1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

30205 Commits

Author SHA1 Message Date
David Disseldorp
337a94f756 torture: add file_attribs arg to file create helper
Allows for the testing of file creation with FILE_ATTRIBUTE_COMPRESSED.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-15 13:40:41 -07:00
David Disseldorp
0ad2ca98ce torture: add compressed file attribute ioctl test
After marking a file for compression via FSCTL_SET_COMPRESSION, the
FILE_ATTRIBUTE_COMPRESSED flag should be present. Test for this.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-15 13:40:37 -07:00
David Disseldorp
e1b45869de torture: check for filesystem compression capability
Only run the compression tests if the compression capability is returned
by the server in response to an SMB2_QUERY_INFO(FS attribute info)
request.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-15 13:40:34 -07:00
David Disseldorp
f47ff9d227 torture: extend FSCTL_[GET/SET]_COMPRESSION tests
Check for inheritance of compression attributes from parent directories.
Also, test error handling for invalid requests.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-15 13:40:17 -07:00
Stefan Metzmacher
44b53937d5 libcli/smb: pass max_dyn_len to smb2cli_req_send()
This way we can calculate the correct credit charge
for requests with large output buffers.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-15 09:07:06 +02:00
Volker Lendecke
d672535551 libcli: Fix improper use of tevent_req_simple_recv_ntstatus
tevent_req_simple_recv_ntstatus is just for the simple return without
anything to do after it.

Signed-off-by: Volker Lendecke <vl@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12 17:25:58 +12:00
Volker Lendecke
2175024f97 lsa4: Fix an set but unused variable warning
Signed-off-by: Volker Lendecke <vl@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12 17:25:47 +12:00
Volker Lendecke
55c3f8efc3 lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12 17:25:46 +12:00
Stefan Metzmacher
82e969b3c7 s4:wrepl_out_helpers.c: avoid talloc_reference() in most cases
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12 16:48:54 +12:00
Stefan Metzmacher
6b9977916e s4:torture/rpc: s/getgroups/getgr to avoid compiler warnings
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12 16:48:52 +12:00
Stefan Metzmacher
72dec3c1f1 s4:nbt_server: avoid talloc_reference()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12 16:48:51 +12:00
Stefan Metzmacher
270aee56f1 s4:torture/rpc/samsync: avoid talloc_reference()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12 16:48:49 +12:00
Stefan Metzmacher
fd54ffa66c s4:libcli: avoid talloc_reference() in finddcs_nbt_send()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12 16:48:47 +12:00
Stefan Metzmacher
ae6166a3c1 s4:librpc: avoid talloc_reference() in dcerpc_epm_map_binding_send()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-12 16:48:46 +12:00
Christian Ambach
20b64eae75 waf: replace dependency to libintl with samba_intl
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Mon Aug 12 00:46:34 CEST 2013 on sn-devel-104
2013-08-12 00:46:34 +02:00
Christian Ambach
07b3a04872 waf: consolidate libintl related checks
consolidate the dealing with functions from libintl and the
handling of checking if libiconv is required or not
to a common place in lib/replace

also add a new samba_intl subsystem that has dependencies
on the appropriate set of libraries (libintl, libintl+libiconv or none)
that can be used as a general dependency by code that depends
on the internationalization libraries

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-09 22:46:57 +02:00
Stefan Metzmacher
966faef9c6 auth/gensec: treat struct gensec_security_ops as const if possible.
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:19:04 +02:00
Stefan Metzmacher
71c63e85e7 auth/gensec: introduce gensec_internal.h
We should treat most gensec related structures private.

It's a long way, but this is a start.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:19:02 +02:00
Stefan Metzmacher
e90e1b5c76 s4:gensec/schannel: only require librpc/gen_ndr/dcerpc.h
We just need DCERPC_AUTH_TYPE_SCHANNEL

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:19:01 +02:00
Stefan Metzmacher
9b9ab1ae69 s4:gensec/schannel: there's no point in having schannel_session_key()
gensec_session_key() will return NT_STATUS_NO_USER_SESSION_KEY
before calling schannel_session_key(), as we don't provide
GENSEC_FEATURE_SESSION_KEY.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:19:01 +02:00
Stefan Metzmacher
a07049a839 s4:gensec/schannel: GENSEC_FEATURE_ASYNC_REPLIES is not supported
There's a sequence number attached to the connection,
which needs to be incremented with each message...

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:19:01 +02:00
Stefan Metzmacher
b510476822 s4:gensec/schannel: use the correct computer_name from netlogon_creds_CredentialState
We need to use the same computer_name we used in the netr_Authenticate3
request.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:19:00 +02:00
Stefan Metzmacher
49f347eb11 s4:gensec/schannel: simplify the code by using netsec_create_state()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:19:00 +02:00
Stefan Metzmacher
4cad5dcb6d s4:gensec/schannel: remove unused dcerpc_schannel_creds()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:59 +02:00
Stefan Metzmacher
2ea3a24dce s4:torture: avoid usage of dcerpc_schannel_creds()
We use cli_credentials_get_netlogon_creds() which returns the same value.

dcerpc_schannel_creds() is a layer violation.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:59 +02:00
Stefan Metzmacher
c0144273af s4:libnet: avoid usage of dcerpc_schannel_creds()
We use cli_credentials_get_netlogon_creds() which returns the same value.

dcerpc_schannel_creds() is a layer violation.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10 09:18:59 +02:00
David Disseldorp
d944841211 torture: add smb2 FSCTL_[GET/SET]_COMPRESSION test
This test simply creates a file and checks the compression state before
and after FSCTL_SET_COMPRESSION(COMPRESSION_FORMAT_DEFAULT).

The test expects the compression state to be COMPRESSION_FORMAT_LZNT1
after set, conforming to Windows Server behaviour.

If the server responds to the first FSCTL_GET_COMPRESSION request with
NT_STATUS_NOT_SUPPORTED or NT_STATUS_INVALID_DEVICE_REQUEST, then the
test is skipped. This allows it to run during selftest.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug  9 22:03:39 CEST 2013 on sn-devel-104
2013-08-09 22:03:38 +02:00
David Disseldorp
86c79f1ab3 torture: split out ioctl test file creation helper
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-09 11:09:46 -07:00
Matthieu Patou
f6d157858f drs-cracknames: Add some debugs in the torture to know better which test has failed
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-By: Andrew Bartlett <abarlett@samba.org>

Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Wed Aug  7 08:10:58 CEST 2013 on sn-devel-104
2013-08-07 08:10:58 +02:00
Matthieu Patou
7fe4630bad drs-cracksname: fix problems that prevented to pass our torture tests
Some of the problems where also reported by Microsoft testing tools

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:22:10 -07:00
Matthieu Patou
029e80da9d drs-crackname: Fix error code so that we have the same as windows
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:22:07 -07:00
Matthieu Patou
552b4f3e02 drs-cracknames: When cracking NT4 names we should just look at netbios for the match
Looking at dnsRoot will yield a result for domain.tld\username when it
shouldn't work.

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:22:05 -07:00
Matthieu Patou
aa17a2c01d drs-crackname: Fix cracknames for the format UNKNOWN when the data is actually a GUID
The cannonical crackname expect a "/" or it returns
DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR, when doing UNKNOWN format it's not
an error to not have a "/" in the name to crack it's just a sign the
name is not a cannonical one.

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:22:02 -07:00
Matthieu Patou
beead4d431 drs-cracknames: Reorganise the cracknames list so that similar format names are group together
It makes easier when reviewing failed test case in DRSR testsuite

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:22:00 -07:00
Matthieu Patou
2f7d772583 Add Notes related to DRSUAPI
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:21:56 -07:00
Matthieu Patou
b67085de7f s4-netlogon: honnor DS_RETURN_DNS_NAME flag
Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:21:52 -07:00
Matthieu Patou
927a1030d7 s4-netlogon: do not add \\ it has already be done in the fill_netlogon_samlogon_response
Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:21:47 -07:00
Matthieu Patou
530098440e torture: Quiet a warning about set but not used variable
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:21:41 -07:00
Matthieu Patou
0eb304d536 torture-drsuapi: Make the name of the dc variable
In case some tests fails or if the removal takes sometime to replicate
to all the DCs

Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:21:09 -07:00
Jeremy Allison
c4cba824d9 Fix bug #10010 - Missing integer wrap protection in EA list reading can cause server to loop with DOS.
Fix client-side parsing also. Found by David Disseldorp <ddiss@suse.de>

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Aug  5 14:39:04 CEST 2013 on sn-devel-104
2013-08-05 14:39:04 +02:00
Stefan Metzmacher
9d548318da s4:netlogon: make use of netlogon_creds_decrypt_samlogon_logon()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:01 +02:00
Stefan Metzmacher
34fa794699 s4:librpc: fix netlogon connections against servers without AES support
LogonGetCapabilities() only works on the credential chain if
the server supports AES, so we need to work on a temporary copy
until we know the server replied a valid return authenticator.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:01 +02:00
Günther Deschner
a9d5b2fdf0 libcli/auth: also set secure channel type in netlogon_creds_client_init().
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05 10:30:00 +02:00
Stefan Metzmacher
bbd63dd8a1 s4:ntlm_auth: make use of cli_credentials_[set_]callback_data*
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05 17:48:04 +12:00
Stefan Metzmacher
d47bf469b8 s4:torture/rpc: make use of cli_credentials_set_netlogon_creds()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05 17:48:04 +12:00
Stefan Metzmacher
d36fcaa5f3 s4:torture/gentest: make use of cli_credentials_get_username()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05 17:48:03 +12:00
Stefan Metzmacher
36b3c9506c s4:torture/shell: simplify cli_credentials_set_password() call
All we want is to avoid a possible callback...

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05 17:48:03 +12:00
Andrew Bartlett
f2afdb6169 dsdb: Include MS-ADTS doc references on deleted object contstraints
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-30 08:37:11 +02:00
Andrew Bartlett
a9e565a5a4 dsdb tests: Add member/memberOf checking to delete_objects testing
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-30 08:37:08 +02:00
Andrew Bartlett
0162be32ab dsdb: Improve DRS deleted link source/target handing in repl_meta_data
We now correctly ignore the link updates if the source or target is
deleted locally.

This fixes the long-standing failure in the vampire_dc dbcheck test.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-30 08:36:58 +02:00
Andrew Bartlett
32955a1dec dsdb: Ensure we always force deleted objects back under the deleted objects DN
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-30 08:36:55 +02:00
Stefan Metzmacher
a796cad90f dsdb/repl_meta_data: split out replmd_deletion_state()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-07-30 08:36:51 +02:00
Andrew Bartlett
d3aad891c5 dsdb: Prune deleted objects of links and extra attributes of replicated deletes
When an object is deleted, the links to be removed are not propogated,
you have to watch out for them manually!

We do this by calling back into the originating update delete code (ie
what is called if you ldb_delete() locally) so that any extra
attribute found locally and not on the remote server becomes removed
remotely too.

We currently do the same with links, but that isn't strictly correct,
but for now our getNCChanges server code filters these out, so only
the usn is bumped.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-30 08:36:41 +02:00
Kai Blin
45f5ea0b57 dns: Update TODO list
A lot of the todo items have been resolved, avoid confusing people.

Signed-off-by: Kai Blin <kai@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 29 09:12:17 CEST 2013 on sn-devel-104
2013-07-29 09:12:17 +02:00
Andrew Bartlett
a74c7d780c torture/drs: Expand an error message to aid debugging
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 25 13:51:44 CEST 2013 on sn-devel-104
2013-07-25 13:51:44 +02:00
Stefan Metzmacher
63c05e820f dsdb/samdb: use RECYCLED it implies DELETED...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-25 09:01:08 +02:00
Andrew Bartlett
5e1f2795f2 rpc_server-drsuapi: Improve comments and DEBUG lines
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24 16:35:37 +02:00
Andrew Bartlett
e9faf50ee1 dsdb: Add assert in drepl_take_FSMO_role
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-24 16:35:32 +02:00
Andrew Bartlett
db9c3c62c8 dsdb-ridalloc: Rework ridalloc to return error strings where RID allocation fails
We now also only poke the RID manager once per request.

This may help track down why RID allocation can fail, as while we
never wait for the RID set to be created/updated, it may be the only
clue the admin gets as to why the async allocations were failing.

Andrew Bartlett

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24 16:35:04 +02:00
Andrew Bartlett
31fb7f9c1b dsdb: Rework subtree_rename module to use recursive LDB_SCOPE_ONELEVEL searches
This should be more efficient, particularly in the leaf node case when renaming and
deleting entries on large databases.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24 16:35:01 +02:00
Andrew Bartlett
03b44d26fd dsdb-descriptor: Do not do a subtree search unless we have child entries
This avoids a subtree search here in most cases where an object is deleted.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-24 16:34:58 +02:00
Stefan Metzmacher
077dfd0a89 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_my_addr()
This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.

(similar to commit e9ae36e968)

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10042

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 24 14:37:43 CEST 2013 on sn-devel-104
2013-07-24 14:37:43 +02:00
Andrew Bartlett
e9ae36e968 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr()
This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-23 15:35:08 -07:00
Jeremy Allison
bb21fc51e4 Add torture tests to raw.eas to check sending Windows invalid names in the middle of an EA list.
Add torture tests to probe the set of invalid
Windows EA names.

Bug 9992 - Windows error 0x800700FE when copying files with xattr names containing ":"

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 19 11:50:25 CEST 2013 on sn-devel-104
2013-07-19 11:50:25 +02:00
Bill Parker
9b58da9866 Fix bug 10025 - Lack of Sanity Checking in calls to malloc()/calloc().
In reviewing various files in Samba-4.0.7, I found a number
of instances where malloc()/calloc() were called without the
checking the return value for a value of NULL, which would
indicate failure.

(NB. The changes needed to ccan, iniparser, popt and heimdal
will be reported upstream, not patched inside Samba).

Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Source <idra@samba.org>
2013-07-17 16:12:19 -07:00
Stefan Metzmacher
596b51c666 s4:server: avoid calling into nss_winbind from within 'samba'
The most important part is that the 'winbind_server' doesn't
recurse into itself. This could happen if the krb5 libraries
call getlogin().

As we may run in single process mode, we need to set
_NO_WINBINDD=1 everywhere, the only exception is the forked
'smbd'.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
2013-07-10 23:18:06 +02:00
Stefan Metzmacher
e6a58d3704 s4:rpc_server: make sure we don't terminate a connection with pending requests (bug #9820)
Sadly we may have nested event loops, which won't work correctly with
broken connections, that's why we have to do this...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 08:47:38 CEST 2013 on sn-devel-104
2013-07-10 08:47:38 +02:00
Andrew Bartlett
2505d48e4f s4-winbindd: Do not terminate a connection that is still pending (bug #9820)
Instead, wait until the call attempts to reply, and let it terminate then

(often this happens in the attempt to then write to the broken pipe).

Andrew Bartlett

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-10 06:57:06 +02:00
Andrew Bartlett
df929d6feb service_stream: Log if the connection termination is deferred or not (bug #9820)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-10 06:57:06 +02:00
Andrew Bartlett
2763cad409 dsdb-ridalloc: Fix RID pools - RID numbers increase too quickly
A patch by Cove Schneider <cove_s@yahoo.com> who reports:

I noticed that the RID numbers seem to increase incrementally, then
will suddenly jump by 124501. Unless I'm misunderstanding, shouldn't
RID pool allocations just be 500 at a time?

e.g.  Adding accounts one after another on a single test instance here's how they're incrementing (from 4.0.6):
1596
1597
1598
1599
126100
126101
126102
...
126599

251100
...

251599

376100
...

The problem is that this complicates using sssd's AD integration, as
that it doesn't expect the RIDs to increase in a single domain so
quickly.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul  4 20:13:05 CEST 2013 on sn-devel-104
2013-07-04 20:13:05 +02:00
Matthieu Patou
2536ee8b64 Make the output of the crackname script more readable
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul  3 23:17:57 CEST 2013 on sn-devel-104
2013-07-03 23:17:56 +02:00
Andreas Schneider
bf5bc723da torture: Don't segfault in smb2.session on error.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-02 12:30:43 -07:00
Andreas Schneider
d295e18409 torture: Don't segfault in raw.session on error.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-07-02 12:30:28 -07:00
Andreas Schneider
474eee0df7 torture: Fix comparsion of uninitalized bytes.
As we compare string make sure we have the null terminator.

Found by valgrind.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2013-07-02 12:22:08 -07:00
Matthieu Patou
3d20d20c4c smbtorture: Make cracksname easier to debug by outputing the offered format
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
Signed-off-by: Matthieu Patou <mat@matws.net>

Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Mon Jul  1 11:22:57 CEST 2013 on sn-devel-104
2013-07-01 11:22:57 +02:00
Matthieu Patou
74dd365f77 Fix a missing parenthesis in the LDAP search request
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Jun 30 13:34:13 CEST 2013 on sn-devel-104
2013-06-30 13:34:13 +02:00
Andrew Bartlett
48ae86f74c heimdal_build: Add missing dep on samba4kgetcred
This started to fail on current Debian Sid with system Heimdal after a binutils update.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 25 02:30:59 CEST 2013 on sn-devel-104
2013-06-25 02:30:59 +02:00
Andrew Bartlett
7bf8fc7ca2 torture: Add tests for LDAP substring search with no strings provided
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun 24 23:55:07 CEST 2013 on sn-devel-104
2013-06-24 23:55:07 +02:00
Simo Sorce
9b88166f45 lsa4: Fix a set but unused variable warning
Also insure that we exit immediately on any error.

Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jun 24 12:17:52 CEST 2013 on sn-devel-104
2013-06-24 12:17:52 +02:00
Volker Lendecke
06e5401f7b lsa4: Fix a set but unused variable warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
7d5daaa9f4 lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
2448fe3ffe lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
720b4d3932 lsa4: Remove an unused variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-21 11:23:51 -07:00
Volker Lendecke
b96cea4aa5 Fix some blank line endings
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jun 21 19:57:06 CEST 2013 on sn-devel-104
2013-06-21 19:57:06 +02:00
Volker Lendecke
d2642cb1b9 dns: Fix CID 1034969 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Fri Jun 21 17:32:16 CEST 2013 on sn-devel-104
2013-06-21 17:32:16 +02:00
Andrew Bartlett
88c72fceb1 s4-winbind: Add special case for BUILTIN domain
This should mean that lookups for the BUILTIN domain cause less trouble
then they have in the past, because they will no longer go via the
trusted domain handler.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 20 15:30:00 CEST 2013 on sn-devel-104
2013-06-20 15:30:00 +02:00
Jeremy Allison
d4091c5809 Fix bug #9166 - Starting smbd or nmbd with stdin from /dev/null results in "EOF on stdin"
Only install the stdin handler if it's a pipe or fifo.

Signed-off-by: Jeremy Allison <jra@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-20 13:41:01 +02:00
Andrew Bartlett
fc13489c91 build: Build with system md5.h on OpenIndiana
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5.  I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.

This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-06-19 21:32:36 +02:00
Stefan Metzmacher
f1781adb05 dsdb: remove a wrong comment in dsdb_check_access_on_dn_internal()
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 13 18:19:24 CEST 2013 on sn-devel-104
2013-06-13 18:19:24 +02:00
Stefan Metzmacher
122214b16b dsdb: don't allow a missing nTSecurityDescriptor in dsdb_get_sd_from_ldb_message()
Every object has a nTSecurityDescriptor attribute.

This also avoids potential segfaults in the callers.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-06-13 14:18:27 +02:00
Stefan Metzmacher
5959affa03 dsdb: use AS_SYSTEM | SHOW_RECYCLED for access check searches
We need AS_SYSTEM in order to get the nTSecurityDescriptor attribute.
Also the result of this search not controlled by the client
nor is the result exposed to the client.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-13 13:57:42 +02:00
Stefan Metzmacher
afb2bcc084 s4:smb_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the smb_server task.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-13 12:37:04 +02:00
Stefan Metzmacher
12d9728131 s4:rpc_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the rpc_server task.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-13 12:37:04 +02:00
Stefan Metzmacher
a1aeeee430 s4:ldap_server: call irpc_add_name() at startup (bug #9905)
We should call irpc_add_name() when we start the ldap_server task.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-13 12:37:04 +02:00
Andrew Bartlett
6c8cccc1fb dsdb repl_meta_data: Use dsdb_request_add_controls()
This makes the code easier to read.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jun 13 11:15:01 CEST 2013 on sn-devel-104
2013-06-13 11:15:01 +02:00
Andrew Bartlett
68f8f4ec4d dsdb-tests ldap.py: Add test for usn behaviour on certain changes
This probes when the usn is updated, and when it is not.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jun 12 11:54:01 CEST 2013 on sn-devel-104
2013-06-12 11:54:01 +02:00
Andrew Bartlett
51298d33dd dsdb-tests ldap.py: Fix quoting of print statements
While python didn't mind (oddly) it really confused my editor.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-06-12 10:02:08 +02:00
Andrew Bartlett
96980f7c04 dsdb: Fix behaviour for when to update the USN when there is no change
This handles deletions and replacements with no value, or with an
exactly specified value, as well as modifies.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-06-12 10:02:08 +02:00
Andrew Bartlett
e461ff5300 dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs
This helps us in the KCC as we need to return the deleted DN for the GUID
in DsReplicaGetInfo calls (tested for deleted servers against Windows 2008R2).

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-06-12 10:02:07 +02:00
Stefan Metzmacher
3fba9ba7ea dsdb: reset schema->{classes,attributes}_to_remove_size to 0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jun 11 11:40:39 CEST 2013 on sn-devel-104
2013-06-11 11:40:39 +02:00