1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

32856 Commits

Author SHA1 Message Date
Dirk Godau
6ded4f5230 drsuapi tests for DsBind with w2k8
These are marked as known_fail pending the next patch ("Extend DsBind
and DsGetDomainControllerInfo to work with w2k8").

Signed-off-by: Dirk Godau <voidswitch@gmail.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-05-26 02:44:31 +02:00
Volker Lendecke
5af28c93dc drsuapi: Improve debug in DsWriteAccountSpn
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed May 25 11:34:13 CEST 2016 on sn-devel-144
2016-05-25 11:34:13 +02:00
Volker Lendecke
e7f54a2842 samdb: Improve debugging in acl_validate_spn_value()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-05-25 07:56:19 +02:00
Uri Simchoni
b2b951d14f heimdal make kvno unisgned internally
The folks at heimdal didn't like the patch in
commit 6379737b7d and insisted
that kvno should remain unsigned internally, even though it is
encoded as signed in packets. This patch reverts some of the
unsigned->signed changes in that commit, and resolves conversion
issues - in order to be aligned with upstream Heimdal.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 24 03:00:39 CEST 2016 on sn-devel-144
2016-05-24 03:00:39 +02:00
Christian Ambach
8b3ae1bb9c s4:repl_meta_data: squelch compile warning with -O3
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri May 13 03:50:10 CEST 2016 on sn-devel-144
2016-05-13 03:50:08 +02:00
Michael Adam
33d20f93dc s4:client: fix O3 error unused result of of chdir and system
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
a7fc5e0f4d s4:torture:nbench: fix O3 error unused result of asprintf
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
ea668a28e0 s4:torture:rpc:samlogon: fix O3 error unused result of asprintf
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
080946ce91 s4:torture:basic:delete: fix O3 error unused result of asprintf
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
ef63ebdcb7 s4:torture:basic:dir: fix O3 error unused result of asprintf
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
f7256914d0 s4:torture:basic: fix O3 error unused result of write
in test_utable

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
99182346a3 s4:torture:basic:misc: fix O3 error unused result of asprintf
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
ebfbf6bc27 s4:torture:basic: fix O3 error unused result of asprintf
in run_opentest()

While fixing this, also convert to using talloc_asprintf instead.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
a6db0527cb s4:regshell: fix O3 error unused result of asprintf in reg_complete_key()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:16 +02:00
Michael Adam
2a2d990e3a s4:ntvfs: fix O3 error unused result of write error in nbench_log()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:15 +02:00
Michael Adam
93b1dac1ca s4:ntvfs: fix O3 error unused result of asprintf in cifspsx_file_utime()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:15 +02:00
Michael Adam
fa80f1a937 s4:ntvfs: fix O3 error unused result of asprintf in cifspsx_list_unix
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:15 +02:00
Michael Adam
8f4759d562 s4:ntvfs: fix O3 error unused result of asprintf in cifspsx_map_fileinfo
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:15 +02:00
Michael Adam
b64a24eb05 s4:ntvfs: fix O3 error unused result of asprintf in svfs_file_utime
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:15 +02:00
Michael Adam
8e521379d5 s4:ntvfs: fix O3 error unused result of asprintf
in svfs_map_fileinfo

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:15 +02:00
Michael Adam
2d8a3125f2 s4:registry:patchfile: fix O3 error unused result of write
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:15 +02:00
Michael Adam
c150234495 s4:libcli:resolve: fix O3 error unused result of write
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2016-05-13 00:16:15 +02:00
Garming Sam
e0acee0223 samr4: Remove talloc_asprintf leak onto mem_ctx
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11751

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-11 03:47:04 +02:00
Mantas Mikulėnas
37ef959f37 samr4: Use <SID=%s> in GetAliasMembership
As in commit 841845dea3, this avoids
quoting problems in user DN's.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11751

Signed-off-by: Mantas Mikulėnas <grawity@gmail.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-11 03:47:04 +02:00
Andrew Bartlett
bcace463b9 selftest: Include a few more details in selftest and samba startup.
This helps us understand failure modes in selftest

Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2016-05-10 01:43:14 +02:00
Andrew Bartlett
9084dae5aa repl_meta_data: Explain why time(NULL) is good enough here
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2016-05-10 01:43:14 +02:00
Douglas Bagnall
891abcf78f source4/registry/local: avoid str_list_length() to check first element
We don't need to walk to the end of the list to find out if the first
one is NULL.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-10 01:43:14 +02:00
Douglas Bagnall
8a3c9056bd dsdb schema_query: reduce calls to str_list_length
We were calling str_list_length(new_attrs) three times when one is
enough.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-10 01:43:14 +02:00
Douglas Bagnall
dfa9a5c928 dsdb/common/util: be careful about zero length string lists
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-10 01:43:14 +02:00
Douglas Bagnall
cc6ed8f126 dsdb/common/util: remove some unnecessary str_list_length()s
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-10 01:43:14 +02:00
Douglas Bagnall
6bb577f254 source4/param/pyparam.c: fix strange indentation
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-10 01:43:14 +02:00
Andrew Bartlett
e822b31238 dsdb: Improve debug messages in operational module
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2016-05-10 01:43:14 +02:00
Andrew Bartlett
d6cebedc01 dsdb: Clarify rename handling as to which record is being renamed
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2016-05-10 01:43:14 +02:00
Uri Simchoni
6379737b7d heimdal: encode/decode kvno as signed integer
This patch changes the encoding/decoding of kvno (key version number)
in blobs and packets to signed integer, for compatibility with Windows.
Reportedly, MIT Kerberos does the same.

This patch effectively reverts commit 1124c4872dfb81bec9c4b527b8927ca35e39a599
in the heimdal tree.

According to the Kerberos spec (RFC 4120 5.2.9), the kvno field
in encrypted data object is an unsigned integer that fits in
32 bits. The Heimdal Kerberos component bundled with Samba
conforms to this. However, Windows deviates from the standard
and encodes kvno as a signed integer, and this creates
interoperability issues.

ASN.1 DER has no special encoding for unsigned integer. A 32-bit
unsigned integer is encoded as a signed integer, so while a signed
32-bit integer (covering the range of -0x80000000..0x7fffffff) is
encoded using up to 4 bytes, an unsigned integer (covering
0..0xffffffff) could require 5 bytes.

Normally, kvno for a given account starts at 1 and increments on
password changes. Kerberos defined this as unsigned because there's
no meaning for negative version numbers, so the standard writers figured
4 billion versions is better than 2 billion. It was not
expected for a kvno to really go past 0x7fffffff and the disctinction
usually does not matter. However, RODCs use kvnos which
have the most-significant bit set.

In Active Directory, RODCs have a private secret for the krbtgt,
because the assumption is that the RODC is less secure, and
recovering the domain krbtgt secret from the RODC would compromise
the security of the entire domain. The kvno field is being used
to identify the private krbtgt account that owns the key - the
upper 16 bits are the RODC id, and the lower 16 bits identify
the key version number for this specific RODC. It's common to
have an RODC id greater than 0x8000, and therefore to have a
kvno larger than 0x7fffffff, which would be DER-encoded using
5 bytes.

Windows encodes kvno as signed integer - basically taking the
32 bits and treating them as a signed integer rather than an
unsigned integer. This means that in Windows a kvno can
always be encoded using 4 bytes, and Windows DCs reject a kvno
encoded using more than 4 bytes without even generating an error
response (the DC assumes it's an attack).

Heimdal re-encodes the TGT when it creates a TGS request. Obviously
it cannot decode and encode the encrypted parts but it does re-encode
the plain parts, which include the kvno. That leads to a 5-byte
kvno in the TGS request, which is rejected without an error
response.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11900

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat May  7 21:14:21 CEST 2016 on sn-devel-144
2016-05-07 21:14:21 +02:00
Garming Sam
38e08d7174 typo: mplementation => implementation
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2016-05-06 05:03:16 +02:00
Volker Lendecke
93b982faad lib: Give base64.c its own .h
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-05-04 01:28:23 +02:00
Volker Lendecke
cf5a81013d lib: Make callers of base64_encode_data_blob check for success
Quite a few callers already did check for !=NULL. With the current code this is
pointless due to a SMB_ASSERT in base64_encode_data_blob() itself. Make the
callers consistently check, so that we can remove SMB_ASSERT from base64.c.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-05-04 01:28:23 +02:00
Douglas Bagnall
81f4e5383f VLV: test using restrictive expressions
This tests what happens with the VLV if the results are subject to
an expression.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03 08:10:10 +02:00
Douglas Bagnall
b59b22a117 VLV: handle empty results correctly
The VLV was wrongly returning an operations error when the list of
results was empty.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03 08:10:10 +02:00
Douglas Bagnall
34d2bfe5de VLV: initialise struct using names for clarity
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03 08:10:10 +02:00
Garming Sam
61f1eaf0b4 tests/dns_forwarder: remove statically defined IPs
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03 08:10:09 +02:00
Garming Sam
3b2f9f8756 tests/dns_forwarder: Add testing for DNS forwarding
The new tests show that single and multiple forwarders work as expected.
They also describe the behaviour encountered when the DNS server
encounters a CNAME from a forwarded request (which is not to pursue any
further).

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2016-05-03 08:10:09 +02:00
Garming Sam
5caebde11d dns: modify dns forwarder param to be multi-valued
This allows a secondary DNS forwarder for a trivial failover. Requests
which fail/timeout at the primary DNS forwarder will be restarted
entirely with the next forwarder in the list.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03 08:10:09 +02:00
Garming Sam
ac4dd94e3f dnsserver: Remove C++ style comment
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03 08:10:09 +02:00
Stefan Metzmacher
d247dceaaa s4:auth_anonymous: anonymous authentication doesn't allow a password
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
8704958fb3 s4:gensec_tstream: allow wrapped messages up to a size of 0xfffffff
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11872

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:15 +02:00
Robin Hack
51f221c86e dcesrv_backupkey_heimdal: Fix CID 1321647 - Unchecked return value
Unchecked return value of gnutls_global_init().

Signed-off-by: Robin Hack <hack.robin@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-26 22:48:22 +02:00
Robin Hack
9a7a38a6dd lib/http/http_auth: Fix CID 1273428 - Unchecked return value
There is missing check of status value in
http_auth.c:http_create_auth_request() which can leave values
inside 'DATA_BLOB in' unitialized.

http_auth.c:http_create_auth_request() calls
http_auth.c:http_parse_auth_response() which can return NT_STATUS_NOT_SUPPORTED
and which is not checked by caller and later passed as argument to other functions.

For example:
'DATA_BLOB in' can be passed to
auth/gensec/spnego.c:gensec_spnego_update() later:

...
switch (spnego_state->state_position) {
..
	case SPNEGO_SERVER_START:
		if (in.length) {

Signed-off-by: Robin Hack <hack.robin@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-26 22:48:22 +02:00
Noel Power
39bbd40cda fix Invalid read of size 8
running rpc.dsgetinfo.DsGetReplicaInfo results in the following valgrind
trace

==14966== Invalid read of size 8
==14966==    at 0x88B2D5D: dcerpc_binding_handle_call (binding_handle.c:538)
==14966==    by 0x978F33B: dcerpc_drsuapi_DsUnbind_r (ndr_drsuapi_c.c:319)
==14966==    by 0x2E9F19: torture_dsgetinfo_tcase_teardown (dsgetinfo.c:431)
==14966==    by 0x95536EF: internal_torture_run_test (torture.c:452)
==14966==    by 0x9553A4B: torture_run_test_restricted (torture.c:542)
==14966==    by 0x260074: run_matching (smbtorture.c:110)
==14966==    by 0x25FF36: run_matching (smbtorture.c:95)
==14966==    by 0x260195: torture_run_named_tests (smbtorture.c:143)
==14966==    by 0x261E14: main (smbtorture.c:665)
==14966==  Address 0x28 is not stack'd, malloc'd or (recently) free'd
==14966==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Apr 25 14:01:33 CEST 2016 on sn-devel-144
2016-04-25 14:01:33 +02:00
Noel Power
417a58a79f s4:torture:vfs: fix Invalid read of size 8 valgrind valgrind error (and segv)
when running smbtorture test
'vfs.fruit.SMB2/CREATE context AAPL.SMB2/CREATE context AAPL'
(on non-osx system) the following valgrind errors occur

==2419== Invalid read of size 8
==2419==    at 0x4055EA: test_aapl (fruit.c:1939)
==2419==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==2419==    by 0x955368F: internal_torture_run_test (torture.c:442)
==2419==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==2419==    by 0x26013F: run_matching (smbtorture.c:110)
==2419==    by 0x260001: run_matching (smbtorture.c:95)
==2419==    by 0x260001: run_matching (smbtorture.c:95)
==2419==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==2419==    by 0x261EDF: main (smbtorture.c:665)
==2419==  Address 0x10 is not stack'd, malloc'd or (recently) free'd
==2419==
===============================================================
INTERNAL ERROR: Signal 11 in pid 2419 (4.2.4)
Please read the Trouble-Shooting section of the Samba HOWTO
===============================================================
PANIC: internal error

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
8d998db788 s4:torture:libnet: fix 'Syscall param writev(vector[...])' valgrind error
smbtorture test  net.api.delshare.api.delshare generates the following
valgrind trace

==29209== Syscall param writev(vector[...]) points to uninitialised byte(s)
==29209==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==29209==    by 0x106CB033: writev_handler (async_sock.c:340)
==29209==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0xF673ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0x5D19325: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==29209==    by 0x88B2E0D: dcerpc_binding_handle_call (binding_handle.c:556)
==29209==    by 0xBC6B4A1: dcerpc_srvsvc_NetShareAdd_r (ndr_srvsvc_c.c:3327)
==29209==    by 0x5990D8: test_addshare (libnet_share.c:194)
==29209==    by 0x5992D5: torture_delshare (libnet_share.c:228)
==29209==    by 0x9553F62: wrap_simple_test (torture.c:632)
==29209==    by 0x955368F: internal_torture_run_test (torture.c:442)
==29209==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29209==    by 0x26013F: run_matching (smbtorture.c:110)
==29209==    by 0x260001: run_matching (smbtorture.c:95)
==29209==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==29209==    by 0x261EDF: main (smbtorture.c:665)
==29209==  Address 0x1887fd16 is 598 bytes inside a block of size 1,325 alloc'd
==29209==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==29209==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==29209==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==29209==    by 0xB0E1E6D: smb1cli_trans_send (smb1cli_trans.c:512)
==29209==    by 0xB0ED47D: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==29209==    by 0xB0EC847: tstream_smbXcli_np_writev_write_next (tstream_smbXcli_np.c:578)
==29209==    by 0xB0EC4D7: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==29209==    by 0xC259DFA: tstream_writev_send (tsocket.c:695)
==29209==    by 0xC25AD64: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==29209==    by 0xF673023: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0xF677EED: ??? (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0xF673ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==29209==    by 0x5D19325: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==29209==    by 0x88B2E0D: dcerpc_binding_handle_call (binding_handle.c:556)
==29209==    by 0xBC6B4A1: dcerpc_srvsvc_NetShareAdd_r (ndr_srvsvc_c.c:3327)
==29209==    by 0x5990D8: test_addshare (libnet_share.c:194)
==29209==    by 0x5992D5: torture_delshare (libnet_share.c:228)
==29209==    by 0x9553F62: wrap_simple_test (torture.c:632)
==29209==    by 0x955368F: internal_torture_run_test (torture.c:442)
==29209==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29209==    by 0x26013F: run_matching (smbtorture.c:110)
==29209==    by 0x260001: run_matching (smbtorture.c:95)
==29209==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==29209==    by 0x261EDF: main (smbtorture.c:665)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
0ae25fff0a s4:torture:libnet: fix 'Conditional jump or move' valgrind error
smbtorture test net.domopen.domopen generated the following valgrind
trace.

==29054== Conditional jump or move depends on uninitialised value(s)
==29054==    at 0x9788D31: libnet_DomainOpen_send (libnet_domain.c:617)
==29054==    by 0x9788E01: libnet_DomainOpen (libnet_domain.c:676)
==29054==    by 0x595F5D: test_domainopen (domain.c:41)
==29054==    by 0x5961AD: torture_domainopen (domain.c:101)
==29054==    by 0x9553F62: wrap_simple_test (torture.c:632)
==29054==    by 0x955368F: internal_torture_run_test (torture.c:442)
==29054==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29054==    by 0x26013F: run_matching (smbtorture.c:110)
==29054==    by 0x260001: run_matching (smbtorture.c:95)
==29054==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==29054==    by 0x261EDF: main (smbtorture.c:665)
==29054==
==29054== Conditional jump or move depends on uninitialised value(s)
==29054==    at 0x9788D95: libnet_DomainOpen_recv (libnet_domain.c:648)
==29054==    by 0x9788E1D: libnet_DomainOpen (libnet_domain.c:677)
==29054==    by 0x595F5D: test_domainopen (domain.c:41)
==29054==    by 0x5961AD: torture_domainopen (domain.c:101)
==29054==    by 0x9553F62: wrap_simple_test (torture.c:632)
==29054==    by 0x955368F: internal_torture_run_test (torture.c:442)
==29054==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29054==    by 0x26013F: run_matching (smbtorture.c:110)
==29054==    by 0x260001: run_matching (smbtorture.c:95)
==29054==    by 0x260260: torture_run_named_tests (smbtorture.c:143)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
ef461a3fef s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
smbtorture test smb2.streams.attributes.attributes generates the following
valgrind trace,

==17997== Use of uninitialised value of size 8
==17997==    at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==17997==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17997==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17997==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17997==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17997==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17997==    by 0x5B030F3: smb2_close_send (close.c:42)
==17997==    by 0x5B0358A: smb2_close (close.c:78)
==17997==    by 0x5B087B3: smb2_util_close (util.c:40)
==17997==    by 0x521457: test_stream_attributes (streams.c:1750)
==17997==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17997==    by 0x955368F: internal_torture_run_test (torture.c:442)
==17997==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17997==    by 0x26013F: run_matching (smbtorture.c:110)
==17997==    by 0x260001: run_matching (smbtorture.c:95)
==17997==    by 0x260001: run_matching (smbtorture.c:95)
==17997==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17997==    by 0x261EDF: main (smbtorture.c:665)
==17997==
==17997== Use of uninitialised value of size 8
==17997==    at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==17997==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17997==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17997==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17997==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17997==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17997==    by 0x5B030F3: smb2_close_send (close.c:42)
==17997==    by 0x5B0358A: smb2_close (close.c:78)
==17997==    by 0x5B087B3: smb2_util_close (util.c:40)
==17997==    by 0x521457: test_stream_attributes (streams.c:1750)
==17997==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17997==    by 0x955368F: internal_torture_run_test (torture.c:442)
==17997==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17997==    by 0x26013F: run_matching (smbtorture.c:110)
==17997==    by 0x260001: run_matching (smbtorture.c:95)
==17997==    by 0x260001: run_matching (smbtorture.c:95)
==17997==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17997==    by 0x261EDF: main (smbtorture.c:665)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
4045931f67 s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
smbtorture test smb2.streams.rename2.rename2 generates the following valgrind
trace

==17379== Use of uninitialised value of size 8
==17379==    at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==17379==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17379==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17379==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17379==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17379==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17379==    by 0x5B030F3: smb2_close_send (close.c:42)
==17379==    by 0x5B0358A: smb2_close (close.c:78)
==17379==    by 0x5B087B3: smb2_util_close (util.c:40)
==17379==    by 0x51FBA7: test_stream_rename2 (streams.c:1381)
==17379==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17379==    by 0x955368F: internal_torture_run_test (torture.c:442)
==17379==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17379==    by 0x26013F: run_matching (smbtorture.c:110)
==17379==    by 0x260001: run_matching (smbtorture.c:95)
==17379==    by 0x260001: run_matching (smbtorture.c:95)
==17379==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17379==    by 0x261EDF: main (smbtorture.c:665)
==17379==
==17379== Use of uninitialised value of size 8
==17379==    at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==17379==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17379==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17379==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17379==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17379==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17379==    by 0x5B030F3: smb2_close_send (close.c:42)
==17379==    by 0x5B0358A: smb2_close (close.c:78)
==17379==    by 0x5B087B3: smb2_util_close (util.c:40)
==17379==    by 0x51FBA7: test_stream_rename2 (streams.c:1381)
==17379==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17379==    by 0x955368F: internal_torture_run_test (torture.c:442)
==17379==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17379==    by 0x26013F: run_matching (smbtorture.c:110)
==17379==    by 0x260001: run_matching (smbtorture.c:95)
==17379==    by 0x260001: run_matching (smbtorture.c:95)
==17379==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17379==    by 0x261EDF: main (smbtorture.c:665)
==17379==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
37696e9bde s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
smbtorture test smb2.streams.names.names generated the following
valgrind trace.

(../source4/torture/smb2/streams.c:791) testing stream names
==17238== Use of uninitialised value of size 8
==17238==    at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==17238==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17238==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17238==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17238==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17238==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17238==    by 0x5B030F3: smb2_close_send (close.c:42)
==17238==    by 0x5B0358A: smb2_close (close.c:78)
==17238==    by 0x5B087B3: smb2_util_close (util.c:40)
==17238==    by 0x51E480: test_stream_names (streams.c:1053)
==17238==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17238==    by 0x955368F: internal_torture_run_test (torture.c:442)
==17238==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17238==    by 0x26013F: run_matching (smbtorture.c:110)
==17238==    by 0x260001: run_matching (smbtorture.c:95)
==17238==    by 0x260001: run_matching (smbtorture.c:95)
==17238==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17238==    by 0x261EDF: main (smbtorture.c:665)
==17238==
==17238== Use of uninitialised value of size 8
==17238==    at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==17238==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==17238==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==17238==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==17238==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==17238==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==17238==    by 0x5B030F3: smb2_close_send (close.c:42)
==17238==    by 0x5B0358A: smb2_close (close.c:78)
==17238==    by 0x5B087B3: smb2_util_close (util.c:40)
==17238==    by 0x51E480: test_stream_names (streams.c:1053)
==17238==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==17238==    by 0x955368F: internal_torture_run_test (torture.c:442)
==17238==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==17238==    by 0x26013F: run_matching (smbtorture.c:110)
==17238==    by 0x260001: run_matching (smbtorture.c:95)
==17238==    by 0x260001: run_matching (smbtorture.c:95)
==17238==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==17238==    by 0x261EDF: main (smbtorture.c:665)
==17238==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
b90f5f47dc s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
smbtorture test smb2.streams.sharemodes.sharemodes generates the following valgrind
trace

==16980== Use of uninitialised value of size 8
==16980==    at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==16980==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16980==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==16980==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==16980==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16980==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16980==    by 0x5B030F3: smb2_close_send (close.c:42)
==16980==    by 0x5B0358A: smb2_close (close.c:78)
==16980==    by 0x5B087B3: smb2_util_close (util.c:40)
==16980==    by 0x51B4F3: test_stream_sharemodes (streams.c:557)
==16980==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16980==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16980==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16980==    by 0x26013F: run_matching (smbtorture.c:110)
==16980==    by 0x260001: run_matching (smbtorture.c:95)
==16980==    by 0x260001: run_matching (smbtorture.c:95)
==16980==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16980==    by 0x261EDF: main (smbtorture.c:665)
==16980==
==16980== Use of uninitialised value of size 8
==16980==    at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16980==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16980==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==16980==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==16980==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16980==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16980==    by 0x5B030F3: smb2_close_send (close.c:42)
==16980==    by 0x5B0358A: smb2_close (close.c:78)
==16980==    by 0x5B087B3: smb2_util_close (util.c:40)
==16980==    by 0x51B4F3: test_stream_sharemodes (streams.c:557)
==16980==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16980==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16980==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16980==    by 0x26013F: run_matching (smbtorture.c:110)
==16980==    by 0x260001: run_matching (smbtorture.c:95)
==16980==    by 0x260001: run_matching (smbtorture.c:95)
==16980==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16980==    by 0x261EDF: main (smbtorture.c:665)
==16980==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
fbf476e2d3 s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
smbtorture test smb2.streams.io.io generates the following valgrind trace

==16652== Use of uninitialised value of size 8
==16652==    at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==16652==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16652==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==16652==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==16652==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16652==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16652==    by 0x5B030F3: smb2_close_send (close.c:42)
==16652==    by 0x5B0358A: smb2_close (close.c:78)
==16652==    by 0x5B087B3: smb2_util_close (util.c:40)
==16652==    by 0x51AF21: test_stream_io (streams.c:480)
==16652==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16652==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16652==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16652==    by 0x26013F: run_matching (smbtorture.c:110)
==16652==    by 0x260001: run_matching (smbtorture.c:95)
==16652==    by 0x260001: run_matching (smbtorture.c:95)
==16652==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16652==    by 0x261EDF: main (smbtorture.c:665)
==16652==
==16652== Use of uninitialised value of size 8
==16652==    at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16652==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16652==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==16652==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==16652==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16652==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16652==    by 0x5B030F3: smb2_close_send (close.c:42)
==16652==    by 0x5B0358A: smb2_close (close.c:78)
==16652==    by 0x5B087B3: smb2_util_close (util.c:40)
==16652==    by 0x51AF21: test_stream_io (streams.c:480)
==16652==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16652==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16652==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16652==    by 0x26013F: run_matching (smbtorture.c:110)
==16652==    by 0x260001: run_matching (smbtorture.c:95)
==16652==    by 0x260001: run_matching (smbtorture.c:95)
==16652==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16652==    by 0x261EDF: main (smbtorture.c:665)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
2f137a982c s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error
smbtorture test smb2.oplock.brl3.brl3 generated the following valgrind
trace

==16564== Use of uninitialised value of size 8
==16564==    at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16564==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16564==    by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16564==    by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16564==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16564==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16564==    by 0x5B078DF: smb2_lock_send (lock.c:52)
==16564==    by 0x5B07AAE: smb2_lock (lock.c:80)
==16564==    by 0x4B62B1: test_smb2_oplock_brl3 (oplock.c:3578)
==16564==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16564==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16564==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16564==    by 0x26013F: run_matching (smbtorture.c:110)
==16564==    by 0x260001: run_matching (smbtorture.c:95)
==16564==    by 0x260001: run_matching (smbtorture.c:95)
==16564==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16564==    by 0x261EDF: main (smbtorture.c:665)
==16564==
==16564== Use of uninitialised value of size 8
==16564==    at 0x8F00649: _samba_rijndaelEncrypt (rijndael-alg-fst.c:963)
==16564==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16564==    by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16564==    by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16564==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16564==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16564==    by 0x5B078DF: smb2_lock_send (lock.c:52)
==16564==    by 0x5B07AAE: smb2_lock (lock.c:80)
==16564==    by 0x4B62B1: test_smb2_oplock_brl3 (oplock.c:3578)
==16564==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16564==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16564==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16564==    by 0x26013F: run_matching (smbtorture.c:110)
==16564==    by 0x260001: run_matching (smbtorture.c:95)
==16564==    by 0x260001: run_matching (smbtorture.c:95)
==16564==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16564==    by 0x261EDF: main (smbtorture.c:665)
==16564==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
9ce1f28b8a s4:torture:smb2 fix 'Use of uninitialised value of size 8' valgrind error.
smbtorture test smb2.oplock.brl2.brl2 generates the following
valgrind trace

==16443== Use of uninitialised value of size 8
==16443==    at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16443==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16443==    by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16443==    by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16443==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16443==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16443==    by 0x5B078DF: smb2_lock_send (lock.c:52)
==16443==    by 0x5B07AAE: smb2_lock (lock.c:80)
==16443==    by 0x4B5971: test_smb2_oplock_brl2 (oplock.c:3464)
==16443==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16443==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16443==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16443==    by 0x26013F: run_matching (smbtorture.c:110)
==16443==    by 0x260001: run_matching (smbtorture.c:95)
==16443==    by 0x260001: run_matching (smbtorture.c:95)
==16443==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16443==    by 0x261EDF: main (smbtorture.c:665)
==16443==
==16443== Use of uninitialised value of size 8
==16443==    at 0x8F00649: _samba_rijndaelEncrypt (rijndael-alg-fst.c:963)
==16443==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16443==    by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16443==    by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16443==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16443==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16443==    by 0x5B078DF: smb2_lock_send (lock.c:52)
==16443==    by 0x5B07AAE: smb2_lock (lock.c:80)
==16443==    by 0x4B5971: test_smb2_oplock_brl2 (oplock.c:3464)
==16443==    by 0x48B452: wrap_simple_1smb2_test (smb2.c:52)
==16443==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16443==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16443==    by 0x26013F: run_matching (smbtorture.c:110)
==16443==    by 0x260001: run_matching (smbtorture.c:95)
==16443==    by 0x260001: run_matching (smbtorture.c:95)
==16443==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16443==    by 0x261EDF: main (smbtorture.c:665)
==16443==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
d7e6d37e5e s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
smbtorture smb2.oplock.brl1.brl1 generates the following valgrind trace

==16002== Use of uninitialised value of size 8
==16002==    at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==16002==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16002==    by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16002==    by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16002==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16002==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16002==    by 0x5B078DF: smb2_lock_send (lock.c:52)
==16002==    by 0x5B07AAE: smb2_lock (lock.c:80)
==16002==    by 0x4B50D8: test_smb2_oplock_brl1 (oplock.c:3352)
==16002==    by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==16002==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16002==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16002==    by 0x26013F: run_matching (smbtorture.c:110)
==16002==    by 0x260001: run_matching (smbtorture.c:95)
==16002==    by 0x260001: run_matching (smbtorture.c:95)
==16002==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16002==    by 0x261EDF: main (smbtorture.c:665)
==16002==
==16002== Use of uninitialised value of size 8
==16002==    at 0x8F00649: _samba_rijndaelEncrypt (rijndael-alg-fst.c:963)
==16002==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16002==    by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16002==    by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16002==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16002==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16002==    by 0x5B078DF: smb2_lock_send (lock.c:52)
==16002==    by 0x5B07AAE: smb2_lock (lock.c:80)
==16002==    by 0x4B50D8: test_smb2_oplock_brl1 (oplock.c:3352)
==16002==    by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==16002==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16002==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16002==    by 0x26013F: run_matching (smbtorture.c:110)
==16002==    by 0x260001: run_matching (smbtorture.c:95)
==16002==    by 0x260001: run_matching (smbtorture.c:95)
==16002==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16002==    by 0x261EDF: main (smbtorture.c:665)
==16002==
==16002== Use of uninitialised value of size 8
==16002==    at 0x8F006AF: _samba_rijndaelEncrypt (rijndael-alg-fst.c:968)
==16002==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==16002==    by 0x8F01BB2: aes_cmac_128_final (aes_cmac_128.c:179)
==16002==    by 0xB0D11E5: smb2_signing_sign_pdu (smb2_signing.c:78)
==16002==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==16002==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==16002==    by 0x5B078DF: smb2_lock_send (lock.c:52)
==16002==    by 0x5B07AAE: smb2_lock (lock.c:80)
==16002==    by 0x4B50D8: test_smb2_oplock_brl1 (oplock.c:3352)
==16002==    by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==16002==    by 0x955368F: internal_torture_run_test (torture.c:442)
==16002==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==16002==    by 0x26013F: run_matching (smbtorture.c:110)
==16002==    by 0x260001: run_matching (smbtorture.c:95)
==16002==    by 0x260001: run_matching (smbtorture.c:95)
==16002==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==16002==    by 0x261EDF: main (smbtorture.c:665)
==16002==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
bfc2349a56 s4:torture:smb2 fix 'Use of uninitialised value of size 8' valgrind error.
smbtorture test smb2.oplock.batch10.batch10 produces the following
valgrind trace

Use of uninitialised value of size 8
==9662==    at 0x8F005A1: _samba_rijndaelEncrypt (rijndael-alg-fst.c:956)
==9662==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==9662==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==9662==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==9662==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==9662==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==9662==    by 0x5B04C89: smb2_write_send (write.c:49)
==9662==    by 0x5B04F85: smb2_write (write.c:79)
==9662==    by 0x4AD523: test_smb2_oplock_batch10 (oplock.c:1820)
==9662==    by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==9662==    by 0x955368F: internal_torture_run_test (torture.c:442)
==9662==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==9662==    by 0x26013F: run_matching (smbtorture.c:110)
==9662==    by 0x260001: run_matching (smbtorture.c:95)
==9662==    by 0x260001: run_matching (smbtorture.c:95)
==9662==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==9662==    by 0x261EDF: main (smbtorture.c:665)
==9662==
==9662== Use of uninitialised value of size 8
==9662==    at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==9662==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==9662==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==9662==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==9662==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==9662==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==9662==    by 0x5B04C89: smb2_write_send (write.c:49)
==9662==    by 0x5B04F85: smb2_write (write.c:79)
==9662==    by 0x4AD523: test_smb2_oplock_batch10 (oplock.c:1820)
==9662==    by 0x48B7B5: wrap_simple_2smb2_test (smb2.c:112)
==9662==    by 0x955368F: internal_torture_run_test (torture.c:442)
==9662==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==9662==    by 0x26013F: run_matching (smbtorture.c:110)
==9662==    by 0x260001: run_matching (smbtorture.c:95)
==9662==    by 0x260001: run_matching (smbtorture.c:95)
==9662==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==9662==    by 0x261EDF: main (smbtorture.c:665)
==9662==
 Please enter the commit message for your changes. Lines starting

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:16 +02:00
Noel Power
dc927dee2e s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
smbtorture test smb2.notify.mask.mask

==6451== Use of uninitialised value of size 8
==6451==    at 0x8F005C2: _samba_rijndaelEncrypt (rijndael-alg-fst.c:957)
==6451==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==6451==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==6451==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==6451==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==6451==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==6451==    by 0x5B030F3: smb2_close_send (close.c:42)
==6451==    by 0x5B0358A: smb2_close (close.c:78)
==6451==    by 0x5B087B3: smb2_util_close (util.c:40)
==6451==    by 0x483E97: torture_smb2_notify_mask (notify.c:1061)
==6451==    by 0x48B783: wrap_simple_2smb2_test (smb2.c:112)
==6451==    by 0x955368F: internal_torture_run_test (torture.c:442)
==6451==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==6451==    by 0x26013F: run_matching (smbtorture.c:110)
==6451==    by 0x260001: run_matching (smbtorture.c:95)
==6451==    by 0x260001: run_matching (smbtorture.c:95)
==6451==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==6451==    by 0x261EDF: main (smbtorture.c:665)
==6451==
==6451== Use of uninitialised value of size 8
==6451==    at 0x8F005DE: _samba_rijndaelEncrypt (rijndael-alg-fst.c:958)
==6451==    by 0x8EFF24C: samba_AES_encrypt (aes.c:60)
==6451==    by 0x8F01A74: aes_cmac_128_update (aes_cmac_128.c:151)
==6451==    by 0xB0D11B7: smb2_signing_sign_pdu (smb2_signing.c:74)
==6451==    by 0xB0D984A: smb2cli_req_compound_submit (smbXcli_base.c:3062)
==6451==    by 0x5AFD5F5: smb2_transport_send (transport.c:237)
==6451==    by 0x5B030F3: smb2_close_send (close.c:42)
==6451==    by 0x5B0358A: smb2_close (close.c:78)
==6451==    by 0x5B087B3: smb2_util_close (util.c:40)
==6451==    by 0x483E97: torture_smb2_notify_mask (notify.c:1061)
==6451==    by 0x48B783: wrap_simple_2smb2_test (smb2.c:112)
==6451==    by 0x955368F: internal_torture_run_test (torture.c:442)
==6451==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==6451==    by 0x26013F: run_matching (smbtorture.c:110)
==6451==    by 0x260001: run_matching (smbtorture.c:95)
==6451==    by 0x260001: run_matching (smbtorture.c:95)
==6451==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==6451==    by 0x261EDF: main (smbtorture.c:665)
==6451==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
1ae19203e2 s4:torture:smb2: fix Use of 'uninitialised value of size 8' valgrind error.
smbtorture test smb2.create.aclfile.aclfile produces the following
valgrind trace

==6025== Use of uninitialised value of size 8
==6025==    at 0xFB0B061: _itoa_word (in /lib64/libc-2.19.so)
==6025==    by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==6025==    by 0xFB36712: vasprintf (in /lib64/libc-2.19.so)
==6025==    by 0xAEBB348: ndr_print_debug_helper (ndr.c:314)
==6025==    by 0xAEB8ED1: ndr_print_uint16 (ndr_basic.c:1055)
==6025==    by 0x3E5951: ndr_print_security_ace (ndr_security.c:539)
==6025==    by 0x3E6251: ndr_print_security_acl (ndr_security.c:642)
==6025==    by 0x3E7A76: ndr_print_security_descriptor (ndr_security.c:890)
==6025==    by 0xAEBB860: ndr_print_debug (ndr.c:409)
==6025==    by 0x45FCB6: smb2_util_verify_sd (util.c:598)
==6025==    by 0x502246: test_create_acl_ext (create.c:634)
==6025==    by 0x506E13: test_create_acl_file (create.c:1232)
==6025==    by 0x48B420: wrap_simple_1smb2_test (smb2.c:52)
==6025==    by 0x955368F: internal_torture_run_test (torture.c:442)
==6025==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==6025==    by 0x26013F: run_matching (smbtorture.c:110)
==6025==    by 0x260001: run_matching (smbtorture.c:95)
==6025==    by 0x260001: run_matching (smbtorture.c:95)
==6025==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==6025==    by 0x261EDF: main (smbtorture.c:665)
==6025==
==6025== Conditional jump or move depends on uninitialised value(s)
==6025==    at 0xFB0B068: _itoa_word (in /lib64/libc-2.19.so)
==6025==    by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==6025==    by 0xFB36712: vasprintf (in /lib64/libc-2.19.so)
==6025==    by 0xAEBB348: ndr_print_debug_helper (ndr.c:314)
==6025==    by 0xAEB8ED1: ndr_print_uint16 (ndr_basic.c:1055)
==6025==    by 0x3E5951: ndr_print_security_ace (ndr_security.c:539)
==6025==    by 0x3E6251: ndr_print_security_acl (ndr_security.c:642)
==6025==    by 0x3E7A76: ndr_print_security_descriptor (ndr_security.c:890)
==6025==    by 0xAEBB860: ndr_print_debug (ndr.c:409)
==6025==    by 0x45FCB6: smb2_util_verify_sd (util.c:598)
==6025==    by 0x502246: test_create_acl_ext (create.c:634)
==6025==    by 0x506E13: test_create_acl_file (create.c:1232)
==6025==    by 0x48B420: wrap_simple_1smb2_test (smb2.c:52)
==6025==    by 0x955368F: internal_torture_run_test (torture.c:442)
==6025==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==6025==    by 0x26013F: run_matching (smbtorture.c:110)
==6025==    by 0x260001: run_matching (smbtorture.c:95)
==6025==    by 0x260001: run_matching (smbtorture.c:95)
==6025==    by 0x260260: torture_run_named_tests (smbtorture.c:143)
==6025==    by 0x261EDF: main (smbtorture.c:665)
==6025==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
cd7c57c85d s4:torture:raw: fix 'Invalid read of size 1 & Conditional jump or move' errors.
smbtorture test raw.offline.offline generates the following valgrind trace(s).

==5130==    at 0x2223AF: loadfile_callback (offline.c:107)
==5130==    by 0x5AF73E6: loadfile_handler (loadfile.c:208)
==5130==    by 0x5ADFEE0: smbcli_request_done (clitransport.c:395)
==5130==    by 0xF676EEE: tevent_common_loop_timer_delay (in /usr/lib64/libtevent.so.0.9.26)
==5130==    by 0xF677EF9: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5130==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5130==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==5130==    by 0x223A16: torture_test_offline (offline.c:493)
==5130==    by 0x9553F62: wrap_simple_test (torture.c:632)
==5130==    by 0x955368F: internal_torture_run_test (torture.c:442)
==5130==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==5130==    by 0x260121: run_matching (smbtorture.c:110)
==5130==    by 0x25FFE3: run_matching (smbtorture.c:95)
==5130==    by 0x260242: torture_run_named_tests (smbtorture.c:143)
==5130==    by 0x261EC1: main (smbtorture.c:665)
==5130==  Address 0x188b80d0 is 96 bytes inside a block of size 8,288 free'd
==5130==    at 0x4C2A37C: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==5130==    by 0xF4673A3: ??? (in /usr/lib64/libtalloc.so.2.1.5)
==5130==    by 0xF460E42: _talloc_free (in /usr/lib64/libtalloc.so.2.1.5)
==5130==    by 0x5AF7635: smb_composite_loadfile_recv (loadfile.c:278)
==5130==    by 0x2222F7: loadfile_callback (offline.c:91)
==5130==    by 0x5AF73E6: loadfile_handler (loadfile.c:208)
==5130==    by 0x5ADFEE0: smbcli_request_done (clitransport.c:395)
==5130==    by 0xF676EEE: tevent_common_loop_timer_delay (in /usr/lib64/libtevent.so.0.9.26)
==5130==    by 0xF677EF9: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5130==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5130==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==5130==    by 0x223A16: torture_test_offline (offline.c:493)
==5130==    by 0x9553F62: wrap_simple_test (torture.c:632)
==5130==    by 0x955368F: internal_torture_run_test (torture.c:442)
==5130==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==5130==    by 0x260121: run_matching (smbtorture.c:110)
==5130==    by 0x25FFE3: run_matching (smbtorture.c:95)
==5130==    by 0x260242: torture_run_named_tests (smbtorture.c:143)
==5130==    by 0x261EC1: main (smbtorture.c:665)
==5130==

AND

==5428== Conditional jump or move depends on uninitialised value(s)
==5428==    at 0x22270E: getoffline_callback (offline.c:197)
==5428==    by 0x5ADFEE0: smbcli_request_done (clitransport.c:395)
==5428==    by 0xF676EEE: tevent_common_loop_timer_delay (in /usr/lib64/libtevent.so.0.9.26)
==5428==    by 0xF677EF9: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5428==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==5428==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==5428==    by 0x223A1B: torture_test_offline (offline.c:494)
==5428==    by 0x9553F62: wrap_simple_test (torture.c:632)
==5428==    by 0x955368F: internal_torture_run_test (torture.c:442)
==5428==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==5428==    by 0x260126: run_matching (smbtorture.c:110)
==5428==    by 0x25FFE8: run_matching (smbtorture.c:95)
==5428==    by 0x260247: torture_run_named_tests (smbtorture.c:143)
==5428==    by 0x261EC6: main (smbtorture.c:665)
==5428==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
bb0c4a95df s4:torture:raw: fix 'Conditional jump or move' valgrind error.
smbtorture test raw.bench-tcon.bench-tcon produces the following valgrind
trace

==32163== Conditional jump or move depends on uninitialised value(s)
==32163==    at 0x1F9D61: rate_convert_secs (tconrate.c:149)
==32163==    by 0x1FA04C: torture_bench_treeconnect (tconrate.c:189)
==32163==    by 0x9553F62: wrap_simple_test (torture.c:632)
==32163==    by 0x955368F: internal_torture_run_test (torture.c:442)
==32163==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==32163==    by 0x260121: run_matching (smbtorture.c:110)
==32163==    by 0x25FFE3: run_matching (smbtorture.c:95)
==32163==    by 0x260242: torture_run_named_tests (smbtorture.c:143)
==32163==    by 0x261EC1: main (smbtorture.c:665)
==32163==
==32163== Use of uninitialised value of size 8
==32163==    at 0xFB0B0BB: _itoa_word (in /lib64/libc-2.19.so)
==32163==    by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==32163==    by 0xFB15598: printf (in /lib64/libc-2.19.so)
==32163==    by 0x1FA064: torture_bench_treeconnect (tconrate.c:188)
==32163==    by 0x9553F62: wrap_simple_test (torture.c:632)
==32163==    by 0x955368F: internal_torture_run_test (torture.c:442)
==32163==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==32163==    by 0x260121: run_matching (smbtorture.c:110)
==32163==    by 0x25FFE3: run_matching (smbtorture.c:95)
==32163==    by 0x260242: torture_run_named_tests (smbtorture.c:143)
==32163==    by 0x261EC1: main (smbtorture.c:665)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
04d70f5206 s4:torture:raw: fix 'use of uninitialised value of size 8' valgrind errors
smbtorture test raw.acls.create_file.create_file produces the following
valgrind trace

==31783== Use of uninitialised value of size 8
==31783==    at 0xFB0B061: _itoa_word (in /lib64/libc-2.19.so)
==31783==    by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==31783==    by 0xFB36712: vasprintf (in /lib64/libc-2.19.so)
==31783==    by 0xAEBB348: ndr_print_debug_helper (ndr.c:314)
==31783==    by 0xAEB8ED1: ndr_print_uint16 (ndr_basic.c:1055)
==31783==    by 0x3E591A: ndr_print_security_ace (ndr_security.c:539)
==31783==    by 0x3E621A: ndr_print_security_acl (ndr_security.c:642)
==31783==    by 0x3E7A3F: ndr_print_security_descriptor (ndr_security.c:890)
==31783==    by 0xAEBB860: ndr_print_debug (ndr.c:409)
==31783==    by 0x20C91F: verify_sd (acls.c:89)
==31783==    by 0x20D8C3: test_nttrans_create_ext (acls.c:306)
==31783==    by 0x20E3A8: test_nttrans_create_file (acls.c:381)
==31783==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==31783==    by 0x955368F: internal_torture_run_test (torture.c:442)
==31783==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==31783==    by 0x260108: run_matching (smbtorture.c:110)
==31783==    by 0x25FFCA: run_matching (smbtorture.c:95)
==31783==    by 0x25FFCA: run_matching (smbtorture.c:95)
==31783==    by 0x260229: torture_run_named_tests (smbtorture.c:143)
==31783==    by 0x261EA8: main (smbtorture.c:665)
==31783==
==31783== Conditional jump or move depends on uninitialised value(s)
==31783==    at 0xFB0B068: _itoa_word (in /lib64/libc-2.19.so)
==31783==    by 0xFB0EAD2: vfprintf (in /lib64/libc-2.19.so)
==31783==    by 0xFB36712: vasprintf (in /lib64/libc-2.19.so)
==31783==    by 0xAEBB348: ndr_print_debug_helper (ndr.c:314)
==31783==    by 0xAEB8ED1: ndr_print_uint16 (ndr_basic.c:1055)
==31783==    by 0x3E591A: ndr_print_security_ace (ndr_security.c:539)
==31783==    by 0x3E621A: ndr_print_security_acl (ndr_security.c:642)
==31783==    by 0x3E7A3F: ndr_print_security_descriptor (ndr_security.c:890)
==31783==    by 0xAEBB860: ndr_print_debug (ndr.c:409)
==31783==    by 0x20C91F: verify_sd (acls.c:89)
==31783==    by 0x20D8C3: test_nttrans_create_ext (acls.c:306)
==31783==    by 0x20E3A8: test_nttrans_create_file (acls.c:381)
==31783==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==31783==    by 0x955368F: internal_torture_run_test (torture.c:442)
==31783==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==31783==    by 0x260108: run_matching (smbtorture.c:110)
==31783==    by 0x25FFCA: run_matching (smbtorture.c:95)
==31783==    by 0x25FFCA: run_matching (smbtorture.c:95)
==31783==    by 0x260229: torture_run_named_tests (smbtorture.c:143)
==31783==    by 0x261EA8: main (smbtorture.c:665)
==31783==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
de590daa1c s4:torture:raw: fix 'Syscall param writev(vector[...])' valgrind error
running smbtorture test raw.streams.createdisp.createdisp results in
the following valgrind trace

==30946== Syscall param writev(vector[...]) points to uninitialised byte(s)
==30946==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==30946==    by 0x106CB033: writev_handler (async_sock.c:340)
==30946==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30946==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30946==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==30946==    by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==30946==    by 0x5AE343E: smbcli_request_simple_recv (rawrequest.c:430)
==30946==    by 0x5ADC8BC: smb_raw_close (rawfile.c:847)
==30946==    by 0x9BE60B4: smbcli_close (clifile.c:316)
==30946==    by 0x209F0D: create_file_with_stream (streams.c:1502)
==30946==    by 0x20A072: test_stream_create_disposition (streams.c:1527)
==30946==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30946==    by 0x955368F: internal_torture_run_test (torture.c:442)
==30946==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30946==    by 0x2600D6: run_matching (smbtorture.c:110)
==30946==    by 0x25FF98: run_matching (smbtorture.c:95)
==30946==    by 0x25FF98: run_matching (smbtorture.c:95)
==30946==    by 0x2601F7: torture_run_named_tests (smbtorture.c:143)
==30946==    by 0x261E76: main (smbtorture.c:665)
==30946==  Address 0x187ebbc6 is 598 bytes inside a block of size 1,325 alloc'd
==30946==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30946==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==30946==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==30946==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==30946==    by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==30946==    by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==30946==    by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==30946==    by 0x5ADC869: smb_raw_close_send (rawfile.c:832)
==30946==    by 0x5ADC8AC: smb_raw_close (rawfile.c:846)
==30946==    by 0x9BE60B4: smbcli_close (clifile.c:316)
==30946==    by 0x209F0D: create_file_with_stream (streams.c:1502)
==30946==    by 0x20A072: test_stream_create_disposition (streams.c:1527)
==30946==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30946==    by 0x955368F: internal_torture_run_test (torture.c:442)
==30946==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30946==    by 0x2600D6: run_matching (smbtorture.c:110)
==30946==    by 0x25FF98: run_matching (smbtorture.c:95)
==30946==    by 0x25FF98: run_matching (smbtorture.c:95)
==30946==    by 0x2601F7: torture_run_named_tests (smbtorture.c:143)
==30946==    by 0x261E76: main (smbtorture.c:665

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
a22ccb04a0 s4:torture:raw: fix 'Syscall param writev(vector[...])' valgrind error
running smbtorture test raw.open.openx-over-dir.openx-over-dir results in
the following valgrind trace

==30597== Syscall param writev(vector[...]) points to uninitialised byte(s)
==30597==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==30597==    by 0x106CB033: writev_handler (async_sock.c:340)
==30597==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30597==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30597==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==30597==    by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==30597==    by 0x5AE343E: smbcli_request_simple_recv (rawrequest.c:430)
==30597==    by 0x5ADC8BC: smb_raw_close (rawfile.c:847)
==30597==    by 0x9BE60B4: smbcli_close (clifile.c:316)
==30597==    by 0x1A57F0: test_openx_over_dir (open.c:1495)
==30597==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30597==    by 0x955368F: internal_torture_run_test (torture.c:442)
==30597==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30597==    by 0x2600BD: run_matching (smbtorture.c:110)
==30597==    by 0x25FF7F: run_matching (smbtorture.c:95)
==30597==    by 0x25FF7F: run_matching (smbtorture.c:95)
==30597==    by 0x2601DE: torture_run_named_tests (smbtorture.c:143)
==30597==    by 0x261E5D: main (smbtorture.c:665)
==30597==  Address 0x187e41d6 is 598 bytes inside a block of size 1,325 alloc'd
==30597==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30597==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==30597==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==30597==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==30597==    by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==30597==    by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==30597==    by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==30597==    by 0x5ADC869: smb_raw_close_send (rawfile.c:832)
==30597==    by 0x5ADC8AC: smb_raw_close (rawfile.c:846)
==30597==    by 0x9BE60B4: smbcli_close (clifile.c:316)
==30597==    by 0x1A57F0: test_openx_over_dir (open.c:1495)
==30597==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30597==    by 0x955368F: internal_torture_run_test (torture.c:442)
==30597==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30597==    by 0x2600BD: run_matching (smbtorture.c:110)
==30597==    by 0x25FF7F: run_matching (smbtorture.c:95)
==30597==    by 0x25FF7F: run_matching (smbtorture.c:95)
==30597==    by 0x2601DE: torture_run_named_tests (smbtorture.c:143)
==30597==    by 0x261E5D: main (smbtorture.c:665)
==30597==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
2a06c992c8 s4:torture:raw: fix 'Syscall param writev(vector[...])' valgrind error
running smbtorture test raw.open.chained-ntcreatex.chained-ntcreatex results
in the following valgrind trace

==30405== Syscall param writev(vector[...]) points to uninitialised byte(s)
==30405==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==30405==    by 0x106CB033: writev_handler (async_sock.c:340)
==30405==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30405==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30405==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==30405==    by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==30405==    by 0x5AE343E: smbcli_request_simple_recv (rawrequest.c:430)
==30405==    by 0x5ADC8BC: smb_raw_close (rawfile.c:847)
==30405==    by 0x9BE60B4: smbcli_close (clifile.c:316)
==30405==    by 0x1A66B4: test_chained_ntcreatex_readx (open.c:1735)
==30405==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30405==    by 0x955368F: internal_torture_run_test (torture.c:442)
==30405==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30405==    by 0x2600A4: run_matching (smbtorture.c:110)
==30405==    by 0x25FF66: run_matching (smbtorture.c:95)
==30405==    by 0x25FF66: run_matching (smbtorture.c:95)
==30405==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==30405==    by 0x261E44: main (smbtorture.c:665)
==30405==  Address 0x187e1196 is 598 bytes inside a block of size 1,325 alloc'd
==30405==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30405==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==30405==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==30405==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==30405==    by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==30405==    by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==30405==    by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==30405==    by 0x5ADC869: smb_raw_close_send (rawfile.c:832)
==30405==    by 0x5ADC8AC: smb_raw_close (rawfile.c:846)
==30405==    by 0x9BE60B4: smbcli_close (clifile.c:316)
==30405==    by 0x1A66B4: test_chained_ntcreatex_readx (open.c:1735)
==30405==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==30405==    by 0x955368F: internal_torture_run_test (torture.c:442)
==30405==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==30405==    by 0x2600A4: run_matching (smbtorture.c:110)
==30405==    by 0x25FF66: run_matching (smbtorture.c:95)
==30405==    by 0x25FF66: run_matching (smbtorture.c:95)
==30405==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==30405==    by 0x261E44: main (smbtorture.c:665)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
83cb2bae8d s4:torture:basic: fix 'Conditional jump or move ' valgrind error
running smbtorture test base.bench-holdopen.bench-holdopen yields the
following valgrind trace.

==29953== Conditional jump or move depends on uninitialised value(s)
==29953==    at 0xF4634F0: _talloc_zero_array (in /usr/lib64/libtalloc.so.2.1.5)
==29953==    by 0x5AE257E: smbcli_request_setup_transport (rawrequest.c:101)
==29953==    by 0x5AE04AF: smb_raw_echo_send (clitransport.c:554)
==29953==    by 0x5AE0774: smb_raw_echo (clitransport.c:609)
==29953==    by 0x4183D3: torture_holdopen (misc.c:288)
==29953==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==29953==    by 0x955368F: internal_torture_run_test (torture.c:442)
==29953==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29953==    by 0x2600A4: run_matching (smbtorture.c:110)
==29953==    by 0x25FF66: run_matching (smbtorture.c:95)
==29953==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==29953==    by 0x261E44: main (smbtorture.c:665)
==29953==
==29953== Conditional jump or move depends on uninitialised value(s)
==29953==    at 0xF4630E3: _talloc_zero (in /usr/lib64/libtalloc.so.2.1.5)
==29953==    by 0x5AE257E: smbcli_request_setup_transport (rawrequest.c:101)
==29953==    by 0x5AE04AF: smb_raw_echo_send (clitransport.c:554)
==29953==    by 0x5AE0774: smb_raw_echo (clitransport.c:609)
==29953==    by 0x4183D3: torture_holdopen (misc.c:288)
==29953==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==29953==    by 0x955368F: internal_torture_run_test (torture.c:442)
==29953==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==29953==    by 0x2600A4: run_matching (smbtorture.c:110)
==29953==    by 0x25FF66: run_matching (smbtorture.c:95)
==29953==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==29953==    by 0x261E44: main (smbtorture.c:665)
==29953==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
d94940276a s4:torture:basic: fix 'Syscall param writev(vector[...])' valgrind error
smbtorture test  base.winattr.winattr yields the following trace

==25514== Syscall param writev(vector[...]) points to uninitialised byte(s)
==25514==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==25514==    by 0x106CB033: writev_handler (async_sock.c:340)
==25514==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==25514==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==25514==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==25514==    by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==25514==    by 0x5AEEC7E: smb_raw_nttrans_recv (rawtrans.c:408)
==25514==    by 0x5AF6543: smb_raw_query_secdesc_recv (rawacl.c:67)
==25514==    by 0x5AF580F: smb_raw_fileinfo_recv (rawfileinfo.c:699)
==25514==    by 0x5AF58BE: smb_raw_fileinfo (rawfileinfo.c:721)
==25514==    by 0x454AC3: torture_winattrtest (attr.c:217)
==25514==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==25514==    by 0x955368F: internal_torture_run_test (torture.c:442)
==25514==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==25514==    by 0x2600A4: run_matching (smbtorture.c:110)
==25514==    by 0x25FF66: run_matching (smbtorture.c:95)
==25514==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==25514==    by 0x261E44: main (smbtorture.c:665)
==25514==  Address 0x187d69c6 is 598 bytes inside a block of size 1,325 alloc'd
==25514==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25514==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==25514==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==25514==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==25514==    by 0xB0E1E6D: smb1cli_trans_send (smb1cli_trans.c:512)
==25514==    by 0x5AEE9B2: smb_raw_nttrans_send (rawtrans.c:310)
==25514==    by 0x5AF64F0: smb_raw_query_secdesc_send (rawacl.c:51)
==25514==    by 0x5AF56E5: smb_raw_fileinfo_send (rawfileinfo.c:658)
==25514==    by 0x5AF58A3: smb_raw_fileinfo (rawfileinfo.c:720)
==25514==    by 0x454AC3: torture_winattrtest (attr.c:217)
==25514==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==25514==    by 0x955368F: internal_torture_run_test (torture.c:442)
==25514==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==25514==    by 0x2600A4: run_matching (smbtorture.c:110)
==25514==    by 0x25FF66: run_matching (smbtorture.c:95)
==25514==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==25514==    by 0x261E44: main (smbtorture.c:665)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
03302bcb86 s4:libcli: fix 'Conditional jump or move' valgrind error
smbtorture test base.tcondev.tcondev causes the following valgrind trace

==23282== Conditional jump or move depends on uninitialised value(s)
==23282==    at 0x9BE5632: smbcli_tconX (cliconnect.c:148)
==23282==    by 0x41021C: tcon_devtest (base.c:91)
==23282==    by 0x411A01: run_tcon_devtype_test (base.c:522)
==23282==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==23282==    by 0x955368F: internal_torture_run_test (torture.c:442)
==23282==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==23282==    by 0x2600A4: run_matching (smbtorture.c:110)
==23282==    by 0x25FF66: run_matching (smbtorture.c:95)
==23282==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==23282==    by 0x261E44: main (smbtorture.c:665)
==23282==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
c20fb11665 s4:torture:basic: fix valgrind 'Syscall param writev(vector[...])' error.
smbtorture test base.aliases.setpathinfo_aliases.setpathinfo_aliases
results in the following valgrind trace

==23067== Syscall param writev(vector[...]) points to uninitialised byte(s)
==23067==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==23067==    by 0x106CB033: writev_handler (async_sock.c:340)
==23067==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==23067==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==23067==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==23067==    by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==23067==    by 0x5AE6019: smb_raw_write_recv (rawreadwrite.c:303)
==23067==    by 0x5AE63FD: smb_raw_write (rawreadwrite.c:344)
==23067==    by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==23067==    by 0x423EB4: setpathinfo_aliases (aliases.c:367)
==23067==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==23067==    by 0x955368F: internal_torture_run_test (torture.c:442)
==23067==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==23067==    by 0x2600A4: run_matching (smbtorture.c:110)
==23067==    by 0x25FF66: run_matching (smbtorture.c:95)
==23067==    by 0x25FF66: run_matching (smbtorture.c:95)
==23067==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==23067==    by 0x261E44: main (smbtorture.c:665)
==23067==  Address 0x187e0096 is 598 bytes inside a block of size 1,325 alloc'd
==23067==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==23067==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==23067==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==23067==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==23067==    by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==23067==    by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==23067==    by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==23067==    by 0x5AE5FDD: smb_raw_write_send (rawreadwrite.c:289)
==23067==    by 0x5AE63E6: smb_raw_write (rawreadwrite.c:343)
==23067==    by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==23067==    by 0x423EB4: setpathinfo_aliases (aliases.c:367)
==23067==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==23067==    by 0x955368F: internal_torture_run_test (torture.c:442)
==23067==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==23067==    by 0x2600A4: run_matching (smbtorture.c:110)
==23067==    by 0x25FF66: run_matching (smbtorture.c:95)
==23067==    by 0x25FF66: run_matching (smbtorture.c:95)
==23067==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==23067==    by 0x261E44: main (smbtorture.c:665)
==23067==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
6806c1486e s4:torture:basic: fix valgrind 'Syscall param writev(vector[...])' error
smbtorture test  base.aliases.setfileinfo_aliases.setfileinfo_aliases
results in the following valgrind trace

==22757== Syscall param writev(vector[...]) points to uninitialised byte(s)
==22757==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==22757==    by 0x106CB033: writev_handler (async_sock.c:340)
==22757==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22757==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22757==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==22757==    by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==22757==    by 0x5AE6019: smb_raw_write_recv (rawreadwrite.c:303)
==22757==    by 0x5AE63FD: smb_raw_write (rawreadwrite.c:344)
==22757==    by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22757==    by 0x423C91: setfileinfo_aliases (aliases.c:327)
==22757==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22757==    by 0x955368F: internal_torture_run_test (torture.c:442)
==22757==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22757==    by 0x2600A4: run_matching (smbtorture.c:110)
==22757==    by 0x25FF66: run_matching (smbtorture.c:95)
==22757==    by 0x25FF66: run_matching (smbtorture.c:95)
==22757==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22757==    by 0x261E44: main (smbtorture.c:665)
==22757==  Address 0x187dfee6 is 598 bytes inside a block of size 1,325 alloc'd
==22757==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22757==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==22757==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==22757==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==22757==    by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==22757==    by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==22757==    by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==22757==    by 0x5AE5FDD: smb_raw_write_send (rawreadwrite.c:289)
==22757==    by 0x5AE63E6: smb_raw_write (rawreadwrite.c:343)
==22757==    by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22757==    by 0x423C91: setfileinfo_aliases (aliases.c:327)
==22757==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22757==    by 0x955368F: internal_torture_run_test (torture.c:442)
==22757==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22757==    by 0x2600A4: run_matching (smbtorture.c:110)
==22757==    by 0x25FF66: run_matching (smbtorture.c:95)
==22757==    by 0x25FF66: run_matching (smbtorture.c:95)
==22757==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22757==    by 0x261E44: main (smbtorture.c:665)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
a5ce559a80 s4:torture:basic: fix valgrind 'Syscall param writev(vector[...])' error
running smbtorture test base.aliases.FINDFIRST aliases.FINDFIRST aliases
results in the following valgrind trace

==22639== Syscall param writev(vector[...]) points to uninitialised byte(s)
==22639==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==22639==    by 0x106CB033: writev_handler (async_sock.c:340)
==22639==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22639==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22639==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==22639==    by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==22639==    by 0x5AE6019: smb_raw_write_recv (rawreadwrite.c:303)
==22639==    by 0x5AE63FD: smb_raw_write (rawreadwrite.c:344)
==22639==    by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22639==    by 0x423672: findfirst_aliases (aliases.c:213)
==22639==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22639==    by 0x955368F: internal_torture_run_test (torture.c:442)
==22639==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22639==    by 0x2600A4: run_matching (smbtorture.c:110)
==22639==    by 0x25FF66: run_matching (smbtorture.c:95)
==22639==    by 0x25FF66: run_matching (smbtorture.c:95)
==22639==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22639==    by 0x261E44: main (smbtorture.c:665)
==22639==  Address 0x187dfd26 is 598 bytes inside a block of size 1,325 alloc'd
==22639==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22639==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==22639==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==22639==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==22639==    by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==22639==    by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==22639==    by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==22639==    by 0x5AE5FDD: smb_raw_write_send (rawreadwrite.c:289)
==22639==    by 0x5AE63E6: smb_raw_write (rawreadwrite.c:343)
==22639==    by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22639==    by 0x423672: findfirst_aliases (aliases.c:213)
==22639==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22639==    by 0x955368F: internal_torture_run_test (torture.c:442)
==22639==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22639==    by 0x2600A4: run_matching (smbtorture.c:110)
==22639==    by 0x25FF66: run_matching (smbtorture.c:95)
==22639==    by 0x25FF66: run_matching (smbtorture.c:95)
==22639==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22639==    by 0x261E44: main (smbtorture.c:665)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:15 +02:00
Noel Power
4d5a73e246 s4:torture:basic fix 'Syscall param writev(vector[...])' valgrind error
smbtorture 'base.aliases.QPATHINFO aliases.QPATHINFO aliases' results in
following valgrind trace

==22469== Syscall param writev(vector[...]) points to uninitialised byte(s)
==22469==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==22469==    by 0x106CB033: writev_handler (async_sock.c:340)
==22469==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22469==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==22469==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==22469==    by 0x5AE3400: smbcli_request_receive (rawrequest.c:416)
==22469==    by 0x5AE6019: smb_raw_write_recv (rawreadwrite.c:303)
==22469==    by 0x5AE63FD: smb_raw_write (rawreadwrite.c:344)
==22469==    by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22469==    by 0x423431: qpathinfo_aliases (aliases.c:171)
==22469==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22469==    by 0x955368F: internal_torture_run_test (torture.c:442)
==22469==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22469==    by 0x2600A4: run_matching (smbtorture.c:110)
==22469==    by 0x25FF66: run_matching (smbtorture.c:95)
==22469==    by 0x25FF66: run_matching (smbtorture.c:95)
==22469==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22469==    by 0x261E44: main (smbtorture.c:665)
==22469==  Address 0x187dfb86 is 598 bytes inside a block of size 1,325 alloc'd
==22469==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22469==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==22469==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==22469==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==22469==    by 0x5ADFAB7: smbcli_transport_setup_subreq (clitransport.c:254)
==22469==    by 0x5ADFC37: smbcli_transport_send (clitransport.c:326)
==22469==    by 0x5AE33C3: smbcli_request_send (rawrequest.c:400)
==22469==    by 0x5AE5FDD: smb_raw_write_send (rawreadwrite.c:289)
==22469==    by 0x5AE63E6: smb_raw_write (rawreadwrite.c:343)
==22469==    by 0x9BE50CA: smbcli_write (clireadwrite.c:118)
==22469==    by 0x423431: qpathinfo_aliases (aliases.c:171)
==22469==    by 0x16B21D: wrap_simple_1smb_test (util_smb.c:856)
==22469==    by 0x955368F: internal_torture_run_test (torture.c:442)
==22469==    by 0x9553A6B: torture_run_test_restricted (torture.c:542)
==22469==    by 0x2600A4: run_matching (smbtorture.c:110)
==22469==    by 0x25FF66: run_matching (smbtorture.c:95)
==22469==    by 0x25FF66: run_matching (smbtorture.c:95)
==22469==    by 0x2601C5: torture_run_named_tests (smbtorture.c:143)
==22469==    by 0x261E44: main (smbtorture.c:665)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:14 +02:00
Noel Power
60b2298a73 s4:lib:registry: fix 'Conditional jump or move' valgrind error.
smbtorture local.registry.diff.dotreg.test_diff_apply produces the following
valgrind trace

==18367== Conditional jump or move depends on uninitialised value(s)
==18367==    at 0xA02ED96: reg_dotreg_diff_load (patchfile_dotreg.c:252)
==18367==    by 0xA031C6C: reg_diff_load (patchfile.c:375)
==18367==    by 0xA0323AB: reg_diff_apply (patchfile.c:542)
==18367==    by 0x15F116: test_diff_apply (diff.c:72)
==18367==    by 0x955460C: wrap_test_with_simple_test (torture.c:731)
==18367==    by 0x955366F: internal_torture_run_test (torture.c:442)
==18367==    by 0x9553A4B: torture_run_test_restricted (torture.c:542)
==18367==    by 0x260074: run_matching (smbtorture.c:110)
==18367==    by 0x25FF36: run_matching (smbtorture.c:95)
==18367==    by 0x25FF36: run_matching (smbtorture.c:95)
==18367==    by 0x25FF36: run_matching (smbtorture.c:95)
==18367==    by 0x260195: torture_run_named_tests (smbtorture.c:143)
==18367==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:14 +02:00
Noel Power
9cb4b1b240 s4:torture:rpc: fix valgrind 'Syscall param writev(vector[...])' valgrind error
when running smbtorture rpc.samba3.regconfig.regconfig

Note: to fix this particular error only the action_taken variable needed
to be initialised. ZERO-ing the structs for completeness.

==14958== Syscall param writev(vector[...]) points to uninitialised byte(s)
==14958==    at 0xFB9FC87: writev (in /lib64/libc-2.19.so)
==14958==    by 0x106C8003: writev_handler (async_sock.c:340)
==14958==    by 0xF67407E: epoll_event_loop (tevent_epoll.c:728)
==14958==    by 0xF67469C: epoll_event_loop_once (tevent_epoll.c:926)
==14958==    by 0xF671586: std_event_loop_once (tevent_standard.c:114)
==14958==    by 0xF66AD42: _tevent_loop_once (tevent.c:533)
==14958==    by 0xF66CB9D: tevent_req_poll (tevent_req.c:256)
==14958==    by 0x5D19305: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==14958==    by 0x88B2DED: dcerpc_binding_handle_call (binding_handle.c:556)
==14958==    by 0xBBCE851: dcerpc_winreg_CreateKey_r (ndr_winreg_c.c:1430)
==14958==    by 0x3D47C5: torture_samba3_createshare (samba3rpc.c:3192)
==14958==    by 0x3D50AC: torture_samba3_regconfig (samba3rpc.c:3299)
==14958==    by 0x9553F42: wrap_simple_test (torture.c:632)
==14958==    by 0x955366F: internal_torture_run_test (torture.c:442)
==14958==    by 0x9553A4B: torture_run_test_restricted (torture.c:542)
==14958==    by 0x260074: run_matching (smbtorture.c:110)
==14958==    by 0x25FF36: run_matching (smbtorture.c:95)
==14958==    by 0x25FF36: run_matching (smbtorture.c:95)
==14958==    by 0x260195: torture_run_named_tests (smbtorture.c:143)
==14958==    by 0x261E14: main (smbtorture.c:665)
==14958==  Address 0x18868ec6 is 598 bytes inside a block of size 1,325 alloc'd
==14958==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==14958==    by 0xF45EE38: __talloc_with_prefix (talloc.c:668)
==14958==    by 0xF45EFF5: _talloc_pool (talloc.c:721)
==14958==    by 0xF45F167: _talloc_pooled_object (talloc.c:790)
==14958==    by 0xF66C664: _tevent_req_create (tevent_req.c:66)
==14958==    by 0xB0D49CF: smb1cli_req_create (smbXcli_base.c:1322)
==14958==    by 0xB0E1E3D: smb1cli_trans_send (smb1cli_trans.c:512)
==14958==    by 0xB0ED44D: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==14958==    by 0xB0EC817: tstream_smbXcli_np_writev_write_next (tstream_smbXcli_np.c:578)
==14958==    by 0xB0EC4A7: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==14958==    by 0xC259DDA: tstream_writev_send (tsocket.c:695)
==14958==    by 0xC25AD44: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==14958==    by 0xF66BF73: tevent_queue_immediate_trigger (tevent_queue.c:149)
==14958==    by 0xF66BBFB: tevent_common_loop_immediate (tevent_immediate.c:135)
==14958==    by 0xF674602: epoll_event_loop_once (tevent_epoll.c:907)
==14958==    by 0xF671586: std_event_loop_once (tevent_standard.c:114)
==14958==    by 0xF66AD42: _tevent_loop_once (tevent.c:533)
==14958==    by 0xF66CB9D: tevent_req_poll (tevent_req.c:256)
==14958==    by 0x5D19305: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==14958==    by 0x88B2DED: dcerpc_binding_handle_call (binding_handle.c:556)
==14958==    by 0xBBCE851: dcerpc_winreg_CreateKey_r (ndr_winreg_c.c:1430)
==14958==    by 0x3D47C5: torture_samba3_createshare (samba3rpc.c:3192)
==14958==    by 0x3D50AC: torture_samba3_regconfig (samba3rpc.c:3299)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:14 +02:00
Noel Power
c901d98d6e s4:torture:rpc: fix valgrind 'Syscall param writev(vector[...])' error
running smbtorture test rpc.samba3.winreg.winreg yields the following
valgrind trace

==18533== Syscall param writev(vector[...]) points to uninitialised byte(s)
==18533==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==18533==    by 0x106CB033: writev_handler (async_sock.c:340)
==18533==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18533==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18533==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==18533==    by 0xF673ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==18533==    by 0x5D19325: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==18533==    by 0x88B2E0D: dcerpc_binding_handle_call (binding_handle.c:556)
==18533==    by 0xBBD049F: dcerpc_winreg_EnumValue_r (ndr_winreg_c.c:2354)
==18533==    by 0x3D3E3E: enumvalues (samba3rpc.c:2982)
==18533==    by 0x3D40A5: enumkeys (samba3rpc.c:3042)
==18533==    by 0x3D4085: enumkeys (samba3rpc.c:3041)
==18533==  Address 0x1886edd6 is 598 bytes inside a block of size 1,325 alloc'd
==18533==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==18533==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==18533==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==18533==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==18533==    by 0xB0E1E6D: smb1cli_trans_send (smb1cli_trans.c:512)
==18533==    by 0xB0ED47D: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==18533==    by 0xB0EC847: tstream_smbXcli_np_writev_write_next (tstream_smbXcli_np.c:578)
==18533==    by 0xB0EC4D7: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==18533==    by 0xC259DFA: tstream_writev_send (tsocket.c:695)
==18533==    by 0xC25AD64: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==18533==    by 0xF673023: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.26)
==18533==    by 0xF677EED: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18533==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:14 +02:00
Noel Power
9e8d748db3 s4:torture:rpc: fix valgrind Syscall param writev(vector[...]) error
running smbtorture rpc.srvsvc.srvsvc\ (admin\ access).NetDiskEnum results
in the following valgrind trace

==30237== Syscall param writev(vector[...]) points to uninitialised byte(s)
==30237==    at 0xDD01C67: writev (in /lib64/libc-2.19.so)
==30237==    by 0xE1D09D4: writev_handler (async_sock.c:340)
==30237==    by 0xD81A12A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30237==    by 0xD8185F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==30237==    by 0xD8147FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==30237==    by 0xD815ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==30237==    by 0x5AC726D: tevent_req_poll_ntstatus (in /usr/lib64/libtevent-util.so.0.0.1)
==30237==    by 0x8120CEA: dcerpc_binding_handle_call (in /usr/lib64/libdcerpc-binding.so.0.0.1)
==30237==    by 0xA9AC6EC: dcerpc_srvsvc_NetDiskEnum_r (ndr_srvsvc_c.c:5388)
==30237==    by 0x2ADDF8: ??? (in /usr/bin/smbtorture)
==30237==    by 0x898DF8C: ??? (in /usr/lib64/libtorture.so.0.0.1)
==30237==    by 0x1F0816: ??? (in /usr/bin/smbtorture)
==30237==  Address 0x15952676 is 598 bytes inside a block of size 1,325 alloc'd
==30237==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30237==    by 0xCCCAA73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==30237==    by 0xD81566D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==30237==    by 0xA2B7910: smb1cli_req_create (smbXcli_base.c:1322)
==30237==    by 0xA2BA4E3: smb1cli_trans_send (smb1cli_trans.c:512)
==30237==    by 0xA2C1F91: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==30237==    by 0xA2C23AE: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==30237==    by 0xAC8E43C: tstream_writev_send (tsocket.c:695)
==30237==    by 0xAC8E9BA: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==30237==    by 0xD815023: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.26)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:14 +02:00
Noel Power
409cd516ca s4:libnet: fix 'Syscall param writev(vector[...])' valgrind error
running smbtorture rpc.dfs.netdfs.StdRoot yields the following valgrind trace

==18861== Syscall param writev(vector[...]) points to uninitialised byte(s)
==18861==    at 0xFBA2C87: writev (in /lib64/libc-2.19.so)
==18861==    by 0x106CB033: writev_handler (async_sock.c:340)
==18861==    by 0xF67812A: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18861==    by 0xF6765F6: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18861==    by 0xF6727FC: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.26)
==18861==    by 0xF673ACE: tevent_req_poll (in /usr/lib64/libtevent.so.0.9.26)
==18861==    by 0x5D19325: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==18861==    by 0x88B2E0D: dcerpc_binding_handle_call (binding_handle.c:556)
==18861==    by 0xBC6D0D2: dcerpc_srvsvc_NetShareDel_r (ndr_srvsvc_c.c:4272)
==18861==    by 0x9786C0C: libnet_DelShare (libnet_share.c:195)
==18861==    by 0x2E0174: test_NetShareDel (dfs.c:103)
==18861==    by 0x2E126F: test_cleanup_stdroot (dfs.c:488)
==18861==  Address 0x18869b46 is 598 bytes inside a block of size 1,325 alloc'd
==18861==    at 0x4C29110: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==18861==    by 0xF464A73: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.5)
==18861==    by 0xF67366D: _tevent_req_create (in /usr/lib64/libtevent.so.0.9.26)
==18861==    by 0xB0D49FF: smb1cli_req_create (smbXcli_base.c:1322)
==18861==    by 0xB0E1E6D: smb1cli_trans_send (smb1cli_trans.c:512)
==18861==    by 0xB0ED47D: tstream_smbXcli_np_readv_trans_start (tstream_smbXcli_np.c:901)
==18861==    by 0xB0EC847: tstream_smbXcli_np_writev_write_next (tstream_smbXcli_np.c:578)
==18861==    by 0xB0EC4D7: tstream_smbXcli_np_writev_send (tstream_smbXcli_np.c:505)
==18861==    by 0xC259DFA: tstream_writev_send (tsocket.c:695)
==18861==    by 0xC25AD64: tstream_writev_queue_trigger (tsocket_helpers.c:513)
==18861==    by 0xF673023: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.26)
==18861==    by 0xF677EED: ??? (in /usr/lib64/libtevent.so.0.9.26)
==18861==

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:14 +02:00
Ralph Boehme
20dc68050d s4/heimdal: allow SPNs in AS-REQ
This allows testing keytabs with service tickets. Windows KDCs allow
this as well.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:14 +02:00
Ralph Boehme
3116e8d3be s4: add a minimal ktutil for selftest
This minimalistic version of ktutil dumps all principal names and
encryption types from a keytab, eg:

./bin/samba4ktutil test.keytab
ktpassuser@HILLHOUSE.SITE (arcfour-hmac-md5)
ktpassuser@HILLHOUSE.SITE (aes256-cts-hmac-sha1-96)
ktpassuser@HILLHOUSE.SITE (aes128-cts-hmac-sha1-96)
ktpassuser@HILLHOUSE.SITE (des-cbc-md5)
ktpassuser@HILLHOUSE.SITE (des-cbc-crc)

This is all we need to run some tests against keytabs exported with
`samba-tool domain exportkeytab`.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:14 +02:00
Ralph Boehme
deab6c6df7 s4/libnet: fix exporting to keytab by SPN
Fix a regression introduced by 5c5d586d3e that broke exporting
service principals by their spn with

  samba-tool exportkeytab --principal=<SPN>.

Iterating with samba_kdc_nextkey() only returns UPNs, so this can't work
with SPNs. If we want to search for a specific SPN, we have to use
samba_kdc_fetch().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-25 10:35:14 +02:00
Andreas Schneider
03e8152e39 s4:libcli:smb2: Use constant time memcmp() to verify the signature
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-19 09:37:14 +02:00
Garming Sam
fec698dbfd tests/passwords: fix a typo
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Apr 19 07:54:35 CEST 2016 on sn-devel-144
2016-04-19 07:54:35 +02:00
Garming Sam
a523274fb6 tests/dsdb: Verify that only a new ldb affects reads of userPassword
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11853

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-19 04:12:26 +02:00
Andrew Bartlett
f26a2845bd dsdb: Only re-query dSHeuristics for userPassword support on modifies
We keep the database startup value for search behaviour, as to re-check
is too expensive.  It caused every search to have an additional
search to the database.

We do not need to check as_system when setting ac->userPassword
as this is checked when all password attributes are stripped

As userPassword is not written to after fUserPwdSupport is set
we do not expose any data that was not already visible.

The database overhead was an oversight when this was
originally added with 7f171a9e0f
in 2010.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11853

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-04-19 04:12:26 +02:00
Stefan Metzmacher
4ec5ff49b8 CVE-2015-5370: s4:selftest: run samba.tests.dcerpc.raw_protocol against ad_dc
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:33 +02:00
Stefan Metzmacher
3b359d0a8d CVE-2015-5370: s4:librpc/rpc: call dcerpc_connection_dead() on protocol errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:32 +02:00
Stefan Metzmacher
c0f3f308da CVE-2015-5370: s4:rpc_server: reject DCERPC_PFC_FLAG_PENDING_CANCEL with DCERPC_FAULT_NO_CALL_ACTIVE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
0b1656199a CVE-2015-5370: s4:rpc_server: the assoc_group is relative to the connection (association)
All presentation contexts of a connection use the same association group.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
ad6a5cfd2d CVE-2015-5370: s4:rpc_server: only allow one fragmented call_id at a time
It's a protocol error if the client doesn't send all fragments of
a request in one go.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
4b6197f08c CVE-2015-5370: s4:rpc_server: limit allocation and alloc_hint to 4 MByte
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
6b5144c204 CVE-2015-5370: s4:rpc_server: check frag_length for requests
Note this is not the negotiated fragment size, but a hardcoded maximum.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
aef225aaca CVE-2015-5370: s4:rpc_server: give the correct reject reasons for invalid auth_level values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
818e09fff2 CVE-2015-5370: s4:rpc_server: disconnect after a failing dcesrv_auth_request()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
a30eee5745 CVE-2015-5370: s4:rpc_server: let a failing auth3 mark the authentication as invalid
Following requests will generate a fault with ACCESS_DENIED.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
04e92459a4 CVE-2015-5370: s4:rpc_server: failing authentication should generate a SEC_PKG_ERROR
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
ed066b6ca4 CVE-2015-5370: s4:rpc_server: fix the order of error checking in dcesrv_alter()
The basically matches Windows 2012R2, it's not 100%
but it's enough for our raw protocol tests to pass.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
1f7dc721e7 CVE-2015-5370: s4:rpc_server: changing an existing presentation context via alter_context is a protocol error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
f2dbb1c8b6 CVE-2015-5370: s4:rpc_server: don't derefence an empty ctx_list array in dcesrv_alter()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
909538c885 CVE-2015-5370: s4:rpc_server: remove pointless dcesrv_find_context() from dcesrv_bind()
BIND is the first pdu, which means the list of contexts is always empty.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
57afdaa79b CVE-2015-5370: s4:rpc_server: let invalid request fragments disconnect the connection with a protocol error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
5cb1250457 CVE-2015-5370: s4:rpc_server: make sure alter_context and auth3 can't change auth_{type,level,context_id}
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
cb8e2abe52 CVE-2015-5370: s4:rpc_server: maintain in and out struct dcerpc_auth per dcesrv_call_state
We should not use one "global" per connection variable to hold the
incoming and outgoing auth_info.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
0ba1b1867c CVE-2015-5370: s4:rpc_server: ensure that the message ordering doesn't violate the spec
The first pdu is always a BIND.

REQUEST pdus are only allowed once the authentication
is finished.

A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
c0d74ca7af CVE-2015-5370: s4:rpc_server: verify the protocol headers before processing pdus
On protocol errors we should send BIND_NAK or FAULT and mark the
connection as to be terminated.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
caa1e75661 CVE-2015-5370: s4:rpc_server: add infrastructure to terminate a connection after a response
BIND_NAK or FAULT may mark a connection as to be terminated.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
57b07589e7 CVE-2015-5370: s4:rpc_server: make dcesrv_process_ncacn_packet() static
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
3c6fef3aa5 CVE-2015-5370: s4:rpc_server: return the correct secondary_address in dcesrv_bind()
For now we still force \\PIPE\\ in upper case, we may be able to remove
this and change it in our idl files later. But for now we better
behave like a windows server without changing too much.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
7bde997594 CVE-2015-5370: s4:rpc_server: add some padding to dcesrv_bind_nak() responses
This matches Windows 2012R2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
254048f9a5 CVE-2015-5370: s4:rpc_server: split out a dcesrv_fault_with_flags() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:30 +02:00
Stefan Metzmacher
5c76e84663 CVE-2015-5370: s4:rpc_server: fill context_id in dcesrv_fault()
This depends on the type of the incoming pdu.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
c58dbe45a2 CVE-2015-5370: s4:rpc_server: set alloc_hint = 24 in dcesrv_fault()
This matches a Windows 2012R2 server.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
e3c3499a8b CVE-2015-5370: s4:rpc_server: avoid ZERO_STRUCT() in dcesrv_fault()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
e6f6b4be9a CVE-2015-5370: s4:rpc_server: correctly maintain dcesrv_connection->max_{recv,xmit}_frag
These values are controlled by the client but only in a range between
2048 and 5840 (including these values in 8 byte steps).
recv and xmit result always in same min value.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
4624c838c8 CVE-2015-5370: s4:rpc_server/netlogon: make use of dce_call->conn->auth_state.auth_{level,type}
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
f91da2a4a0 CVE-2015-5370: s4:rpc_server/samr: make use of dce_call->conn->auth_state.auth_level
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
8305c0a8fc CVE-2015-5370: s4:rpc_server/lsa: make use of dce_call->conn->auth_state.auth_{level,type}
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
06b9c93d39 CVE-2015-5370: s4:rpc_server: make use of dce_call->conn->auth_state.auth_* in dcesrv_request()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
accac3a3bd CVE-2015-5370: s4:rpc_server: maintain dcesrv_auth->auth_{type,level,context_id}
This will simplify checks in the following commits and avoids
derefencing dcesrv_auth->auth_info which is not always arround.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
f97d9d1d11 CVE-2015-5370: s4:rpc_server: check the result of dcerpc_pull_auth_trailer() in dcesrv_auth_bind()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
b6ac2275c3 CVE-2015-5370: s4:rpc_server: no authentication is indicated by pkt->auth_length == 0
pkt->u.*.auth_info.length is not the correct thing to check.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
2396086678 CVE-2015-5370: s4:rpc_server: make use of talloc_zero()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
def00193c5 CVE-2015-5370: s4:librpc/rpc: protect dcerpc_request_recv_data() against too large payloads
We should only allow a combined payload of a response of at max 4 MBytes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
3bf476345f CVE-2015-5370: s4:librpc/rpc: use dcerpc_verify_ncacn_packet_header() to verify BIND_ACK,ALTER_RESP,RESPONSE pdus
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
9f4d962206 CVE-2015-5370: s4:librpc/rpc: handle DCERPC_PKT_FAULT before anything else in dcerpc_alter_context_recv_handler()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
02a74ddc60 CVE-2015-5370: s4:librpc/rpc: make use of dcerpc_map_ack_reason() in dcerpc_bind_recv_handler()
This should give better error messages if the server doesn't support
a specific abstract/transfer syntax.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
cdba091867 CVE-2015-5370: s4:librpc/rpc: finally verify the server uses the expected auth_{type,level,context_id} values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
ace23643d1 CVE-2015-5370: s4:librpc/rpc: avoid using dcecli_security->auth_info and use per request values
We now avoid reusing the same auth_info structure for incoming and outgoing
values. We need to make sure that the remote server doesn't overwrite our own
values.

This will trigger some failures with our currently broken server,
which will be fixed in the next commits.

The broken server requires an dcerpc_auth structure with no credentials
in order to do an alter_context request that just creates a presentation
context without doing authentication.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
98ef1d67e3 CVE-2015-5370: s4:librpc/rpc: simplify checks if gensec is used in dcerpc_ship_next_request()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
46be37936c CVE-2015-5370: s4:librpc/rpc: avoid dereferencing sec->auth_info in dcerpc_request_prepare_vt()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
d4e735ce6a CVE-2015-5370: s4:librpc/rpc: always use ncacn_pull_request_auth() for DCERPC_PKT_RESPONSE pdus
It handles the case of DCERPC_AUTH_TYPE_NONE just fine and it makes it
possible to do some verification in future.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
8a93fbc7e3 CVE-2015-5370: s4:librpc/rpc: avoid using c->security_state.auth_info in ncacn_pull_request_auth()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
a735892f51 CVE-2015-5370: s4:librpc/rpc: avoid using hs->p->conn->security_state.auth_info in dcerpc_bh_auth_info()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
3e3ea1bdd8 CVE-2015-5370: s4:librpc/rpc: use a local auth_info variable in ncacn_push_request_sign()
We should avoid using the global dcecli_security->auth_info struct for
individual requests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
8f6cffcb3c CVE-2015-5370: s4:librpc/rpc: use auth_context_id = 1
In future we want to verify that the auth_context_id from the server
is what we expect.

As Samba (<= 4.2.3) use a hardcoded value of 1 in responses, we
need to use that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
27da35f8df CVE-2015-5370: s4:librpc/rpc: maintain dcecli_security->auth_{type,level,context_id}
This will simplify the following commits and avoids dereferencing
dcecli_security->auth_info.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
335b3cee5c CVE-2015-5370: s4:librpc/rpc: send a dcerpc_sec_verification_trailer if needed
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
521316d749 CVE-2016-2118: s4:rpc_server/samr: allow _samr_ValidatePassword only with PRIVACY...
This requires transport encryption.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
5c9b10df18 CVE-2016-2118: s4:rpc_server/rpcecho: allow DCERPC_AUTH_LEVEL_CONNECT by default
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
4dbf6f80b8 CVE-2016-2118: s4:rpc_server/mgmt: allow DCERPC_AUTH_LEVEL_CONNECT by default
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
b6b726ca84 CVE-2016-2118: s4:rpc_server/epmapper: allow DCERPC_AUTH_LEVEL_CONNECT by default
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
ea3f14c3f8 CVE-2016-2118: s4:rpc_server/netlogon: reject DCERPC_AUTH_LEVEL_CONNECT by default
This prevents man in the middle downgrade attacks.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
398a21c57c CVE-2016-2118: s4:rpc_server/samr: reject DCERPC_AUTH_LEVEL_CONNECT by default
This prevents man in the middle downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
fcdd15a93f CVE-2016-2118: s4:rpc_server/lsa: reject DCERPC_AUTH_LEVEL_CONNECT by default
This prevents man in the middle downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
991dddd06d CVE-2016-2118: s4:rpc_server: make use of "allow dcerpc auth level connect"
With this option turned off we only allow DCERPC_AUTH_LEVEL_{NONE,INTEGRITY,PRIVACY},
this means the reject any request with AUTH_LEVEL_CONNECT with ACCESS_DENIED.

We sadly need to keep this enabled by default for now.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
9085300e90 CVE-2016-2118: s4:librpc: use integrity by default for authenticated binds
ncacn_ip_tcp:server should get the same protection as ncacn_np:server
if authentication and smb signing is used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
e9a51ad590 CVE-2016-2118: s4:rpc_server/dnsserver: require at least DCERPC_AUTH_LEVEL_INTEGRITY
This matches windows and prevents man in the middle downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
c32548fecb CVE-2016-2118: s4:rpc_server/backupkey: require DCERPC_AUTH_LEVEL_PRIVACY
This is required for the whole interface (which has just one opnum for now).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
80dae9afda CVE-2016-2118: s4:rpc_server/drsuapi: require DCERPC_AUTH_LEVEL_PRIVACY
This matches windows and prevents man in the middle downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
51aa7bd311 CVE-2016-2118: s4:rpc_server: make it possible to define a min_auth_level on a presentation context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:27 +02:00
Ralph Boehme
b720575f16 CVE-2016-2115: s3:libsmb: add signing constant SMB_SIGNING_IPC_DEFAULT
SMB_SIGNING_IPC_DEFAULT must be used from s3 client code when opening
RPC connections.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-04-12 19:25:26 +02:00
Stefan Metzmacher
b6debbcfec CVE-2016-2115: s4:librpc/rpc: make use of "client ipc *" options for ncacn_np
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-04-12 19:25:26 +02:00
Stefan Metzmacher
68d6c10e5e CVE-2016-2115: s4:libcli/raw: pass the minprotocol to smb_raw_negotiate*()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-04-12 19:25:26 +02:00
Stefan Metzmacher
57f0b0c6c0 CVE-2016-2115: s4:libcli/raw: limit maxprotocol to NT1 in smb_raw_negotiate*()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-04-12 19:25:26 +02:00
Stefan Metzmacher
5721234328 CVE-2016-2115: s4:libcli/smb2: use the configured min_protocol
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-04-12 19:25:26 +02:00
Stefan Metzmacher
35ce75ec9e CVE-2016-2115: s4:libcli/raw: add smbcli_options.min_protocol
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-04-12 19:25:26 +02:00
Stefan Metzmacher
44dd523d6c CVE-2016-2114: s4:smb2_server: fix session setup with required signing
The client can't sign the session setup request...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11687

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
942e4ed851 CVE-2016-2113: selftest: test all "tls verify peer" combinations with ldaps
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
45ff760cf3 CVE-2016-2113: s4:librpc/rpc: verify the rpc_proxy certificate and hostname if configured
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
4b679c350a CVE-2016-2113: s4:libcli/ldap: verify the server certificate and hostname if configured
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
e72b2c94b5 CVE-2016-2113: s4:selftest: explicitly use '--option="tlsverifypeer=no_check" for some ldaps tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
64a9cd2a38 CVE-2016-2113: s4:lib/tls: implement infrastructure to do peer verification
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
b5681c4125 CVE-2016-2113: s4:lib/tls: create better certificates and sign the host cert with the ca cert
The generated ca cert (in ca.pem) was completely useless,
it could be replaced by cert.pem.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
2b40fb8509 CVE-2016-2112: s4:selftest: run some ldap test against ad_dc_ntvfs, fl2008r2dc and fl2003dc
We want to test against all "ldap server require strong auth" combinations.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
c5c5735c1f CVE-2016-2112: s4:selftest: run samba4.ldap.bind against fl2008r2dc
This uses "ldap server require strong auth = no".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
28f1af7e50 CVE-2016-2112: s4:ldap_server: implement "ldap server require strong auth" option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
dedba1f070 CVE-2016-2112: s4:ldap_server: reduce scope of old_session_info variable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:25 +02:00
Stefan Metzmacher
98ff297ed0 CVE-2016-2112: s4:selftest: use --option=clientldapsaslwrapping=plain for plain connections
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
05692ec958 CVE-2016-2112: s4:libcli/ldap: auto upgrade to SIGN after STRONG_AUTH_REQUIRED
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
1da744b2f9 CVE-2016-2112: s4:libcli/ldap: make sure we detect downgrade attacks
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
ed863ef46a CVE-2016-2112: s4:libcli/ldap: honour "client ldap sasl wrapping" option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
70452c90a5 CVE-2016-2111: s4:smb_server: implement "raw NTLMv2 auth" checks
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
a711399d30 CVE-2016-2111: s4:libcli: don't send a raw NTLMv2 response when we want to use spnego
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
894aad5f71 CVE-2016-2111: s4:param: use "client use spnego" to initialize options->use_spnego
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
c985ffd884 CVE-2016-2111: s4:libcli: don't allow the LANMAN2 session setup without "client lanman auth = yes"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
f10589c0e1 CVE-2016-2111: s4:torture/base: don't use ntlmv2 for dos connection in base.samba3error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
bbb066a12a CVE-2016-2111: s4:torture/raw: don't use ntlmv2 for dos connection in raw.samba3badpath
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
fb20f135f0 CVE-2016-2111: s4:rpc_server/netlogon: check NTLMv2_RESPONSE values for SEC_CHAN_WKSTA
This prevents spoofing like Microsoft's CVE-2015-0005.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:24 +02:00
Stefan Metzmacher
847192d493 CVE-2016-2111: s4:torture/rpc: fix rpc.pac ntlmv2 test
The computer name of the NTLMv2 blob needs to match
the schannel connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:23 +02:00
Stefan Metzmacher
5adad299c2 CVE-2016-2111: s4:torture/rpc: fix rpc.samba3.netlogon ntlmv2 test
The computer name of the NTLMv2 blob needs to match
the schannel connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:23 +02:00
Stefan Metzmacher
5fe7085e3b CVE-2016-2111: s4:rpc_server/netlogon: require DCERPC_AUTH_LEVEL_PRIVACY for validation level 6
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:23 +02:00
Stefan Metzmacher
afe48e960b CVE-2016-2111: s4:rpc_server: implement 'server schannel = yes' restriction
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:23 +02:00
Stefan Metzmacher
4c4829634f CVE-2016-2110: libcli/auth: pass server_timestamp to SMBNTLMv2encrypt_hash()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:23 +02:00
Stefan Metzmacher
bbaba64329 CVE-2016-2110: auth/credentials: pass server_timestamp to cli_credentials_get_ntlm_response()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:23 +02:00
Jorge Schrauwen
94f31295b1 configure: Don't check for inotify on illumos
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11816
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-06 00:15:17 +02:00
Douglas Bagnall
9efb5bb8ae VLV: avoid name conflict with string.h's index()
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Wed Mar 30 14:26:51 CEST 2016 on sn-devel-144
2016-03-30 14:26:51 +02:00
Douglas Bagnall
82258aa2a6 s4/lib/wmi_wrap: use HAVE___ATTRIBUTE__ instead of __GNUC__
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-03-24 15:13:15 +01:00
Andreas Schneider
c027e3d608 s4-libnet: Link dckeytab.so correctly when is AD DC enabled
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Mar 24 15:12:21 CET 2016 on sn-devel-144
2016-03-24 15:12:21 +01:00
Günther Deschner
725bef6f58 s4:torture:smb2:rename.c: Fix file permissions.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 24 06:33:03 CET 2016 on sn-devel-144
2016-03-24 06:33:03 +01:00
Alexander Bokovoy
acdfa98ac0 s4-libnet: only build python-dckeytab module for Heimdal in AD DC mode
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>

Autobuild-User(master): Uri Simchoni <uri@samba.org>
Autobuild-Date(master): Wed Mar 23 23:43:51 CET 2016 on sn-devel-144
2016-03-23 23:43:51 +01:00
Volker Lendecke
fb381d885b torture: Fix the O3 developer build
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 22 22:48:52 CET 2016 on sn-devel-144
2016-03-22 22:48:52 +01:00
Douglas Bagnall
66c5082952 dsdb python tests: fix several usage strings
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-22 08:00:31 +01:00
Douglas Bagnall
52975b046c dsdb sort test: avoid exception with fewer elements
The FIENDISH_TESTS list has 33 members, and when the number of
elements being tested is less than that (because you run the script
with, say, --elements=20) some will have a zero count. A recent fix
for Python 2.6 didn't take these possible zeros into account.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-22 08:00:31 +01:00
Douglas Bagnall
0edb3da532 ldb sort tests: point out a known fails against Windows
It seems that Windows 2012R2 has issues ordering attributes with the
"generalized time" syntax (2.5.5.11), and that these show up in our
tests when the number of elements exceeds 27. As far as I can tell
there is no logic to the results after that point.

To avoid failures, use the --elements option, like this:

python source4/dsdb/tests/python/sort.py --elements=25

Against Samba this makes no difference because we don't fail.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-22 08:00:31 +01:00
Douglas Bagnall
79c58c2543 Implement Virtual List View (VLV)
VLV is a more sophisticated version of a paged searches that allows
you to ask for arbitrary windows in a previously performed sorted
search. If clients use VLV correctly the original search will not be
repeated.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-22 08:00:31 +01:00
Garming Sam
cd594a3cb3 sort: enable custom behaviour on critical control
The sort module should simply return unsorted results when a sort is
unsupported but not critical. A similar custom behaviour should be
expected with VLV pagination when it is enabled.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-22 08:00:31 +01:00
Michael Adam
e9586a653c torture:smb2: add durable-v2-open.reopen1a-lease
Lease variant of the reopen1a test which tests the
relevance of the client guid.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 22 03:47:02 CET 2016 on sn-devel-144
2016-03-22 03:47:02 +01:00
Michael Adam
b853040d5f torture:smb2: for oplocks, durable reconnect works with different client-guid
for durable-v2-open.reopen1a

Try both different and original client guid.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:22 +01:00
Michael Adam
cd22980875 torture:smb2: get rid of supefluous io2 var in durable-v2-open.reopen1a
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:22 +01:00
Michael Adam
b0f592d05f torture:smb2: fix crashes in smb2.durable-v2-open.reopen1a test
If the test failed too early, we dereferenced tree2 which
was still NULL.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:22 +01:00
Michael Adam
186cd70829 torture:smb2: use assert, not warning in error case in durable-v2-open.reopen1a
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:22 +01:00
Michael Adam
3e90abe670 torture:smb2: add durable-open.reopen1a-lease
Lease variant of the reopen1a test which tests the
relevance of the client guid.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:22 +01:00
Michael Adam
7b557617e4 torture:smb2: for oplocks, durable reconnect works with different client guid
in durabble-open.reopen1a test

Try both original and a different client guid.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:22 +01:00
Michael Adam
505546be57 torture:smb2: durable-open.reopen1a only needs one io struct
Using two is confusing.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:21 +01:00
Michael Adam
37c05f4ade torture:smb2: fix crashes in smb2.durable-open.reopen1a test
If the test failed too early, we dereferenced tree2 which
was still NULL.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:21 +01:00
Michael Adam
b7186a00bb torture:smb2: use assert, not warning in error case in durable-open.reopen1a
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:21 +01:00
Anubhav Rakshit
e095a61c4b torture:smb2: Add test replay6 to verify Error Codes for DurableHandleReqV2 replay
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:21 +01:00
Günther Deschner
2b799880b9 torture:smb2: add test for checking sequence number wrap around.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-22 00:23:21 +01:00
Stefan Metzmacher
e8e2386bf6 s4:selftest: run rpc.netlogon.admin also over ncalrpc and ncacn_ip_tcp
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 18 12:39:51 CET 2016 on sn-devel-144
2016-03-18 12:39:51 +01:00
Günther Deschner
fe93a09889 s4-smb_server: check for return code of cli_credentials_set_machine_account().
We keep anonymous server_credentials structure in order to let
the rpc.spoolss.notify start it's test server.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Günther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2016-03-17 17:17:16 +01:00
Stefan Metzmacher
31f07d0562 s4:rpc_server: require access to the machine account credentials
Even a standalone server should be selfjoined.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-17 17:17:16 +01:00
Stefan Metzmacher
733ccd1320 s4:torture/rpc/schannel: don't use validation level 6 without privacy
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-17 17:17:16 +01:00
Stefan Metzmacher
50581689d9 s4:torture/rpc: correctly use torture_skip() for test_ManyGetDCName() without NCACN_NP
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-17 17:17:16 +01:00
Stefan Metzmacher
050a1d0653 s4:torture/rpc/samlogon: use DCERPC_SEAL for netr_LogonSamLogonEx and validation level 6
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-17 17:17:16 +01:00
Stefan Metzmacher
26e5ef6818 s4:torture/rpc/samr: use DCERPC_SEAL in setup_schannel_netlogon_pipe()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-17 17:17:16 +01:00
Stefan Metzmacher
1a7d8b8602 s4:torture/netlogon: add/use test_SetupCredentialsPipe() helper function
This create a schannel connection to netlogon, this makes the tests
more realistic.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-17 17:17:16 +01:00
Andreas Schneider
abfa8e335c mit-kdb: Add missing SDB_F_FOR_AS_REQ for AS requests
This correctly handles enterprise principals and ticket renewal.

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Mar 17 07:57:49 CET 2016 on sn-devel-144
2016-03-17 07:57:49 +01:00
Andreas Schneider
859c625c82 mit-kdb: Fix segfault in krb5kdc dereferencing an invalid pointer
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:29 +01:00
Andreas Schneider
bb72aec13f mit-kdb: Add support for KDB version 8
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:29 +01:00
Andreas Schneider
b0f2165901 mit-kdb: Add support for bad password count
This fixes the samba4.ldap.password_lockout.python test.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:29 +01:00
Günther Deschner
05cc9b0af9 mit-kdb: Restrict admin/changepw principal db_entry with some flags
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:29 +01:00
Günther Deschner
b76cf191d9 mit-kdb: Return 0 in kdb_samba_db_put_principal()
This allows the kadmin server to assume an update of a db_entry has
succeeded (while in fact the update_pwd call did the update already).

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:29 +01:00
Andreas Schneider
5a6819dbee mit-kdb: Implement KDB function to change passwords
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:29 +01:00
Günther Deschner
f5e86db147 mit-kdb: Use calloc to initialize master keylists.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:29 +01:00
Andreas Schneider
fab9fe0177 mit-kdb: Add ks_get_admin_principal() and use it for kadmin users.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:29 +01:00
Andreas Schneider
5a4e3adbda mit-kdb: Add ks_create_principal().
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:29 +01:00
Andreas Schneider
742b4c3da8 mit-kdb: Do not allow to get a kadmin ticket as a client.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Andreas Schneider
e13e9c54f5 mit-kdb: Add more ks_is_kadmin* functions.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Günther Deschner
d787d35d97 mit-kdb: Use calloc so both authdata elements are zeroed
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Günther Deschner
1b6a085b7f mit-kdb: Do not overwrite the error code in failure case.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Andreas Schneider
ade958e20b mit-kdb: Add initial MIT KDB Samba driver
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Simo Sorce <idra@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Andreas Schneider
4865867f59 mit_samba: Setup logging to stdout
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Andreas Schneider
23c249a88b mit_samba: Add function for handling bad password count
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Andreas Schneider
9734b5d9ed mit_samba: Add functions to generate random password and salt.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Andreas Schneider
909e7f9ff6 mit_samba: Add function to change the password
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Andreas Schneider
77cec013c3 mit_samba: Add ks_is_tgs_principal()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Günther Deschner
859a6fba0b mit_samba: Use talloc_zero in mit_samba_context_init().
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Andreas Schneider
597772dbd2 mit_samba: Directly pass the principal and kflags
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:28 +01:00
Andreas Schneider
33fcc76aa7 mit_samba: Make mit_samba a shim layer between Samba and KDB
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:27 +01:00
Günther Deschner
209d4b5b28 mit_samba: Use sdb in the mit_samba plugin
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:27 +01:00
Günther Deschner
6825a61b0b s4-kdc: Introduce a simple sdb_kdb shim layer
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-17 04:32:27 +01:00
Garming Sam
7b431eba22 build: mark explicit dependencies on pytalloc-util
All subsystems that include pytalloc.h need to link against
pytalloc-util.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11789

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Tue Mar 15 07:08:16 CET 2016 on sn-devel-144
2016-03-15 07:08:16 +01:00
Garming Sam
e8e0ffcc49 tests: Allow alternative error code for backupkey test
It appears that incorrect decryption triggers a different error code,
causing a test which fails every now and again, as sometimes the invalid
data will parse as a SID, and so pass one of the checks.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Mar 14 03:55:16 CET 2016 on sn-devel-144
2016-03-14 03:55:16 +01:00
Andrew Bartlett
6ecfc4cb25 dsdb/repl: Ensure we use the LOCAL attid value, not the remote one
The key here is that while this never was an issue for builtin schema,
nor for objects with an msDS-IntID used outside the schema partition,
additional attributes added and used in the schema partition were
incorrectly using the wrong attributeID value in the replPropertyMetaData.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11783

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sun Mar 13 23:29:14 CET 2016 on sn-devel-144
2016-03-13 23:29:14 +01:00
Stefan Metzmacher
4335371323 s4:torture/lsa: improve debug message
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-13 20:10:33 +01:00
Stefan Metzmacher
7b4ad69b59 s4:dsdb/test/sort: avoid 'from collections import Counter'
This is only available in python 2.7 and >= 3.1

This should fix make test with python 2.6.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-11 22:58:18 +01:00
Stefan Metzmacher
1a315bec27 s4:dsdb/test/notification: make test_invalid_filter more resilient against ordering races
We saw a lot of flapping tests with:

    [1793(11038)/1892 at 1h55m26s]
    samba4.ldap.notification.python(ad_dc_ntvfs)(ad_dc_ntvfs)
    UNEXPECTED(failure):
    samba4.ldap.notification.python(ad_dc_ntvfs).__main__.LDAPNotificationTest.test_max_search(ad_dc_ntvfs)
    REASON: Exception: Exception: Traceback (most recent call last):
      File
    "/memdisk/autobuild/fl/b1782183/samba/source4/dsdb/tests/python/notification.py",
    line 181, in test_max_search
        self.assertEquals(num, ERR_TIME_LIMIT_EXCEEDED)
    AssertionError: 11 != 3

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-11 22:58:18 +01:00