1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

102910 Commits

Author SHA1 Message Date
Amitay Isaacs
e834e0a2c0 ctdb-protocol: Fix marshalling of ctdb_reply_control
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-05-03 04:43:20 +02:00
Amitay Isaacs
75363b9954 ctdb-protocol: Use length routines for protocol elements
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-05-03 04:43:20 +02:00
Amitay Isaacs
8a20c116fd ctdb-protocol: Add length routines for protocol elements
This follows the convention used for marshalling routines for ctdb data types.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-05-03 04:43:20 +02:00
Amitay Isaacs
6ec25c7529 ctdb-protocol: Use ctdb_req_header marshalling
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-05-03 04:43:20 +02:00
Amitay Isaacs
79d1507c16 ctdb-protocol: Fix marshalling of ctdb_req_header
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-05-03 04:43:20 +02:00
Amitay Isaacs
2e14d4e4e3 ctdb-protocol: Use TDB_DATA marshalling
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-05-03 04:43:19 +02:00
Amitay Isaacs
c64435f22e ctdb-protocol: Fix marshalling of TDB_DATA
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-05-03 04:43:19 +02:00
Amitay Isaacs
324ae757c3 ctdb-protocol: Use ctdb_string marshalling
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-05-03 04:43:19 +02:00
Amitay Isaacs
fcb2ab7641 ctdb-protocol: Fix marshalling of ctdb_string
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-05-03 04:43:19 +02:00
Martin Schwenke
ddfbd74607 ctdb-doc: Fix example NFS Ganesha recovery directory maintenance logic
This currently fails exactly when it is needed: when there is a
dangling link pointing into an unmounted filesystem.  This happens
because [ -e <dangling-link> ] returns false.  The solution is simply
to remove that check.

Now the first condition in the "if" statement catches the backward
compatibility case where $GANRECDIR used to be a directory.  It will
also catch other problems, such as if a file has been created in this
location.  If nothing exists then it will silently succeed (due to
-f).

The second case catches a symlink pointing to the wrong place (e.g. in
an unmounted filesystem).

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-05-03 04:43:19 +02:00
Ivo De Decker
685e813c45 Add build option for default smbpasswd location
Signed-off-by: Ivo De Decker <ivo.dedecker@ugent.be>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May  3 04:42:24 CEST 2016 on sn-devel-144
2016-05-03 04:42:24 +02:00
Christof Schmitt
84a13e70a6 ctdb/ltdbtool: Fix static declarations
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 30 04:28:13 CEST 2016 on sn-devel-144
2016-04-30 04:28:13 +02:00
Christof Schmitt
e2642da130 smbcacls: Do not read old ACL for 'set' operation
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-30 01:01:42 +02:00
Christof Schmitt
8bb4fccd27 gensec: Change log level of message when no PAC is found
For a Samba server that uses a non-AD KDC this message is triggered on
every new connection. Change the log level from warning/1 to a more
appropriate notice/5.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-30 01:01:42 +02:00
Christof Schmitt
3d33ebe36b winbindd: Remove unused prototypes for winbindd_group.c
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-30 01:01:42 +02:00
Günther Deschner
e0d8c6b6b4 s3:client:smbspool_krb5_wrapper: fix the non clearenv build.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Apr 29 19:52:23 CEST 2016 on sn-devel-144
2016-04-29 19:52:23 +02:00
Uri Simchoni
d28282ce57 xfs quotas - fix case of no quota for user
Fixup commit ce82f66b9f
Add missing success return value when user has no quota record
(this is considered success with no quota)

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Apr 29 05:39:14 CEST 2016 on sn-devel-144
2016-04-29 05:39:14 +02:00
Uri Simchoni
2c03d004f8 nt-quotas: fixup failure case for TRANSACT_GET_USER_QUOTA_FOR_SID
Fixup commit 0e01ed06a4
Add a missing return statement after generating error response to
the request.

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-29 02:15:23 +02:00
Jérémie Courrèges-Anglas
f198abcbb3 Provide fallback code for non-portable clearenv(3)
clearenv(3) is a GNU extension that was rejected twice by POSIX,
without an easy, portable alternative.

As the dovecot project notes,
"""
environ = NULL crashes on OSX - and OpenBSD < 6.0
*environ = NULL doesn't work on FreeBSD 7.0
environ = emptyenv doesn't work on Haiku OS
environ = calloc should work everywhere
"""
(source: http://hg.dovecot.org/dovecot-2.0/file/48f90e7e92dc/src/lib/env-util.c)

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11864
Signed-off-by: Jérémie Courrèges-Anglas <jca@wxcvbn.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Apr 29 00:12:02 CEST 2016 on sn-devel-144
2016-04-29 00:12:02 +02:00
Björn Jacke
90403de7ac testsuit/manage-ca.sh: specify key size in CSRs
specifying the key size is required by some openssl versions

Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-28 20:48:14 +02:00
Robin Hack
b61658e721 winbindd/idmap_rfc2307: Fix CID 1273424 - Read from pointer after free
idmap_rfc2307_ads_search() calls ads_do_search_retry_internal() which
can deallocate ads param based on ads->is_mine boolean.

This approach is fragile so caller must properly check
return code before any pointer dereference.

Signed-off-by: Robin Hack <hack.robin@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2016-04-28 20:48:14 +02:00
Ralph Boehme
184e7873cb winbindd: check if dcinfo from genache is expired
The gencache parse function dcinfo_parser() used by
wb_dsgetdcname_gencache_get() misses a check for expired gencache
entries.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-04-28 20:48:14 +02:00
Stefan Metzmacher
eee88e07b3 s3:selftest: add smbclient_ntlm tests
We test all combinations of NT1 with and without spnego and SMB3
for user, anonymous and guest authentication.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr 28 20:16:45 CEST 2016 on sn-devel-144
2016-04-28 20:16:45 +02:00
Stefan Metzmacher
4de4338723 selftest:Samba4: let fl2000dc use Windows2000 style SPNEGO/NTLMSSP
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
587b5db797 selftest:Samba4: let fl2000dc use Windows2000 supported_enctypes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
70910334ca s3:test_smbclient_auth.sh: this script reqiures 5 arguments
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
b8055cb42c selftest:Samba4: provide DC_* variables for fl2000dc and fl2008r2dc
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
7a2cb2c976 auth/ntlmssp: add ntlmssp_{client,server}:force_old_spnego option for testing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
db9c01a519 auth/spnego: add spnego:simulate_w2k option for testing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11849

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
d667520568 auth/ntlmssp: do map to guest checking after the authentication
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
79a71545bf s3:smbd: only mark real guest sessions with the GUEST flag
Real anonymous sessions don't get it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
25ce97892a s3:smbd: make use SMB_SETUP_GUEST constant
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
837e617632 libcli/security: implement SECURITY_GUEST
SECURITY_GUEST is not exactly the same as SECURITY_ANONYMOUS.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
ead483b0c0 s3:auth_builtin: anonymous authentication doesn't allow a password
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:17 +02:00
Stefan Metzmacher
d247dceaaa s4:auth_anonymous: anonymous authentication doesn't allow a password
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
6546295852 auth/spnego: only try to verify the mechListMic if signing was negotiated.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
e72ad193a5 s3:libsmb: use anonymous authentication via spnego if possible
This makes the authentication consistent between
SMB1 with CAP_EXTENDED_SECURITY (introduced in Windows 2000)
and SNB2.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
fa5799207e s3:libsmb: don't finish the gensec handshake for guest logins
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
02c9021035 s3:libsmb: record the session setup action flags
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
8f4a4bec08 libcli/smb: add smbXcli_session_is_guest() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
cceaa61cf0 libcli/smb: add SMB1 session setup action flags
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
e6f9e176f2 libcli/smb: add smb1cli_session_set_action() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Günther Deschner
8e016ffeb0 libcli/smb: fix NULL pointer derreference in smbXcli_session_is_authenticated().
Guenther

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
53be474102 s3:libsmb: use password = NULL for anonymous connections
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11858

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
d97b347d04 auth/ntlmssp: don't require NTLMSSP_SIGN for smb connections
Enforcement of SMB signing is done at the SMB layer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11850

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
5041adb665 auth/ntlmssp: don't require any flags in the ccache_resume code
ntlmssp_client_challenge() already checks for required flags
before asking winbindd.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11850

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
032c2733de auth/spnego: handle broken mechListMIC response from Windows 2000
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11870

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Stefan Metzmacher
9930bd17f2 auth/spnego: change log level for 'Failed to setup SPNEGO negTokenInit request: NT_STATUS_INTERNAL_ERROR'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11872

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-28 16:51:16 +02:00
Günther Deschner
b6595037f3 s3:librpc:crypto:gse: increase debug level for gse_init_client().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11872

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-28 16:51:16 +02:00
Günther Deschner
95b8b02062 lib:krb5_wrap:krb5_samba: increase debug level for smb_krb5_get_default_realm_from_ccache().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11872

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-04-28 16:51:16 +02:00