IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
As well as passing in a single 'str', we can now choose to pass a
collection of member DN strings.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This will be useful for testing the handling of Domain-Local groups.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
It's not an encryption type bit, so we should ignore it here.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The blob will be empty until we properly support claims.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This allows us to add claims blobs to the PAC once we have the ability
to create them.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
These functions have no need to modify the PACs passed in, and this
change permits us to operate on const PACs in the KDC.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We can't unconditionally assume (as we did in
third_party/heimdal_build/wscript_configure) that Heimdal has this type,
since we may have an older system Heimdal that lacks it. We must also
check whether krb5_pac_get_buffer() is usable with krb5_const_pac, and
declare krb5_const_pac as a non-const typedef if not.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Previously, the call to CHECK_BUNDLED_SYSTEM() in
check_system_heimdal_lib() could have us pick up MIT Kerberos headers
when we should only be using system Heimdal headers. Now, we just
perform an explicit check for the functions we require, which should
avoid any use of the MIT libraries.
We also remove some library checks for Heimdal components that we don't
use directly, restricting the checks to only the functions we need.
Finally, we no longer need to recurse into third_party/heimdal_build
when performing a system Heimdal build.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We don't need to include these any more, and removing them allows us to
simplify the build system for system Heimdal builds.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The intention of this option was to hide *files*. Before this patch we
also hide directories where new files are dropped.
This is a change in behaviour, but I think this option is niche enough
to justify not adding another parameter that we then need to test. If
workflows break with this change and people depend on directories also
to be hidden, we can still add the additional option value required.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Nov 7 22:58:33 UTC 2022 on sn-devel-184
The gnome settings were nested within a builtin
admx category, which GPME does not permit. This
was hiding the GNOME settings anytime windows
admx templates were present.
Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 4 19:09:09 UTC 2022 on sn-devel-184
waf fails to install the templates if there is a
space in the name.
Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
A function in tevent environment can span over several context loop iterations.
Every iteration 'unschedules' the current code and a different functions can
access not yet fully initialized structures.
A locking is used to avoid this. In tevent, we use tevent queues as a locking
mechanism. Every function trying to access lock protected data, puts itself to
a queue. The function must remove itself from the queue only after the complete
work is done.
A good coding practise is to lock only the smallest code path and not to use the
locking if not needed.
wb_parent_idmap_setup_send() uses queue "wb_parent_idmap_config_queue" for:
- testing if the setup is ready
- setting up all idmap domains
But "testing if the setup is ready" can be coded as an atomic operation without
needing a lock.
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 4 10:06:28 UTC 2022 on sn-devel-184
This patch implements a very simple rate limiter. It works by pausing the main
download loop whenever the bytes transferred are more than what we would get
with if it were transferred at the rate set by the user.
Please note that this may reduce the blocksize if the limit is too small.
Signed-off-by: Vasileios Porpodas <v.porpodas@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 2 22:47:10 UTC 2022 on sn-devel-184
This is an adaptation to Heimdal:
commit 133f5174820b34e2a12c3f3412bf554cae2ee22f
Author: Daria Phoebe Brashear <dariaphoebe@auristor.com>
Date: Fri Sep 16 09:57:24 2022 -0400
rewrite fallthrough to HEIM_FALLTHROUGH to deal with new Apple SDKs
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 2 05:21:29 UTC 2022 on sn-devel-184
This commit won't compile on it's own, as we need to fix the build system
to cope in the next commit.
The purpose of this commit is to update to a new lorikeet-heimdal tree
that includes the previous two patches and is rebased on a current
Heimdal master snapshot.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Heimdal's HDB plugin interface, and hence Samba's KDC that depends upon
it, doesn't work on 32-bit builds due to structure fields being arranged
in the wrong order. This problem presents itself in the form of
segmentation faults on 32-bit systems, but goes unnoticed on 64-bit
builds thanks to extra structure padding absorbing the errant fields.
This commit reorders the HDB plugin structure fields to prevent crashes
and introduces a common macro to ensure every plugin presents a
consistent interface.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15110
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Heimdal commit c6a46f0c96dde73ef4f3a247a1e904d4cf15aeb2 introduces test data
that triggers our LTR and RTL detection code.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Remove knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14808
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 1 18:31:22 UTC 2022 on sn-devel-184
Add torture test to show smbc_getxattr() should return -1 on
failure, 0 on success.
Add knownfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14808
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Update documentation to match current behavior.
Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Oct 28 07:24:18 UTC 2022 on sn-devel-184
Samba has always been mapping Windows EAs to the 'user' namespace on the
POSIX side. However, in the opposite direction, the mapping would also map
other user-readable POSIX EA namespaces to Windows EAs, only stripping the
'user' namespace prefix, and passing all other EA names verbatim.
This means any POSIX EA 'other.foo' collides with 'user.other.foo' on the
Windows side, hence the mapping of non-user namespaces is unreliable.
Also, copy operations via Windows would rename an existing POSIX EA
'other.foo' in the source file to 'user.other.foo' in the destination. The
'user' namespace, however, may not be enabled on the underlying filesystem,
leading to subtle failure modes like the ones reported in eg.
<https://bugzilla.samba.org/show_bug.cgi?id=15186>
Fix the issues by restricting the mapping to the 'user' POSIX EA namespace
consistently for either direction.
Link: https://lists.samba.org/archive/samba-technical/2022-September/137634.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15186
Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
Reviewed-by: Michael Weiser <michael.weiser@atos.net>
Tested-by: Michael Weiser <michael.weiser@atos.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 27 22:14:53 UTC 2022 on sn-devel-184
https://fedoraproject.org/wiki/Changes/PortingToModernC
We define True to true from stdbool.h and the same for false. So we
don't have to do a cleanup now.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 27 19:11:30 UTC 2022 on sn-devel-184