IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This helps generate fuzzers for this IDL.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14170
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Nov 10 22:27:47 UTC 2019 on sn-devel-184
Regression introduced by commit 4b54e14b7c,
where the number of returned records is not set by talloc_array_length
when the record is not found.
Found by DELL EMC at SDC SMB3 plugfest trying to perform a secure DNS
update.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Samuel Cabrero <scabrero@samba.org>
Autobuild-Date(master): Fri Nov 8 12:31:30 UTC 2019 on sn-devel-184
We don't need to parse a text sid, we have those as binary available
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Oct 31 23:29:15 UTC 2019 on sn-devel-184
Incremental results are provided by a flag on the dirsync control, not
by changing the attribute name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This test often flaps in Samba 4.9 (where more tests and DCs run in the environment)
with obj_1 being 3. This is quite OK, we just need to see some changes get
replicated, not 0 changes.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Make sure we haven't broken anything :-).
Signed-off-by: Puran Chand <pchand@vmware.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reveals a bug where the resource fork size is capped at 65454 bytes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.
Therefore we rename utf8_len to be clear what it does and does
not represent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue Oct 29 11:58:45 UTC 2019 on sn-devel-184
Azure AD connect reports discovery errors:
reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
RN: Prevent azure ad connect from reporting discovery errors:
reference-value-not-ldap-conformant
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 24 11:06:58 UTC 2019 on sn-devel-184
This demonstrates a problems that the extended_dn returned
by the dirsync module always uses the SDDL format for GUID/SID
components.
Azure AD connect reports discovery errors:
reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We need the target service without realm, but the proxy services with realm.
I have a domain with an w2008r2 server and a samba and now both generate
the same S4U_DELEGATION_INFO.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
The S3 implementation needs to reinit the dcesrv_context and free the
endpoints list with their registered interfaces.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Next commits will move the core of s4 rpc server to this library.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
These functions will be moved to core dcerpc library and called from
s4 and s3 implementations.
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This function starts the server loop and will be called from s3 and s4
implementations.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
As the dcesrv_terminate_connection function will be moved to the shared
rpc server core library, hide the stream_terminate_connection call behind
a function pointer.
The s3 implementation will define its own termination function.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Split the association group management from the server code, the s3 and
s4 implementation will handle differently.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This function will be different for s3 and s4
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Add a new struct dcesrv_context_callbacks in dcesrv_context to hold pointers
to functions whose implementation will differ between S3 and S4.
The log_successful_dcesrv_authz_event implementation will differ as it
requires an imessaging_context.
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Next commit will move this function to common librpc
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Split the common bits of dcerpc_generic_session_key to librpc and rename
client the specific part to dcecli_generic_session_key.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Add a helper function to retrieve it from the stream connection.
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Add a helper function to retrieve the imessaging_context from the
stream connection.
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This call does not use the context argument so no additional parameter is needed.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Oct 18 10:58:45 UTC 2019 on sn-devel-184
This call does not use the context argument so no additional parameter is needed.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
This call does not use the context argument so no additional parameter is needed.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
We do not have a client or server for this DCOM component so do not generate
the code for it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
No change in behaviour, this just changes all functions to take the
policy_handle argument as pointer instead of passing it by value.
This is how all other IDLs pass it.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 9 15:52:55 UTC 2019 on sn-devel-184
DNS update tool uses private krb5.conf which should have enough details
to authenticate with GSS-TSIG when running nsupdate.
Unfortunately, the configuration we provide is not enough. We set
defaults to not lookup REALM via DNS but at the same time we don't
provide any realm definition. As result, MIT Kerberos cannot actually
find a working realm for Samba AD deployment because it cannot query DNS
for a realm discovery or pick it up from the configuration.
Extend private krb5.conf with a realm definition that will allow MIT
Kerberos to look up KDC over DNS.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Gordon Ross <gordon.w.ross@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Oct 7 22:05:59 UTC 2019 on sn-devel-184
This uses the Linux libaio that does not meet Samba's needs. If
someone wanted to add async I/O to ntvfs, the io_uring API is the way
to go. Second option would be to use a pthreads-based API.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This now hopefully covers most possible combinations of creating and opening
files plus, checking the file's File-ID after every operation.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fixes:
source4/winbind/idmap.c:214:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
NTSTATUS status = NT_STATUS_NONE_MAPPED;
source4/winbind/idmap.c:397:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
NTSTATUS status = NT_STATUS_NONE_MAPPED;
^~~~~~ ~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Philipp Gesang <philipp.gesang@intra2net.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power<npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Wed Sep 25 11:06:04 UTC 2019 on sn-devel-184
Fixes:
source4/libcli/clideltree.c:113:3: warning: Value stored to 'status' is never read <--[clang]
status = smbcli_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/clideltree.c:131:3: warning: Value stored to 'status' is never read <--[clang]
status = smbcli_setatr(dstate.tree, dname, FILE_ATTRIBUTE_NORMAL, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 warnings generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Fixes:
source4/libcli/smb2/util.c:134:3: warning: Value stored to 'status' is never read <--[clang]
status = smb2_util_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/smb2/util.c:187:5: warning: Value stored to 'status' is never read <--[clang]
status = smb2_util_setatr(tree, name, FILE_ATTRIBUTE_NORMAL);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/smb2/util.c:209:3: warning: Value stored to 'status' is never read <--[clang]
status = smb2_util_setatr(tree, dname, FILE_ATTRIBUTE_NORMAL);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3 warnings generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Fixes:
source4/libcli/raw/clisession.c:198:4: warning: Value stored to 'p' is never read <--[clang]
p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->old.out.domain, p, -1, STR_TERMINATE);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/raw/clisession.c:212:5: warning: Value stored to 'p' is never read <--[clang]
p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->nt1.out.domain, p, -1, STR_TERMINATE);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
source4/libcli/raw/clisession.c:232:3: warning: Value stored to 'p' is never read <--[clang]
p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->spnego.out.workgroup, p, -1, STR_TERMINATE);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Fixes:
source4/libcli/raw/rawfileinfo.c:301:56: warning: Access to field 'transport' results in a dereference of a null pointer (loaded from variable 'session') <--[clang]
parms->standard.out.create_time = raw_pull_dos_date2(session->transport,
^
source4/libcli/raw/rawfileinfo.c:314:55: warning: Access to field 'transport' results in a dereference of a null pointer (loaded from variable 'session') <--[clang]
parms->ea_size.out.create_time = raw_pull_dos_date2(session->transport,
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
We should always use krb5_get_init_creds_opt_set_canonicalize()
and krb5_get_init_creds_opt_set_win2k() for heimdal
and expect the client principal to be changed.
There's no reason to have a different logic between MIT and Heimdal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
The function gensec_gssapi_client_creds() may call kinit and gets
a TGT for the user. The principal provided by the user may not
be canonicalized. The user may use 'given.last@example.com'
but that may be mapped to glast@AD.EXAMPLE.PRIVATE in the background.
It means we should use client_realm = AD.EXAMPLE.PRIVATE
instead of client_realm = EXAMPLE.COM
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This makes debugging run-away processes much more efficient and even
possible at all: If the pool-usage output is more than 256MB, the
previous code could not realloc it and threw it away. Also, it is not
helpful for an already huge process to allocate even more.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 18 21:27:30 UTC 2019 on sn-devel-184
(This patch, only removing manpage text, submitted by gitlab.com user
Sam Zaydel @szaydel in MR 243 but without a Signed-off-by, so I
(Andrew Bartlett) am adding mine to say I'm happy to say this is a
legitimate and deliberate contribtion.)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 18 19:51:11 UTC 2019 on sn-devel-184
Cleanup of test files created by smb2.create.delete is broken because
READONLY is set on the test file. Clear READONLY first before doing
the cleanup.
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Sep 12 17:36:50 UTC 2019 on sn-devel-184
In most cases sattrib is passed as a long int literal. Avoid
compile errors by casting the value passed to printf().
Signed-off-by: Ralph Wuerthner <ralph.wuerthner@de.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Note I'm using the share vfs_fruit_xattr because I need a share with both a
streams and a acl_* VFS object.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
CID 1453656: (RESOURCE_LEAK)
Handle variable "fd" going out of scope leaks the handle.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Sep 10 18:56:45 UTC 2019 on sn-devel-184
This is similar to multilock3, but uses a read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the 2nd lock
request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is similar to multilock3, but uses a read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the first lock
request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is similar to multilock3, but uses read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the blocked
requests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This demonstrates that unrelated lock ranges
are not blocked by other blocked requests on the same
fsp.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This demonstrates that the SMB2 code path doesn't do
any retry for local posix locks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
There should not be a different if the blocker is a posix process
instead of another smbd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We've seen failures like this:
RPC-HANDLE-RANDOM-ASSOC
connect samr pipe1
pipe1 uses assoc_group_id[0x00000001]
connect samr pipe2 with assoc_group_id[0xFFFFFFFF]- should fail
Failed to bind to uuid 12345778-1234-abcd-ef00-0123456789ac for
ncacn_np:localdc[\pipe\samr,bigendian,assoc_group_id=0xffffffff,
abstract_syntax=12345778-1234-abcd-ef00-0123456789ac/0x00000001] NT_STATUS_UNSUCCESSFUL
connect samr pipe3 with assoc_group_id[0x00000000]- should fail
UNEXPECTED(failure): samba4.rpc.handles on ncacn_np with bigendian.random-assoc(ad_dc_default)
REASON: Exception: Exception: ../../source4/torture/rpc/handles.c:546:
status was NT_STATUS_OK, expected NT_STATUS_UNSUCCESSFUL: opening samr pipe3
Prevent that it wraps to 0x00000000
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
clang complained that "full_filename==NULL" is always false, because
it's a normal stack variable.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 4 18:20:22 UTC 2019 on sn-devel-184
Ensure that for file access you can mix any of these
three access methods for directory entries and the
returned names/structs stay in sync across telldir/seekdir
changes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14094
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Sep 3 17:31:29 UTC 2019 on sn-devel-184
This was an idea about how Samba might have worked if passwords were
not safe to be stored in a remote DB (get some kind of LDAP backend).
Nothing ever used this, but it was a nice idea. But git master is not
the place to preserve history, even interesting ideas like splitting
passwords from the non-password data (possible because, in the same way
we are allowed to encrypt them, we do not allow a search on password
values).
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This became unused with 2b0fc74a09 that
removed the last of the support for the LDAP Backend
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
These were for the now removed OpenLDAP backend. Any future work in this area will
not involve this kind of translation, it will be done much more cleanly.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 30 09:50:25 UTC 2019 on sn-devel-184
This simplifies the code considerably. A real attempt at an LDAP backend would need to implement this
module in a similar way to LDB.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
This feature has long been obsolete, remaining only in the hope
that it might be revived in the future.
Specifically, in 2011 the S4 OpenLDAP backend HOWTO was removed:
commit 1d46325af8
Author: Andrew Bartlett <abartlet@samba.org>
Date: Wed Apr 27 22:42:29 2011 +1000
Remove outdated S4 OpenLDAP backend HOWTO.
There is a project to revive this, hosted here:
https://github.com/Symas/samba
and
https://github.com/Symas/samba_overlays
However discussions at SambaXP with Nadezhda Ivanova
indicate a new approach with slapd being started by Samba
and taught to read native Samba ldb files is more likely
in the short term.
This has the advantage that Samba's provision and offline
tooling would not need to change, with the solution looking
more like how BIND9_DLZ has access to the Samba DB.
If any of this is required then reverting these patches will be
the least of the difficulties in bringing this to production.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
On windows, adding or modifying a record during a paged results search
behaves differently depending on whether or not you supply server_sort
control. This patch adds tests and documentation.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Aug 30 08:26:21 UTC 2019 on sn-devel-184
EnumDomainUsers currently takes too long, significantly slowing down
calls to winbind's getpwent which is a core unix API. The time is taken
up by a GUID lookup for every record in the cached result. The advantages
of this approach are:
1. It meets the specified requirement that if a record yet to be returned
by a search in progress (with a resume handle) is deleted or
modified, the future returned results correctly reflect the
new changes.
2. Memory footprint for a search in progress is only 16 bytes per record.
But, those benefits are not worth the significant performance hit
of the lookups, so this patch changes the function to run the search
and cache the RIDs and names of all records matching the search when
the request is made. This makes the memory footprint around 200 bytes
per record or up to 2MB per concurrent search for a 100k user database.
The speedup achieved by this change is around 50%, and in tandem with
some winbindd improvements as part of the same task has achieved around
15x speedup for getpwent.
The lost specification compliance is unlikely to cause a problem for any
known usage of this RPC call.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug 22 21:24:00 UTC 2019 on sn-devel-184
If done with popt context it should be free'd.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
If done with popt context it should be free'd.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
If done with popt context it should be free'd.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
If done with popt context it should be free'd.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Direct leak of 96 byte(s) in 1 object(s) allocated from:
#0 0x7f0b16624c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
#1 0x7f0b15e4ba5c in __talloc_with_prefix ../../lib/talloc/talloc.c:782
#2 0x7f0b15e4ba5c in __talloc ../../lib/talloc/talloc.c:824
#3 0x7f0b15e4ba5c in _talloc_named_const ../../lib/talloc/talloc.c:981
#4 0x7f0b15e4ba5c in talloc_named_const ../../lib/talloc/talloc.c:1748
#5 0x55ffdd30d591 in torture_smb2_connect ../../source4/torture/smb2/connect.c:199
#6 0x7f0b12723772 in wrap_simple_test ../../lib/torture/torture.c:633
#7 0x7f0b1272775e in internal_torture_run_test ../../lib/torture/torture.c:442
#8 0x7f0b12728543 in torture_run_tcase_restricted ../../lib/torture/torture.c:507
#9 0x7f0b12728dd5 in torture_run_suite_restricted ../../lib/torture/torture.c:357
#10 0x7f0b12729434 in torture_run_suite ../../lib/torture/torture.c:339
#11 0x55ffdd10c54a in run_matching ../../source4/torture/smbtorture.c:93
#12 0x55ffdd10df56 in torture_run_named_tests ../../source4/torture/smbtorture.c:143
#13 0x55ffdd11199d in main ../../source4/torture/smbtorture.c:691
#14 0x7f0b0aa45412 in __libc_start_main (/lib64/libc.so.6+0x24412)
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 21 15:42:43 UTC 2019 on sn-devel-184
This requires GnuTLS >= 3.6.5.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Aug 21 11:14:11 UTC 2019 on sn-devel-184
This uses the new gnutls_error_to_werror()
This should resolve Coverity 1452111 as forwarded by Volker.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Samba will soon require GnuTLS >= 3.4.7.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Adjusted by Andrew Bartlett from an earlier more comprehensive patch by Andreas
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Now we either build with GnuTLS or Samba crypto. If a modern GnuTLS
version is detected that will be used and Samba crypto wont be
available.
This removes the dual-stack mode that encrypted with one and decrypted
with the other in the testsuite.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Commit message clarified by Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Installing downgrade script so people don't need the source tree for it.
Exception added in usage test because running the script without arguments
is valid. (This avoids the need to knownfail it).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Just so that it's slightly less of a mouthful for users.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
In next commit we'll install the script, samba.tests.source picked up the
lack of a copyright message and some whitespace errors, so this patch
fixes that stuff first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Add a simple test to resolve DOMAIN\MACHINE$ via LSA LookupNames3
using LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 level. This level would pass
zero lookup flags to lookup_name().
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Aug 14 13:07:42 UTC 2019 on sn-devel-184
Convert torture/rpc/lsa LookupNames/LookupSids code to allow testing
different LSA_LOOKUP_NAMES_* levels. Keep existing level 1
(LSA_LOOKUP_NAMES_ALL) for the current set of tests.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 14 08:59:23 UTC 2019 on sn-devel-184
Direct leak of 96 byte(s) in 1 object(s) allocated from:
#0 0x7f63e6938c08 in __interceptor_malloc (/lib64/libasan.so.5+0xefc08)
#1 0x7f63e615fa5c in __talloc_with_prefix ../../lib/talloc/talloc.c:782
#2 0x7f63e615fa5c in __talloc ../../lib/talloc/talloc.c:824
#3 0x7f63e615fa5c in _talloc_named_const ../../lib/talloc/talloc.c:981
#4 0x7f63e615fa5c in talloc_named_const ../../lib/talloc/talloc.c:1748
#5 0x55609e7530cf in torture_smb2_scan ../../source4/torture/smb2/scan.c:203
#6 0x7f63e2a37772 in wrap_simple_test ../../lib/torture/torture.c:633
#7 0x7f63e2a3b75e in internal_torture_run_test ../../lib/torture/torture.c:442
#8 0x7f63e2a3c543 in torture_run_tcase_restricted ../../lib/torture/torture.c:507
#9 0x7f63e2a3cdd5 in torture_run_suite_restricted ../../lib/torture/torture.c:357
#10 0x7f63e2a3cf25 in torture_run_suite_restricted ../../lib/torture/torture.c:362
#11 0x7f63e2a3d434 in torture_run_suite ../../lib/torture/torture.c:339
#12 0x55609e3a154a in run_matching ../../source4/torture/smbtorture.c:93
#13 0x55609e3a2f56 in torture_run_named_tests ../../source4/torture/smbtorture.c:143
#14 0x55609e3a699d in main ../../source4/torture/smbtorture.c:691
#15 0x7f63dad59412 in __libc_start_main (/lib64/libc.so.6+0x24412)
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Found during torture test runs with enable address-sanitizer.
Signed-off-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug 8 06:44:12 UTC 2019 on sn-devel-184
The HTTP connection code is common to in and out channels.
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 7 14:12:40 UTC 2019 on sn-devel-184
Generic function to connect a ROH channel. The use comes later to avoid
duplicated code.
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Even though GET would work as well, only adding POST, as that's the only method
that's going to be exersized in code and tests (RPC mdssvc elasticsearch
backend).
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@suse.de>
Works, tested with
$ bin/smbtorture -W RIVERSIDE --realm=RIVERSIDE.SITE -s /dev/null \
-U Administrator%Passw0rd \
ncacn_http:10.10.11.164[HttpProxy=10.10.11.164:593,HttpUseTls=false,HttpAuthOption=basic,HttpConnectOption=UseHttpProxy] \
rpc.epmapper.epmapper.Lookup_simple
I get an ACCESS_DENIED error, but I get it over HTTP. :)
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@suse.de>
This is only used by the implemementation of http_send_request_send/recv, no
need to have this in the header file.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@suse.de>
This is only used by the implemementation of http_send_request_send/recv, no
need to have this in the header file.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@suse.de>
My FreeBSD install does not have __compar_fn_t. libreplace has the
QSORT_CAST for systems that do.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This made Message.deregister() a decref machine, with talloc crashes
and segfaults available thus:
from samba import messaging
m = messaging.Messaging()
for i in range(20):
m.deregister(m)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
Try to make clear what is being done here, we are trying to count the partitions so that
we can then walk them in reverse.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 31 04:08:48 UTC 2019 on sn-devel-184
This is all strictly unnecessary, as ret is always != LDB_SUCCESS when
res is NULL, but we want to make peace between clang and converity.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
When joining a DC without DNS partitions, make sure that the alternate
flow of creating them afterwards results in a database with everything
that is necessary.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051
RN: Allow a DC join without DNS partitions, to add them later
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This ensures GnuTLS is used as the underlying RC4 crypto engine
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This allows the use of GnuTLS for the underlying RC4 crypto
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
There is no session key here, the buffers are directly encrypted
with the long-term passwords.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This allows the use of GnuTLS for the RC4 crypto operation
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This allows the use of GnuTLS for the RC4 crypto operation
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This allows the use of GnuTLS for the underlying RC4 crypto operations.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
In replmd_replicated_handle_rename().
The helper function was introduced two commits ago and consists of
a large common stretch of this and the function modified in the previous
commit.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 24 11:21:50 UTC 2019 on sn-devel-184
In replmd_op_possible_conflict_callback().
The helper function was introduced in the previous commit and consists
of a large common stretch of this and replmd_replicated_handle_rename().
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We currently do exactly this work, in exactly these words (ignoring
formatting) in two different places. The next two commits will make
those places use this helper function. We do this over three commits
so that we can more easily compare the next two and be sure they are
doing the same thing.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Unlock partition databases in the reverse order from which they were
acquired. This is separated from the previous commit for future
bisecting purposes, since the last commit was made to fix specific CI
failures, while this one is a speculative fix made based on code
inspection.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
A schema reading bug was traced to a lock ordering issue in partition.c.
This patch fixes the problem by:
1. Releasing locks/transactions in the order they were acquired.
2. Always lock/start_trans on metadata.tdb first, before any other
databases, and release it last, after all others. This is so that we are
never exposed to MDB's lock semantics, which we don't support.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Fixes:
source4/dsdb/common/util.c:3131:6: warning: Dereference of undefined pointer value <--[clang]
if (res->count < 1) {
^
/source4/dsdb/common/util.c:3207:6: warning: Dereference of undefined pointer value <--[clang]
if (res->count < 1) {
^~~~~~~~~~
source4/dsdb/common/util.c:4004:39: warning: Dereference of undefined pointer value <--[clang]
(*wkguid_dn) = talloc_steal(mem_ctx, res->msgs[0]->dn);
^
source4/dsdb/common/util.c:4191:35: warning: Dereference of undefined pointer value <--[clang]
ouv_value = ldb_msg_find_ldb_val(r->msgs[0], "replUpToDateVector");
source4/dsdb/common/util.c:5757:13: warning: 1st function call argument is an uninitialized value <--[clang]
same_nc = (ldb_dn_compare(source_nc, target_nc) == 0);
^
This fix also fixes the associated 'Access to field 'xyx' results in a
dereference of a null pointer' warnings that also will happen when this
is fixed
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Wed Jul 24 05:49:14 UTC 2019 on sn-devel-184
Fixes:
source4/dsdb/common/util.c:2125:4: warning: Value stored to 'cps_stdin' is never read <--[clang]
cps_stdin = -1;
^ ~~
source4/dsdb/common/util.c:2132:3: warning: Value stored to 'cps_stdin' is never read <--[clang]
cps_stdin = -1;
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/dsdb/common/util.c:2000:6: warning: Access to field 'count' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
if (res->count != 1) {
^~~
source4/dsdb/common/util.c:3281:28: warning: Access to field 'msgs' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
el = ldb_msg_find_element(res->msgs[0], attr);
^~~
source4/dsdb/common/util.c:3568:6: warning: Access to field 'count' results in a dereference of a null pointer (loaded from variable 'res') <--[clang]
if (res->count != 1 || ret != LDB_SUCCESS) {
^~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/dsdb/common/util.c:1964:18: warning: The left operand of '&' is a garbage value <--[clang]
return (options & DS_NTDSDSA_OPT_IS_GC) != 0;
~~~~~~~ ^
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/dsdb/common/util.c:1804:8: warning: 3rd function call argument is an uninitialized value <--[clang]
ret = samdb_reference_dn(ldb, mem_ctx, server_ref_dn, "rIDSetReferences", dn);
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/auth/kerberos/kerberos_util.c:645:3: warning: Value stored to 'code' is never read <--[clang]
code = 0;
^ ~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/auth/kerberos/kerberos_pac.c:116:2: warning: Value stored to 'ret' is never read <--[clang]
ret = smb_krb5_make_pac_checksum(mem_ctx,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Otherwise we get a segfault when the NULL creds are dereferenced in cli_credentials_is_anonymous()
$ python3 -c"from samba.dcerpc.dnsserver import dnsserver; d = dnsserver('addc')"
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jul 22 23:37:57 UTC 2019 on sn-devel-184
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Regression caused by 16596842a6
[MS-GPSB] 2.2 Message Syntax says that you have to write a BOM which I
didn't do up until this patch. UTF-16 as input encoding was marked much
higher up in the inheritance tree, which got overriden with the Python 3
fixes. I've now marked the encoding much more obviously for this file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14004
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Fri Jul 19 02:20:47 UTC 2019 on sn-devel-184
Fixes a memory leak where schema reference attached to ldb
instance is lost before it can be freed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14042
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Wed Jul 17 06:17:10 UTC 2019 on sn-devel-184
Fixes:
source4/libcli/raw/clitree.c:138:3: warning: Value stored to 'p' is never read <--[clang]
p += smbcli_req_pull_string(&req->in.bufinfo, mem_ctx, &parms->tconx.out.fs_type,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/libcli/raw/rawnegotiate.c:157:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
NTSTATUS status = NT_STATUS_INTERNAL_ERROR;
^~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/libcli/smb_composite/fetchfile.c:91:11: warning: Value stored to 'status' during its initialization is never read <--[clang]
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
^~~~~~ ~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/libcli/ldap/ldap_client.c:1023:6: warning: Access to field 'type' results in a dereference of a null pointer <--[clang]
if ((*msg)->type != type) {
^~~~~~~~~~~~
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Enable the prefork process model, for the echo server. This is allows
it to be used in the prefork_restart tests.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Extended DN requests seem to have been incorrectly handled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14029
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Thu Jul 11 05:25:26 UTC 2019 on sn-devel-184
Fixes:
source4/auth/gensec/gensec_gssapi.c:431:11: warning: Value stored to 'nt_status' during its initialization is never read <--[clang]
NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
^~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Fixes:
source4/dsdb/common/util_trusts.c:2915:21: warning: Access to field 'sid' results in a dereference of a null pointer (loaded from field 'tdo') <--[clang]
d->di.domain_sid = d->tdo->sid;
^ ~~~
1 warning generated.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Following the python/C convention for checking vs non-checking
convertors.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
In the Python/C API, conversion functions which check the types of their arguments
have names like:
double PyFloat_AsDouble(PyObject *pyfloat);
while conversion macros that don't check have names like:
PyFloat_AS_DOUBLE(pyfloat)
The pyldb_Ldb_AsLdbContext() macro looks like one of the checking functions
but it actually isn't. This has fooled us more than once. Here we fork
the macro into two -- one which performs checks and keeps the camel
case, and one with a shouty name that keeps the check-free behaviour.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Don't call ldb_ldif_message_redacted_string when linked_attr_modify
fails. When joining a large domain this takes way to much time, in excess of 3
hours for a join on a 200k domain.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Tim Beale <timbeale@catalyst.net.nz>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Tue Jul 9 03:03:25 UTC 2019 on sn-devel-184
