IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
`Popen.wait()` will deadlock when using stdout=PIPE and/or stderr=PIPE and the
child process generates large output to a pipe such that it blocks waiting for
the OS pipe buffer to accept more data. Use communicate() to avoid that.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 19 09:27:16 CEST 2017 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13127
(cherry picked from commit 5dc773a5b00834c7a53130a73a48f49048bd55e8)
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit 74ebcf6dfc84b6aab6838fa99e12808eb6b913d9)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13127
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12768
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri May 5 01:37:45 CEST 2017 on sn-devel-144
(cherry picked from commit 4c17850ae7b6c85e99e5d4d5bc5d8e89a9ba6d47)
We need to use the show-recycled control in addition to the
notification control in order to get notifications about deletions.
There's no real problem as the next modification will report the deletion.
But it might be delayed a few minutes.
Note that show-recycled is a superset of show-deleted, so we only need one.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12767
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit afa15e6128473d3e4006f7cdc3762ab4c1cba05a)
Implement a small Python module that exposes arcfour_crypt_blob()
function widely used in Samba C code.
When Samba Python bindings are used to call LSA CreateTrustedDomainEx2,
there is a need to encrypt trusted credentials with RC4 cipher.
Current Samba Python code relies on Python runtime to provide RC4
cipher. However, in FIPS 140-2 mode system crypto libraries do not
provide access RC4 cipher at all. According to Microsoft dochelp team,
Windows is treating AuthenticationInformation blob encryption as 'plain
text' in terms of FIPS 140-2, thus doing application-level encryption.
Replace samba.arcfour_encrypt() implementation with a call to
samba.crypto.arcfour_crypt_blob().
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Mar 15 01:30:24 CET 2017 on sn-devel-144
(cherry picked from commit bbeef554f2c15e739f6095fcb57d9ef6646b411c)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12690
Include samba.crypto Python module to 4.6
Previously, this did nothing and the code was both untested and unused.
Removes the knownfail entry for dbcheck.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12600
(cherry picked from commit 0a7c6b56563faeafd61a620cb330349671bc9f3b)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit ea57a204a1f6b4999e5347c1edb5753bed933fba)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit f04e09e1968c40483b8dc2f92b9c15bce0b0b55a)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit b2fac99ac63739398aa716c26d8e187a25bb8400)
We use PyUnicode_FromString() (which is available from 2.6)
because we really have non-ascii strings.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit d7840e77961cdc4ccc4f5549494d458b6b2c2cf4)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit b86c29b1e6fb2fb4cf203aa38c7764084d855730)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 99b8d6beccf4d3d24f9d87a4d8e5eadfe0e0dd33)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit dd6d119c801076547fc0d087a2b959100146ba95)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 330ef9e572b9cf408ccb7721e86dc2afff245637)
Samba does not maintain one way links when the target is deleted or renamed
so do not fail dbcheck because of such links, but allow them to be updated.
This matters because administrators and make test expect that normal Samba
operation do NOT cause the database to become corrupt, and any error from
dbcheck tends to trigger alarms (or test failures).
If an object pointed at by a one way link is renamed or deleted in normal
operations (such as intersiteTopologyGenerator pointing at a demoted DC),
or make test, then this could trigger.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12577
(cherry picked from commit 35bfc62a31c9ad73449594ddd48f76f50e0abade)
Because these options are optional based on build-time rules, we need to encode the
default value from the additonal Option() blocks in the run() declaration.
Then we can correctly check only for the expected options, and not inconsistently for
None (causing classicupgrade to fail).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12543
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from commit ca961e6a62987dc75931b7714d94fb998d586888)
If cli_credentials_parse_string() is used we should no longer use
any guessed values and need to make sure username and domain
are reset if principal and realm are set.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
As we don't want to create a new smb.conf file
we just simulate it with "creds.set_realm(realm, credentials.UNINITIALISED)".
That's basically the same as the cli_credentials_set_conf() behaviour
if a realm is specified in the configuration.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We should not have cli_credentials_get_realm() return "" without a
configured (default) realm in smb.conf.
Note that the existing tests with creds.get_realm() == lp.get("realm")
also work with "" as string.
At the same time we should never let cli_credentials_get_principal()
return "@REALM.EXAMPLE.COM" nor "username@".
If cli_credentials_parse_string() gets "OTHERDOMAIN\username"
we must not use cli_credentials_get_realm() to generate
a principal unless cli_credentials_get_domain() returns
also "OTHERDOMAIN". What we need to do is using
username@OTHERDOMAIN as principal, whild we still
use cli_credentials_get_realm to get a default kdc,
(which may route us to the correct kdc with WRONG_REALM
messages).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Knowing we have 11 of 15 ACEs is not very helpful
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This exercises the dns_check_name case in the DNS server. Directly
attempting to add an invalid name with leading . or double .. cannot be
done due to ndr_pull_component forcing the check on the client side
(leading to a CNAME name of NUL and unexpected data of the actual name).
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Dec 12 08:46:26 CET 2016 on sn-devel-144
These new tests concern collisions and lock in current Samba behaviour.
They do not pass against Windows Server 2012R2. See dnsserver.py tests
for the tests consistent with Windows behaviour.
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
These tests discover that there are some discrepancies between Windows and Samba.
Although there are failures, they do not appear to be critical, however
some of the SD differences will be important for 2012 support.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
It's important that we correctly initialize domain and realm.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Uses a unconnected 5 DC single site database to test Douglas Bagnalls
patch which corrected a mix up between a str and an object which caused
infinite recursion and a method call on a None type.
This test patch originally triggered an edge case bug. This bug is
triggered by code to create additional edges which normally never ran.
In normal cases, the leftover connections made during a join would
prevent these additional edges from being created.
Signed-off-by: Clive Ferreira <cliveferreira@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This adds a shared header file with macros that enable compatibility
between Python 2 and 3.
The macros are the ones used in ldb/tdb, with some additions
that make sense when the header is shared among several modules.
See the module for a summary of contents.
Signed-off-by: Petr Viktorin <pviktori@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Usage of function _test_id() which generates test id in bytes breaks
Python 3 compatibility. After fix, this function is not used any more.
Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
If we are joining the RID Manager, then we should get a RID Set, but
otherwise we should accept failure with the right error code
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
The backlink name is in attrname, not in link_name
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12297
Here we are more careful when checking links, flagging errors only
when a non-deleted forward link appears incorrect. In particular, we
trust the GUID more than we trust the name, as otherwise we can get
caught out if there is a swap of names, (the link should follow the
swap, staying on the same target GUID).
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12297
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Nov 21 18:49:12 CET 2016 on sn-devel-144
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Nov 7 03:51:11 CET 2016 on sn-devel-144
For historical reasons, TestCase methods have some aliases
which are deprecated since Python 2.7.
Change "assertEquals" to the preferred name, "assertEqual".
Deprecation notice: https://docs.python.org/2/library/unittest.html#deprecated-aliases
Signed-off-by: Lumir Balhar <lbalhar@redhat.com>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
