1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

129205 Commits

Author SHA1 Message Date
Stefan Metzmacher
8597cc9d6c s4:dsdb/descriptor: split out struct descriptor_transaction
This will make it easier to add more details to the per transaction
state.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-30 11:13:35 +00:00
Stefan Metzmacher
36ccb98aba python/join: improve logging of join_replicate()
It's useful to have timestamps to see the
time used for replication and committing.
We also warn the user that the committing stage
may take some time.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-30 11:13:35 +00:00
Stefan Metzmacher
420bbb1d92 wafsamba: require PYTHONHASHSEED=1 to be exported
This avoids a lot of trouble with random build failures,
if people try to use waf directly.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 29 23:31:38 UTC 2022 on sn-devel-184
2022-03-29 23:31:38 +00:00
Stefan Metzmacher
aa02cf3c44 ctdb/packaging/RPM: don't use waf directly
./configure && make && make install is will always work.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
22c46d9f41 configure/Makefile: export PYTHONHASHSEED=1 in all 'configure/Makefile' scripts
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
a6b1e4b576 wafsamba: let test_duplicate_symbol.sh export PYTHONHASHSEED=1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
0be4f56723 s4:selftest/provisions: make use of 'make testenv' and avoid direct waf
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
10d69da1d3 lib/fuzzing/README.md: don't use waf directly
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Stefan Metzmacher
42eeed05f1 buildtools: remove unused testwaf.sh
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-29 22:32:32 +00:00
Volker Lendecke
825dcc6a13 smbd: Don't NULL out "::$DATA"
Slight simplification now possible after introducing and using
fsp_is_alternate_stream() almost everywhere.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 29 22:24:38 UTC 2022 on sn-devel-184
2022-03-29 22:24:38 +00:00
Volker Lendecke
e41f8001f1 smbd: Don't NULL out the "::$DATA" in openat_pathref_fsp()
Slight simplification now possible after introducing and using
fsp_is_alternate_stream() almost everywhere.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
50bac24665 smbd: Simplify reply_rmdir()
We don't need to check this here, create_file_default and callees take
care of this.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
103dc3f938 smbd: Add a DEBUG to create_file_unixpath()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
af1719a92b smbd: Fix create_file_unixpath()'s stream handling
Make create_file_unixpath() robust against callers explicitly passing
in ":$DATA" as a stream name indicating the default stream. Right now
we NULL this out in callers, but this might change in the future.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
91ac9ce0d1 lib: GENCACHE_RAM isn't used anymore
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Volker Lendecke
1f78a8e32f smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-29 21:32:34 +00:00
Andrew Bartlett
d7a91a855c s4-auth: Remove last traces of LanMan authentiation support in the AD DC.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 29 03:32:57 UTC 2022 on sn-devel-184
2022-03-29 03:32:57 +00:00
Andrew Bartlett
86f7e4e690 s4-auth: Only build auth_developer module in developer mode
This is a silly module for provoking NTSTATUS replies for testing and
was useful many moons ago for determining the NTSTATUS -> DOS table that
windows uses.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-03-29 02:33:34 +00:00
Andrew Bartlett
360bb864e9 s4-auth: Do not trigger RODC replication unless missing all passwords
With the NT hash becoming optional we cannot make blind assumptions that
a missing value means we are on an RODC needing the password replicated.

Instead, check for supplementalCredentials as well.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-03-29 02:33:34 +00:00
Andrew Bartlett
1884bc11f0 s4-auth: Remove unused acct_flags parameter
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-03-29 02:33:34 +00:00
Andrew Bartlett
14e7112734 waf: Document the confusing --nonshared-binary, --builtin-libraries, --private-libraries and --bundled-libraries
These options are confusing to all who encounter them.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=8731

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Mar 28 10:06:01 UTC 2022 on sn-devel-184
2022-03-28 10:06:01 +00:00
Christof Schmitt
127f728d58 vfs_gpfs: Initialize litemask to 0
The change from commit fb13c7c94f to query exact values for atime,
mtime, ctime and size  is not necessary, as none of these are used in
this codepath. Initiale litemask to 0 instead.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15027

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Mar 28 09:10:58 UTC 2022 on sn-devel-184
2022-03-28 09:10:58 +00:00
Joseph Sutton
0bd4bc40f4 samba-tool: Check specified domain and realm against our own
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Mar 28 03:11:51 UTC 2022 on sn-devel-184
2022-03-28 03:11:51 +00:00
Joseph Sutton
3dccf63e82 samba-tool: Return correct result for _get_user_realm_domain()
We were returning the realm and the domain in the wrong order.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-28 02:17:37 +00:00
Joseph Sutton
52f9629408 samba-tool delegation: Clarify msDS-AllowedToDelegateTo delegation command documentation
This makes the difference between msDS-AllowedToDelegateTo and
msDS-AllowedToActOnBehalfOfOtherIdentity more clear.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14954

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-28 02:17:37 +00:00
Joseph Sutton
9a480f274b samba-tool delegation: Add commands to add/remove principals for RBCD
These commands allow updating the
msDS-AllowedToActOnBehalfOfOtherIdentity attribute with principals
allowed to delegate to an account.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14954

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-28 02:17:37 +00:00
Joseph Sutton
572f90bdef samba-tool delegation show: Display information for RBCD
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14954

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-28 02:17:37 +00:00
Joseph Sutton
e4ea06ec24 samba-tool delegation: Add function to display security descriptor for RBCD
We also check some features of the security descriptor, and display
warnings if they are not as expected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14954

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-28 02:17:37 +00:00
Andreas Schneider
bd1fd3de5c s4:selftest: Remove ad_dc_ntvfs env from several tests
It doesn't make sense to run tests against ad_dc and ad_dc_ntvfs in
those cases.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-28 02:17:37 +00:00
Andreas Schneider
67294a23b9 testprogs: A PKINIT PAC test which runs against Heimdal and MIT Kerberos
There is no need to specify the enctype and it isn't supported by MIT Kerberos
anyway.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Mar 25 21:54:11 UTC 2022 on sn-devel-184
2022-03-25 21:54:11 +00:00
Andreas Schneider
06da77a365 testprogs: Manually reformat test_pkinit_pac.sh
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
970f110086 testprogs: Reformat test_pkinit_pac.sh with shfmt
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
f0f47eedf7 testprogs: Rename test_pkinit_pac_heimdal.sh
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
6a125b0ac9 testprogs: A PKINIT test which runs against Heimdal and MIT Kerberos
There is no need to specify the enctype and it isn't supported with MIT
Kerberos.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
c27f17df37 testprogs: Remove the usage of enctype in test_pkinit_simple.sh
This is not needed anymore and the default is AES in the meantime.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andrew Bartlett
3aa7df568b testprogs: Change from $foo to "${foo}" variable style
This is selected from and to improve the understanding of:

    testprogs: A PKINIT test which runs against Heimdal and MIT Kerberos

    There is no need to specify the enctype and it isn't supported with MIT
    Kerberos.

    Signed-off-by: Andreas Schneider <asn@samba.org>

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
e172885857 testprogs: Manually reformat testit commands in test_pkinit_simple.sh
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
a0deaed629 testprogs: Fix calculating failed in test_pkinit_simple.sh
We only want to increase it if a test is failing. If something is expected to
fail, we should not count that as failed.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
ff0b3a9ee6 testprogs: Format test_pkinit_simple.sh with shfmt
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
9baac4a817 testprogs: Rename test_pkinit_heimdal.sh
We want one common test which works against Heimdal and MIT Kerberos.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
4d0ea9e3b0 testprogs: Fix kerberos_kinit with additional options
The additional options need to come before we specify the principal

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
b39176f795 selftest: Setup PKINIT for MIT Kerberos
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
28f57a757b s4:kdc: Add Smart Card and file based PKINIT support
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
e2b9df1cbc s4:tests: Run Heimdal PKINIT tests only against ad_dc env
There is not difference kerberos-wise between those two envs.

This reverts 661e1a229e.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
5636c59a6d s4:kdc: If we set the kerberos debug level to 10 write a trace file
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
7b226a66ac s4:kdc: Remove trailing white spaces in kdc-service-mit.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Andreas Schneider
bd590c0396 s4:kdc: Improve debug message of samba_kdc_fetch_server()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-25 20:58:33 +00:00
Thomas Debesse
206909d52b s4: dns: Add customizable dns port option
Signed-off-by: Thomas Debesse <dev@illwieckz.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 25 20:25:28 UTC 2022 on sn-devel-184
2022-03-25 20:25:28 +00:00
Ralph Boehme
f74472675c smbd: expand DEBUG statement in smbd_dirptr_get_entry() to include the dir and direntry name
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 25 19:05:06 UTC 2022 on sn-devel-184
2022-03-25 19:05:06 +00:00
Samuel Cabrero
41c72ae9f9 examples: Update winbindd.stp and its generator script
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Mar 25 17:57:18 UTC 2022 on sn-devel-184
2022-03-25 17:57:18 +00:00