1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

104433 Commits

Author SHA1 Message Date
Uri Simchoni
3fcd937f05 selftest: tests for kerberos encryption types
This test uses tshark and cwrap's packet capturing capability
to observe the Kerberos handshakes and ensure the correct
encryption types are being used.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug  9 07:43:52 CEST 2016 on sn-devel-144
2016-08-09 07:43:52 +02:00
Uri Simchoni
1f90983324 heimdal: honor conf enctypes when obtaining a service ticket
This patch removes part of what's categorized in the code as
"hideous glue", which causes Heimdal to ignore krb5.conf
encryption types, and instead use either the application-
supplied values or the default compile-time values.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-09 04:39:07 +02:00
Uri Simchoni
3fff2667ec libads: use "kerberos encryption types" parameter
When creating the custom krb.conf file, list etypes
according to kerberos encryption types

Also use proper directives for heimdal (heimdal recognizes
the MIT etype directives, but does not act upon them)

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-09 04:39:07 +02:00
Uri Simchoni
513fa31c85 s3-param: add kerberos encryption types parameter
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-09 04:39:07 +02:00
Ralph Boehme
25df582739 dbwrap_ctdb: treat empty records in ltdb as non-existing
When fetching records from remote ctdb nodes via ctdbd_parse() or in
db_ctdb_traverse(), we already check for tombstone records and skip
them. This was originally also done for the ltdb checks.

See also bug: https://bugzilla.samba.org/show_bug.cgi?id=10008
(commit 1cae59ce11).

Commit 925625b528 reverted part of the
patch of bug 10008 due to a deadlock it introduced.

This patch re-introduces the consistent treatment of empty records in
the ltdb but avoids the deadlock by correctly signalling
NT_STATUS_NOT_FOUND if an empty record is found authoritatively in
the ltdb and not calling ctdb in this case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12005

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Aug  9 04:38:44 CEST 2016 on sn-devel-144
2016-08-09 04:38:44 +02:00
Ralph Boehme
b17e2f5c74 s4/torture: add a test for ctdb-tombstrone-record deadlock
This tests for a possible deadlock between smbd and ctdb dealing with
ctdb tombstone records.

Commit 925625b528 explains the deadlock in
more details and contains the fix. It's a fix for a regression
introduced by the patch for bug 10008 (1cae59ce11).

If you ever want to use this test against that specific commit:

$ git checkout 925625b528
$ git cherry-pick THIS_COMMIT

This should not deadlock on a ctdb cluster.

$ git revert 925625b528

This will deadlock.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12005

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2016-08-09 01:31:33 +02:00
Ira Cooper
14f29c4f56 buildscripts: Fix the regression with --without-acl-support.
This will disable the vfs_glusterfs and vfs_cephfs modules if
you provide --without-acl-support.

In addition it makes compiling in POSIXACL_XATTR conditional
on vfs_glusterfs or vfs_cephfs being built in.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Steve French <sfrench@samba.org>
Tested-by: Steve French <sfrench@samba.org>

Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Mon Aug  8 21:27:46 CEST 2016 on sn-devel-144
2016-08-08 21:27:46 +02:00
Ira Cooper
38bb993657 source3/wscript: Add support for disabling vfs_cephfs
--enable-cephfs and --disable-cephfs both work now.

--enable-cephfs is the default to match previous
versions of Samba.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Steve French <sfrench@samba.org>
Tested-by: Steve French <sfrench@samba.org>
2016-08-08 18:19:16 +02:00
Stefan Metzmacher
a0e60e96aa samba-tool/ldapcmp: ignore differences of whenChanged
This is implicitly replicated, but may diverge on updates of non-replicated
attributes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12129

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Aug  8 17:34:24 CEST 2016 on sn-devel-144
2016-08-08 17:34:24 +02:00
Ralph Boehme
7147859c7a smbd: ignore ctdb tombstone records in fetch_share_mode_unlocked_parser()
dbwrap_parse_record() can return ctdb tombstone records from the lctdb,
ignore them.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12005

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-08-08 14:26:24 +02:00
Martin Schwenke
464b386d55 ctdb-packaging: Stop RPM from renaming working config to ctdb.rpmsave
The change to ctdbd.conf and removal of /etc/sysconfig/ctdb as a
configuration file makes RPM rename the latter with a .rpmsave suffix.
This means that a working configuration is moved aside on upgrade and
manual intervention is needed.

Avoid this by convincing RPM that the existing /etc/sysconfig/ctdb is
still a configuration file.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12125

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Aug  8 11:30:58 CEST 2016 on sn-devel-144
2016-08-08 11:30:57 +02:00
Martin Schwenke
d7ecc913bb ctdb-daemon: Clean up SET_DB_PRIORITY/GET_DB_PRIORITY deprecation
The current message is broken:

  Control SET_DB_PRIORITY is not implemented any more, use  instead

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12126

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Martin Schwenke
940272d215 ctdb-daemon: Fix CID 1125627 Resource leak (RESOURCE_LEAK)
Also fixes CID 1125628.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Martin Schwenke
b4f23a7e95 ctdb-common: Fix CID 1125585 Dereference after null check (FORWARD_NULL)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Martin Schwenke
bbf0b907cb ctdb-common: Fix CID 1125583 Dereference after null check (FORWARD_NULL)
This also fixes CID 1125584.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Martin Schwenke
7ae3699831 ctdb-common: Fix CID 1125581 Dereference after null check (FORWARD_NULL)
This also fixes CID 1125582.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Martin Schwenke
f802a11d3b ctdb-tests: Fix CID 1361816 Buffer not null terminated (BUFFER_SIZE_WARNING)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Martin Schwenke
4541301d92 ctdb-common: Fix CID 1363227 Resource leak (RESOURCE_LEAK)
Occurs on an invalid line that isn't the first.  Isn't really a leak
because it is allocated off mem_ctx, which should be freed by the
caller.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12110

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Martin Schwenke
1f942ec36c ctdb-mutex: Avoid corner case where helper is already reparented to init
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12113

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Amitay Isaacs
88a5791015 ctdb-tools: Use INVALID_GENERATION macro instead of value
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:34 +02:00
Martin Schwenke
2295f5009d ctdb-doc: Document that "ctdb tickle" can now read from stdin
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12123

Although this has been queued for a while, with changes to add stdin
support to the original ctdb tool, this came for free with the
replacement tool.

addtickle and deltickle also now have this feature.  However, they're
internal commands and we're not adding new documentation for
internal/debug commands.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Martin Schwenke
f2b319e457 ctdb-tools: "ctdb tickle" command should run without daemon
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12123

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:34 +02:00
Amitay Isaacs
4d144d7106 ctdb-tools: Cancel transaction on error or if commit fails
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12122

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:34 +02:00
Amitay Isaacs
8aa00035fa ctdb-client: transaction_cancel must free transaction handle
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12122

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:34 +02:00
Amitay Isaacs
3c51ac48df ctdb-tools: Free temporary memory context before exiting
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
c9750c821e ctdb-tools: Close tdb database on error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
2e5e51ebcd ctdb-tools: Free connection list after processing it
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Martin Schwenke
1f6835c732 ctdb-tools: Add early return for empty connection list
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

If the connection list is empty then process_clist_send() still
creates a request.  However, since no subrequests are created for
controls sent, tevent_req_poll() waits forever for an event.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
b54bd763b7 ctdb-tools: Free tickle list before exiting
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
814002c9a1 ctdb-tools: Free record if it does not contain valid data
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
bfe891e418 ctdb-tools: Fix CID 1364706 - resource leak
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
5f5d9549fc ctdb-tools: Fix CID 1364705 - resource leak
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
45b9c379b5 ctdb-tools: Fix CID 1364704 - resource leak
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
94bf6e69db ctdb-tools: Fix CID 1364703 - resource leak
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
10019f7cdf ctdb-tools: Fix CID 1364702 - resource leak
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
25f27e16b2 ctdb-tools: Fix CID 1364701 - resource leak
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
bf1dab28d1 ctdb-tools: Fix CID 1364699 - dereference after null check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12121

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Amitay Isaacs
049dd07b90 ctdb-tests: Add explicit wait to the fork_helper()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12109

To create a client process that waits after connect(), instead of trying
to do a blocking write(), go to sleep.  The parent can then kill the client
process, once testing is done.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-08 08:17:33 +02:00
Martin Schwenke
8ce8e1d7f8 ctdb-tests: Clean up and rename simple transaction_loop recovery test
* Rename to clarify purpose of test

* Simplify test info to avoid unnecessary bit-rot

* Restart after test since test does heavy database manipulation

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12109

Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:33 +02:00
Martin Schwenke
de04cd5784 ctdb-tests: Clean up and rename simple transaction_loop test
* Rename to clarify purpose of test

* Simplify test info to avoid unnecessary bit-rot

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12109

Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:33 +02:00
Martin Schwenke
18b41fcb51 ctdb-tests: Implement --interactive/-i option in transaction_loop
Also add PNNs to output.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12109

Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:33 +02:00
Martin Schwenke
c10dcc7b91 ctdb-tests: Clean up and rename simple fetch_ring test
* Rename to clarify purpose of test

* Simplify test info to avoid unnecessary bit-rot

* Have fetch_ring print PNN for clearer output and update patterns in
  test script to suit

* Simplify sanity checking pattern due to less data because of
  --interactive/-i option

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12109

Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:32 +02:00
Martin Schwenke
82cffc2f57 ctdb-tests: Implement --interactive/-i option in fetch ring
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12109

Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:32 +02:00
Martin Schwenke
e7a220377e ctdb-tests: Clean up and rename simple message_ring test
* Rename to clarify purpose of test

* Simplify test info to avoid unnecessary bit-rot

* Have message_ring print PNN for clearer output and update patterns
  in test script to suit.

* Drop quantitative percentage check since this is hard to predict
  when under extreme load.  To compensate, tighten up expectations for
  the total number of messages in each direction: at least 10 messages
  are required over 10 seconds.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12109

Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:32 +02:00
Martin Schwenke
fbb3ef46b9 ctdb-tests: Implement --interactive/-i option in message_ring
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12109

Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:32 +02:00
Martin Schwenke
b100d78597 ctdb-tests: Add --interactive/-i option to test options parsing code
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12109

Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-08 08:17:32 +02:00
Jeremy Allison
1ddd01dd21 s4: repl: Ensure all error paths in dreplsrv_op_pull_source_get_changes_trigger() are protected with tevent returns.
Otherwise dreplsrv_op_pull_source_get_changes_trigger() could infinitely recurse.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Aug  6 01:24:05 CEST 2016 on sn-devel-144
2016-08-06 01:24:05 +02:00
Karolin Seeger
8a44659c33 docs: Bump version up to 4.6.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2016-08-05 22:20:05 +02:00
Volker Lendecke
a320f53cb7 ldb: Fix two signed/unsigned hickups
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-08-05 22:20:05 +02:00
Volker Lendecke
07d12d2c71 lib: Fix a pointless error check
According to susv4, addr.s6_addr is a

uint8_t s6_addr[16]

which is always != 0

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-08-05 22:20:05 +02:00