 18:10:09 +00:00
Samuel Cabrero
c12914c669 selftests: Place credential cache file inside environment directory
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-29 18:10:09 +00:00
Ralph Boehme
cbee3037a2 waf: only set mandatory to False if not already set by the caller
There are a bunch of callers that call find_program with mandatory=True,
we should not overwrite this when explicity passed, eg:

  ctx.find_program('objcopy', var='OBJCOPY', mandatory=True)

  conf.SAMBA_CHECK_PERL(mandatory=True)
    -> conf.find_program('perl', var='PERL', mandatory=mandatory)

With this patch we only change the default from False to True, but allow
callers to choose specific behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Apr 29 17:07:02 UTC 2019 on sn-devel-184
2019-04-29 17:07:02 +00:00
Andreas Schneider
40f91924d6 gitlab-ci: Install missing krb5-kdc package on Ubuntu/Debian
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-29 16:04:28 +00:00
Andreas Schneider
cf79ee15bd wafsamba: Enable warnings for missing field initializer
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-29 16:04:28 +00:00
Andreas Schneider
99eb720338 s3:libsmb: Fix C99 initializer in cli_smb2_fnum.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-29 16:04:28 +00:00
Andreas Schneider
bbef26860d s4:dsdb: Use C99 initializer in dsdb util_trusts
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-29 16:04:28 +00:00
Andreas Schneider
2a1c19b82c s3:lib: Use correct C99 initializer for 'struct flock' in messages_dgm
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-29 16:04:28 +00:00
Andreas Schneider
e0b9281cd7 lib:audit_logging: Use C99 initializer for server_id in audit_logging
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-29 16:04:28 +00:00
Ralph Boehme
d24c9d5fa4 s3:utils: use struct initializer in async-tracker long_options
s3:utils: use struct initializer in async-tracker long_options

The previous initializer list was missing a NULL as last element. Using struct
initializers instead for correct initialisation.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-04-29 16:04:28 +00:00
Günther Deschner
633698c971 Revert "lib/replace: define NAME_MAX for platforms that don't have it"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872

This reverts commit e3c894fb6b.

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Apr 26 13:03:05 UTC 2019 on sn-devel-184
2019-04-26 13:03:05 +00:00
Anoop C S
e28d172b00 s3/vfs_glusterfs_fuse: Dynamically determine NAME_MAX
This allows the vfs_glusterfs_fuse build to complete on AIX.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872

Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-26 12:04:21 +00:00
Anoop C S
8e3a042eb9 s3/vfs_glusterfs: Dynamically determine NAME_MAX
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13872

Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-26 12:04:20 +00:00
Andreas Schneider
b50ca16273 gitlab-ci: Remove Ubuntu 14.04
Ubuntu 14.04 a compiler which complains about valid C99 code and also it
doesn't offer GnuTLS >= 3.2 which we require to move to GnuTLS.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Apr 25 16:52:57 UTC 2019 on sn-devel-184
2019-04-25 16:52:57 +00:00
Andreas Schneider
b1426d0657 gitlab-ci: Enable fedora29 and update generated dists
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Apr 25 11:46:23 UTC 2019 on sn-devel-184
2019-04-25 11:46:23 +00:00
Andreas Schneider
dfa4d3cdf7 bootstrap: Add glusterfs and cephfs packages
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-25 10:47:16 +00:00
Andreas Schneider
ae21dc7163 bootstrap: Add missing packages for XFS quota support
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-25 10:47:16 +00:00
Andreas Schneider
8b2fbd7983 bootstrap: Add missing packages on RPM distributions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-25 10:47:16 +00:00