1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

35830 Commits

Author SHA1 Message Date
Samuel Cabrero
c12914c669 selftests: Place credential cache file inside environment directory
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-29 18:10:09 +00:00
Andreas Schneider
bbef26860d s4:dsdb: Use C99 initializer in dsdb util_trusts
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-29 16:04:28 +00:00
Andreas Schneider
fefb84b5b1 s4:heimdal: Disable format truncation warnings
We build that code and do not treat warnings as errors anyway,
so just disable format truncation.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-04-25 10:47:16 +00:00
Andrew Bartlett
c36d743fe3 selftest: Move simple-dc-steps.sh to correct folder
This script helps re-create the environment for the dbcheck-oldrelease.sh links test.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2019-04-23 01:06:21 +00:00
Sachin Prabhu
ef35d4d8cd s4-torture: add test to check for max. number of channels per session.
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Apr 19 18:26:18 UTC 2019 on sn-devel-144
2019-04-19 18:26:18 +00:00
Sachin Prabhu
7a4dad60ab s4-torture: Add lease break retry tests - test4
Test to see how the server behaves when the client flushes data back to
the server but doesn't send the lease break response over the channel.
Does it then retry the lease break?

This test is specifically expected to run against Samba and will not
work against a MS Windows servers because it uses the ignore method to
ignore oplock breaks sent by the server.

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:14 +00:00
Sachin Prabhu
befac485a5 s4-torture: Add lease break retry tests - test3
Check to see how the server behaves if lease break response is sent
over a different channel to one over which the break is received.

The test by default blocks channels by ignoring incoming lease break
requests on that channel. This does not work when testing against a
windows server.
Use --option=torture:use_iptables=true to use iptables to block ports
instead when testing against windows servers.

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:14 +00:00
Sachin Prabhu
63b4b4ce12 s4-torture: Add lease break retry tests - test2
Test to check if lease breaks are sent by the server as expected.

The test by default blocks channels by ignoring incoming lease break
requests on that channel. This does not work when testing against a
windows server.
Use --option=torture:use_iptables=true to use iptables to block ports
instead when testing against windows servers.

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:14 +00:00
Sachin Prabhu
311c024b4c s4-torture: Add lease break retry tests - test1
Test to check if lease breaks are sent by the server as expected.

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:14 +00:00
Sachin Prabhu
ee0a247a9b s4-torture: Add oplock break retry tests - test2
Test to see if oplock break retries are sent by the server.
Also checks to see if new channels can be created and used
after an oplock break retry.

The test by default blocks channels by ignoring incoming lease break
requests on that channel. This does not work when testing against a
windows server.
Use --option=torture:use_iptables=true to use iptables to block ports
instead when testing against windows servers.

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:14 +00:00
Sachin Prabhu
31c9b74d7a s4-torture: Add oplock break retry tests - test1
Test to confirm that server sends oplock breaks as expected.

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:14 +00:00
Sachin Prabhu
3dc532cbe0 s4-torture: Add handlers to block channels for testing
We use two methods to block channels

1) Simply ignore incoming oplock break requests and do not respond to
them.
This method doesn't work against Microsoft Windows based servers which
rely on the tcp stack for confirmation that the oplock break command was
sent to the client machine. This is meant to be used with samba servers
and is the default method.

2) Use iptables to block the channel.
The method requires the use of a privileged account and can only be used
on Linux systems with iptables installed. To use this blocking method,
pass the option
--option=torture:use_iptables=true

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:13 +00:00
Sachin Prabhu
018845d49c s4-torture: Add helper functions to create channels.
Helper functions used by both oplock and lease break tests.

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:13 +00:00
Sachin Prabhu
2a5b0d5bb9 s4-torture: Add #defines required by the new tests
New macros used by our tests.

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:13 +00:00
Günther Deschner
0d7d607035 s4-torture: add torture_block/torture_unblock smb2 transport functions
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:13 +00:00
Günther Deschner
1739468cd9 s4-torture: add test for interface information retrieval for multichannel.
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:13 +00:00
Sachin Prabhu
f115b53c72 s4-torture: Increase timeout for lease/oplock break handlers
0.1 seconds is not enough when running tests against a server over the
network and are causing timing related bugs. We increase this to 1
second.

Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:13 +00:00
Sachin Prabhu
4e685895ea s4-torture: Add handlers to ignore incoming oplock/lease break requests
For use in multichannel oplock break tests. These handers ignore
incoming oplock and lease break requests so that we can test the
oplock/lease break retries on the server.

This is meant for use with samba servers which rely on receiving a reply
from the client before timeout.
Windows servers rely on underlying tcp commands to decide if the oplock
break command was delivered successfully to the client and therefore
cannot be tested with this method.

Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:13 +00:00
Sachin Prabhu
e1a96b1a5c s4-torture: Add function declarations to lease_break_handler.h
Do not completely depend on proto.h.

Also move torture_reset_break_info() to lease_break_handler.h so that
the layout is similar to that of oplock_break_handler.*

Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:12 +00:00
Sachin Prabhu
aa28477bbe s4-torture: move torture_wait_for_oplock_break() to central oplock handler.
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:12 +00:00
Günther Deschner
7a73c56907 s4-torture: move oplock break handler out of the replay testsuite.
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:12 +00:00
Günther Deschner
8274303f30 s4-torture: add new smb2 multichannel suite skeleton.
Also Skip MC tests for s4 ntvfs fileserver, it's not supported at all.
Use knownfail for s3 fileserver for the time being (until socketwrapper
supports fd-passing).

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:12 +00:00
Günther Deschner
1492243897 s4-torture: include torture/util.h in lease break handler
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-19 17:27:12 +00:00
Garming Sam
bfd762b53a selftest: rename schemaupgrade_dc (+pair) to schema_dc
This is needed because the name of the autobuild job and
the name of the selftest env end up in the socket path
for ncalrpc sockets.

The challenge is that (for example)
/memdisk/autobuild/fl/b2424063/samba-schemaupgrade/bin/ab/schemaupgrade_pair_dc/ncalrpc/np/protected_storage
does not fit in a struct sockaddr_un.

Signed-off-by: Garming Sam <garming@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Apr 12 05:41:36 UTC 2019 on sn-devel-144
2019-04-12 05:41:36 +00:00
Swen Schillig
5ff48f64cd source4: Update error check for new string conversion wrapper
The new string conversion wrappers detect and flag errors
which occured during the string to integer conversion.
Those modifications required an update of the callees
error checks.

Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2019-04-11 22:29:27 +00:00
Aaron Haslett
5d8895f347 repl: test for schema object and LA repl across chunks
During replication, transmission of objects and linked attributes are
split into chunks.  These two tests check behavioural consistency across
chunks for regular schema objects and linked attributes.

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2019-04-11 04:17:11 +00:00
Aaron Haslett
350fc49e94 selftest: tagging tests for new schemaupgrade_dc target
Tagging schema tests against schemaupgrade_dc test target and fixing
some DN assertions to be more generic.

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2019-04-11 04:17:11 +00:00
Stefan Metzmacher
661dc45741 dsdb/repl: we need to replicate the whole schema before we can apply it
Otherwise we may not be able to construct a working schema that's
required to apply the changes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12204

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2019-04-11 04:17:10 +00:00
Aaron Haslett
b7c1752754 dsdb:samdb: schemainfo update with relax control
Currently schema info's revision field isn't incremented if relax
control is present.  This is so that no increment is done during
provision, but we need the relax control in other situations where
the increment is desired, so we should use the provision control instead
to disable schema info update.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13799

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2019-04-11 04:17:10 +00:00
Stefan Metzmacher
5ea84af2d6 s4:provision: split out provision_self_join_modify_schema.ldif
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13799

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2019-04-11 04:17:10 +00:00
Aaron Haslett
e34abefb77 samdb: test for schemainfo update with relax control
Currently schema info's revision field isn't incremented if relax
control is present.  This is so that no increment is done during
provision, but we need the relax control in other situations where the
increment is desired.  This patch adds a failing test to expose the
problem.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13799

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2019-04-11 04:17:09 +00:00
Tim Beale
0c8ad9c9db CVE-2019-3870 tests: Add test to check file-permissions are correct after provision
This provisions a new DC and checks there are no world-writable
files in the new DC's private directory.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13834

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-08 10:27:34 +00:00
Aaron Haslett
18438c8af2 ldb: tests for <= and >= integer indexing
Testing max, min and negative values for indexed 32 and 64 bit types.
This has to be done in two different files because the 64 bit type is
LDB_SYNTAX_INTEGER which is implemented at the ldb level, while the 32
bit is added in the ldb-samba module.  Schema syntax binding added for
ldb-samba.

We also need to make sure that full scans are not invoked for LMDB.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-08 02:07:23 +00:00
Garming Sam
6062d7241d ldb: Add ORDERED_INTEGER to the proto-schema handling
Adding ordered integer proto schema handling in kv index cache.  This
allows ordered 64 bit integers to be used in cached fields like
@ATTRIBUTES

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-08 02:07:23 +00:00
Aaron Haslett
c9b2a37268 ldb: activating <= and >= indexing for integers
Activating <= and >= mdb indexing in samba for int32 and int64 attributes by:
1. Adding index_format_fn to LDB_SYNTAX_SAMBA_INT32 in ldb_samba
2. Cloning the 64bit LDB_SYNTAX_INTEGER type as LDB_SYNTAX_ORDERED_INTEGER
3. Adding index_format_fn to the new type
4. Modifying LargeInteger use the new type in samba schema
5. Bumping the index version to trigger reindexing

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-08 02:07:23 +00:00
Garming Sam
fc2e521a5e libnet vampire: NULL access bug fix
NULL pointer access bug fix

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-08 02:07:22 +00:00
Douglas Bagnall
c5f7b07ad2 dsdb/modules: minor comment typos in samba_dsdb
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-05 04:41:25 +00:00
Douglas Bagnall
927a5e3c9d dsdb mods/extended_dn_store: used the ldb we already have
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-05 04:41:25 +00:00
Douglas Bagnall
c078ea7828 spell "recursive"
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-05 04:41:25 +00:00
Philipp Gesang
d01c5bc9fb provision: use ASCII quotes
Remove some Unicode quotes that cause problems under the C
locale.

Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2019-04-03 10:11:49 +00:00
Michael Hanselmann
29d7c80ee4 oLschema2ldif: Resolve multiple parsing bugs
The "oLschema2ldif" program contained multiple bugs triggered by
malformed inputs:

* Iteration beyond list of recognized dsdb syntax OIDs when value wasn't
  found (bug 9567)
* NULL pointer dereference when input didn't define a name
* Heap buffer overflows for unterminated token values

Tests are added to reproduce all identified bugs.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9567

Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Then adapted to use ARRAY_SIZE() consistently as suggested by
metze.

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Apr  3 02:43:07 UTC 2019 on sn-devel-144
2019-04-03 02:43:07 +00:00
Mathieu Parent
4ae2fb2e74 Relax GPGME version check
The current method require at least the same version as during the build. This is not needed.

Used symbols indicate the minimum is 1.2.0

Bug-Debian: http://bugs.debian.org/886333

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13880

Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2019-04-03 01:40:22 +00:00
Björn Baumbach
3378a561ef s4:rpc_server: add missing newline to error debug message
Signed-off-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr  3 00:13:10 UTC 2019 on sn-devel-144
2019-04-03 00:13:10 +00:00
Joe Guo
9314bd0b25 samba_dnsupdate: small tweaks to make code more pythonic
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2019-04-02 16:09:25 +00:00
Mathieu Parent
720396f0fb Spelling fix s/informations/information/
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2019-04-02 01:12:10 +00:00
Volker Lendecke
c05ff617cc libsmb: Make "struct smb2_lock_element" generally usable
This struct will be of interest when we add locking capabilities to
libcli/smb/smb2cli*

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-01 17:58:17 +00:00
Volker Lendecke
aac203907f libsmb: Rename InfoType from [MS-SMB2] according to the spec
This makes it easier to find this via internet search

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-01 17:58:16 +00:00
Garming Sam
a2b1970a37 acl_read: Fix regression caused by db15fcfa89 for empty lists
The original code never dereferenced attrs and only added "*" if attrs
was NULL (not if attrs[0] was NULL).

This causes significant performance issues with the new paged_results
module introduced for 4.10 as the initial GUID search requests no
attributes. This GUID search turns into a search for "*" and ends up
allocating memory for the entire database.

This never appears to cause changes in the final result set, only
intermediate processing.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13836

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 29 18:37:29 UTC 2019 on sn-devel-144
2019-03-29 18:37:29 +00:00
Aaron Haslett
24efa3ca53 ldb: cmocka test for empty attributes bug
Cmocka test exposing LDB bug where a request with an empty attributes
list returns a response containing all attributes.  The bug is in the
ACL module and will be fixed in the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13836

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-29 17:29:31 +00:00
Aaron Haslett
7f1b6455fd paged_search: perf testing paged search
Adding medley performance run with paged search module.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13836

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-29 17:29:31 +00:00