1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

103667 Commits

Author SHA1 Message Date
Martin Schwenke
c92aa6105a ctdb-ipalloc: Drop an unnecessary check
Deleted (and other inactive) nodes will have an empty list of known
IP addresses.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:24 +02:00
Martin Schwenke
03b300e052 ctdb-ipalloc: Move if-statement with broken condition
This pointer is for an array that is always allocated.  The check is
meant to skip a node that has no IP addresses.  However, when there
are no IP addresses the loop below will not do anything anyway.

Add this as a check at the beginning of the function instead.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:24 +02:00
Martin Schwenke
27a26087e1 ctdb-tests: Drop CTDB_TEST_MAX_NODES
The node map is dynamically constructed.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:24 +02:00
Martin Schwenke
5f95240653 ctdb-tests: Build a node map instead of a hacky node flags array
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:24 +02:00
Martin Schwenke
5d148ce99c ctdb-tests: Assign known and available arrays via pointers.
No need to allocate these and iterate as
read_ctdb_public_ip_info_node() now returns a usable array.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:24 +02:00
Martin Schwenke
cd5ed374bc ctdb-tests: read_ctdb_public_ip_info() reads all test input
If there is per-node data then each chunk is read in a separate call
and is cherry-picked out into known_public_ips[] for each node.  This
is confusing.

Instead, a single call now reads all data for multiple nodes and
returns complete arrays of known and available IP addresses.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:24 +02:00
Martin Schwenke
067a611c7d ctdb-tests: Drop CTDB_TEST_MAX_IPS
Arrays are now dynamically reallocated.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:24 +02:00
Martin Schwenke
09924d9c94 ctdb-tests: Drop all_ips argument from read_ctdb_public_ip_info()
Nothing uses the result.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:24 +02:00
Martin Schwenke
4d20babddf ctdb-tests: Don't bother setting all_ips
It isn't used outside this function.  Instead, update k directly.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:23 +02:00
Martin Schwenke
fcc373e3c3 ctdb-tests: Simplify read_ctdb_public_ip_info() using new function add_ip()
Known public IPs array is now dynamically allocated instead of
allocated once with artificial size limit.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:23 +02:00
Martin Schwenke
2d7ba8335b ctdb-tests: Remove unused tests from IP takeover test harness
These tests aren't run anywhere.  They were used to test internal
functions during development.

The aim is to simplify this test program so that it can be linked with
the ipalloc subsystem, allowing removal of ctdbd_test.c and all of its
complications.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-07-04 15:42:23 +02:00
Bob Campbell
7700ee810b tdb: avoid many fcntl calls when incrementing seqnum
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Jul  3 18:11:30 CEST 2016 on sn-devel-144
2016-07-03 18:11:29 +02:00
Andrew Bartlett
d820b046ac lib: talloc: Add check for destructor protection.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Andrew Bartlett
f877191fee lib: talloc: As we have a struct talloc_chunk * in _talloc_free_children_internal(), use it to call _tc_free_internal() directly.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Andrew Bartlett
fde0d0de71 lib: talloc: As _tc_free_internal() takes a struct talloc_chunk *, add an extra paranoia check against destructor overwrite.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Andrew Bartlett
d2a5927bd7 lib: talloc: Rename the internals of _talloc_free_internal() to _tc_free_internal().
Make it use a struct talloc_chunk *tc parameter. Define _talloc_free_internal()
in terms of _tc_free_internal().

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Andrew Bartlett
94a72849fa lib: talloc: Call talloc_chunk_from_ptr() less often in __talloc_with_prefix()
Rename 'ptc' pointer to parent as it's re-used as
that name later in the function.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Andrew Bartlett
c6d458ef6e lib: talloc: Rename talloc_set_name_v() to tc_set_name_v(). Make it take a struct talloc_chunk *tc as the first argument.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Andrew Bartlett
192c75730b lib: talloc: Add _vasprintf_tc() which returns the struct talloc_chunk *, not the talloc'ed pointer.
Define talloc_vasprintf() in terms of _vasprintf_tc().
We will use _vasprintf_tc() internally later.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Andrew Bartlett
2bfccbf9d0 lib: talloc: Change _talloc_set_name_const() to _tc_set_name_const()
First argument is now struct talloc_chunk *tc.
Ensure all callers pass correct talloc chunk from given pointer.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Andrew Bartlett
5bc592da83 lib: talloc: Change __talloc() to return a struct talloc_chunk *.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Andrew Bartlett
58f987d0e6 lib: talloc: Change __talloc_with_prefix() to return a struct talloc_chunk *.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-07-03 14:26:17 +02:00
Jeremy Allison
64244f9d5f lib: talloc: Rename talloc_XXX() internal functions that take a 'struct talloc_chunk *' to tc_XXX().
We will be adding more and it ensures a consistent naming scheme.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-07-03 14:26:17 +02:00
Richard Sharpe
1444196521 testprogs/blackbox: Improve the net ads dns register tests.
More tests are added that add an unprivileged user, enable their
account, and then test that they can add IP addressed but that they
cannot modify other user's IP addresses.

Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Richard Sharpe <sharpe@samba.org>
Autobuild-Date(master): Sun Jul  3 14:24:59 CEST 2016 on sn-devel-144
2016-07-03 14:24:58 +02:00
Uri Simchoni
2352e49f32 selftest: Add test for domain join + kerberos-only auth
Add "net ads join/leave -k" tests to the net_ads test suite.

Shift the test suite from ad_member env to ad_dc env, because:
1. Seems more appropriate (the member server plays no role in this
   test)
2. The -k test breaks against the ntvfs file server for some reason,
   when trying to open the netlogon named pipe after having established
   the session with Kerberos (the create fails).

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jul  1 15:36:37 CEST 2016 on sn-devel-144
2016-07-01 15:36:37 +02:00
Aurelien Aptel
f13d07e459 s3/winbindd: use == -1 instead of < 0 for error checking uid_t
The sign of the uid_t type is left unspecified by POSIX. It's defined as
an unsigned 32b int on Linux, therefore the < 0 check is always
false.

For unsigned version of uid_t, "uid == -1" will implicitely cast -1 to
unsigned making it a valid test for both signed and unsigned version of
uid_t.

This commit makes the cast to (uid_t) explicit anyway.

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jul  1 05:22:36 CEST 2016 on sn-devel-144
2016-07-01 05:22:36 +02:00
Günther Deschner
8b7d92bb73 librpc: add decode_netlogon_samlogon_response_packet for mailslot debugging.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul  1 01:29:42 CEST 2016 on sn-devel-144
2016-07-01 01:29:42 +02:00
Stefan Metzmacher
4406cf792a krb5pac.idl: introduce PAC_DOMAIN_GROUP_MEMBERSHIP to handle the resource groups
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 30 07:16:45 CEST 2016 on sn-devel-144
2016-06-30 07:16:45 +02:00
Stefan Metzmacher
0fd4943ea1 netlogon.idl: make netr_SidAttr public
It will be used in krb5pac.idl soon.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:27 +02:00
Stefan Metzmacher
74bccb3be1 auth/auth_sam_reply: make auth_convert_user_info_dc_sambaseinfo() a private helper
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:27 +02:00
Stefan Metzmacher
3b94fde963 s4:rpc_server/netlogon: make use of auth_convert_user_info_dc_saminfo{2,6}()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:27 +02:00
Stefan Metzmacher
5128a874c8 s4:rpc_server/netlogon: initialize pointer to NULL in dcesrv_netr_LogonSamLogon_base()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:27 +02:00
Stefan Metzmacher
49bc18f5d2 auth/auth_sam_reply: do a real copy of strings in auth_convert_user_info_dc_sambaseinfo()
That's much more expected by callers.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:27 +02:00
Stefan Metzmacher
a872670fd6 auth/auth_sam_reply: add auth_convert_user_info_dc_saminfo2() helper function
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
aee33fc38a auth/auth_sam_reply: add auth_convert_user_info_dc_saminfo6() and implement level 3 as wrapper
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
3eba60aa65 auth/wbc_auth_util: change wbcAuthUserInfo_to_netr_SamInfo* from level 3 to 6
This includes user_principal_name and dns_domain_name.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
b8068e0199 auth/wbc_auth_util: fill in base.logon_domain in wbcAuthUserInfo_to_netr_SamInfo3()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
5ddf5add81 auth/auth_sam_reply: let make_user_info_dc_netlogon_validation() correctly handle level 6
We need to take care of extra sids in level 3 and 6!
And level 6 also includes user_principal_name and dns_domain_name.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
b67ea0e123 s4:auth/kerberos: improve error message in kerberos_pac_to_user_info_dc()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
6257003dff s4:auth: fill user_principal_* and dns_domain_name in authsam_make_user_info_dc()
This is required in order to support netr_SamInfo6 and PAC_UPN_DNS_INFO
correctly.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
432e83bf5b s4:auth: make use of lpcfg_sam_name() in authsam_get_user_info_dc_principal()
This is more generic and matches all other places.

As this is only used in the KDC it's not a real logic change.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
b6c4c08536 auth.idl: add user_principal_* and dns_domain_name to auth_user_info
This is required in order to support netr_SamInfo6 and PAC_UPN_DNS_INFO
correctly.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
70cc56d3e7 lib/param: add lpcfg_sam_dnsname() helper function
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
193de1c0e9 s4:dsdb/tests: let password_lockout.py verify the logonCount values
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
20ad79fecb s4:dsdb/tests: let password_lockout.py validate the lastLogon and lastLogonTimestamp interaction
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
72d16f9900 s4:dsdb/tests: let password_lockout.py test with all combinations of krb5, ntlmssp and lockOutObservationWindow
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
ca874c200e s4:dsdb/tests: let password_lockout.py verify more fields in _readd_user()
The results differ depending on Kerberos or NTLMSSP usage
and the lockOutObservationWindow.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:26 +02:00
Stefan Metzmacher
4b35d540fa s4:dsdb/tests: let password_lockout.py copy user{name,pass} from the template in insta_creds()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:25 +02:00
Stefan Metzmacher
2c4612243a s4:dsdb/tests: let password_lockout.py use creds and other_ldb as function arguments
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:25 +02:00
Stefan Metzmacher
a37eef6b7d s4:dsdb/tests: let password_lockout.py use userpass variables in all functions
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-30 03:30:25 +02:00