Ralph Boehme [Thu, 25 Jun 2015 13:42:04 +0000 (15:42 +0200)]
vfs_fruit: check offset and length for AFP_AfpInfo read requests
fruit_pread doesn't check the offset and length parameters and instead
always writes 60 bytes, the size of the AFP_AfpInfo blob, to the the
passed buffer. If the passed in buffer is smaller, we overwrite
something somewhere.
s3:libads: improve debug levels/messages in ads_find_dc()
We should not flood the logs (and syslog) with fallback warnings.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 2 14:41:31 CEST 2015 on sn-devel-104
Ralph Boehme [Wed, 1 Jul 2015 15:57:36 +0000 (17:57 +0200)]
s3:vfs: copy_chunk buffer size
Use a dynamically allocated copy_chunk buffer size with an upper bound
of 8 MB for now.
The previous size of 64 KB has proven to really hurt performance,
especially with "strict locking = yes".
The SMB2 protocol level maximum allowed copy_chunk size is 1 MB, that's
what will be used as buffer size in the typical case.
With the AAPL copyfile extension the requested copy_chunk size is the
size whole file, which would then make use of a larger buffer up to the
limit of 8 MB.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Robin Hack [Fri, 15 May 2015 07:43:29 +0000 (09:43 +0200)]
selftest: Add setup_fileserver()
Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Robin Hack <rhack@redhat.com> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Wed, 24 Jun 2015 15:02:53 +0000 (17:02 +0200)]
dsdb: Rename a parameter
Coverity was confused by the 'seq_num' variable as an argument for the
'local_usn' parameter, where also a 'seq_num' parameter exists. Doesn't hurt,
and if it kills a Coverity warning, why not...
Martin Schwenke [Wed, 17 Jun 2015 05:05:30 +0000 (15:05 +1000)]
ctdb-daemon: Promote debug messages about --start-as-* to NOTICE level
It is important to know when ctdbd is started with --start-as-stopped
or --start-as-disabled. Given that this only happens once it makes
sense to promote these debug items to NOTICE level.
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Thu, 11 Jun 2015 05:49:25 +0000 (15:49 +1000)]
ctdb-recoverd: Clear IP assignment tree on election loss
If a node was previously recovery master (say, 20 years ago) and it
becomes recovery master again then, if IP assignments have changed,
verify_remote_ip_allocation() can produce messages like the following
when called during recovery:
ctdbd: recoverd:Inconsistent IP allocation - node 0 thinks 10.1.1.1 is held by node 0 while it is assigned to node 1
When a node loses an election it should clear all data specific to it
being the recovery master.
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Tue, 19 May 2015 18:19:09 +0000 (04:19 +1000)]
ctdb-scripts: Create the directory containing the recovery lock
This will handle the most obvious cases. It won't handle the case
where the directory is missing and the recovery lock location is
updated at run-time. However, this is a good improvement.
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Martin Schwenke [Wed, 8 Oct 2014 01:22:06 +0000 (12:22 +1100)]
ctdb-tests: Run transaction tests with externally imposed timeout
This works around cases where ctdb_transaction gets stuck - this still
needs to be debugged. However, this change will at least cause
individual tests to fail rather than having whole test runs time out.
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Michael Adam [Tue, 30 Jun 2015 11:49:38 +0000 (13:49 +0200)]
selftest: skip the ntvfs based base.defer_open tests
They have timing issues and the ntvfs is not the focus
of development.
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Jun 30 17:24:37 CEST 2015 on sn-devel-104
Michael Adam [Fri, 26 Jun 2015 11:54:57 +0000 (13:54 +0200)]
net:conf:import: print error message when importing fails.
If there is a mis-spelled option in a share definition,
'net conf import' will currently silently drop it
(but exit with code != 0). We want to be notified
of what went wrong.
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
samba.stdout:
[1855(18118)/1864 at 2h37m4s] samba4.krb5.kdc with account ALLOWED permission to replicate to an RODC(fl2008r2dc)
[1856(18378)/1864 at 2h37m57s] samba4.blackbox.dbcheck(ad_dc_ntvfs)
ERROR: Testsuite[samba4.blackbox.dbcheck(ad_dc_ntvfs)]
REASON: unable to set up environment ad_dc_ntvfs:local - exiting
samba.stderr:
samba: maximum runtime exceeded - terminating at 1435553350, current ts: 1435553350
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
Amitay Isaacs [Mon, 29 Jun 2015 06:00:08 +0000 (16:00 +1000)]
wafsamba: Cache final_libs for each target
The code for saving/loading dependencies does not cache final_libs for
each target. If wafsamba tries to reuse the saved dependencies, then
it does not get the dependencies on the private libraries correctly.
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jun 30 09:44:10 CEST 2015 on sn-devel-104
Uri Simchoni [Wed, 24 Jun 2015 07:55:06 +0000 (10:55 +0300)]
winbindd: disconnect child process if request is cancelled at main process
When cancelling a request at the main winbindd process, that is currently
being served by a child winbindd process, just freeing all objects related
to the request is not enough, as the next bytes to come through the pipe
from the child process are the response to the cancelled request, and the
object reading those bytes will be the next request. This breaks the protocol.
This change, upon canceling a request that is being served, closes the
connection to the child process, causing the next request to be served
by a new child process (and the detached child to die eventually).
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jun 29 14:00:24 CEST 2015 on sn-devel-104
Talloc is still needed by LIBCRYPTO, because arcfour.h
includes lib/util/data_blob.h which includes talloc.h.
It seems arcfour only uses the DATA_BLOB struct (in e.g. arcfour_crypt
and arcfour_init).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun Jun 28 11:47:16 CEST 2015 on sn-devel-104
Michael Adam [Fri, 26 Jun 2015 14:24:55 +0000 (16:24 +0200)]
ctdb: strip trailing spaces from nodes file.
Signed-off-by: Michael Adam <obnox at samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Jun 27 13:20:18 CEST 2015 on sn-devel-104
Volker Lendecke [Fri, 26 Jun 2015 11:29:27 +0000 (13:29 +0200)]
libsmb: Use fstr_sprint in convert_sid_to_string
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 26 22:35:02 CEST 2015 on sn-devel-104
Michael Adam [Fri, 26 Jun 2015 11:17:01 +0000 (13:17 +0200)]
ctdbd_conn: use the right error code from ctdbd_connect for debug and return
ctdbd_connect() explicitly returns the errno.
Using errno instead of ret misses some important
manually set return values and might use the
errno that is changed by close(fd).
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Jun 26 17:21:26 CEST 2015 on sn-devel-104
Douglas Bagnall [Tue, 23 Jun 2015 23:47:31 +0000 (11:47 +1200)]
Avoid segfault in durable_open tests
There are "goto done"s hiding in CHECK_STATUS in parts of
the code where tree1 is unequivocally NULL.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 26 05:12:02 CEST 2015 on sn-devel-104
Jeremy Allison [Wed, 17 Jun 2015 17:23:30 +0000 (10:23 -0700)]
s3: smbd: Use separate flag to track become_root()/unbecome_root() state.
Early function exit can mean backup_priv is set but we haven't called
become_root(). *Lots* of work by the reviewers went in to checking this
isn't a security issue.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jun 25 22:14:58 CEST 2015 on sn-devel-104
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jun 25 18:29:59 CEST 2015 on sn-devel-104
Andrew Bartlett [Fri, 12 Jun 2015 02:41:20 +0000 (14:41 +1200)]
s4-winbindd: Remove the winbind rewrite from the samba4 effort
This winbind implementation is undermaintained, out of date and not the
future of even the AD DC, let alone any other purpose.
Removing it will reduce our security and bug exposure on this
off by default subsystem
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 24 22:34:57 CEST 2015 on sn-devel-104
Andrew Bartlett [Fri, 19 Jun 2015 04:49:41 +0000 (16:49 +1200)]
Allow winbind removal by matching delays to Samba3.pm
When using winbindd with the ntvfs file server, the responses are faster than
they were in the past. Therefore, set:
posix:sharedelay = 100000
posix:writetimeupdatedelay = 500000
to the values used in Samba3.pm to allow the tests to pass against the NTVFS
file server without the internal winbind.
This allows the internal winbind to be removed.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
auth: Explain why GSS_KRB5_CRED_NO_CI_FLAGS_X is needed
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun 24 13:37:02 CEST 2015 on sn-devel-104
Douglas Bagnall [Wed, 17 Jun 2015 01:21:28 +0000 (13:21 +1200)]
correct sense of macro variable name in SMB2 durable open test
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 24 08:54:23 CEST 2015 on sn-devel-104
Douglas Bagnall [Wed, 17 Jun 2015 01:20:29 +0000 (13:20 +1200)]
Avoid casting pointer to unsigned long long for NULL check
This allows compilation on i386 with -WError. Otherwise we see
this:
../source4/torture/smb2/durable_open.c:41:23: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast]
__location__, #v, (unsigned long long)v, (unsigned long long)correct); \
because the pointer is 32 bits, while long long is 64.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 17 Jun 2015 04:08:18 +0000 (16:08 +1200)]
Use large enough unsigned values in server_id IDL
This matches what we have in struct server_id.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Wed, 17 Jun 2015 04:07:00 +0000 (16:07 +1200)]
remove trailing whitespace in Pidl/Samba4/Python.pm
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Tue, 16 Jun 2015 23:01:10 +0000 (11:01 +1200)]
Byte order reversal shouldn't assume size_t is 64 bit.
This fixes compilation on 32 bit i386 with -WError.
../lib/crypto/aes_gcm_128.c:213:2: error: right shift count >= width of type [-Werror]
../lib/crypto/aes_gcm_128.c:213:2: error: left shift count >= width of type [-Werror]
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
s4:gensec/gssapi: make use of add gssapi_get_sig_size() and gssapi_{seal,unseal,sign,check}_packet() helper functions
This way are able to support GENSEC_FEATURE_SIGN_PKT_HEADER also together with
GENSEC_FEATURE_SEAL.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 24 04:00:43 CEST 2015 on sn-devel-104
s4:kdc/db-glue: allow principals in form of computer@EXAMPLE.COM
This should be translated to computer$@EXAMPLE.COM.
Note the behavior differs between client and server lookup.
In samba_kdc_lookup_client() we need to fallback in case of
NO_SUCH_USER. samba_kdc_lookup_server() needs to do a single search
and only use the result if it's unique.
Volker Lendecke [Tue, 23 Jun 2015 12:58:11 +0000 (14:58 +0200)]
dsdb: Fix CID 1034902 Dereference before null check
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 24 01:02:22 CEST 2015 on sn-devel-104
projects / thirdparty / samba.git / log
