samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00

Author	SHA1	Message	Date
Günther Deschner	cc3afec55d	s4-torture: add some more tests for witness_AsyncNotify and RegisterEx with different timeouts. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-03 02:00:27 +02:00
Günther Deschner	6e9c678c8b	s4-torture: make setup of the clusapi pipe non-critical in witness test. Samba currently does not implement clusapi. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-03 02:00:27 +02:00
Günther Deschner	9cdb69c8dd	s4-torture: minor cleanup in test_witness_Register(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-03 02:00:27 +02:00
Günther Deschner	1b70b1aa28	s4-torture: open a clusapi connection to get list of cluster nodes, etc. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>	2015-07-03 02:00:27 +02:00
Ralph Boehme	c6e044ea33	s4:torture:vfs_fruit: check offset and length when reading AFP_AfpInfo stream Bug: https://bugzilla.samba.org/show_bug.cgi?id=11363 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Fri Jul 3 01:47:29 CEST 2015 on sn-devel-104	2015-07-03 01:47:28 +02:00
Volker Lendecke	7829395926	dsdb: Rename a parameter Coverity was confused by the 'seq_num' variable as an argument for the 'local_usn' parameter, where also a 'seq_num' parameter exists. Doesn't hurt, and if it kills a Coverity warning, why not... Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Wed Jul 1 14:09:14 CEST 2015 on sn-devel-104	2015-07-01 14:09:14 +02:00
Volker Lendecke	e1a87d8676	libldap: Fix CID 1308982 Unchecked return value from library Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 1 00:11:41 CEST 2015 on sn-devel-104	2015-07-01 00:11:41 +02:00
Douglas Bagnall	bbb18875dc	Avoid segfault in durable_open tests There are "goto done"s hiding in CHECK_STATUS in parts of the code where tree1 is unequivocally NULL. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jun 26 05:12:02 CEST 2015 on sn-devel-104	2015-06-26 05:12:02 +02:00
Andrew Bartlett	c31c30043b	s4-winbindd: Remove the winbind rewrite from the samba4 effort This winbind implementation is undermaintained, out of date and not the future of even the AD DC, let alone any other purpose. Removing it will reduce our security and bug exposure on this off by default subsystem Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 24 22:34:57 CEST 2015 on sn-devel-104	2015-06-24 22:34:57 +02:00
Andrew Bartlett	45b7992428	Allow winbind removal by matching delays to Samba3.pm When using winbindd with the ntvfs file server, the responses are faster than they were in the past. Therefore, set: posix:sharedelay = 100000 posix:writetimeupdatedelay = 500000 to the values used in Samba3.pm to allow the tests to pass against the NTVFS file server without the internal winbind. This allows the internal winbind to be removed. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-24 19:33:23 +02:00
Douglas Bagnall	225d701546	correct sense of macro variable name in SMB2 durable open test Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 24 08:54:23 CEST 2015 on sn-devel-104	2015-06-24 08:54:23 +02:00
Douglas Bagnall	69e511e478	Avoid casting pointer to unsigned long long for NULL check This allows compilation on i386 with -WError. Otherwise we see this: ../source4/torture/smb2/durable_open.c:41:23: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast] __location__, #v, (unsigned long long)v, (unsigned long long)correct); \ because the pointer is 32 bits, while long long is 64. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 06:04:10 +02:00
Stefan Metzmacher	fa4f4fed2e	s4:gensec/gssapi: make use of add gssapi_get_sig_size() and gssapi_{seal,unseal,sign,check}_packet() helper functions This way are able to support GENSEC_FEATURE_SIGN_PKT_HEADER also together with GENSEC_FEATURE_SEAL. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 24 04:00:43 CEST 2015 on sn-devel-104	2015-06-24 04:00:43 +02:00
Stefan Metzmacher	f643677d3f	s3:librpc/gse: make use of add gssapi_get_sig_size() and gssapi_{seal,unseal,sign,check}_packet() helper functions This way are able to support GENSEC_FEATURE_SIGN_PKT_HEADER. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:17 +02:00
Stefan Metzmacher	c245d4f33e	heimdal:lib/gssapi/krb5: implement gss_[un]wrap_iov[_length] with arcfour-hmac-md5 Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	571a05c649	heimdal:lib/gssapi/krb5: split out a arcfour_mic_cksum_iov() function Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	688c537ab1	heimdal:lib/gssapi/krb5: add const to arcfour_mic_key() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	3269ebfcbf	heimdal:lib/gssapi/krb5: clear temporary buffer with cleartext data. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	01350c76ad	heimdal:lib/gssapi/krb5: fix indentation in _gk_wrap_iov() Now it matches _gk_unwrap_iov() and _gk_wrap_iov_length(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	9414d9867c	heimdal:lib/gssapi/krb5: make _gssapi_verify_pad() more robust Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	3b9e5cfd23	s4:selftest: add torture:run_removedollar_test=true to the machine account kdc tests Bug: https://bugzilla.samba.org/show_bug.cgi?id=11130 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	0ba6e0dc2a	s4:torture/krb5: add a --option=torture:run_removedollar_test=true option to kdc-conon With this option a machine account is tested without the trailing '$' in the account name. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11130 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	65355d694c	s4:selftest: run samba4.rpc.lsa.secrets with more principal combinations 'dcom/SERVER', 'SERVER$' and 'SERVER' as target principal names. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11130 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	61de10240e	s4:kdc/db-glue: allow principals in form of computer@EXAMPLE.COM This should be translated to computer$@EXAMPLE.COM. Note the behavior differs between client and server lookup. In samba_kdc_lookup_client() we need to fallback in case of NO_SUCH_USER. samba_kdc_lookup_server() needs to do a single search and only use the result if it's unique. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11130 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Stefan Metzmacher	ccb6495445	s4:kdc/db-glue: fix memory leak in samba_kdc_lookup_server() We need to free enterprise_principal if generated. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-24 01:03:16 +02:00
Volker Lendecke	a924399b91	dsdb: Fix CID 1034902 Dereference before null check Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 24 01:02:22 CEST 2015 on sn-devel-104	2015-06-24 01:02:22 +02:00
Volker Lendecke	8253549264	dsdb: Fix CID 1034687 Logically dead code Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:09 +02:00
Volker Lendecke	7613174e7b	dsdb: Fix CID 1034719 Evaluation order violation We assigned lp_ctx twice... Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:09 +02:00
Volker Lendecke	d09d428c5e	dsdb: Fix CID 1034802 Dereference null return value Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:09 +02:00
Volker Lendecke	22d4d91649	dsdb: Fix CID 1034742 Dereference after null check Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:09 +02:00
Volker Lendecke	5c30ed470d	dsdb: Fix CID 1034743 Dereference after null check Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:09 +02:00
Volker Lendecke	77c6cdcbd5	dsdb: Fix CID 1034803 Dereference null return value Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:09 +02:00
Volker Lendecke	6ed5b4ec8b	dsdb: Fix CID 1034804 Dereference null return value Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:09 +02:00
Volker Lendecke	4b80851568	dsdb: Fix CID 1034745 Dereference after null check This is a cut&paste error Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:09 +02:00
Stefan Metzmacher	37041e4158	s4:auth/gensec: remove unused gensec_socket_init() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:08 +02:00
Stefan Metzmacher	7943ffbb77	s4:auth/gensec: remove unused include of lib/socket/socket.h Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:08 +02:00
Stefan Metzmacher	beb84d0c26	s4:auth/gensec: remove unused and untested cyrus_sasl module There's not a high chance that this module worked at all. Requesting SASL_SSF in order to get the max input length is completely broken. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:08 +02:00
Stefan Metzmacher	67c5d5849e	s4:libcli/ldap: conversion to tstream Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:08 +02:00
Stefan Metzmacher	6f2c29a13c	s4:lib/tls: ignore non-existing ca and crl files in tstream_tls_params_client() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:08 +02:00
Stefan Metzmacher	3d298b994d	s4:lib/tls: fix tstream_tls_connect_send() define Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:07 +02:00
Stefan Metzmacher	7b916b5f9a	s4:gensec/gssapi: make calculation of gensec_gssapi_sig_size() for aes keys more clear This way the result matches what gss_wrap_iov_length() would return. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:07 +02:00
Stefan Metzmacher	ac5283f788	s4:gensec/gssapi: use gensec_gssapi_max_{input,wrapped}_size() for all backends This avoids calls to gensec_gssapi_sig_size() as fallback in gensec_max_input_size(). gensec_gssapi_sig_size() needs to report the sig size gensec_{sign,seal}_packet(), which could be different to the overhead produced by gensec_wrap(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>	2015-06-23 22:12:07 +02:00
Stefan Metzmacher	6dd117b21e	s4:selftest: also run rpc.winreg with kerberos and all possible auth options BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Jun 23 17:31:08 CEST 2015 on sn-devel-104	2015-06-23 17:31:07 +02:00
Stefan Metzmacher	5b917fd622	s4:selftest: run rpc.echo tests also with krb5 krb5,sign krb5,seal BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>	2015-06-23 14:38:53 +02:00
Stefan Metzmacher	69c1b4b7c1	s4:rpc_server: fix padding caclucation in dcesrv_auth_response() This is simplified by using DCERPC_AUTH_PAD_LENGTH() and changes the behaviour so that we will use no padding if the stub_length is already aligned to DCERPC_AUTH_PAD_ALIGNMENT (16 bytes). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-23 14:38:53 +02:00
Stefan Metzmacher	1bf7ab49b4	s4:rpc_server: let dcesrv_auth_response() handle sig_size == 0 with auth_info as error Don't send plaintext on the wire because of an internal error... BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-23 14:38:53 +02:00
Stefan Metzmacher	16f3837e02	s4:rpc_server: let dcesrv_reply() use a sig_size for a padded payload The sig_size could differ depending on the aligment/padding. So should use the same alignment as we use for the payload. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-23 14:38:53 +02:00
Stefan Metzmacher	3fbdb255e3	s4:rpc_server: let dcesrv_reply() use DCERPC_AUTH_PAD_ALIGNMENT define Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-23 14:38:53 +02:00
Stefan Metzmacher	114c52e73e	s4:librpc/rpc: fix padding caclucation in ncacn_push_request_sign() This is simplified by using DCERPC_AUTH_PAD_LENGTH() and changes the behaviour so that we will use no padding if the stub_length is already aligned to DCERPC_AUTH_PAD_ALIGNMENT (16 bytes). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-23 14:38:53 +02:00
Stefan Metzmacher	48f2c383e1	s4:librpc/rpc: let ncacn_push_request_sign() handle sig_size == 0 with auth_info as internal error Don't send plaintext on the wire because of an internal error... BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2015-06-23 14:38:53 +02:00

1 2 3 4 5 ...

31989 Commits