1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Commit Graph

46636 Commits

Author SHA1 Message Date
Michael Adam
3de5abb954 selftest: rename env dc to ad_dc_ntvfs
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-03-16 23:04:46 +01:00
Michael Adam
902aa3c710 selftest: rename env plugin_s4_dc to ad_dc
This is the environment that represents our supported production
setup of an active directory domain controller.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-03-16 23:04:46 +01:00
Michael Adam
b2f5916d46 s3:winbind:grent: don't stop when querying one domain fails.
Just continue with the next domain.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
6f13e79350 s3:winbind:grent: convert wb_next_grent to use wb_query_group_list.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
81955ebd40 s3:winbind: add wb_query_group_list module - async query group list
Modeled after wb_query_user_list.c

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
9438bcc04c s3:winbind:grent: refactor duplication into wb_next_grent_send_do()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
09cc5cf355 s3:winbind:grent: move resetting next_group up.
This is to make it more obvious that this is a case
of code duplication.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
36fce5c413 s3:winbind:grent: use wb_next_domain() in wb_next_grent.c
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
a221d88c39 s3:winbind:grent: fix a debug message.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
1ed41a5c39 s3:winbind:pwent: refactor duplication into wb_next_pwent_send_do()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
504b65c49c s3:winbind:pwent: move resetting next_user up.
This does not change the behaviour and makes it more evident
that we have anothe code duplication here:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
if (state->gstate->num_users == 0) {
	...
}

subreq = wb_fill_pwent_send(...)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

is for the current setting of variables equivalent
to the block found elsewhere:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
if (state->gstate->next_user >= state->gstate->num_users) {
	...
}

subreq = wb_fill_pwent_send(...)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

because both num_users is set to a non-negative
value and num_users starts at 0 and is incremented up to
num_users.

The code duplication will be factored out next.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
b3023c7e83 s3:winbind:pwent: move wb_next_domain() to winbindd_util.c for re-use
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
d0dc6481a8 s3:winbind:pwent: rename wb_next_find_domain to wb_next_domain
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
e8996807b1 s3:winbind:pwent: use wb_next_find_domain()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
9d1840b9bb s3:winbind:util: fix comment typo
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:51 +01:00
Michael Adam
bd4b22effe s3:util_sid: donate an empty line.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:50 +01:00
Michael Adam
24015224da s3:winbind:grent: don't stop group enumeration when a group has no gid
simply continue with the next group

Note: this patch introduces some code duplication to make it
easier to create minimal backport patch. Subsequent patches
will provide some refactoring to reduce the duplication.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=8905

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-16 20:26:50 +01:00
Andrew Bartlett
65379ef3a4 param: Use IDL-based constants for NBT and NBT dgram ports
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 16 05:35:56 CET 2015 on sn-devel-104
2015-03-16 05:35:55 +01:00
Andrew Bartlett
023055ec80 torture3: Rename LOCAL-WBCLIENT to WBCLIENT-MULTI-PING
This is not a local test, it should not be named LOCAL-*

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2015-03-16 03:00:07 +01:00
Andrew Bartlett
dbc4320096 selftest: Run LOCAL-WBCLIENT against a test environment, not none
The issue with this test was that it ran against whatever was
listening (or not) at the build prefix, not what was running under
make test

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
2015-03-16 03:00:07 +01:00
Thomas Nagy
3c0e3af395 Transition to waf 1.8: wrapped conf.check_cfg
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>

(forward ported to current master by abartlet)

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-03-16 03:00:07 +01:00
Günther Deschner
18ec553125 librpc: use WERROR in the clusapi interface.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-03-13 23:58:07 +01:00
Günther Deschner
f3d5c0f092 s3-rpcclient: add very basic clusapi client.
Note that you need to call rpcclient with ncacn_ip_tcp:$target[sign,seal],
otherwise clusapi will not allow success.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-03-13 23:58:07 +01:00
Stefan Metzmacher
f0a6935b1e s3:rpc_server/lsa: only return collision_info if filled in lsaRSetForestTrustInformation()
If there're no collisions we should not fill the collision_info pointer.

Otherwise Windows fails to create a forest trust.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Mar 12 19:49:33 CET 2015 on sn-devel-104
2015-03-12 19:49:33 +01:00
Stefan Metzmacher
080db5f60a lsa.idl: improve idl for lsa_ForestTrust*Record*
The meaning of lsa_ForestTrustRecordFlags is based lsa_ForestTrustRecordType,
but the type is not always available so it's not possible to use an union.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:44 +01:00
Günther Deschner
a0700dd275 netlogon.idl: netr_ServerPasswordGet returns NTSTATUS not WERROR.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
29b173d2a7 s4:trust_utils: store new trust/machine passwords before trying it remotely.
If this fails we can still fallback to the old password...

Before trying the password change we verify the dc knows our current password.

This should make the password changes much more robust.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
1623992105 s3:winbindd: make open_internal_lsa_conn() non static
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
f126eeb2a1 s3:winbindd_cm: improve detection for the anonymous fallback.
If the kinit results in NT_STATUS_NO_LOGON_SERVERS, we should fallback,
if allowed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
7391416399 s3:pdb_samba_dsdb: implement pdb_samba_dsdb_set_trusteddom_pw()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
e0a4f438d1 s3:pdb_samba_dsdb: return the domain sid in pdb_samba_dsdb_get_trusteddom_pw()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
2a2cec6f9c s3:pdb_samba_dsdb: return the previous password and the kvno in pdb_samba_dsdb_get_trusteddom_creds()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
7d36141ba3 s3:rpc_client: remove unused cli_rpc_pipe_open_schannel_with_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
0f3e32247c s3:libnet: use cli_credentials based functions in libnet_join_ok()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
484adf45ed s3:auth_domain: make use of cli_rpc_pipe_open_schannel()
This simplifies a lot and allows the previous password to be used.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
91e4cbc46f s3:auth_domain: fix talloc problem in connect_to_domain_password_server()
return values of connect_to_domain_password_server() need to be exported
to the callers memory context.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
9af336cce7 s3:rpcclient: make use of rpccli_[create|setup]_netlogon_creds_with_creds()
This passing struct cli_credentials allows the usage of the previous password.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
6d31763de1 s3:rpc_client: handle !NETLOGON_NEG_AUTHENTICATED_RPC in cli_rpc_pipe_open_schannel()
This is only allowed with special config options ("client schannel = no",
"require strong key = no" and "reject md5 servers = no").
By default we require NETLOGON_NEG_AUTHENTICATED_RPC.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
c3b7e6e218 s3:rpc_client: use cli_credentials based functions in cli_rpc_pipe_open_schannel()
This simplifies the code and allows the previous password to be passed
through the stack.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
0994e0a3e3 s3:rpc_client: remove unused auth_level paramter of cli_rpc_pipe_open_schannel()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:43 +01:00
Stefan Metzmacher
8d73127462 s3:cli_netlogon: cli_credentials_get_old_nt_hash() in rpccli_setup_netlogon_creds_with_creds()
This way we'll fallback to use the previous machine/trust account password
if required.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-03-12 17:13:42 +01:00
Christof Schmitt
ddcf3614ce brlock: Use 0 instead of empty initializer list
C does not allow empty initializer lists. Although gcc accepts that, the
SunOS compiler fails in this case with an error.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11153

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Thu Mar 12 02:49:36 CET 2015 on sn-devel-104
2015-03-12 02:49:36 +01:00
Lukas Slebodnik
9643a4b1ef lib/util: Include DEBUG macro in internal header files before samba_util.h
It's best practice to include external header files before internal
header files. In this case internal DEBUG macro cannot be defined and
therefore samba version of debug macro will be included
in header file "util/fault.h".

In file included from example.c:27:0:
src/util/util.h:127:0: error: "DEBUG" redefined [-Werror]
 #define DEBUG(level, format, ...) do { \
 ^
In file included from /usr/include/samba-4.0/util/fault.h:29:0,
                 from /usr/include/samba-4.0/samba_util.h:62,
                 from /usr/include/samba-4.0/ndr.h:30,
                 from example.c:24:
/usr/include/samba-4.0/util/debug.h:182:0: note: this is the location of the previous definition
 #define DEBUG( level, body ) \
 ^
  CC       src/providers/ad/libsss_ad_common_la-ad_domain_info.lo
cc1: all warnings being treated as errors

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11033

Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 11 18:47:22 CET 2015 on sn-devel-104
2015-03-11 18:47:22 +01:00
Volker Lendecke
ca59881380 smbd: Simplify create_token_from_sid()
This if-statement is unnecessary. First, talloc_array returns non-NULL
even if asked for 0 elements. Second, a bit further down we do a

SMB_ASSERT(num_group_sids > 0);

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-11 16:11:08 +01:00
Volker Lendecke
05cec933bd smbd: Simplify create_token_from_sid()
With the previous commit all 3 branches do the same

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-11 16:11:08 +01:00
Volker Lendecke
64a0724c6e smbd: Streamline the gids handling in create_token_from_sid()
Usually, I'm all for avoiding talloc. But in this case I believe that this
routine is complex enough to justify this change. For an hour or so I suspect
that the winbind case had an uninitialized "*gid" until I discovered the
sid_to_gid(). This makes it more obvious that *gid is assigned.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-11 16:11:08 +01:00
Volker Lendecke
785b5f698f smbd: Put a variable definition closer to its use
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-11 16:11:08 +01:00
Volker Lendecke
2b3a2b0674 lib: Avoid a malloc/realloc in getgroups_unix_user
This avoids a malloc/free in the most common case of a user with just a few
group memberships

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-11 16:11:08 +01:00
Volker Lendecke
4cbc9369fb lib: Fix whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-11 16:11:07 +01:00
Volker Lendecke
b3bbc4f6a7 smbcontrol: Simplify do_winbind_offline
This saves 128 bytes of .text on x86-64 with -O3. No idea why...

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2015-03-10 21:48:04 +01:00
Matthew Newton
83cfb84b78 Use global context for winbindd_request_response
Updating API call in libwbclient, wbinfo, ntlm_auth and
winbind_nss_* as per previous commit to wb_common.c.

Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-10 00:50:09 +01:00
David Disseldorp
b0e5a4ebde s3/smbd: fix FSCTL_SET_SPARSE permission checks
On Windows servers (tested against Windows Server 2008 & 2012) the
FSCTL_SET_SPARSE ioctl is processed if FILE_WRITE_DATA,
FILE_WRITE_ATTRIBUTES _or_ SEC_FILE_APPEND_DATA permissions are granted
on the open file-handle.
Fix Samba such that it matches this behaviour, rather than only checking
for FILE_WRITE_DATA or FILE_WRITE_ATTRIBUTES.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-09 21:27:08 +01:00
David Disseldorp
43e581188a s3/statvfs: expose FILE_SUPPORTS_SPARSE_FILES capability
Samba now supports:
- FSCTL_SET_SPARSE
- FSCTL_SET_ZERO_DATA, via FALLOC_FL_PUNCH_HOLE
- FSCTL_QUERY_ALLOCATED_RANGES, via SEEK_DATA/SEEK_HOLE

As such, flag support for sparse files, via the
FILE_SUPPORTS_SPARSE_FILES capability flag if FALLOC_FL_PUNCH_HOLE and
SEEK_DATA/SEEK_HOLE are present at configure time.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-09 21:27:07 +01:00
David Disseldorp
29531c5592 smbd/ioctl: add FSCTL_QUERY_ALLOCATED_RANGES support
This change implements support for FSCTL_QUERY_ALLOCATED_RANGES using
the SEEK_HOLE/SEEK_DATA functionality of lseek().

Files marked non-sparse are always reported by the ioctl as fully
allocated, regardless of any potential "strict allocate = no" savings.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-09 21:27:07 +01:00
David Disseldorp
76fff2befe build: check for SEEK_HOLE and SEEK_DATA support
SEEK_HOLE and SEEK_DATA will be used in the implementation of
FSCTL_QUERY_ALLOCATED_RANGES support.

"SEEK_DATA and SEEK_HOLE are nonstandard extensions also present
 in Solaris, FreeBSD, and DragonFly BSD; they are proposed for
 inclusion in the next POSIX revision (Issue 8)."

With Linux they are supported on:
-  Btrfs (since Linux 3.1)
-  OCFS (since Linux 3.2)
-  XFS (since Linux 3.5)
-  ext4 (since Linux 3.8)
-  tmpfs (since Linux 3.8)

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-09 21:27:07 +01:00
David Disseldorp
1359e85932 smbd/ioctl: add FSCTL_SET_ZERO_DATA support
FSCTL_SET_ZERO_DATA can be used in two ways.
- When requested against a file marked as sparse, it provides a
  mechanism for requesting that the server deallocate the underlying
  disk space for the corresponding zeroed range.
- When requested against a non-sparse file, it indicates that the server
  should allocate and zero the corresponding range.

Both use cases can be handled in Samba using fallocate(). The Linux
specific FALLOC_FL_PUNCH_HOLE flag can be used to deallocate the
underlying disk space. After doing so, a normal fallocate() call can
be used to ensure that the zeroed range is allocated on non-sparse
files.

FSCTL_SET_ZERO_DATA requests must not result in a change to the file
size. The FSCTL_SET_ZERO_DATA handler always calls fallocate() with the
KEEP_SIZE flag set, ensuring that Samba meets this requirement.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-09 21:27:07 +01:00
David Disseldorp
47f15b14ae system: add hole punch support to sys_fallocate()
If Samba is configured with FALLOC_FL_PUNCH_HOLE support, then allow
sys_fallocate() to propogate the flag to syscall invocation.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-09 21:27:07 +01:00
David Disseldorp
762f9cbe60 build: check for fallocate hole-punch support
Add a configure time check for the FALLOC_FL_PUNCH_HOLE Linux specific
fallocate() flag. It's been around since 2.6.38.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-09 21:27:07 +01:00
David Disseldorp
12c0b6bf40 s3/vfs: change fallocate mode flags from enum->uint32_t
The Linux fallocate syscall offers a mode parameter which can take the
following flags:
FALLOC_FL_KEEP_SIZE
FALLOC_FL_PUNCH_HOLE (since 2.6.38)
FALLOC_FL_COLLAPSE_RANGE (since 3.15)
FALLOC_FL_ZERO_RANGE (since 3.14)

The flags are not exclusive, e.g. FALLOC_FL_PUNCH_HOLE must be specified
alongside FALLOC_FL_KEEP_SIZE.

Samba currently takes a vfs_fallocate_mode enum parameter for the VFS
fallocate hook, taking either an EXTEND_SIZE or KEEP_SIZE value. This
commit changes the fallocate hook such that it accepts a uint32_t flags
parameter, in preparation for PUNCH_HOLE and ZERO_RANGE support.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-09 21:27:07 +01:00
David Disseldorp
3787119eb8 lib/system: remove useless HAVE_LINUX_FALLOCATE64 logic
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-09 21:27:07 +01:00
Michael Adam
f5d0204bfa s3-winbind: Fix chached user group lookup of trusted domains.
If a user group lookup has aleady been done before with a machine
account we did always return the incomplete information from the cache.
This patch makes sure we return the correct group information from the
netsamlogon cache.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11143

Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Mar  9 19:23:25 CET 2015 on sn-devel-104
2015-03-09 19:23:25 +01:00
Volker Lendecke
5ba377f3df winbind: Make wb_sids2xids_recv work on an array
The trigger for this is that Coverity got confused by the dual use of &xid
as an array with the implicit length equality between wb_sids2xids_send
and the array passed in to wb_sids2xids_recv for the result.

I don't want to start doing things just for the Coverity scan, but this
makes the code clearer to me by removing this implicit expected array
length equality.

Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Mar  7 15:28:59 CET 2015 on sn-devel-104
2015-03-07 15:28:59 +01:00
Volker Lendecke
91ff65b2f6 vfs_fruit: Fix CID 1273290 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Mar  6 23:56:36 CET 2015 on sn-devel-104
2015-03-06 23:56:36 +01:00
Stefan Metzmacher
b9f9869d1b s3:smbprofile: profile the system and user space cpu time
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-03-06 12:31:10 +01:00
Volker Lendecke
74a16a1094 s3:smbprofile: Replace sysv shmem with tdb
What?

This patch gets rid of the central shared memory segment referenced by
"profile_p". Instead, every smbd gets a static profile_area where it collects
profiling data. Once a second, every smbd writes this profiling data into a
record of its own in a "smbprofile.tdb". smbstatus -P does a tdb_traverse on this
database and sums up what it finds.

Why?

At least in my perception sysv IPC has not the best reputation on earth. The
code before this patch uses shmat(). Samba ages ago has developed a good
abstraction of shared memory: It's called tdb.

The main reason why I started this is that I have a request to become
more flexible with profiling data. Samba should be able to collect data
per share or per user, something which is almost impossible to do with
a fixed structure. My idea is to for example install a profile area per
share and every second marshall this into one tdb record indexed by share
name. smbstatus -P would then also collect the data and either aggregate
them or put them into individual per-share statistics. This flexibility
in the data model is not really possible with one fixed structure.

But isn't it slow?

Well, I don't think so. I can't really prove it, but I do believe that on large
boxes atomically incrementing a shared memory value for every SMB does show up
due to NUMA effects. With this patch the hot code path is completely
process-local. Once a second every smbd writes into a central tdb, this of
course does atomic operations. But it's once a second, not on every SMB2 read.

There's two places where I would like to improve things: With the current code
all smbds wake up once a second. With 10,000 potentially idle smbds this will
become noticable. That's why the current only starts the timer when something has
changed.

The second place is the tdb traverse: Right now traverse is blocking in the
sense that when it has to switch hash chains it will block. With mutexes, this
means a syscall. I have a traverse light in mind that works as follows: It
assumes a locked hash chain and then walks the complete chain in one run
without unlocking in between. This way the caller can do nonblocking locks in
the first round and only do blocking locks in a second round. Also, a lot of
syscall overhead will vanish. This way smbstatus -P will have almost zero
impact on normal operations.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-03-06 12:31:10 +01:00
Stefan Metzmacher
5fa692b4aa s3:smbprofile: specify SMBPROFILE_STATS_SECTION_START() with name vs. display[name]
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-03-06 12:31:10 +01:00
Volker Lendecke
bccf5c9a7b perfcount: Fix CID 1035494 Out-of-bounds read
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>

Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Thu Mar  5 18:28:44 CET 2015 on sn-devel-104
2015-03-05 18:28:44 +01:00
Volker Lendecke
819d4b4bcd perfcount: Fix CID 1035493 Out-of-bounds read
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2015-03-05 15:59:12 +01:00
Volker Lendecke
bd3b2c3d9b perfcount: Fix CID 1035492 Out-of-bounds read
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2015-03-05 15:59:11 +01:00
Volker Lendecke
5968310060 perfcount: Fix CID 1274043 Division or modulo by zero
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
2015-03-05 15:59:11 +01:00
Björn Jacke
fb86aa86ae printing: increse log level for unreachable cups servers
this annoying messages hitting the logs very often on non-cups servers by
default in log level 0 otherwise.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11133

Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Thu Mar  5 14:38:42 CET 2015 on sn-devel-104
2015-03-05 14:38:42 +01:00
Volker Lendecke
15a702accf rpc_server: Fix CID 1273433 Unused value
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar  4 23:29:01 CET 2015 on sn-devel-104
2015-03-04 23:29:01 +01:00
Volker Lendecke
40a317f092 rpc_server: Fix CID 1035535 Uninitialized scalar variable
I believe this can't happen, but better be safe than sorry

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Mar  4 17:14:53 CET 2015 on sn-devel-104
2015-03-04 17:14:53 +01:00
Volker Lendecke
8f7bdc8194 rpc_server: Fix CID 1035534 Uninitialized scalar variable
I believe this can't happen, but better be safe than sorry

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:08 +01:00
Volker Lendecke
8e195fb52e winbind: Fix CID 1273294 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:07 +01:00
Volker Lendecke
25928b1bcc winbind: Fix CID 1273295 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:07 +01:00
Volker Lendecke
706770d7a8 libads: Fix CID 1273305 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:07 +01:00
Volker Lendecke
4a686c5b0b libads: Fix CID 1273306 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:07 +01:00
Volker Lendecke
11a71d5621 lib: Fix CID 1273292 Uninitialized pointer read
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:07 +01:00
Volker Lendecke
f5c8e489ad lib: Fix CID 1273056 Negative array index read
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:07 +01:00
Volker Lendecke
6fdbf8de87 lib: Fix CID 1128561 Pointer to local outside scope
This is not strictly a bug, but it is confusing enough to justify a small patch
I guess.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:07 +01:00
Volker Lendecke
569c8700d6 Fix whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:07 +01:00
Volker Lendecke
4dd7c84167 lib: Fix CID 1128552 Buffer not null terminated
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:07 +01:00
Volker Lendecke
78fb663d4c smbd: Fix CID 1273088 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-03-03 17:34:39 +01:00
Volker Lendecke
ddb84ef2d3 aio_fork: Fix CID 1273291 Uninitialized scalar variable
The previous code left msg.msg_flags uninitialized

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-03-03 17:34:38 +01:00
Volker Lendecke
38628b1e32 Fix the O3 developer build
Different gcc versions complain at different places

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Mar  3 13:14:53 CET 2015 on sn-devel-104
2015-03-03 13:14:53 +01:00
Volker Lendecke
b3385f74db smbd: Make SMB3 clients use encryption with "smb encrypt = auto"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Mar  3 10:40:42 CET 2015 on sn-devel-104
2015-03-03 10:40:42 +01:00
Christof Schmitt
3c2cf5e0d6 gpfs: Add include guard to gpfswrap.h
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>

Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Tue Mar  3 01:01:25 CET 2015 on sn-devel-104
2015-03-03 01:01:24 +01:00
Christof Schmitt
a11fed1671 gpfs: Rename library wrapper to gpfswrap
The code in gpfs.c and vfs_gpfs.h now only wraps the gpfs library.
Rename the files to gpfswrap to make it clear that this is the only
purpose of that file.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
b765b17fea gpfs: Update file headers
Update file headers to reflect the new code organization and reformat
for consistency.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
5e022bc339 gpfs: Remove unncessary includes from gpfs.c
replace.h provides everything that is required (errno and ENOSYS).

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
d93767fe8f gpfs: Move DBGC_CLASS definition below includes
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
b69957d65d gpfs: Include gpfs_fcntl.h only from vfs_gpfs header file
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
f508f273b2 gpfs: Move definition of GPFS_GETACL_NATIVE to vfs_gpfs.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
38a89f23f1 gpfs: Move smbd_gpfs_set_times_path to vfs_gpfs.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
a5ca63b266 gpfs: Move get_gpfs_fset_id to vfs_gpfs.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
a36c46d9db gpfs: Move get_gpfs_quota to vfs_gpfs.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
9948163a64 gpfs: Move set_gpfs_lease to vfs_gpfs.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
f9629aee81 gpfs: Move set_gpfs_sharemode to vfs_gpfs.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
26991065f2 gpfs: Introduce wrapper for gpfs_getfilesetid
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
e30d501217 gpfs: Introduce wrapper for gpfs_fcntl
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
c4f1f3b253 gpfs: Introduce wrapper for gpfs_quotactl
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
1907a88a6d gpfs: Introduce wrapper for gpfs_set_times_path
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
db01831082 gpfs: Rename wrapper for gpfs_lib_init
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
eefb916192 gpfs: Rename wrapper for gpfs_ftruncate
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
15c2b3a825 gpfs: Rename wrapper for gpfs_prealloc
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
4d57c20ba8 gpfs: Rename wrapper for gpfs_get_winattrs
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
2cecf08298 gpfs: Rename wrapper for gpfs_get_winattrs_path
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
e9e87d456a gpfs: Rename wrapper for gpfs_set_winattrs_path
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
fdd6078ddd gpfs: Rename wrapper for gpfs_get_realfilename_path
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:08 +01:00
Christof Schmitt
5fa1ee8b7b gpfs: Rename wrapper for gpfs_putacl
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:07 +01:00
Christof Schmitt
d266ad1e4b gpfs: Rename wrapper for gpfs_getacl
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:07 +01:00
Christof Schmitt
193b5dd143 gpfs: Introduce wrapper for gpfs_set_lease
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:07 +01:00
Christof Schmitt
5fb2568d5b gpfs: Introduce wrapper for gpfs_set_share
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:07 +01:00
Christof Schmitt
ca69d43dfd gpfs: Simplify initialization for gpfs library wrapper
Merge the code for initializing the function pointers in one function.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:07 +01:00
Christof Schmitt
4a89e8452e gpfs: Remove search for libgpfs_gpl.so
Similar to the header files, libgpfs_gpl.so no longer exists. The
library is now always called libgpfs.so.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:07 +01:00
Christof Schmitt
f826c86bf1 gpfs: Look for gpfs header files also in /usr/lpp/mmfs/include/
That is the default directory for the gpfs header files.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:07 +01:00
Christof Schmitt
1264a4efd9 gpfs: Always use gpfs_fcntl.h headerfile
gpfs_gpl.h no longer exists, everything from that header file has been
merged to gpfs.h. gpfs_fcntl.h implicitly includes gpfs.h. Simplify the
code by only looking for gpfs_fcntl.h and including that file.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-03-02 22:31:07 +01:00
Michael Adam
f5a0ccc228 selftest: re-enable nsswrapper integration testing for dc and member environments.
There are some failures:

- The dc environment fails consistently due to duplicate uid,
  (for the calling user and the domain administrator).
  ==> Marked as knownfail.

- The s3member environment only fails under very strange
  circumstances:
  - one needs to run the unix.whoami test in the
    member and s3member environment for the local.nss
    test to fail in the s3member:local env. The failure
    is then related to builtin administrators sharing
    a gid with a different group.
    --> This is really really strange!!!
    ==> Marked as knownfail.

Pair-Programmed-With: Guenther Deschner <gd@samba.org>

Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Mar  2 19:50:55 CET 2015 on sn-devel-104
2015-03-02 19:50:55 +01:00
Robin McCorkell
13c9774662 MSDFS referral shuffling
Shuffle MSDFS referral list in smbd in accordance with [MS-DFSC] 3.2.1.1
When parsing an MSDFS symlink, the names are shuffled with a Fisher-Yates
algorithm.

Signed-off-by: Robin McCorkell <rmccorkell@karoshi.org.uk>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-27 22:53:06 +01:00
Volker Lendecke
200d0bc3a8 winbind: Slightly simplify wb_sids2xids
We only needs "names" and "domains" wb_sids2xids_lookupsids_done. It confused
me when reading this code that these variables are stored in "state".

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-27 22:53:06 +01:00
Volker Lendecke
c6577f3043 lib: Fix talloc hierarchy in init_lsa_ref_domain_list
The sid is copied, so the name should also be copied.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-27 22:53:06 +01:00
Volker Lendecke
9750eb7bab libsmb: Make "ip_service_compare" static
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 27 06:20:58 CET 2015 on sn-devel-104
2015-02-27 06:20:58 +01:00
Volker Lendecke
1cb753ae4e winbind: Simplify winbindd_dsgetdcname_recv
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 27 01:16:10 CET 2015 on sn-devel-104
2015-02-27 01:16:10 +01:00
Volker Lendecke
3ec06454e1 vfs_catia: Simplify init_mappings()
No else required after return

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 26 21:22:30 CET 2015 on sn-devel-104
2015-02-26 21:22:30 +01:00
Volker Lendecke
f2f9acc113 smbd: Simplify ReadDirName
In the if-branches we return, so no "else" necessary

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-26 18:51:10 +01:00
Volker Lendecke
4cdbf81243 smbd: ZERO_STRUCT -> struct init
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-26 18:51:10 +01:00
Volker Lendecke
6ed53d4967 smbd: ZERO_STRUCT -> struct assignment
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-26 18:51:10 +01:00
Volker Lendecke
09c00923ba smbd: ZERO_STRUCT -> struct assignment
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-26 18:51:10 +01:00
Volker Lendecke
9e810b2fbe smbd: ZERO_STRUCTP -> talloc_zero()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-26 18:51:10 +01:00
Volker Lendecke
3e9e5e6d6f registry: Fix an aligment increase warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 26 05:35:33 CET 2015 on sn-devel-104
2015-02-26 05:35:33 +01:00
Volker Lendecke
53486f00e9 smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-26 03:02:07 +01:00
Volker Lendecke
a99a5a34a5 Fix the developer O3 build
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Feb 25 16:32:29 CET 2015 on sn-devel-104
2015-02-25 16:32:29 +01:00
Andreas Schneider
f6b929e721 s3-pam_smbpass: Add a deprecation warning.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 25 03:37:34 CET 2015 on sn-devel-104
2015-02-25 03:37:34 +01:00
Volker Lendecke
cab45cb765 smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-24 17:52:09 +01:00
Volker Lendecke
ce9ae131fe smb2_server: Use iov_advance
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-24 17:52:09 +01:00
Volker Lendecke
1c2562e691 smb2_server: Add range checking to nbt_length
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-24 17:52:09 +01:00
Volker Lendecke
a610336886 lib: Move "iov_buf.[ch]" to lib/util
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-24 17:52:08 +01:00
Andreas Schneider
84d4270c8e nmblookup: Warn user if netbios name is too long.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 24 01:01:10 CET 2015 on sn-devel-104
2015-02-24 01:01:10 +01:00
Andreas Schneider
a5e3a198d0 libsmb: Do not lookup invalid netbios names.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-23 22:32:48 +01:00
Jeremy Allison
eb05766a8c Revert "s3: smbd: signing. Ensure we respond correctly to an SMB2 negprot with SMB2_NEGOTIATE_SIGNING_REQUIRED."
Even though the MS-SMB2 spec says so, Windows doesn't behave
like this.

This reverts commit 1cea6e5b6f.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org>
2015-02-23 22:32:48 +01:00
Andreas Schneider
6e5debf33b torture: Add netr_setPassword(2) schannel test.
Thanks to Florian Weimer <fweimer@redhat.com> for the help to write
this torture test.

Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Feb 23 20:01:01 CET 2015 on sn-devel-104
2015-02-23 20:01:01 +01:00
Andreas Schneider
bb41484509 s3-netlogon: Make sure we do not deference a NULL pointer.
This is an additional patch for CVE-2015-0240.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11077#c32

Pair-Programmed-With: Michael Adam <obnox@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-02-23 17:33:07 +01:00
Jeremy Allison
28f10a89e6 CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11077

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-23 17:33:07 +01:00
Jeremy Allison
a6008b2de7 s3: smbd: SMB2 close. If a file has delete on close, store the return info before deleting.
If we delete the file on close, the stat after the close
will fail so we fail to return the attributes requested.

Bug 11104 - SMB2/SMB3 close response does not include attributes when requested.

https://bugzilla.samba.org/show_bug.cgi?id=11104

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Steve French <sfrench@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 20 20:54:18 CET 2015 on sn-devel-104
2015-02-20 20:54:18 +01:00
Jeremy Allison
4a8c6988e3 s3: smbd: SMB2 close. Call utility function setup_close_full_information()
Replaces existing inline code.

Bug 11104 - SMB2/SMB3 close response does not include attributes when requested.

https://bugzilla.samba.org/show_bug.cgi?id=11104

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Steve French <sfrench@samba.org>
2015-02-20 18:25:06 +01:00
Jeremy Allison
2ccfdf760e s3: smbd: SMB2 close. Add utility function setup_close_full_information()
Not yet used.

Bug 11104 - SMB2/SMB3 close response does not include attributes when requested.

https://bugzilla.samba.org/show_bug.cgi?id=11104

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Steve French <sfrench@samba.org>
2015-02-20 18:25:06 +01:00
Jeremy Allison
cec2a38e97 s3: smbd: leases - losen paranoia check. Stat opens can grant leases.
https://bugzilla.samba.org/show_bug.cgi?id=11102

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-02-19 20:42:07 +01:00
Jeremy Allison
2d3db5e793 s3: smbd: leases - new torture test shows stat opens can get leases.
Can also issue breaks on these leases.

https://bugzilla.samba.org/show_bug.cgi?id=11102

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2015-02-19 20:42:07 +01:00
Jeremy Allison
1cea6e5b6f s3: smbd: signing. Ensure we respond correctly to an SMB2 negprot with SMB2_NEGOTIATE_SIGNING_REQUIRED.
Bug 11103:  - Samba does not set the required flags in the SMB2/SMB3 Negotiate Protocol Response when signing required by client

https://bugzilla.samba.org/show_bug.cgi?id=11103

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Steve French <smfrench@gmail.com>
2015-02-19 20:42:07 +01:00
Christof Schmitt
7a46156569 regedit: Rename variable to fix compile warning
With --picky-developer this warning is turned into an error:

cc1: warnings being treated as errors
../source3/utils/regedit_treeview.c: In function ‘tree_node_load_children’:
../source3/utils/regedit_treeview.c:256: error: declaration of ‘key_name’ shadows a global declaration
/usr/include/ncurses.h:1419: error: shadowed declaration is here

Fix this by renaming the local variable.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 19 01:31:44 CET 2015 on sn-devel-104
2015-02-19 01:31:43 +01:00
David Disseldorp
693ba266c7 s3/vfs: bump interface version number to 33
The SMB_VFS_DISK_FREE() small_query parameter removal cleanup will not
be merged for Samba 4.2, so the master SMB_VFS_INTERFACE_VERSION number
should be bumped above what's currently present in the 4.2 branch.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-18 23:03:11 +01:00
Andreas Schneider
a4157e7c5d spoolss: retrieve published printer GUID if not in registry
When a printer is published, the GUID for the published DN is retrieved
from the domain controller and stored in the registry.
When handling a spoolss GetPrinter(level=7) request, the same GUID is
obtained from the registry and returned to the client.

This change sees the spoolss server query the DC for the published
printer GUID if it is not present in the registry when handling a
spoolss GetPrinter(level=7) request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11018

Pair-Programmed-With: David Disseldorp <ddiss@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Feb 18 12:43:44 CET 2015 on sn-devel-104
2015-02-18 12:43:44 +01:00
Andreas Schneider
6595ced146 printing: rework nt_printer_guid_store to return errors
Callers can now choose whether or not to ignore errors.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11018

Pair-programmed-with: David Disseldorp <ddiss@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-02-18 10:14:09 +01:00
David Disseldorp
38dbd054dc printing: add nt_printer_guid_retrieve() helper
This function connects to the domain controller and retrieves the
GUID for the corresponding printer DN.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11018

Pair-programmed-with: Andreas Schneider <asn@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-02-18 10:14:09 +01:00
David Disseldorp
7cabd89789 printing: split out printer DN and GUID retrieval
This functions are used for printer publishing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11018

Pair-programmed-with: Andreas Schneider <asn@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-02-18 10:14:09 +01:00
Robin Hack
bcbdc74b26 rpcclient: Fix and enhance rpcclient output
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11085

When rpcclient is called like:
$ rpcclient -c "getdata . Osversion"
at end of output is added one nonsense line
OsVersion: Osversion:

This patch removes this line and adds more human friendly ouput:
OsMajor: num
OsMinor: num
OsBuild: num

for OsVersion query.

For OsVersionEx two more lines are added:
OsMajor: num
OsMinor: num
OsBuild: num
ServicePackMajor: num
ServicePackMinor: num

Signed-off-by: Robin Hack <hack.robin@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-02-17 15:41:10 +01:00
David Disseldorp
41c4666a72 s3/vfs: remove unused SMB_VFS_DISK_FREE() small_query parameter
The small_query parameter for SMB_VFS_DISK_FREE() was, prior to the
previous commit, used to obtain 16-bit wide free-space information for
the deprecated dskattr SMB_COM_QUERY_INFORMATION_DISK command.

With the dskattr handler now performing the 16-bit collapse directly,
the small_query parameter can be removed from the entire code path.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 17 05:37:20 CET 2015 on sn-devel-104
2015-02-17 05:37:20 +01:00
David Disseldorp
4ab0e57f10 smbd/reply: convert free space to 16bit in dskattr handler
The deprecated Core Protocol dskattr SMB_COM_QUERY_INFORMATION_DISK
command provides free space information in the form of 16-bit words.

Until now, this has been handled by passing the dskattr specific
small_query boolean through to disk_norm() via the SMB_VFS_DISK_FREE VFS
hook. disk_norm(small_query=true) then modifies the block size and free
space values such that they fit in the 16-bit field.

This change adds the command specific logic to the dskattr handler, so
that it can be removed from the SMB_VFS_DISK_FREE()->disk_norm() code
path. In doing so, it fixes dskattr request handling against opaque VFS
backends that don't call disk_norm(), such as vfs_glusterfs.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-17 03:08:07 +01:00
Yan, Zheng
2501afe08b vfs_ceph: fix disk_free_fn callback
Free space and available space should be in unit of block size. Besides,
we should call disk_norm() to adjust the returned values.

Signed-off-by: Yan, Zheng <zyan@redhat.com>
Reviewed-by: Ira Cooper <ira@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Mon Feb 16 18:14:02 CET 2015 on sn-devel-104
2015-02-16 18:14:02 +01:00
Andrew Bartlett
eedd127c25 librpc: Move messaging.idl to the top level
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-02-16 12:15:07 +01:00
Volker Lendecke
8bc5b7369d lib: Use talloc_report_str
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:07 +01:00
Volker Lendecke
08ff9e80de messaging4: Use messages_dgm
This replaces the transport mechanism in source4 with calls to the
messages_dgm code. It is supposed to enable "smbcontrol samba pool-usage"
as an example without having to rewrite smbcontrol using the source4
based messaging subsystem.

This moves the source3 based names.tdb (which is unused so far) to the
lock directory, source4 does not have a cache directory.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:07 +01:00
Volker Lendecke
5681cca42c messaging3: Use message_hdr_[put|get]
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:07 +01:00
Volker Lendecke
d80193ca36 messaging: Define a binary format for message headers
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:07 +01:00
Volker Lendecke
f4cd1eb424 messaging3: Use messaging_dgm_ref
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:07 +01:00
Volker Lendecke
0108c2921d lib: Add messages_dgm_ref.[ch]
We only have one messaging_dgm context per process. But we will use this from
two completely independent messaging subsystems which are independently
initialized. We need to coordinate creation and destruction, do this via
talloc.

I know this looks like a step back, but when in the future we have really just
one messaging subsystem, this can go again. My immediate goal is to make
source3 and source4 transport-compatible, and this looks like a quick way
towards that goal.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:07 +01:00
Volker Lendecke
a15a4297ce messages_dgm: Make it an independent lib
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:07 +01:00
Volker Lendecke
bc986ffed2 messages_dgm: Add a few #includes
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:06 +01:00
Volker Lendecke
69f9ff7d82 unix_msg: remove cookie from unix_msg_init
"pid" and "sock" are sufficient I guess as randomizers to distinguish messages.
In theory, a pid could be recycled very quickly, which might mix up in-flight
messages. But once a few messages have passed, "cookie" would be incremented as
another indicator of a fresh message.

Why? Remove messages_dgm dependency on samba-util

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:06 +01:00
Volker Lendecke
a3efb70c87 messages_dgm: Move directory handling up
When we want to use messages_dgm in source4, we need to find better
places for the lock and socket directories. Source4 does not have the
concept of a cache directory. So I chose "private dir"/sock and "lock
dir"/msg as subdirectories.

This moves directory creation from messages_dgm.c to messages.c,
source4/lib/messaging will have its own way of doing this.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:06 +01:00
Volker Lendecke
293a602b33 messages_dgm: Only pass "unique" to messaging_dgm_init
We have only one context per pid, so messaging_dgm_init can do getpid()
itself.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-02-13 23:32:06 +01:00
Richard Sharpe
9077fc79d4 Remove an unused function call.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Feb 13 23:29:54 CET 2015 on sn-devel-104
2015-02-13 23:29:53 +01:00
Günther Deschner
37f7a177f0 s3-passdb: lift annoying debug message level.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Feb 13 15:54:18 CET 2015 on sn-devel-104
2015-02-13 15:54:17 +01:00
Christof Schmitt
618af83d1b vfs_prealloc: Remove call to gpfs_prealloc
Calling gpfs_prealloc changes the actual size of the file, and this
should not be done implicitly. Also this code does not compile due to
the missing dependency to the gpfs library. The best way solution here
is probably removing the call to gpfs_prealloc. The vfs_gpfs module
already implements the call to gpfs_prelloc when this can be done
safely.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Feb 11 02:03:09 CET 2015 on sn-devel-104
2015-02-11 02:03:08 +01:00
Volker Lendecke
627a98d095 lib: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-10 23:35:08 +01:00
Jeremy Allison
080ec0f7d9 s3: smbclient: Allinfo leaves the file handle open.
https://bugzilla.samba.org/show_bug.cgi?id=11094

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Feb 10 23:28:46 CET 2015 on sn-devel-104
2015-02-10 23:28:46 +01:00
Volker Lendecke
b3d5d0319d smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Feb 10 20:27:32 CET 2015 on sn-devel-104
2015-02-10 20:27:32 +01:00
Volker Lendecke
72f3630e3f smbd: Fix a typo
http://www.oxfordlearnersdictionaries.com/definition/english/veto_2 says it's
vetoed, not vetod

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-02-10 17:58:07 +01:00
Volker Lendecke
71214665df smbd: Make "check_veto_path" static
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-02-10 17:58:07 +01:00
Andrew Bartlett
c8c2c850d4 Update mailing list references to point at lists.samba.org
The mailing lists are on lists.samba.org, but there are many references that use the shorthand of samba.org

Some references to samba@ have been changed to samba-technical@ where this make more sense.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 10 07:08:28 CET 2015 on sn-devel-104
2015-02-10 07:08:28 +01:00
David Disseldorp
2f4998113e printing/cups: pack requested-attributes with IPP_TAG_KEYWORD
The CUPS IPP_GET_JOBS requested-attributes array indicates which job
attributes the caller would like in the cupsd response.

Until now, Samba has packed these attributes with a IPP_TAG_NAME
format tag. In recent versions of CUPS, this results in the IPP_GET_JOBS
response only including the job-id and job-printer-uri fields, even with
JobPrivateValues=none configured.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10808

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 10 01:38:58 CET 2015 on sn-devel-104
2015-02-10 01:38:57 +01:00
Michael Adam
600b40db9d gencache: don't fail gencache_stabilize if there were records to delete.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-09 23:10:11 +01:00
Volker Lendecke
4143cbac8c nfs4: Fix a confusing debug message
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Feb  9 12:25:06 CET 2015 on sn-devel-104
2015-02-09 12:25:06 +01:00
Stefan Metzmacher
8aed0fc38a s3:smb2_server: protect against integer wrap with "smb2 max credits = 65535"
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 29 14:58:40 CET 2015 on sn-devel-104
2015-01-29 14:58:40 +01:00
Stefan Metzmacher
1944c857e5 s3:smb2_server: always try to grant the credits the client just consumed
It turns out that the effective credits_requested is always at least 1,
even if the client sends credits_requested == 0.

This means the client is not able to reduce the amount of credits
itself.

Without this fix a client (e.g. Windows7) would reach the case
where it has been granted all credits it asked for.
When copying a large file with a lot of parallel requests,
all these requests have credits_requested == 0.
This means the amount of granted credits where reduced by each
request and only when the granted credits reached 0,
the server granted one credit to allow the client to go on.
The client might require more than one credit ([MS-SMB2] says
Windows clients require at least 4 credits) and freezes
with just 1 credit.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-29 12:31:07 +01:00
Richard Sharpe
b66e4bed4f Fix a couple of DEBUG statements that were copied from elsewhere. Removed the misleading function name since the DEBUG message will print out the function name anyway.
Signed-of-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Jan 25 12:58:08 CET 2015 on sn-devel-104
2015-01-25 12:58:08 +01:00
Ira Cooper
3b2d8bdbb1 vfs_glusterfs: Add comments to the pipe(2) code.
The guarantees around read(2) and write(2) and pipes are critical
to understanding this code.  Hopefully these comments will help.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 23 20:58:51 CET 2015 on sn-devel-104
2015-01-23 20:58:51 +01:00
Andreas Schneider
7afff0c52e s3-pam_smbpass: Correctly initialize variables.
This fixes a coverity warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 22 22:51:59 CET 2015 on sn-devel-104
2015-01-22 22:51:59 +01:00
Andreas Schneider
cb27bd1022 s3-pam_smbpass: Remove superfluous NULL check for pam functions.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-22 20:29:07 +01:00
Andreas Schneider
29cfa2a714 s3-pam_smbpass: Make sure PAM_MAXTRIES can be returned.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-22 20:29:07 +01:00
Andreas Schneider
016bee95e3 s3-pam_smbpass: Check the return code of secrets_init().
This fixes a coverity warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-22 20:29:07 +01:00
Andreas Schneider
bc0768c964 s3-pam_smbpass: Fix set_ctrl() return value.
This fixes a cppcheck warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-22 20:29:07 +01:00
Andreas Schneider
7bbf221cfd s3-pam_smbpass: Make sure variables are initialized.
This fixes cppcheck warnings.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-22 20:29:07 +01:00
Andreas Schneider
eb1bf816b6 s3-smbspool: Use strtol() instead of atoi().
This fixes a coverity warning.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-22 20:29:06 +01:00
Volker Lendecke
63552f1c4c winbind: Fix idmap initialization
The fix is in the sscanf line: %u in the sscanf format mandates the use of
a pointer to an "unsigned". idmap_domain->[low|high]_id are uint32_t. On
little endian 64-bit this might at least put the correct values into
low_id and high_id, but might overwrite the read_only bit set earlier,
depending on structure alignment and packing. On big endian 64-bit,
this will just fail.

Automatic conversion to uint32_t will happen only at assignment, not
when you take a pointer of such a thing.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 22 17:58:16 CET 2015 on sn-devel-104
2015-01-22 17:58:16 +01:00
Andreas Schneider
0cb9b28acb s3-pam_smbpass: Fix memory leak in pam_sm_authenticate().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11066

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-01-22 15:36:05 +01:00
Volker Lendecke
db63e4887c vfs: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jan 22 13:14:38 CET 2015 on sn-devel-104
2015-01-22 13:14:37 +01:00
Petr Viktorin
02980268e8 Remove use of the "staticforward" macro
This macro was used for compatibility with broken compilers.
Since Python 2.3, it is always defined as `static`, and only exists
"for source compatibility with old C extensions".

Signed-off-by: Petr Viktorin <pviktori@redhat.com>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2015-01-22 10:51:07 +01:00
Michael Adam
cde5d380e1 vfs:glusterfs: whitespace fix.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 22 03:20:17 CET 2015 on sn-devel-104
2015-01-22 03:20:17 +01:00
David Disseldorp
32e9d7fa22 vfs_snapper: encode and decode Snapper DBus strings
Snapper uses a special character encoding for strings used in DBus
requests and responses. This change ensures that Samba packs and unpacks
strings in the corresponding format, using the previously added
encode/decode helper functions.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11055

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-22 00:57:10 +01:00
David Disseldorp
3d48fc9673 vfs_snapper: add DBus string encoding and decoding helpers
Snapper uses the following mechanism for encoding and decoding strings
used in DBus traffic:
Characters above 127 (0x7F - ASCII DEL) must be encoded hexadecimal as
"\x??". As a consequence "\" must be encoded as "\\".

This change adds string encoding and decoding helpers to vfs_snapper.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11055

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-22 00:57:10 +01:00
David Disseldorp
f72fa6390b vfs_snapper: free dbus req messages in error paths
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11055

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-22 00:57:09 +01:00
Ira Cooper
4c3a3d9e6a vfs_glusterfs: Replace eventfd with pipes, for AIO use
Pipes clean up the AIO implementation substantially, due to the fact
that they implement a natural ithread safe queue instead of us
creating our own queue.

Signed-off-by: Ira Cooper <ira@samba.org>
Signed-off-by: Poornima G <pgurusid@redhat.com>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Wed Jan 21 20:40:11 CET 2015 on sn-devel-104
2015-01-21 20:40:10 +01:00
David Disseldorp
6da86012a2 libsmb: provide authinfo domain for encrypted session referrals
6c9de0cd05 requires this extra change.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 21 04:29:06 CET 2015 on sn-devel-104
2015-01-21 04:29:06 +01:00
David Disseldorp
6c9de0cd05 libsmb: provide authinfo domain for DFS referral auth
libsmbclient uses the smbc_init->smbc_get_auth_data_fn() provided
workgroup/domain in initial connections, but then switches to the
default smb.conf workgroup/domain when handling DFS referrals.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-19 06:48:05 +01:00
David Disseldorp
7b7d4f740f libsmb: reuse connections derived from DFS referrals
[MS-DFSC] 3.2.1.1 and 3.2.1.2 states that DFS targets with the same site
location or relative cost are placed in random order in a DFS referral
response.

libsmbclient currently resolves DFS referrals on every API call, always
using the first entry in the referral response. With random ordering,
libsmbclient may open a new server connection, rather than reuse an
existing (cached) connection established in a previous DFS referred API
call.

This change sees libsmbclient check the connection cache for any of the
DFS referral response entries before creating a new connection.

This change is based on a patch by Har Gagan Sahai
<SHarGagan@novell.com>.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10123

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-19 06:48:05 +01:00
Andreas Schneider
45829800eb utils: Fix 'net time' segfault.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058

This is part two of the bugfix. Make sure we pass the IP we found to
cli_servertime(). Hence we always pass at least one of name or IP.

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-19 06:48:05 +01:00
Michael Adam
a0a254f742 cli_connect_nb_send: don't segfault on host == NULL.
The functions called futher down can cope with host == NULL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058

This is part one of the bugfix:
This ensures that it is enough to pass one of host or address to the function.

Pair-Programmed-With: Andreas Schneider <asn@samba.org>

Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-19 06:48:05 +01:00
Ira Cooper
81464daea7 smbd: Stop using vfs_Chdir after SMB_VFS_DISCONNECT.
This sequencing is causing problems for vfs_ceph, and likely
other vfs modules.

Signed-off-by: Ira Cooper <ira@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 16 00:13:17 CET 2015 on sn-devel-104
2015-01-16 00:13:17 +01:00
Jeremy Allison
d098b6c877 s3: auth - tests: Add test for "force user" being a unix-only user, not in passdb.
https://bugzilla.samba.org/show_bug.cgi?id=11044

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jan 14 08:46:08 CET 2015 on sn-devel-104
2015-01-14 08:46:07 +01:00
Jeremy Allison
83066ed539 s3: auth: Add previously missing allocation fail check.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-01-14 06:24:06 +01:00
Jeremy Allison
60895e62fe s3: auth: Plumb in the SamInfo3_handle_sids() utility function into passwd_to_SamInfo3().
Core fix for:

https://bugzilla.samba.org/show_bug.cgi?id=11044

Based on code from Michael Zeis <mzeis.quantum@gmail.com>

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-01-14 06:24:06 +01:00
Jeremy Allison
d20b2d3972 s3: auth: Convert samu_to_SamInfo3() to use the new utility function.
Based on code from Michael Zeis <mzeis.quantum@gmail.com>

https://bugzilla.samba.org/show_bug.cgi?id=11044

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-01-14 06:24:06 +01:00
Jeremy Allison
9395243890 s3: auth: Add a utility function - SamInfo3_handle_sids() that factors out the code to handle "Unix Users" and "Unix Groups".
Based on code from Michael Zeis <mzeis.quantum@gmail.com>

https://bugzilla.samba.org/show_bug.cgi?id=11044

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-01-14 06:24:06 +01:00
Volker Lendecke
a2c1b8e076 net: Fix sam addgroupmem
Domain local groups come across as SID_TYPE_ALIAS and are sent to us in the
PAC/Info3 struct. We should allow this in net sam addgroupmem.

Volker

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Jan 13 15:28:16 CET 2015 on sn-devel-104
2015-01-13 15:28:16 +01:00
Andreas Schneider
da2611adef s3-util: Fix authentication with long hostnames.
If the hostname is longer than MAX_NETBIOSNAME_LEN we fail to correctly
check the hostname.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11008

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jan 12 23:10:30 CET 2015 on sn-devel-104
2015-01-12 23:10:30 +01:00
David Disseldorp
8365318b6d leases_db: don't leak lock_path onto talloc tos
Also check for allocation failures.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jan 12 19:22:31 CET 2015 on sn-devel-104
2015-01-12 19:22:30 +01:00
Volker Lendecke
26809d17f4 smbd: Fix a small leak on talloc_tos()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sun Jan 11 20:34:56 CET 2015 on sn-devel-104
2015-01-11 20:34:56 +01:00
Volker Lendecke
7dceb3a2df smbd: Fix an uninitialized variable read
If dbwrap_fetch_locked failed, we did a TALLOC_FREE(value). Fix this with a
talloc hierarchy.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-11 18:12:10 +01:00
Volker Lendecke
6c76c5ef93 smbd: Make talloc_report of smb_filename more readable
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-11 18:12:10 +01:00
Ralph Boehme
15511f7c51 vfs_unityed_media: VFS module for sharing AVID projects
Based on <https://code.google.com/p/vfs-unityed-media/>.

The existing VFS module media_harmony has some problems relative to Avid
media sharing:

Avid looks at the modification time of the ingest directory. Since
media_harmony has everyone using the same directory, users (or client
systems) have to somehow create "fake" directories with special names
and then media_harmony returns the mod time of those fake directories
for the different clients rather than the actual mod time of the
communal ingest directory.

To make matters worse, users then have to have a special utility or
understand how to update the modtime on these specially named
directories. Otherwise, their client system will never update the
indexes to show new media.

To make it even worse than that, Avid creates new directories on the
fly, so you can't just set this up statically at the beginning. Avid
will silently create a new directory and your reindexing problems will
start all over until you create new fake directories.

With unityed_media:

* there are no reindexes between clients

* clients don't need to know which directories have been created for
  them, it's automatic.

* clients never have to reindex other systems directories.

* unityed_media let's each client have their own directories.

* unityed_media works much more like Avid's own ISIS servers work.

A module option controls which name is appended to client specific
paths: the username, the hostname (will not work with OS X) or the
client's IP.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jan 10 04:15:04 CET 2015 on sn-devel-104
2015-01-10 04:15:04 +01:00
Volker Lendecke
f58545dbc2 lib: Simplify iov_buf
According to

https://www.securecoding.cert.org/confluence/display/seccode/INT30-C.+Ensure+that+unsigned+integer+operations+do+not+wrap

we only need to check against one operand.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan  9 23:42:49 CET 2015 on sn-devel-104
2015-01-09 23:42:49 +01:00
Volker Lendecke
0e26e0f6f6 unix_msg: Fix 80-line formatting
This is pretty fresh code, so hope this change does not fall under the "no
reformatting" rule yet

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-09 21:21:07 +01:00
Volker Lendecke
fb35a22b7a test: Fix quoting
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jan  9 17:33:31 CET 2015 on sn-devel-104
2015-01-09 17:33:31 +01:00
Günther Deschner
5deb685ecd s3-vfs: Fix developer build of vfs_ceph module.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-01-09 15:09:06 +01:00
Volker Lendecke
56e2384dfe vfs_fruit: mmap under FreeBSD needs PROT_READ
We memmove, which does read

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Böhme <rb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-08 23:38:06 +01:00
Volker Lendecke
d9c22a3af2 vfs_fruit: fix base_fsp name conversion
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-01-08 13:08:07 +01:00
Richard Sharpe
b817ce6d91 Add a script-only idmap module.
In this third version I have cleaned up some unused variable warnings that
only the Samba 3 build found and added a man page based on the idmap_tdb2
man page. I have also added support for ID_TYPE_BOTH mappings and replaced
calls to popen with something safer. Also, I removed some non-PC macros.

Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan  8 04:30:32 CET 2015 on sn-devel-104
2015-01-08 04:30:32 +01:00
Noel Power
a5d383cbd5 allow net ads join accept new osServicePack parameter
osServicePack paramater allows the default behaviour ( which is to use
the samba version string as the operatingSystemServicePack attribute )
to be overridden
Additionally make sure if blank string is passed that it is treated
as attribute deletion. This is necessary as values for the os attributes
are eventually passed to ads_modlist_add if the value is "" then the
attempt to add this attribute fails in the underlying ldap
'ldap_modfiy_ext_s' function. In this case we need to pass NULL as the
value to force deletion of the ldap attribute

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan  8 00:18:05 CET 2015 on sn-devel-104
2015-01-08 00:18:05 +01:00
Andreas Schneider
a13e29cc43 s3-libads: Fix a possible segfault in kerberos_fetch_pac().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11037

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-07 21:55:06 +01:00
Volker Lendecke
2ec910dba4 passdb: Cache output from pdb_[ug]id_to_sid
A customer complained that after upgrading to Samba 4.0 fileserver
its LDAP server was flooded with uid2sid and gid2sid request for id
0. With 4.0 we do a lot more user-space ACL checking which involves
uid2sid/gid2sid. This caches the corresponding results.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jan  7 12:00:10 CET 2015 on sn-devel-104
2015-01-07 12:00:09 +01:00
Ralph Boehme
3b1cb9385a fixup: check for NULL pointers
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-01-07 01:32:07 +01:00
Christof Schmitt
a2670f15de winbind: Retry after SESSION_EXPIRED error in ping-dc
Trying to establish a netlogon connection when the service ticket
expires might fail with NT_STATUS_NETWORK_SESSION_EXPIRED. The
underlying client code already marks the session as invalid, so retry
the netlogon connect in this case.

Signed-off-by: Christof Schmit <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan  6 02:58:57 CET 2015 on sn-devel-104
2015-01-06 02:58:57 +01:00
Volker Lendecke
0f6bf3575e smbd: Properly handle EINTR in vfs_aio_fork
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:10 +01:00
Volker Lendecke
4b1e6ae5d3 smbd: Use msghdr.[ch] in vfs_aio_fork
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:10 +01:00
Volker Lendecke
8caa866b08 lib: Use msghdr_prep_recv_fds in unix_msg
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:10 +01:00
Volker Lendecke
37af87e75e lib: Add msghdr_prep_recv_fds
This will prepare a msghdr for receiving fd's. Same pattern as before: First
get the buffer size, then fill in msghdr.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:10 +01:00
Volker Lendecke
2beae2bfbc lib: Use msghdr_extract_fds in unix_msg
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:09 +01:00
Volker Lendecke
cd46f7685b lib: Add msghdr_extract_fds
This is a copy of the extract_fd_array_from_msghdr routine in unix_msg.c, with
a similar use pattern: First call it without an output array to get the length
and then call it a second time to actually fill in the array.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:09 +01:00
Volker Lendecke
9bd7e52db0 smbd: Use msghdr_prep_fds in vfs_aio_fork
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:09 +01:00
Volker Lendecke
bd9b59ae28 lib: Use msghdr in unix_msg
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:09 +01:00
Volker Lendecke
190554c402 lib: Add msghdr.[ch]
This is a little set of routines to deal with the ugly fd-passing macros.

This patch is the first step assisting the creation of msghrds for sending fds.
Receiving fd helpers will follow later.

The basic idea behind these routines is that they fill a variable-sized buffer.
They are supposed to be called twice per msghdr preparation. First with a
0-sized NULL output buffer to calculate the required bufsize, and then a second
time filling in the buffer as such.

This does not take care of the old msg_accrights way of passing file
descriptors. CMSG/SCM_RIGHTS is standardized for quite a while now, and I
believe this intreface can be made to also take care of msg_accrights if
needed.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:09 +01:00
Volker Lendecke
98598485c3 lib: unix_dgram_msg does not need "num_fds"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:09 +01:00
Volker Lendecke
9959fc9d72 torture3: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2015-01-06 00:33:09 +01:00
Stefan Metzmacher
8a2a5986b6 s3:winbindd: improve logic to use CLDAP for a given domain.
As an AC Domain Controller we should try CLDAP for active directory domains.
E.g. FreeIPA domains doesn't provide NBT at all...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Jan  5 19:23:40 CET 2015 on sn-devel-104
2015-01-05 19:23:39 +01:00
Stefan Metzmacher
3c99260551 s3:winbindd: mark our primary as active_directory if possible
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2015-01-05 17:01:08 +01:00
Stefan Metzmacher
c594804080 s3:passdb: fix logic in pdb_set_pw_history()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10940

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jan  5 16:51:30 CET 2015 on sn-devel-104
2015-01-05 16:51:30 +01:00
Stefan Metzmacher
eda9742e3f Happy New Year 2015!
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan  1 02:47:59 CET 2015 on sn-devel-104
2015-01-01 02:47:59 +01:00
Volker Lendecke
3eda09d7eb lib: Fix a comment
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-30 00:25:08 +01:00