IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Post SMB1/SMB2 test env split to help in removing smb1
samba3.nbt.dgram.netlogon* fails randomly. It is unrelated as far
as we can see to the changes but must be a side affect of runtime
order or some such.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Sat Apr 4 01:12:05 UTC 2020 on sn-devel-184
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Apr 3 16:45:48 UTC 2020 on sn-devel-184
remove the skip file and the code to use it from the build as
all tests now run in either specific smb1 enabled envs or normal
(non smb1) envs
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
create_smb1_fail_skipfile.txt provides both
+ instructions
+ patch to perform the pre-requisite steps to be able to
modify the environment and parse test output
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Add known fail for samba3.blackbox.smbclient_basic.NT1.smbclient
which fails against nt4_schannel (because it doesn't support
SMB1)
Additionally since we don't have plans to create a nt4_schannel_smb1
test env provide additional coverage by running this test against
nt4_dc_smb1 (which still support SMB1)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
This test fails for admember & chgdcpass test envs because they
don't support SMB1
Note: There is some coverage for this test with other test envs e.g.
s4member, ad_dc_ntvfs & others
Additionally IIUC this test seems to be for testing smbclient4
(if this assumption is incorrect then we could substitute with
smbclient(s3)) However, for the moment it seems best to disable this
test as smbclient4 doesn't support SMB1 and we have sufficient coverage
with other SMB1 supporting envs
Also remove associated entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Add know fail for these tests that run against ad_member
which won't succeed because SMB1 isn't supported
However we do have some coverage with s4member (which depends on
ad_dc_ntvfs) which still supports SMB1.
Additionally remove the associated entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba3.unix.whoami depends of posix extensions which
currently only work with SMB1. These tests fail with
environments nt4_member & ad_member. We currently don't
have plans to provide '_smb1' variants of these environments.
So in addition to adding the knownfail we add some
coverage by running this test with test env ad_dc_smb1.
Also we remove the associated entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba3.blackbox.smbclient_s3.NT1.plain &
samba3.blackbox.smbclient_s3.NT1.sign tests will fail running against
test envs ad_member & nt4_member (because those envs don't support SMB1)
However we do have some coverage with nt4_dc_smb1_done
We could maybe just delete these tests for those environments for
the moment just create specific knownfail entries and remove associated
entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba3.blackbox.smbclient_auth.plain will fail against
ad_member & nt4_member (because these envs don't
support SMB1) so we don't run these tests where either
'LANMAN2' or 'NT1' are in the options, in these cases
to get coverage so we use nt4_dc_smb1
Creating new envs for such a small amount of strictly SMB1 tests anyway
seems overkill. For the moment just create specific knownfail entries
and remove the associated entries from skip_smb1_fail
Signed-off-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
NT1 flavour of samba3.blackbox.smbclient_ntlm.plain tests will
fail against ad_member, maptoguest, fl2000dc & nt4_member
(because these envs don't support SMB1)
We do however have some coverage with test envs
nt4_dc_smb1_done & ad_dc_ntvfs.
We could maybe just delete these tests for these environments,
creating new envs for such a small amount of strictly SMB1 tests anyway
seem overkill. For the moment just create specific knownfail entries
associated entries from skip_smb1_fail have also been deleted
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
The following tests which fail when run against a test env that
doesn't support SMB1
samba4.rpc.join on ncacn_ip_tcp with bigendian(ad_dc_default)
samba4.rpc.join on ncacn_ip_tcp with seal,padcheck(ad_dc_default)
samba4.rpc.join on ncacn_ip_tcp with validate(ad_dc_default)
samba4.rpc.join on ncacn_np with bigendian(ad_dc_default)
samba4.rpc.join on ncacn_np with seal,padcheck(ad_dc_default)
samba4.rpc.join on ncacn_np with validate(ad_dc_default)
samba4.rpc.join on ncalrpc with bigendian(ad_dc_default:local)
samba4.rpc.join on ncalrpc with seal,padcheck(ad_dc_default:local)
samba4.rpc.join on ncalrpc with validate(ad_dc_default:local)
have been moved to ad_dc_default_smb1
results verified with
VALIDATE="validate" python3 source4/selftest/tests.py | grep "^samba4.rpc.join" | grep ad_dc_default | sort
corrosponding entries have been removed from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba4.ldap.passwordsettings fails when run against test env that
doesn't support SMB1 so move to ad_dc_default_smb1
Note: no skip entries to be removed as tests are known failures
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba4.ldap.nested-search fails when run against test env
that doesn't support SMB1 so move to ad_dc_default_smb1
Also remove entry from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test was using smbclient4 but this fails when used in environments that
don't support SMB1. We use smbclient(s3) instead. There remains one
failure due to behaviour differences between the smbclients.
The behavioural changes are related not to SMB1/SMB2 but
commits d4ea637eb8 &
fce66b22ea
Perhaps we need to modify s3 smbclient in a similar way? This is however
something that deserves further discussion.
Move this failing part to a knownfail for the moment.
Also the corrosponding entry in skip_smb1_fail has been removed
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
move all failing tests to fileserver_smb1 (exception is the SMB2-BASIC
test) doesn't need to move
Additionally remove the associated entries from skip_smb1_file
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
To support running tests samba3.smbtorture_s3.vfs_aio* in
test env fileserver_smb1 we need to add some params to
fileserver_smb1 config files.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.smbtorture_s3.hidenewfiles fails when run against test
environments that don't support SMB1. Move this test to fileserver_smb1
and remove entry from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
In order to support samba3.smbtorture_s3.hidenewfiles (and moving
the test to fileserver_smb1) we need to ensure we have some supporting
config
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move tests raw.samba3hide, raw.samba3checkfsp & raw.samba3closeerr from
ad_dc to ad_dc_smb1. Also update flapping and knownfail entries to cater
for the new env.
no entries in skip files to be removed as flapping & knownfail negate
the need for this.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move tests raw.samba3hide, raw.samba3checkfsp & raw.samba3closeerr from
simpleserver to fileserver. Also need a knownfail for raw.samba3closeerr
which fails in envs that NT ACLs enabled. We will get extra coverage
from ad_dc_smb1 when the same tests are moved there.
Remove the associated entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
The tests menioned below all fail when run against environments that
don't support SMB1 so we move them to nt4_dc_smb1
python3 source3/selftest/tests.py | grep "^samba3.smbtorture_s3.crypt\." | grep nt4_dc_smb1 | cut -f1 -d\( | sort -u
samba3.smbtorture_s3.plain.POSIX
samba3.smbtorture_s3.plain.POSIX-ACL-OPLOCK
samba3.smbtorture_s3.plain.POSIX-ACL-SHAREROOT
samba3.smbtorture_s3.plain.POSIX-APPEND
samba3.smbtorture_s3.plain.POSIX-BLOCKING-LOCK
samba3.smbtorture_s3.plain.POSIX-MKDIR
samba3.smbtorture_s3.plain.POSIX-OFD-LOCK
samba3.smbtorture_s3.plain.POSIX-STREAM-DELETE
samba3.smbtorture_s3.plain.POSIX-SYMLINK-ACL
samba3.smbtorture_s3.plain.POSIX-SYMLINK-EA
samba3.smbtorture_s3.plain.WINDOWS-BAD-SYMLINK (this is a posix
test)
Also remove entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
The tests menioned below all fail when run against environments that
don't support SMB1 so we move them to nt4_dc_smb1
python3 source3/selftest/tests.py | grep "^samba3.smbtorture_s3.crypt\." | grep nt4_dc_smb1 | cut -f1 -d\( | sort -u
samba3.smbtorture_s3.crypt.POSIX
samba3.smbtorture_s3.crypt.POSIX-ACL-OPLOCK
samba3.smbtorture_s3.crypt.POSIX-ACL-SHAREROOT
samba3.smbtorture_s3.crypt.POSIX-APPEND
samba3.smbtorture_s3.crypt.POSIX-BLOCKING-LOCK
samba3.smbtorture_s3.crypt.POSIX-MKDIR
samba3.smbtorture_s3.crypt.POSIX-OFD-LOCK
samba3.smbtorture_s3.crypt.POSIX-STREAM-DELETE
samba3.smbtorture_s3.crypt.POSIX-SYMLINK-ACL
samba3.smbtorture_s3.crypt.POSIX-SYMLINK-EA
samba3.smbtorture_s3.crypt.WINDOWS-BAD-SYMLINK (this is a posix test)
also remove these entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test fails to negotiation SMB1 in environments that require SMB1 so
move to nt4_dc_smb1 env.
entry also removed from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move samba3.smbtorture_s3.crypt_client.* tests which fail against
environments that don't support SMB1.
The following tests have been moved from nt4_dc -> nt4_dc_smb1
samba3.smbtorture_s3.crypt_client.ATTR
samba3.smbtorture_s3.crypt_client.BROWSE
samba3.smbtorture_s3.crypt_client.CASE-INSENSITIVE-CREATE
samba3.smbtorture_s3.crypt_client.CHAIN1
samba3.smbtorture_s3.crypt_client.CHAIN2
samba3.smbtorture_s3.crypt_client.CHAIN3
samba3.smbtorture_s3.crypt_client.CHKPATH
samba3.smbtorture_s3.crypt_client.CLEANUP1
samba3.smbtorture_s3.crypt_client.CLEANUP2
samba3.smbtorture_s3.crypt_client.CLEANUP4
samba3.smbtorture_s3.crypt_client.CLI_SPLICE
samba3.smbtorture_s3.crypt_client.DELETE
samba3.smbtorture_s3.crypt_client.DELETE-LN
samba3.smbtorture_s3.crypt_client.DELETE-STREAM
samba3.smbtorture_s3.crypt_client.DIR
samba3.smbtorture_s3.crypt_client.DIR-CREATETIME
samba3.smbtorture_s3.crypt_client.FDPASS
samba3.smbtorture_s3.crypt_client.FDSESS
samba3.smbtorture_s3.crypt_client.IOCTL
samba3.smbtorture_s3.crypt_client.LARGE_READX
samba3.smbtorture_s3.crypt_client.LOCK1
samba3.smbtorture_s3.crypt_client.LOCK10
samba3.smbtorture_s3.crypt_client.LOCK11
samba3.smbtorture_s3.crypt_client.LOCK13
samba3.smbtorture_s3.crypt_client.LOCK2
samba3.smbtorture_s3.crypt_client.LOCK3
samba3.smbtorture_s3.crypt_client.LOCK4
samba3.smbtorture_s3.crypt_client.LOCK5
samba3.smbtorture_s3.crypt_client.LOCK6
samba3.smbtorture_s3.crypt_client.LOCK7
samba3.smbtorture_s3.crypt_client.LOCK9A
samba3.smbtorture_s3.crypt_client.LOCK9B
samba3.smbtorture_s3.crypt_client.NTTRANS-FSCTL
samba3.smbtorture_s3.crypt_client.OPEN
samba3.smbtorture_s3.crypt_client.OPLOCK1
samba3.smbtorture_s3.crypt_client.OPLOCK2
samba3.smbtorture_s3.crypt_client.OWNER-RIGHTS
samba3.smbtorture_s3.crypt_client.PIDHIGH
samba3.smbtorture_s3.crypt_client.PROPERTIES
samba3.smbtorture_s3.crypt_client.RENAME
samba3.smbtorture_s3.crypt_client.RENAME-ACCESS
samba3.smbtorture_s3.crypt_client.RW1
samba3.smbtorture_s3.crypt_client.RW2
samba3.smbtorture_s3.crypt_client.RW3
samba3.smbtorture_s3.crypt_client.RW-SIGNING
samba3.smbtorture_s3.crypt_client.SHORTNAME-TEST
samba3.smbtorture_s3.crypt_client.STREAMERROR
samba3.smbtorture_s3.crypt_client.TCON
samba3.smbtorture_s3.crypt_client.TCON2
samba3.smbtorture_s3.crypt_client.TCONDEV
samba3.smbtorture_s3.crypt_client.TORTURE
samba3.smbtorture_s3.crypt_client.TRANS2
samba3.smbtorture_s3.crypt_client.UID-REGRESSION-TEST
samba3.smbtorture_s3.crypt_client.UNLINK
samba3.smbtorture_s3.crypt_client.W2K
samba3.smbtorture_s3.crypt_client.WILDDELETE
samba3.smbtorture_s3.crypt_client.XCOPY
and have been removed from skip_smb1_fail
list of tests modified has been verified with
python3 source3/selftest/tests.py | grep "^samba3.smbtorture_s3." | grep nt4_dc_smb1 | cut -f1 -d\( | sort -u
addionally any knownfail entries have been updated as appropriate.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move test samba3.rpc.samba3.netlogon & ^samba3.rpc.samba3.sessionkey
to nt4_dc_smb1 as these tests will fail when run against an environment
that doesn't support SMB1 and remove the entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.rpc.lsa.lookupsids when run with protocol options specifying
smb1 will of course fail when run against environments the don't support
SMB1 so move such tests to nt4_dc_smb1
Additionally remove those entries from the skip file as porting is
not needed.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move test samba3.raw.session which fails in test environments that
don't support SMB1 to nt4_dc_smb1 and remove entry from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.raw.search fails in test environments that don't
support SMB1 so move test to nt4_dc_smb1 and remove entry from
skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.raw.samba3posixtimedlock will not succeed in test
environments that don't support SMB1 so we move it to nt4_dc_smb1
and remove associated entries from skip_smb1_selftest
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.raw.samba3posixtimedlock will not succeed in test
environments that don't support SMB1 so we move it to ad_dc_smb1
and also remove associated entry from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Tests samba3.raw.samba3checkfsp, samba3.raw.samba3hide &
samba3.raw.samba3closeerr fail in test environments that don't support
SMB1 so move to nt4_dc_smb1. Additionally samba3.raw.samba3closeer was
a known fail in nt4_dc so this also needs to be adjusted for the new
env.
Remove the remaining entries from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move test samba.raw.read which fails in test environments that
don't support SMB1 to nt4_dc_smb1 and remove entry from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move samba3.raw.notify & samba3.raw.oplock which fail when used with
test environments that don't support SMB1 to nt4_dc_smb1 and remove
associated entry from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move samba3.raw.chkpath which fails in environments that don't
support SMB1 to nt4_dc_smb1 and remove entry from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Tests samba3.raw.acls* don't succeed in environments that don't
support SMB1 so move them to nt4_dc_smb1
Also need to adjust knownfail for samba3.raw.acls nfs4acl_xattr*
Additionally remove the entries for test from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba3.blackbox.smbclient_s3.NT1.sign as the name suggests will fail
in test envs that do not support SMB1 so move it to a _smb1
environment.
Additionally the associated skip_smb1_fails entry is removed as the
test doesn't need to be ported
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba3.blackbox.smbclient_ntlm.plain will fail in test environment
that doesn't support SMB1 so move to nt4_dc_smb1
This test only fails with options that require it to communicate over
SMB1, there are sibling tests that test against >= SMB2 so also we
remove the skip_smb1_fail entry as this test doen't need porting
(for this env)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
This tests fails against nt4_dc because it doesn't support SMB1 so
we move it to nt4_dc_smb1 and remove the corrosponding entry from
skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.blackbox.smbclient_large_file*NT1 will only succeed against
test environments that support SMB1 so we move it to nt4_dc_smb1.
Additionally remove the entry from the skip_smb1_faill file
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.blackbox.smbclient_s3.NT1.plain as its name suggests
requires a test environment that supports SMB1 so we move it to one.
Additionally the entry from the skip_smb1_fail file is removed (for this
env) as not porting is required.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
now that a specific SMB1 enabled env is available lets move this
test to nt4_dc_smb1 env. Additionally the entry is removed from
skip_smb1_fails as no porting is required
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba3.blackbox.smbclient_auth.plain will fail in test environment
that doesn't support SMB1 so move to directly to test env
nt4_dc_smb1_done as it doesn't require porting.
This test only fails with options that require it to communicate over
SMB1, there are sibling tests that test against >= SMB2 so also we
remove the skip_smb1_fail entry as this test doen't need porting
(for this env)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.base.rw1 only works in test environments that support
SMB1 so move test to nt4_dc_smb1 and remove the entry from
skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba3.raw.lock & samba3.raw.lock currently will only work in
environments that negotiate SMB1 so lets move them to new nt4_dc_smb1
and remove those entries form skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba4.blackbox.pkinit falls to pass in environments that don't support
SMB2 because of use (s4) smbclient4. Change test to use (s3) smbclient
Additionally a test within the test script test_kinit_trusts_heimdal.sh
explicitly uses smbclient4 which can't negotiate SMB1 in environments
that don't support it. Add knownfail to cater for this & also remove entry
from the skip file
Further reference the smbclient4 specific test is associated with
https://bugzilla.samba.org/show_bug.cgi?id=12554 so maybe we should
keep it for the moment
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba.tests.net_join_no_spnego when run in environment
doesn't support SMB1 so move it to ad_dc_smb1 and remove
skip_smb1_fail entry
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba.tests.auth_log_pass_change will fail when run against
environments that don't support SMB1 so move this test to ad_dc_smb1
and remove entry from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba.tests.auth_log will fail when run against environments that
don't support SMB1 so move this test to ad_dc_smb1 and removing
entry from skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
samba3.blackbox.smbclient_ntlm.plain NT1 fails in environments that
don't support SMB2 so we need to move it to the appropriate _smb1
test env and since this test doesn't need to be ported we can actually
move it directly to the _smb1_done env to indicate that.
Also remove the samba3.blackbox.smbclient_ntlm.plain NT1(ad_dc)
entry from the skip file because we have moved this to the ad_dc_smb1
*and* this test is already ported to >=SMB2
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Moving
samba4.smb.spnego.krb5.no_optimistic(ad_dc)
samba4.smb.spnego.ntlmssp.no_optimistic(ad_dc)
and additionally removing the entries from skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move the following tests from ad_dc to ad_dc_smb1
samba4.rpc.join with bigendian(ad_dc)
samba4.rpc.join with seal,padcheck(ad_dc)
samba4.rpc.join with validate(ad_dc)
and additionally remove the corrosponding entries from skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move
samba4.rpc.authcontext with bigendian(ad_dc)
samba4.rpc.authcontext with seal,padcheck(ad_dc)
samba4.rpc.authcontext with validate(ad_dc)
to ad_dc_smb1 environment and remove the corrosponding entries in
skip_smb1_fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
additionally remove those related entries from skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move test samba3.rpc.samba3.netlogon which fails in enviroments that
don't support SMB1 to ad_dc_smb1 and remove the test entry from
skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.raw.search fails in envrionments that don't support SMB1
so we move it to ad_dc_smb1 and also remove the entry in skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.raw.read fails in environments that don't support SMB1
so move it to ad_dc_smb1 and also remove the entry in skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.raw.acls fails in environments that don't support SMB1
so move it to ad_dc_smb1 and remove the entry in skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.base.rw1 fails in environments that don't support
SMB1 so we move it to ad_dc_smb1 and also remove the entry in
skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
The following tests which fail when used with environments that don't
support SMB1 fail so we move them to ad_dc_smb1 instead and also remove
th entry in skip_smb1_fails
samba3.raw.session ntlm
samba3.raw.session krb5
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.raw.chkpath fails in environments that don't support SMB1
so we move it to ad_dc_smb1 and also remove the entry from skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
The following tests which fail in environments that dont support
SMB1 have been moved to ad_dc_smb1
samba3.unix.whoami
samba3.unix.whoami kerberos connection
samba3.unix.whoami anonymous connection
samba3.unix.whoami ntlm user@realm
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.rap.sam fails in environments that don't support
SMB1 so we move it to enironment ad_dc_smb1 and remove the entry in
skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test samba3.base.createx_access fails in environments that dont
support SMB1, moving this test to ad_dc_smb1 and removing the entry
in skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
The following tests which fail when used in environment that
SMB1 cannot be negotiated in have been moved to ad_dc_smb1
& nt4_dc_smb1
samba3.raw.close(ad_dc_smb1)
samba3.raw.composite(ad_dc_smb1)
samba3.raw.eas(ad_dc_smb1)
samba3.raw.mkdir(ad_dc_smb1)
samba3.raw.open(ad_dc_smb1)
samba3.raw.rename(ad_dc_smb1)
samba3.raw.samba3badnameblob(ad_dc_smb1)
samba3.raw.samba3badpath(ad_dc_smb1)
samba3.raw.samba3caseinsensitive(ad_dc_smb1)
samba3.raw.samba3oplocklogoff(ad_dc_smb1)
samba3.raw.samba3rootdirfid(ad_dc_smb1)
samba3.raw.sfileinfo.bug(ad_dc_smb1)
samba3.raw.sfileinfo.end-of-file(ad_dc_smb1)
samba3.raw.sfileinfo.rename(ad_dc_smb1)
samba3.raw.streams(ad_dc_smb1)
samba3.raw.unlink(ad_dc_smb1)
samba3.raw.write(ad_dc_smb1)
verified with
python3 source3/selftest/tests.py | grep ad_dc_smb1 | grep "^samba3.raw" | sort -u
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
The following tests which fail in environments that cannot negotiate
SMB1 have been moved to ad_dc_smb1 & nt4_dc_smb1
samba3.rpc.authcontext
samba3.rpc.join
samba3.rpc.samba3.bind
samba3.rpc.samba3.getusername
samba3.rpc.samba3.sharesec
samba3.rpc.samba3.smb1-pipe-name
samba3.rpc.samba3.smb-reauth1
samba3.rpc.samba3.smb-reauth2
samba3.rpc.samba3.spoolss
samba3.rpc.samba3.wkssvc
python3 source3/selftest/tests.py | grep ad_dc_smb1 | grep "^samba3.rpc" | sort -u
test entries have also been removed from skip_smb1_fails
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
verified with
python3 source3/selftest/tests.py | grep _smb1 | grep "^samba3.unix" | sort -u
Additionally the test entries in skip_smb1_fail also removed
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Tests:
samba3.rap.basic
samba3.rap.rpc
have been moved to ad_dc_smb1, nt4_dc_smb1
verified by
python3 source3/selftest/tests.py | grep ad_dc_smb1 | grep "^samba3.rap"
these tests have been removed from skip_smb1_fails
Additionally
samba3.rap.basic.netsessiongetinfo was already marked as knownfail
in ad_dc so in ad_dc_smb1 also true
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
From list of tests identified as failing with environments that
cannot negotiate SMB2 the following tests have been moved to ad_dc_smb1
& nt4_dc_smb1 (and additionally removed from skip_smb1_fails)
samba3.base.attr
samba3.base.chkpath
samba3.base.defer_open
samba3.base.delete
samba3.base.deny3
samba3.base.denydos
samba3.base.dir1
samba3.base.dir2
samba3.base.disconnect
samba3.base.fdpass
samba3.base.mangle
samba3.base.negnowait
samba3.base.ntdeny1
samba3.base.ntdeny2
samba3.base.open
samba3.base.openattr
samba3.base.properties
samba3.base.rename
samba3.base.samba3error
samba3.base.secleak
samba3.base.tcon
samba3.base.tcondev
samba3.base.trans2
samba3.base.unlink
samba3.base.vuid
samba3.base.xcopy
list of tests verified with
python3 source3/selftest/tests.py | egrep 'ad_dc_smb1|nt4_dc_smb1' | grep "^samba3.base" | sort -u
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
the following tests
samba3.base.delaywrite
samba3.base.deny1
samba3.base.deny2
have been moved to fileserver_smb1 env and removed from skip_file
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
smbclient4 only negotiates smb1, this test should use smbclient(s3)
instead.
Signed-off-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(s4) smbclient doesn't negotiate smb2, (s3) smbclient is what
is used and what we really should be testing.
Additionally remove entry from ski_smb1_fails file
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Additionally we remove the entry from skip_smb1_fails as it is
no longer relevant
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Additionally remove this test from the skip file as the file doesn't
need to be ported
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
we have an ad_dc_smb1 env and there is not reason why we need
to use nt4_dc for this test. In a later commit we will move the
NT1 test to the ad_dc_smb1 env.
Addionally we change the existing entry in the skip_smb1_fails
skip file.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Additionally since we already have a SMB3 version of the test we
can remove it from the skip file
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Move tests that have SMB1 & >=SMB2 versions to fileserver_smb1_done
Additionally this commit removes the entries for fileserver for the same
tests from skip_smb1.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Adding test env ad_dc_default_smb1_done an alias for
test environment ad_dc_default_smb1
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
setup_fileserver_smb1_done is an alias for setup_fileserver_smb1
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
This will allow us easily create lightweight alias environments
like ad_dc_smb1_done etc.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
ad_dc_smb1 is a copy of the ad_dc test environment but
with the difference that it still supports SMB1, this will allow
use to still run SMB1 tests for that env.
Signed-off-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Preparatory commit pre adding new addc_smb1 environment.
In order to support new addc_smb1 test environment we need new
certificate(s) in order to satisfy some tests
(e.g. samba4.blackbox.pkinit.*)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
fileserver_smb1 is a copy of the fileserver test environment but
with the difference that it still supports SMB1, this will allow
use to still run SMB1 tests.
Signed-off-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The orig skip file was created with *all* test environments by
default not support SMB1.
Signed-off-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Test environments rpc_proxy & s4member depend on ad_dc_ntvfs
so these environments additionally need to also be able to
still support SMB1.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Change the values of 'min protocol' set for the various test
environments to be SMB2_02.
Servers will only offer protocols starting with the min specified in the
conf files. We don't change the client value here yet (until SMB1 is
truely gone) as we still want to be able to run SMB1 tests.
Signed-off-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Exclude the tests specified in the file 'skip_smb1_fails' which
contains the list of tests that would fail if min protocol >= SMB2_02
Note: a subsequent commit will change the default min protocol so
in order to maintain bisectability we skip the tests before
we change the default.
Signed-off-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
skip_smb1_fails contains tests that will fail when the min protocol
of the test environments is set to SMB2_02
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
The default for most test envs will be changed in a future
commit(s) to be >= SMB2 then we need to still allow ad_dc_ntvfs to
support SMB1. This will make the number of tests to port easier to
deal with. In addition to test env ad_dc_ntvfs still supporting SMB1
we need to do the same with test other environments that depend on
ad_dc_ntvfs (this will be handled in followup commits).
In addition to the above this change will ensure we don't trigger
failures for ntvfs tests when we switch to default >= SMB2 which will
make the associated skip file (added in a future commit) smaller.
Signed-off-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is a relatively new test environment that only uses very few tests
yet. Skip the env name rename dance for this env, but someone has to convert the
tests later on.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
For now I'll leave it arround for others I haven't tested.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Mar 27 10:39:32 UTC 2020 on sn-devel-184
This makes our testing much more realistic and allows
the removal of some knowfail entries.
It also means the testing with network namespaces on Linux
can use the same addresses as our socket wrapper testing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
These restore copies of others and better use their own resolv.conf
and use '--use-samba-tool --no-credentials' for samba_dnsupdate in order
to avoid talking to the real environments.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
It's important to have the correct $resolv_conf variable within
provision(), because it also sets "RESOLV_WRAPPER_CONF" if needed,
instead of just setting "RESOLV_CONF".
There's also no point in creating an resolv.conf with the ip addresses
for other roles than "active directory domain controller".
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
By default point RESOLV_CONF to a non-existing file and
use the per environment RESOLV_CONF explicitly where needed.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This is needed for all environments not just "samba".
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This makes it possible to serve ipv4 and ipv6 at the same time.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Otherwise we have a deadlock in the python threading
that prevents out EOF detection on stdin to work
if someone aborts 'make test' with strg+c.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
dns_hub.py:115: SyntaxWarning: "is" with a literal. Did you mean "=="?
if forwarder is 'ignore':
dns_hub.py:117: SyntaxWarning: "is" with a literal. Did you mean "=="?
elif forwarder is 'fail':
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Mar 24 14:31:25 UTC 2020 on sn-devel-184
Previously this would fail with Unsupported critical extension 1.3.6.1.4.1.7165.4.3.2
Reported by Alexander Harm. Many thanks for helping make Samba better
and for your patience with patches and providing debugging information.
REF: https://lists.samba.org/archive/samba/2020-February/228153.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14306
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This type of object was not possible to delete in Samba without first removing
the link.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14306
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit finally switches the RPC server implementation.
At the same we have to do other related changes to keep code compiling
and test environments running.
First avoid moving the session_info into the allocated pipes_struct memory
context as it is owned now by the core RPC server, and the s3compat pidl
compiler will update the pipes_struct session_info before dispatching
the call with dcesrv_call->auth_state->session_info.
Also, fix a segfault in the endpoint mapper daemon when it tries to delete
the endpoints previously registered over a NCALRPC connection.
If we have:
rpc_server : epmapper = external
rpc_server : lsarpc = external
rpc_daemon : epmd = fork
rpc_daemon : lsasd = fork
The sequence is:
* The endpoint mapper starts (start_epmd in source3/smbd/server.c)
* The lsarpc daemon starts (start_lsasd in source3/smbd/server.c)
* The lsarpc daemon creates the sockets and registers its endpoints
(rpc_ep_register in source3/rpc_server/lsasd.c)
* The endpoint registration code opens a NCALRPC connection to the
endpoint mapper daemon (ep_register in source3/librpc/rpc/dcerpc_ep.c)
and keeps it open to re-register if the endpoint mapper daemon dies
(rpc_ep_register_loop in source3/rpc_server/rpc_ep_register.c)
* When the endpoint mapper daemon accepts a NCALRPC connection it sets a
termination function (srv_epmapper_delete_endpoints)
* Suppose the lsarpc daemon exits. The NCALRPC connection termination
function is called.
* The termination function tries to delete all endpoints registered by that
connection by calling _epm_Delete
* _epm_Delete calls is_privileged_pipe which access to
pipes_struct->session_info.
As the call to _epm_Delete occurs outside of the PIDL generated code,
the pipes_stuct->session_info is NULL. This commit also sets
pipes_struct->session_info from the dcerpc_connection before calling
_epm_Delete. As the core rpc server supports security context multiplexing we
need to pass the dcesrv_connection to the termination function and let the
implementation pick a auth context. In the case of the endpoint mapper
the termination function has to pick one of type NCALRPC_AS_SYSTEM to
check if the connection is privileged and delete the endpoints
registered by the connection being closed.
Finally, the samba.tests.dcerpc.raw_protocol testsuite passes against
the ad_member environment.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Keep the s3 server behaviour for now and return always the same
association group ID, 0x53F0.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The goal is to pass the raw protocol testsuite against s3 RPC server.
To do so we need to enable epmd and lsasd daemons, as the testsuite
connects to the endpoint mapper and lsa endpoints using NCACN_IP_TCP
and NCACN_NP transports.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Let delayed update handler also update on-disk timestamps by calling
trigger_write_time_update_immediate().
trigger_write_time_update_immediate() sets fsp->update_write_time_on_close to
false which prevents updating the write-time on close if there was ever only one
write to the file.
Besides resetting fsp->update_write_time_on_close and setting the on-disk timestamps
trigger_write_time_update_immediate() takes the same steps as the removed code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 19 03:05:40 UTC 2020 on sn-devel-184
Verify close only updates write-time when a delayed update is actually pending.
This scenario is not covered by basic.delaywrite.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This test demonstrates that Windows has a timestamp resolution of ~15ms.
When a smaller amount of time than that has passed between modifying operations
on a file, it's not necessarily detectable on a Windows 2019 server that
implements immediate timestamp updates (no delayed magic).
Note that this test relies on a low latency SMB connection. Even with a low
latency connection of eg 1m there's a chance of 1/15 that the first part of the
test expecting no timestamp change fails as the writetime is updated.
Due to this timing dependency this test is skipped in Samba CI, but it is
preserved here for future SMB2 timestamps behaviour archealogists.
See also: https://lists.samba.org/archive/cifs-protocol/2019-December/003358.html
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We need to flush a pending write time update even when we're setting the
filesize to current filesize.
Note that we're already doing it this way in the relevant places listed my
dochelp@MS in
https://lists.samba.org/archive/cifs-protocol/2019-December/003364.html
Cleanup (= Close)
SetBasicInfo
SetAllocationInfo
SetEndOfFileInfo
SetValidDataLengthInfo
Flush
FSCTL_SET_ENCRYPTION
FSCTL_OFFLOAD_WRITE
Cleanup (= Close):
Already implemented by update_write_time_on_close() and friends.
SetBasicInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetAllocationInfo:
smb_set_file_allocation_info() when setting a file's allocation size.
SetEndOfFileInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetValidDataLengthInfo:
Not implemented, returns NT_STATUS_NOT_SUPPORTED which seems wrong btw, as
SetValidDataLengthInfo IS listed in MS-SMB2 2.2.39.
Flush:
Currently doesn't flush pending updates. Fixed by subsequent commit.
FSCTL_SET_ENCRYPTION:
Windows 2016 doesn't flush a pending writetime update, verified with a
smbtorture test.
FSCTL_OFFLOAD_WRITE:
NT_STATUS_NOT_IMPLEMENTED
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
For adapting unix extensions in our client libraries, we need a fresh start
with additional APIs. We can't change existing application behaviour.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is required that out tests work with MIT KRB5 1.18.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Found while trying to run winexe against Windows Server 2019.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14313
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
A few lines above the mode check we created a file with mode
0666. With unix exensions we expect this back 1:1, without them the
server changes them on the fly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This keeps the original SMB_STRUCT_STAT coming from posix as part of
struct file_info. It is a slight waste of space, as the timestamps are
kept twice, but having a full SMB_STRUCT_STAT with the nlink!=0
validity check makes thinking about which mode/size/etc is the correct
one a no-brainer. We can save space later by referencing only one set
of time stamps for example.
This for the time fixes readdirplus2, but for the wrong reason: We don't yet
create files the "proper" way using posix create.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The libsmbclient readdir tests are broken just for the unix extension
case. For example they assume our "map archive" behaviour. This will
have to be parameterized once unix extensions become better
implemented in libsmbclient
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 27 19:34:36 UTC 2020 on sn-devel-184
I'm planning to mess with libsmbclient tests calling into
smbtorture4. For this it will be much more convenient to have the
arguments available as a higher-level data structure than just a
string.
Checked by "diff" on the testlist before and after -- no change.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This fixes doing strlen() on talloc_tos(), about which valgrind is pretty
unhappy. Without this patch we survive the tests because we have fallbacks to
the non-posix flavors of stat(). With this patch in place cli_posix_stat()
becomes functional in this code path. This creates conflicts with the readdir
libsmbclient tests, which need fixing separately.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14101
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This is an implementation which doesn't have undefined behavior
problems. It casts correctly that calculations are don in the correct
integer space. Also the naming is less confusing than what we have in
byteorder.h.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
According to Posix and the Linux open(2) manpage, the open-syscall can
return EINTR. If that happens, core smbd saw this as an indication
that aio_pthread's open function was doing its job. With a real EINTR
without aio_pthread this meant we ended up in a server_exit after 20
seconds, because there was nobody to do the retry.
EINTR is mapped to NT_STATUS_RETRY. Handle this by just retrying after
a second.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14285
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 20 22:14:25 UTC 2020 on sn-devel-184
This is fairly cheap and it is simple to do. This allows the Python
code to be able to specify a unclist quite simply. The level of
coupling doesn't seem worse than anything else in the
selftest/autobuild code.
There may be cleverer ways of doing this (e.g. a wrapper in
testprogs/blackbox/clusteredmember_smbtorture or similar) but cleverer
code isn't necessarily better code... and they'll probably involve
code duplication.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Allow running tests against a CTDB setup, thereby covering the
dbrwap_ctdb->ctdb stack in real SMB tests.
Sets up a 3 node cluster.
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
So just run it "as root" all the time.
Something similar is already done for other things in
Samba3::provision(), such as running smbpasswd in
Samba3::createuser().
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Default to closing the write end of the parent->child pipe.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
If $nmbd is not "yes" then this can result in a warning.
Introduced in commit 676261fa08.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 18 21:07:44 UTC 2020 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 14 20:16:04 UTC 2020 on sn-devel-184
LDAP Simple BIND authentications have already been mapped to a
DOMAIN\username pair and should not be mapped twice.
This appears to be a regression in 09e24ce40f
included in Samba 4.7.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13598
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Autobuild-User(master): Isaac Boukris <iboukris@samba.org>
Autobuild-Date(master): Fri Feb 14 17:13:33 UTC 2020 on sn-devel-184
This type of account is often used by e-mail hosting platforms
that do not wish to create an AD domain for each DNS domain that
they host mail for.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13598
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Fix the expected data in fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt, as it
contained source code line numbers.
Andrew this test needs to be altered to us a regular expression and
remove the dependency on source line numbers.
Credit to OSS-Fuzz
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20083
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14236
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
I regularly get requests for my simple script to print the
password from the secrets.tdb (or secrets.ldb on the AD DC).
This removes the old script that only reads the secrets.ldb.
Neither new nor old script has tests, however it seems
better to have it in the tree where it can be found rather
that me digging it out of my outbound e-mail.
Originally posted here:
https://lists.samba.org/archive/samba/2017-November/212362.html
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
That makes sure we have the same as on gitlab runners
(see bootstrap/config.py).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
When a domain member gets an empty domain name or '.', it should
not forward the authentication to domain controllers of
the primary domain.
But we need to keep passing UPN account names with
an empty domain to the DCs as a domain member.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
These methods are being called but have not been provided.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
To fix a warning.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The character ':' has no meaning in function signatures. Perhaps ';' was
intended, which would have marked the later arguments as optional --
which is the default with no signature. All callers always provide all
the arguments anyway.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
If the SOCKET_WRAPPER_PCAP_DIR is not defined, let's assume it wasn't
wanted rather than choosing /.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The '%ret = {}' construction was bad because '{}' is a hash-ref, which
counts as a single scalar value, but a true hash like '%ret' must be
initialised with an even number of scalar values (usually in pairs, like
'($a => $b, $c => $d)').
I think this meant %ret was initialised as something harmless like
'(<HASH(0x55ce39781278)> => undef)'.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
None of these ones are doing any harm, we just want to silence these
warnings.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We were declaring the same variable twice with two different paths,
"$cadir/Users/$pkinitprincipalname" here and
"$ctx->{prefix_abs}/pkinit" about 5 lines down.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
After this we will see more noise with each test run, and these
warnings will be addressed in following commits.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The partial surrogate test is known to fail (in
both smb1 and smb2).
Signed-off-by: David Mulder <dmulder@suse.com>
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Thu Jan 30 12:05:13 UTC 2020 on sn-devel-184
Without this, teardown_env() will take ages for environments with
skipped daemons
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jan 29 11:06:53 UTC 2020 on sn-devel-184
Without this, any environment that skips any daemon will not shut down
properly. If a copy of a pipe's write end remains, closing one of them
won't cause the read end to be readable, i.e. the daemons waiting for
that won't exit properly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
9 positional parameters is a bit too much for easy overview
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
We don't need "seq", bash can do that itself, and we assume bash here
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
If there is more than one server we will have for example nt4_dc.smbd,
nt4_dc.nmbd and nt4_dc.winbind as daemon environments, together with
the commandline environment "nt4_dc" coming last. Before this patch we
would have deleted all previous tmpfiles in the commandline environment.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We can not process on the basis of a DN, as the DN may have changed in a rename,
not only that this module can see, but also from repl_meta_data below.
Therefore remove all the complex tree-based change processing, leaving only
a tree-based sort of the possible objects to be changed, and a single
stopped_dn variable containing the DN to stop processing below (after
a no-op change).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Previously if there was a conflict, but the incoming object would still
win, this was not marked as a rename, and so inheritence was not done.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12497
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
When contending a WRITE with an existing READ, the contender puts
himself into the exclusive slot, waiting for the READers to go
away. If the async lock request is canceled before we got the lock, we
need to remove ourselves again. This is done in the destructor of the
g_lock_lock_state. In the successful case, the destructor needs to go
away.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Dec 22 18:57:17 UTC 2019 on sn-devel-184
This walks different code paths in the subsequent locker. And the one
that we did not test so far is in fact buggy
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This simply matches the behaviour from before e7b1acaddf
when the logic for a trailing . was added. This matches what is added in
the dnsRecord attribute for a name of "." over the dnsserver RPC
management interface and is based on what Windows does for that name
in (eg) an MX record.
No a security bug because we use talloc and so name will be just the
end of the talloc header.
Credit to OSS-Fuzz
Found using the fuzz_ndr_X fuzzer
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Dec 20 11:33:52 UTC 2019 on sn-devel-184
Ensure that the '-lock' files for the dns partitions as well as the data
files are linked when running
samba_dnsupgrade --dns-backend=BIND9_DLZ
failure to create these links can cause corruption of the corresponding
data file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Add tests to check that the '-lock' files for the dns partitions as well as
the data files are linked when running
samba_dnsupgrade --dns-backend=BIND9_DLZ
failure to create these links can cause corruption of the corresponding
data file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Dec 20 07:34:42 UTC 2019 on sn-devel-184
The rpc.netlogon testsuite has a test that verifies LSA over netlogon which is
only enabled in the ad_dc_ntvfs env.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Credit to OSS-Fuzz
Found using the ndr_fuzz_X target.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
The set was within the switch, the get was before the switch.
The difference is shown when there is an empty default element.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13876
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
There are two concerns here, assuming the attacker can place arbitary values
in a dnsProperty attribute over LDAP (eg is a DNS administrator).
This comes from the fact that id is used as the switch value at the C layer
but at the NDR layer the wDataLength value is considered first.
One concern is that a pull/push round-trip could include server memory:
The previous switch_is() behaviour could store the server memory back
into the attribute.
However this pattern of pull/push only happens in ndrdump and fuzzing tools, as
dnsserver_db_do_reset_dword() operates only on the uint32/bitmap union
arms, and fully initialises those.
The other is that a pull of the attacker-supplied value could
cause the server to expose memory.
This would be over the network via DNS or the RPC dnsserver protocols.
However at all times the ndr_pull_struct_blob is passed zeroed memory.
The final concern (which fuzz_ndr_X found) is that in the ndr_size_dnsPropertyData()
the union descriminent is only id.
This has no impact as only zeroed memory is used so there will be a
zero value in all scalars, including data->d_ns_servers.AddrArray.
Therefore the server will not crash processing the attacker-supplied blob
[MS-DNSP] 2.3.2.1 dnsProperty has no mention of this special behaviour.
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dnsp/445c7843-e4a1-4222-8c0f-630c230a4c80
This was known as CVE-2019-14908 before being triaged back to a normal bug.
Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X fuzzer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14206
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@samba.org>
Ensure that a dnsp_DnsProperty is rejected if the length data does not not
correspond to the length indicated by the union id. It was possible for
the union to be referencing memory past the end of the structure.
Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X fuzzer.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14206
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This will show a leases.tdb record leak. If you SIGSTOP the smbtorture
process while it's in the 10-second wait, you will find locking.tdb
and share_entries.tdb empty after the scavenger has cleaned up. But
there will be an entry in leases.tdb left.
I have no clue how to test this properly, or how to have a reasonably
cheap assert in smbd during normal operations. The problem is that
this leak can't really be distinguished from a "normal" leak that a
crashed smbd would leave behind. Possibly we need a background job
walking leases.tdb to clean this up properly.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
We only have ndrdump and the fuzzers set up for structures, not BITMAPS,
ENUMS etc.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Dec 10 17:45:46 UTC 2019 on sn-devel-184
These are not passed by pointer so the structure dump system does not work
for these. It is best to dump the containing structure instead.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
The sort behaviour for child records is not correct in Samba so
we add a flapping entry.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is not a security issue as it only happens when printing the structure
during debugging, not normal production.
Found by Michael Hanselmann using an NDR fuzzer and Hongfuzz.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Thanks to Douglas Bagnall for the samples, produced from seeds
generated by Samba's make test traffic, fuzzed by ndr_fuzz_X
and Hongfuzz.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Dec 9 11:57:52 UTC 2019 on sn-devel-184
Right now this panics the scavenger daemon, preventing it from doing
its work. The reopen we expect to fail with
NT_STATUS_OBJECT_NAME_NOT_FOUND thus succeeds. I know that we should
more precisely detect the scavenger crash and with Jeremy's pattern in
46899ecf83 this would be possible. However, this is C code right now,
and scanning the logfile for the panic is more I have time for right
now. The test successfully indicates failure, as the next commit will
show.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This implements two core changes:
* use NTTIME instead of struct timespec at the database layer
* use struct timespec { .tv_nsec = SAMBA_UTIME_OMIT } as special sentinel
value in smbd when processing timestamps
Using NTTIME at the database layer is only done to avoid storing the special
struct timespec sentinel values on disk. Instead, with NTTIME the sentinel value
for an "unset" timestamp is just 0 on-disk.
The NTTIME value of 0 gets translated by nt_time_to_full_timespec() to the
struct timespec sentinel value { .tv_nsec = SAMBA_UTIME_OMIT }.
The function is_omit_timespec() can be used to check this.
Beside nt_time_to_full_timespec(), there are various other new time conversion
functions with *full* in their name that can be used to safely convert between
different types with the changed sentinel value.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Needed to support dates corresponding to (time_t)0 and (time_t)-1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
interpret_long_date() is now only used in the client. To enable correct
processing of dates before the UNIX epoch, call nt_time_to_full_timespec().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Add a test that shows that setting timestamps to the special
values (time_t) 4294967295, 0, -1 and anything below is broken.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This blackbox test confirms that Samba returns NTTIME=0 when a filesystem object
has a UNIX timestamp value of 0, ie UNIX epoch start 1.1.1970.
Here's an example output from running smbstatus allinfo on such a file:
$ bin/smbclient -U slow%x //localhost/test -c "allinfo time_0_1970"
altname: T11662~T
create_time: NTTIME(0)
access_time: NTTIME(0)
write_time: NTTIME(0)
change_time: NTTIME(0)
attributes: (80)
stream: [::$DATA], 0 bytes
If you look at it with smbclient ls command, it munges the output to be 1970 so
you don't notice the problem:
$ bin/smbclient -U slow%x //localhost/test -c "ls time_0_1970"
time_0_1970 N 0 Thu Jan 1 01:00:00 1970
The test also test other time_t values -1 and 4294967295 that are used as
sentinel values in Samba code and shows that handling these values is equally
broken.
Same for time_t values < -1.
Note that I'm adding a blackbox test *and* a torture test, as with this blackbox
test I can directly control the server side, but with smbtorture I have to go
through the SMB stack to create the files which doesn't work currently.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
net_rpc_check was hardcoded to check for rpc using SMB1 only. We
should negotiate protocols based on the client max|min protocol settings
this commit also removes the entry for
samba3.blackbox.net.misc.lookup share list
from knownfails as this test should now pass following this change.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Adding a test for the net share list command. Currently this
command will fail because of a bug in the net command when it tries
to see if rpc is supported. This change adds a known fail to swallow
this error. A future commit will fix the net command and remove the
known fail
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Otherwise we can end up with negprot.done set, but
without smbXsrv_connection_init_tables() being called.
This can cause a client self-crash.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14205
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Dec 4 21:27:24 UTC 2019 on sn-devel-184
Without this protection we will spin during decode of a string_array or nstring_array
that is terminated by only a single NUL byte, not two as required by UTF-16.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13874
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Tests to ensure that ndr_pull_string handles zero and one byte length
data correctly for both character strings and UTF-16 strings.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13874
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Fuzzing by Michael Hanselmann found an infinite loop parsing a malformed
supplemental credentials structure. There are no server-side
network-accessible calls using this code.
This patch adds an ndrdump blackbox test to replicate the issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13874
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We don't need any substitution for elasticsearch options.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 26 22:55:38 UTC 2019 on sn-devel-184
This can lead to very confusing bugs, and the code right now does not
deal with it well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This allows ndrdump --validate to avoid following a NULL pointer when re-pushing
a valid but unusual input.
It also avoids an issue if the Samba server code were to provide a response
without an EncryptedRandomSessionKey.
At this stage ntlmssp.idl is not used for this, instead the packets are
generated with msrpc_gen().
Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 20 06:06:29 UTC 2019 on sn-devel-184
This demonstrates a bug found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer where the value() evaluatuion could segfault if it was made to follow a NULL
pointer.
This also demonstrates that the --base64 mode works on file inputs.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
We were accidentally checking the memory just past the array instead of
checking each member.
This could have led to the size of some arrays not being checked.
Found by Michael Hanselmann using Honggfuzz and an fuzzer for Samba's
NDR layer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13877
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The PIDL bug is in the handling of arrays of arrays.
Test input provided by Michael Hanselmann and found using Hongfuzz.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13875
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Previously we would assume the array head was the talloc context
however this is not the case if the array is a fixed size inline array
within the parent struct.
In that case the overall object's talloc context is the correct
context to reference.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Thu Nov 14 17:36:49 UTC 2019 on sn-devel-184
Struct members that are marked as ref pointers need to have an object
allocated for them.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14191
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Pair-progammed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Oct 31 23:29:15 UTC 2019 on sn-devel-184
Incremental results are provided by a flag on the dirsync control, not
by changing the attribute name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
ad_unpack() needs the filesize, not the capped IO size we're using in the caller
to read up to "size" bystem from the ._ AppleDouble file.
This fixes a regression introduced by bdc257a1cb
for bug 13968.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
RN: vfs_fruit returns capped resource fork length
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 30 14:52:34 UTC 2019 on sn-devel-184
Reveals a bug where the resource fork size is capped at 65454 bytes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14171
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
utf8_len represents the number of characters (not bytes) of the
password. If the password includes multi-byte characters it is required
to write the total number of bytes to the check password script.
Otherwise the last bytes of the password string would be ignored.
Therefore we rename utf8_len to be clear what it does and does
not represent.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue Oct 29 11:58:45 UTC 2019 on sn-devel-184
Azure AD connect reports discovery errors:
reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
RN: Prevent azure ad connect from reporting discovery errors:
reference-value-not-ldap-conformant
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 24 11:06:58 UTC 2019 on sn-devel-184
This demonstrates a problems that the extended_dn returned
by the dirsync module always uses the SDDL format for GUID/SID
components.
Azure AD connect reports discovery errors:
reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We need the target service without realm, but the proxy services with realm.
I have a domain with an w2008r2 server and a samba and now both generate
the same S4U_DELEGATION_INFO.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13133
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
"wrec->num_watchers" changes in dbwrap_watch_rec_del_watcher(). In
32d6cc84c I forgot to update the copy of that variable.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 18 22:28:07 UTC 2019 on sn-devel-184
Disable the RTLD_DEEPBIND option for dlopen in LDB and Socket Wrapper when
running with AddressSanitizer. The RTLD_DEEPBIND option is not compatible
with Address Sanitizer see
https://github.com/google/sanitizers/issues/611
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Oct 16 15:41:41 UTC 2019 on sn-devel-184
This partially reverts 303b7e59a2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14155
Pair-Programmed-With: Isaac Boukris <iboukris@redhat.com>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Sat Oct 12 17:39:13 UTC 2019 on sn-devel-184
Pair-Programmed-With: Isaac Boukris <iboukris@redhat.com>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This will avoid introducing regressions in either client or server code.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Sat Oct 12 15:51:42 UTC 2019 on sn-devel-184
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Workaround bug present in gnutls 3.6.8:
gnutls_cipher_decrypt() uses an optimization
internally that breaks decryption when processing
buffers with their length not being a multiple
of the blocksize.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
[MS-FSA] 2.1.5.1 Server Requests an Open of a File
Windows pathname specific processing.
Always disallow trailing /, and also \\ on FILE_NON_DIRECTORY_FILE.
We need to check this before the generic pathname parser
as the generic pathname parser removes any trailing '/' and '\\'.
Currently this is SMB2 only, but we could also add this
check to the SMB1 NTCreateX calls if ultimately neded.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Oct 2 09:31:40 UTC 2019 on sn-devel-184
[MS-FSA] 2.1.5.1 Server Requests an Open of a File.
Checks how to behave on both files and directories.
Tested against Windows 10 server - passes. Currently smbd fails this.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is required to ensure File-ID info is populated with the correct on-disk
value, before calling file_set_dosmode() which will update the on-disk value.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This now hopefully covers most possible combinations of creating and opening
files plus, checking the file's File-ID after every operation.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
ID_TYPE_BOTH means that each user and group has two mappings, a uid and
gid. In addition the calls to getpwent, getpwuid, getgrent and getgrgid
always return some information, so that uid and gid can be mapped to a
name. Establish a test to verify that the expected information is
returned.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14141
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This demonstrates that can do krb5_auth in winbindd without knowning about trusted domains.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Sep 24 19:51:29 UTC 2019 on sn-devel-184
This demonstrates that we rely on knowning about trusted domains before
we can do krb5_auth in winbindd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This ensures we preserve btime, itime and File-ID.
As the Durable Handles code calls vfs_stat_fsp() in the DH disconnect function,
previously the btime was lost and NOT stored in the cookie. With this change the
cookie will store the correct btime (and iflags), which requires us to call
dos_mode() in the reconnect function to ensure we pass
vfs_default_durable_reconnect_check_stat().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Sep 10 20:22:21 UTC 2019 on sn-devel-184
Note I'm using the share vfs_fruit_xattr because I need a share with both a
streams and a acl_* VFS object.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14121
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
A new request is first checks against all pending
requests before checking the already granted locks.
Before we retried the lock array of another request
(the first in the list), but then finished current request,
which is wrong.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is similar to multilock3, but uses a read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the 2nd lock
request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is similar to multilock3, but uses a read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the first lock
request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is similar to multilock3, but uses read-only
(LOCKING_ANDX_SHARED_LOCK) locks for the blocked
requests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This demonstrates that unrelated lock ranges
are not blocked by other blocked requests on the same
fsp.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This demonstrates that the SMB2 code path doesn't do
any retry for local posix locks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
For Windows locks we start with LOCK_NOT_GRANTED and use
FILE_LOCK_CONFLICT if we retried after a timeout.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
There should not be a different if the blocker is a posix process
instead of another smbd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We should evaluate the timeout condition after the very last
retry and not before.
Otherwise we'd fail to retry when waiting for posix locks.
The problem happens if the client provided timeout is smaller
than the 1 sec (for testing temporary 15 secs) retry.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is just a temporary commit that shows the bug and its
fix. It will be reverted once the problem is fixed.
The posix lock retry fails if the client specified timeout
is smaller than the hardcoded 1 second retry.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
LOCK9A is the original test (with a timeout of -1)
and LOCK9B is the same but with timeout of 10 seconds.
LOCK9B is needed to demonstrate a server bug in the next
commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This makes sure we always call chdir_current_service() even
when we still impersonated the user. Which is important
in order to run the SMB* request within the correct working directory
and only if the user has permissions to enter that directory.
It makes sure we always update conn->lastused_count
in chdir_current_service() for each request.
Note that vfs_ChDir() (called from chdir_current_service())
maintains its own cache and avoids calling SMB_VFS_CHDIR()
if possible.
It means we still avoid syscalls if we get a multiple requests
for the same session/tcon tuple.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue Sep 3 09:27:22 UTC 2019 on sn-devel-184
This removes some quite complex logic that has not been used since the LDAP
backend project was shelved prior to 2011.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug 22 21:24:00 UTC 2019 on sn-devel-184
Installing downgrade script so people don't need the source tree for it.
Exception added in usage test because running the script without arguments
is valid. (This avoids the need to knownfail it).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Just so that it's slightly less of a mouthful for users.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Turns out macOS mdssvc doesn't fail the RPC request if the policy handle is all
zero. Also, if it fails with a non-all-zero handle, it returns a different RPC
error, namely DCERPC_NCA_S_PROTO_ERROR, not DCERPC_FAULT_CONTEXT_MISMATCH (or
rather their mapped NT_STATUS codes).
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Move the implementation of this setting down to the actual search query
processing. macOS has no notion of "spotlight = false" at the DCERPC layer and
the open request will always succeed even on all shares.
When later the client issues search requests on such shares, we ensure we use
the noindex backend.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
