Noel Power [Wed, 27 Nov 2019 20:06:10 +0000 (20:06 +0000)]
s3/selftest: allow samba3.blackbox.smbclient_ntlm.plain run SMB1 & SMB3
samba3.blackbox.smbclient_ntlm.plain used test SMB3 & NT1 protocols
in one test. These changes:
* modify the test driver script test_smbclient_ntlm.sh to take a
protocol as param
* modify the test description generators to pass NT1 & SMB3
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Ralph Boehme <slow@samba.org>
Noel Power [Tue, 19 Nov 2019 15:45:35 +0000 (15:45 +0000)]
s3/script/tests: Allow test script to accept option protocol list
test_preserve_case.sh tests a range of protocols, this however
fails when running against the normal test env (which have min
protocol of SMB2) because one of the protocols is NT1. This change
allows tests to pass the protocol (or list of protocols) so that
tests can be split.
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Ralph Boehme <slow@samba.org>
Noel Power [Wed, 27 Nov 2019 19:37:26 +0000 (19:37 +0000)]
s3/selftest: split SMB1 & SMB2 parts of samba3.blackbox.dfree_quota
samba3.blackbox.dfree_quota was almost exclusively a SMB3 test, only
one part was testing legacy SMB1 behaviour, this change splits this
out so the SMB1 part can be run independantly.
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Ralph Boehme <slow@samba.org>
Noel Power [Tue, 19 Nov 2019 14:11:21 +0000 (14:11 +0000)]
s3/script/tests: Prepare to split samba3.blackbox.net.misc for SMB1/SMB2
modify test_net_misc.sh to accept optional protocol, no protocol
specified and it behaves more or less as before (expect this time the
client max protocol is explicitly speficied)
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Ralph Boehme <slow@samba.org>
Noel Power [Wed, 27 Nov 2019 19:25:49 +0000 (19:25 +0000)]
s3/selftest: allow samba3.blackbox.dfree_command run NT1 & SMB3 tests
samba3.blackbox.dfree_command was a single test that run both NT1 &
SMB3 tests together. This allow the protocol to be passed into the test
script so the test can be divided into SMB1 & >=SM2 tests.
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Thu, 5 Dec 2019 09:38:17 +0000 (10:38 +0100)]
selftest: fix a flapping test
The previous approach of using ls | grep $NAME for testing whether the previous
directory removal succeeded will fail in case $NAME is a substring of any
directory entrie's name.
Eg
NAME=tmp.123
and the directory contains an unrelated entry
tmp.123456
Using allinfo instead should fix this.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
ldb:tests: Allow test filtering in ldb_mod_op_test
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Isaac Boukris <iboukris@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Dec 5 17:13:36 UTC 2019 on sn-devel-184
ldb:tests: Avoid that the debug function overwrites memory
We are setting ldb_debug_string() as the ldb debug function. The context
we give it is only valid as long as we're in that function.
On failure, we jump to the teardown function. The pointer for
debug_string isn't valid anymore, but the ldb debug system still points
to that address, and when we store the location of the allocated string,
we overwrite memory, in that case something from talloc and a
talloc_free() then jumps into the nirvana.
Thanks to Florian Weimer who helped debugging this.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Isaac Boukris <iboukris@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Dec 4 21:27:24 UTC 2019 on sn-devel-184
Douglas Bagnall [Sun, 1 Dec 2019 09:41:06 +0000 (22:41 +1300)]
pidl: don't export parser class methods
These methods are not used or usable as exported functions. The
correct (and actual) usage is along these lines;
require Parse::Pidl::Samba3::ClientNDR;
my $generator = new Parse::Pidl::Samba3::ClientNDR();
my ($c_code,$h_code) = $generator->Parse($ndr, $header, $c_header);
where the methods are either explicitly referenced (new A::B::C),
or are called from the blessed object, neither of which need
exporting.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Dec 4 06:35:06 UTC 2019 on sn-devel-184
Douglas Bagnall [Sat, 30 Nov 2019 03:22:22 +0000 (16:22 +1300)]
pidl: optionally annotate output for debug purposes
It can sometimes be hard to tell which bit of pidl generated which bit
of C. This commit wants to help.
If the PIDL_DEVELOPER environment variable is set (via waf
--pidl-developer or some other means), pidl will annotate *most* C
indicating which lines were generated by which bits of pidl. It looks
something like this:
The comments starting with '//:PIDL:' have the function name, the filename,
and line number. The comment follows the ordinary output, and uses the '//'
style so as not to interfere with multiline /* */ comments if they happen
to exist.
A '//:PIDL:' comment is added whenever the pidl function or indentation
level changes, and very occasionally at other places if pidl runs for a
while without either of these things happening.
This does not affect pidl parsers that do not inherit from Parse::Pidl::Base,
and is careful to have no performance impact on non-debug generation.
This may help with semi-automated flow analysis.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Sat, 30 Nov 2019 02:22:16 +0000 (15:22 +1300)]
pidl: add a base class for PIDL parsers
There are about 5 object-oriented parsers, all with their own
effectively identical but differently spelt versions of pidl(),
pidl_hdr(), indent(), and deindent(). With this commit we add a base
class that they can all use.
The ultimate aim is to be able to add some debugging instrumentation
that benefits all[1] the parsers.
[1] The parsers (e.g. Samba::ServerNDR) which use global scope rather
than objects will not be affected.
The versions of the functions in this file follow the most
sophisticated versions of the soon-to-be subclasses. For example, the
pidl() function avoids spurious whitespace and puts #define at column
0, following the Python parser.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Mon, 2 Dec 2019 22:17:26 +0000 (11:17 +1300)]
pygpo: use correct method flags
The METH_KEYWORDS argument must always be combined with METH_VARARGS.
In Python up to 3.7 this was checked at runtime, and as we had no callers to
get_unix_path() in Python we never noticed. In Python 3.8 it is checked at
import time, and everyone notices even if they aren't directly using GPOs.
Found and reported by Val Kulkov.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14209 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 7 Nov 2019 01:19:24 +0000 (14:19 +1300)]
librpc: Avoid spinning on string_array elements with a short input
Without this protection we will spin during decode of a string_array or nstring_array
that is terminated by only a single NUL byte, not two as required by UTF-16.
Fuzzing by Michael Hanselmann found an infinite loop parsing a malformed
supplemental credentials structure. There are no server-side
network-accessible calls using this code.
This patch adds an ndrdump blackbox test to replicate the issue.
s4:heimdal_build: move krb5-types.h into include/krb5-types.h
source4/heimdal_build/include/ contains public headers,
which are needed by callers.
source4/heimdal_build/*.h should only be used for building the
in tree heimdal itself.
Without this an '#include "replace.h"' can catch 'config.h' from
source4/heimal_build/config.h before bin/default/include/config.h.
This #defines HAVE_CLOSEFROM unconditionally before replace.h can define
the replacement for rep_closefrom() on systems without libbsd.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Dec 3 23:36:17 UTC 2019 on sn-devel-184
Volker Lendecke [Sun, 1 Dec 2019 09:07:06 +0000 (10:07 +0100)]
auth3: Remove auth_script
Did this ever really work?
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Dec 2 22:47:24 UTC 2019 on sn-devel-184
Uri Simchoni [Sun, 20 Oct 2019 18:36:11 +0000 (21:36 +0300)]
heimdal-build: avoid hard-coded /usr/include/heimdal in asn1_compile-generated code.
This fixes a cross-compilation issue, as cross-compilers (rightly)
complain if host include directories are in the include path.
The fix is taken from buildroot (https://github.com/buildroot/buildroot/blob/8b11b96f41a6ffa76556c9bf03a863955871ee57/package/samba4/0006-heimdal_build-wscript_build-do-not-add-host-include-.patch) where it was applied by Bernd Kuhls <bernd.kuhls@t-online.de>.
Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Dec 1 10:22:01 UTC 2019 on sn-devel-184
The winbindd program was built in a single target with many source file,
making reuse of parts elsewhere impossible. With this change the
majority of the code is built as a subsystem and included in the binary
as a dependency.
Signed-off-by: Michael Hanselmann <public@hansmi.ch> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Wed, 20 Nov 2019 05:55:47 +0000 (18:55 +1300)]
selftest: Test partial parse behaviour in ndrdump
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Nov 29 02:09:11 UTC 2019 on sn-devel-184
Andrew Bartlett [Tue, 19 Nov 2019 03:07:50 +0000 (16:07 +1300)]
librpc: Make CFDATA private to cab.idl and remove pull and push functions
We can do this because ndr_{pull,push}_CFDATA is unused.
The earlier commit 466d5e814727046dd630d5503b43874ec46a365e removed
the link between "uint16 cbData" and the size of "DATA_BLOB ab" so
when the new ndr_fuzz_X fusser pushed a new structure this allowed
a read beyond the end of allocated memory.
The ndr_push_cab_file() function is also manually written and
does not rely on the value of cbData to calculate the checksum.
Found by Douglas Bagnall using Hongfuzz and the new fuzz_ndr_X
fuzzer, which like ndrdump's struct mode uses the public structure
tables. (This is how it found the unused functions to test).
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Björn Baumbach [Tue, 26 Nov 2019 09:41:29 +0000 (10:41 +0100)]
samba-tool tests: prepare tests for new samba-tool functionality
Use ldbsearch instead of "samba-tool user show" to get base64 encoded
attribute. Used to verify that the attribute value has been changed
successfully.
Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Isaac Boukris [Fri, 22 Nov 2019 21:39:09 +0000 (22:39 +0100)]
krb5: move disabling dns-canon to lower level init calls
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Isaac Boukris <iboukris@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Nov 27 12:24:16 UTC 2019 on sn-devel-184
Ralph Boehme [Tue, 19 Nov 2019 10:53:50 +0000 (11:53 +0100)]
docs-xml: remove explicit "constant"
The constant mark applied to types "string" and "ustring". The previous patches
in this patchset already markes all string options as either constant or
substituted, but it's still possible to add options or change existing ones to
be neither constant nor substituted.
In order to enforce strings to be either constant or substitued, remove the
explicit constant marker. Instead, any option that is not marked as substituted
is implicitly made constant.
This patch doesn't change behaviour and all generated files are the same before
and after this change.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 4 Nov 2019 18:27:41 +0000 (19:27 +0100)]
smbdotconf: mark "ldap user suffix" with constant="1"
Due to the use of append_ldap_suffix() where Globals.ldap_suffix is returned
directly, variable substitution isn't supported anyway, so we can just mark this
const.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 4 Nov 2019 18:27:41 +0000 (19:27 +0100)]
smbdotconf: mark "ldap machine suffix" with constant="1"
Due to the use of append_ldap_suffix() where Globals.ldap_suffix is returned
directly, variable substitution isn't supported anyway, so we can just mark this
const.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 4 Nov 2019 18:27:41 +0000 (19:27 +0100)]
smbdotconf: mark "ldap idmap suffix" with constant="1"
Due to the use of append_ldap_suffix() where Globals.ldap_suffix is returned
directly, variable substitution isn't supported anyway, so we can just mark this
const.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 4 Nov 2019 18:27:41 +0000 (19:27 +0100)]
smbdotconf: mark "ldap group suffix" with constant="1"
Due to the use of append_ldap_suffix() where Globals.ldap_suffix is returned
directly, variable substitution isn't supported anyway, so we can just mark this
const.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Tue, 5 Nov 2019 08:46:21 +0000 (09:46 +0100)]
smbdotconf: mark "ldap suffix" with constant="1"
Due to the use of append_ldap_suffix() where Globals.ldap_suffix was used
directly in the dependent options like "ldap group suffix", we can just mark
this option as const thereby removing substitution from "ldap suffix".
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Ralph Boehme [Mon, 4 Nov 2019 16:54:23 +0000 (17:54 +0100)]
smbdotconf: mark "ldap admin dn" with constant="1"
All the other LDAP related options like "ldap user suffix" don't support
variable substitution, so I guess it's safe to remove support for it from this
one as well.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
projects / thirdparty / samba.git / log
