]>
git.ipfire.org Git - thirdparty/samba.git/log
Ralph Boehme [Wed, 3 Oct 2018 10:01:00 +0000 (12:01 +0200)]
vfs_fruit: add option "wipe_intentionally_left_blank_rfork"
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13642
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
2dbb2d287399e9c829a4fd4908a6dfba9fdfd7e8 )
Ralph Boehme [Thu, 4 Oct 2018 12:28:15 +0000 (14:28 +0200)]
s4:torture: add test for AppleDouble ResourceFork conversion
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13642
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
6f022e61597994bc032e61876f24150d7acb3fc2 )
Ralph Boehme [Thu, 4 Oct 2018 11:47:20 +0000 (13:47 +0200)]
s3:selftest: list vfs testssuites one per line
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13642
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
c3a1f3ec9ba2402de2a876ca06086b2d53e122f0 )
Ralph Boehme [Thu, 4 Oct 2018 16:22:31 +0000 (18:22 +0200)]
docs:vfs_fruit: add "delete_empty_adfiles" option
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13642
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
2a9574b138f620e0a65cd61a957b99653c8dcd78 )
Ralph Boehme [Tue, 2 Oct 2018 14:31:15 +0000 (16:31 +0200)]
docs:vfs_fruit: add "wipe_intentionally_left_blank_rfork" option
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13642
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
f7a98094f05dd4b9abf5dc9704222aa5a07584d4 )
Ralph Boehme [Fri, 19 Oct 2018 10:15:42 +0000 (12:15 +0200)]
vfs_fruit: remove check for number of xattrs from ad_convert_xattr
Turns out that there exist AppleDouble files with an extended FinderInfo
entry that includes the xattr marshall buffer, but the count of xattrs
in the buffer is just zero.
We do want to discard this extended FinderInfo entry and convert it to a
simple fixed size FinderInfo entry, so remove the check.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
5d565f636fcf49fc1bbbfbc24ef730d2f7cc2cf0 )
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Thu Nov 1 18:58:13 CET 2018 on sn-devel-144
Amitay Isaacs [Wed, 10 Oct 2018 07:19:32 +0000 (18:19 +1100)]
ctdb-event: Check the return status of sock_daemon_set_startup_fd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13659
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
a1909603808b994b7822b697494e39e8da4aaa66 )
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Mon Oct 29 14:11:44 CET 2018 on sn-devel-144
Amitay Isaacs [Wed, 10 Oct 2018 07:16:33 +0000 (18:16 +1100)]
ctdb-common: Set close-on-exec for startup fd
The startup_fd should not be propagated to the child processes created
from a daemon. It should only be used in the daemon code to return the
status of the startup. Another use of startup_fd is to notify the
parent if the daemon process has exited.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13659
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
80549927bc1741a4b8af8b8e830de4d37fa0c4a8 )
Martin Schwenke [Thu, 11 Oct 2018 00:26:06 +0000 (11:26 +1100)]
ctdb-daemon: Exit if eventd goes away
ctdbd enters a broken state if eventd goes away. A clean shutdown is
not possible because that involves running events. Restarting eventd
is possible but this might mask a serious problem and it is possible
that eventd might keep on disappearing. Just exit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13659
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
c9e1603a5d0c1a216439d4a2b0e7cdc05181e898 )
Martin Schwenke [Wed, 10 Oct 2018 02:35:00 +0000 (13:35 +1100)]
ctdb-daemon: Return early when refusing to run an event script
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13659
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
a3d12252fa8e0a7e900b819dec30bdb9da458254 )
Volker Lendecke [Sat, 13 Oct 2018 09:39:03 +0000 (11:39 +0200)]
winbindd_cache: Fix timeout calculation for sid<->name cache
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13662
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
fb573c682353daf5b343b6a0f4832dcbc96ebc57 )
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Wed Oct 24 15:23:48 CEST 2018 on sn-devel-144
Ralph Boehme [Tue, 9 Oct 2018 08:15:37 +0000 (10:15 +0200)]
vfs_fruit: move check in ad_convert() to ad_convert_*() subfunctions
Currently the whole conversion is skipped if the FinderInfo entry in the
AppleDouble file is of the default size (ie not containing xattrs).
That also means we never converted FinderInfo from the AppleDouble file
to stream format. This change finally fixes this.
Note that this keeps failing with streams_depot, much like the existing
known-fail of "samba3.vfs.fruit streams_depot.OS X AppleDouble file
conversion". Fixing the conversion to work with vfs_streams_depot is a
task for another day.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Oct 11 01:30:13 CEST 2018 on sn-devel-144
(cherry picked from commit
31daab88e6a415e72ead69844e3eccf5dc02e53c )
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Thu Oct 18 17:37:52 CEST 2018 on sn-devel-144
Ralph Boehme [Mon, 8 Oct 2018 16:47:32 +0000 (18:47 +0200)]
vfs_fruit: make call to ad_convert_truncate() optional
Call ad_convert_truncate() based on whether the previous call
ad_convert_xattr() returned converted_xattr=true.
Upcoming fixes for a different Samba bug (#13642) will hook into calling
ad_convert_truncate() in other cases, this also prepares for that.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
9cf087a474bb2d7d29ca0daeaef412f6b545d0e0 )
Ralph Boehme [Mon, 8 Oct 2018 16:43:51 +0000 (18:43 +0200)]
vfs_fruit: add out arg "converted_xattr" to ad_convert_xattr
Used to let the caller know if a conversion has been done. Currently not
used in the caller, that comes next.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
acb72c1ea7fecc9a7e8eb0219096b1bbdfd8850e )
Ralph Boehme [Mon, 8 Oct 2018 10:51:37 +0000 (12:51 +0200)]
vfs_fruit: add check for OS X filler in FinderInfo conversion
This ensures that the function only acts on AppleDouble files created by
macOS and not AppleDouble files created by us that are already in the
correct format (only using the Resource Fork).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
5598e6bc3583a88f474afa2996d1f9362d1bd9fb )
Ralph Boehme [Fri, 5 Oct 2018 20:05:43 +0000 (22:05 +0200)]
vfs_fruit: call ad_convert_move_reso() from ad_convert_xattr()
ad_convert_xattr() is the place that triggers the need to move the
resource fork, so it should also call ad_convert_move_reso().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
70d3ae5a89fc62db192c44b92a5b7fb67a93d88e )
Ralph Boehme [Fri, 5 Oct 2018 15:07:45 +0000 (17:07 +0200)]
vfs_fruit: let the ad_convert_*() subfunction update the on-disk AppleDoube header as needed
Another step in simplifying ad_convert() itself. It means that we may
write to disk twice, but is only ever done once per AppleDouble file.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
1692ca5fd8ae2560dae6828f3c5c05a65c530726 )
Ralph Boehme [Fri, 5 Oct 2018 14:59:18 +0000 (16:59 +0200)]
vfs_fruit: let the ad_convert_*() subfunctions mmap as needed
This may mean that we mmap twice when we convert an AppleDouble file,
but this is the only sane way to cleanly modularize ad_convert().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
918c6c59901d0bf939dcc178b661b6ae8201e903 )
Ralph Boehme [Fri, 5 Oct 2018 14:52:32 +0000 (16:52 +0200)]
vfs_fruit: fix error returns in ad_convert_xattr()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
f91e0c857a5a44a5eab7696fafda758044739978 )
Ralph Boehme [Fri, 5 Oct 2018 17:15:04 +0000 (19:15 +0200)]
vfs_fruit: use ADEDOFF_RFORK_DOT_UND offset macro in ad_convert_move_reso()
We really want the fixed size offset here, not a calculated one. Note
that "ad_getentryoff(ad, ADEID_FINDERI) + ADEDLEN_FINDERI" is equal to
ADEDOFF_RFORK_DOT_UND.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
93b7e0562159eae40e196f6be8d82283f0be2888 )
Ralph Boehme [Fri, 5 Oct 2018 14:44:53 +0000 (16:44 +0200)]
vfs_fruit: split out moving of the resource fork
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
4c7e1de46f4287818ef525c8939029ccb09adf65 )
Ralph Boehme [Fri, 5 Oct 2018 17:15:04 +0000 (19:15 +0200)]
vfs_fruit: use ADEDOFF_RFORK_DOT_UND offset macro in ad_convert_truncate()
We really want the fixed size offset here, not a calculated one. Note
that "ad_getentryoff(ad, ADEID_RFORK)" is equal to ADEDOFF_RFORK_DOT_UND
in this case.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
b948681b2bbaba202843858857fb9edbb543bdf2 )
Ralph Boehme [Fri, 5 Oct 2018 17:13:16 +0000 (19:13 +0200)]
vfs_fruit: split out truncating from ad_convert()
This may look a little ill-advised as this increases line count, but
the goal here is modularizing ad_convert() itself and making it as slick
as possible helps achieving that goal.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
98bd7c0a46f72b097011a5c59e899ac4862ff651 )
Ralph Boehme [Fri, 5 Oct 2018 14:26:46 +0000 (16:26 +0200)]
vfs_fruit: move FinderInfo lenght check to ad_convert()
The final step in consolidating all conversion related work in
ad_convert(). No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
4f1174b6eb2257d789a1eb9c925ccc561bab2f16 )
Ralph Boehme [Fri, 5 Oct 2018 14:25:27 +0000 (16:25 +0200)]
vfs_fruit: move FinderInfo conversion to helper function and call it from ad_convert()
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
d27d0326c3c8cb6d217e6c8056fae2c98ef82803 )
Ralph Boehme [Fri, 5 Oct 2018 14:14:40 +0000 (16:14 +0200)]
vfs_fruit: move storing of modified struct adouble to ad_convert()
ad_convert() modified it, so let ad_convert() also save it to disk. No
change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
b355a09576563d0f681d0bf830d0e2c769533399 )
Ralph Boehme [Thu, 4 Oct 2018 06:51:28 +0000 (08:51 +0200)]
vfs_fruit: remove unneeded fd argument from ad_convert()
Use the struct adouble member ad_fd instead of passing it as an
argument. Who did that in the first place? :)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
99cc9ef82b50b57149f71a40d4b22a3fc32a5a97 )
Ralph Boehme [Thu, 4 Oct 2018 06:23:59 +0000 (08:23 +0200)]
vfs_fruit: do direct return from error checks in ad_convert()
Subsequent commits will move the mmap() into the subfunctions. This
change just prepares for that.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
8bc36d723ff41afe768f42b833aa951e1ee8fb38 )
Ralph Boehme [Tue, 2 Oct 2018 12:51:05 +0000 (14:51 +0200)]
vfs_fruit: move setting ADEID_FINDERI length to ad_convert_xattr()
ad_convert_xattr() does the conversion of the xattr data in the
AppleDouble file, so we should update it's size there and should not
defer it to the caller.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
d161e047710322491802d75f47598f96727cd004 )
Ralph Boehme [Fri, 5 Oct 2018 13:12:44 +0000 (15:12 +0200)]
vfs_fruit: store filler bytes from AppleDouble file header in struct adouble
This can later be used to distinguish between macOS created AppleDouble
files and AppleDouble files created by Samba or Netatalk.
macOS: "Mac OS X "
Samba: "Netatalk "
Netatalk: "Netatalk "
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
8ee7e6135e39520f486e8f8f4ba36009c9113229 )
Ralph Boehme [Tue, 11 Sep 2018 12:05:43 +0000 (14:05 +0200)]
vfs_fruit: fix two comments
Thanks to the recent addition of ad_convert_xattr() we now correctly
handle this case.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
7e010abbaad79643f31361de47340c218fa39505 )
Ralph Boehme [Sun, 7 Oct 2018 16:26:47 +0000 (18:26 +0200)]
s4:torture: FinderInfo conversion test with AppleDouble without xattr data
This testcase demonstrates that the AppleDouble conversion in vfs_fruit
doesn't correctly convert the FinderInfo data from the AppleDouble file
to a stream.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13649
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
8b9728480f6ab22da0831400796f3c39ec543df8 )
Stefan Metzmacher [Fri, 17 Aug 2018 09:35:41 +0000 (11:35 +0200)]
smb2_server: set req->do_encryption = true earlier
The STATUS_SESSION_EXPIRED error was returned unencrypted,
if the request was encrypted.
If clients use SMB3 encryption and the kerberos authenticated session
expires, clients disconnect the connection instead of doing a reauthentication.
From https://blogs.msdn.microsoft.com/openspecification/2012/10/05/encryption-in-smb-3-0-a-protocol-perspective/
The sender encrypts the message if any of the following conditions is
satisfied:
- If the sender is sending a response to an encrypted request.
- If Session.EncryptData is TRUE and the request or response being
sent is not NEGOTIATE.
- If Session.EncryptData is FALSE, the request or response being sent
is not NEGOTIATE or SESSION_SETUP or TREE_CONNECT, and
<TreeConnect|Share>.EncryptData is TRUE.
[MS-SMB2] 3.3.4.1.4 Encrypting the Message
If Connection.Dialect belongs to the SMB 3.x dialect family and
Connection.ClientCapabilities includes the SMB2_GLOBAL_CAP_ENCRYPTION
bit, the server MUST encrypt the message before sending, if any of the
following conditions are satisfied:
- If the message being sent is any response to a client request for which
Request.IsEncrypted is TRUE.
- If Session.EncryptData is TRUE and the response being sent is not
SMB2_NEGOTIATE or SMB2 SESSION_SETUP.
- If Session.EncryptData is FALSE, the response being sent is not
SMB2_NEGOTIATE or SMB2 SESSION_SETUP or SMB2 TREE_CONNECT, and
Share.EncryptData for the share associated with the TreeId in the SMB2
header of the response is TRUE.
The server MUST encrypt the message as specified in section 3.1.4.3,
before sending it to the client.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13624
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Oct 2 14:11:30 CEST 2018 on sn-devel-144
(cherry picked from commit
4ef45e5334d5874f5d0fdc69286b745ebcdc612d )
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Wed Oct 10 17:25:32 CEST 2018 on sn-devel-144
Stefan Metzmacher [Fri, 28 Sep 2018 10:23:37 +0000 (12:23 +0200)]
s4:torture: split smb2.session.expire{1,2} to run with signing and encryptpion
This reproduces the problem we have with expired encrypted sessions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13624
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
01b868455c9bae309d1ca7ddad54077fc5d7f4b1 )
Amitay Isaacs [Thu, 15 Feb 2018 01:28:36 +0000 (12:28 +1100)]
ctdb-tests: Drop code for RECEIVE_RECORDS control
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
83b3c5670d85c607c1cf1ab8cfc2c967d4d16721 )
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Tue Oct 9 16:04:36 CEST 2018 on sn-devel-144
Amitay Isaacs [Thu, 15 Feb 2018 01:21:57 +0000 (12:21 +1100)]
ctdb-protocol: Drop marshalling code for RECEIVE_RECORDS control
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
2f89bd96fb6c5e50cfc09604ceb6b96a94cb4f56 )
Amitay Isaacs [Thu, 15 Feb 2018 02:52:10 +0000 (13:52 +1100)]
ctdb-protocol: Mark RECEIVE_RECORDS control obsolete
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
81dae71fa74bfd83a5701e4841b5a0a13cbe87a1 )
Amitay Isaacs [Thu, 15 Feb 2018 01:04:32 +0000 (12:04 +1100)]
ctdb-daemon: Drop implementation of RECEIVE_RECORDS control
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
d18385ea2aa93770996214d056a384a0244e7d73 )
Amitay Isaacs [Wed, 14 Feb 2018 04:23:07 +0000 (15:23 +1100)]
ctdb-vacuum: Remove unnecessary check for zero records in delete list
Since no records are deleted from RB tree during step 1, there is no
need for the check. Run step 2 unconditionally.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
e15cdc652d76b37c58cd114215f00500991bc6b4 )
Amitay Isaacs [Wed, 14 Feb 2018 04:18:17 +0000 (15:18 +1100)]
ctdb-vacuum: Fix the incorrect counting of remote errors
If a node fails to delete a record in TRY_DELETE_RECORDS control during
vacuuming, then it's possible that other nodes also may fail to delete a
record. So instead of deleting the record from RB tree on first failure,
keep track of the remote failures.
Update delete_list.remote_error and delete_list.left statistics only
once per record during the delete_record_traverse.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
ef052397173522ac2dd0d0bd9660a18a13a3e4fc )
Amitay Isaacs [Wed, 14 Feb 2018 03:50:40 +0000 (14:50 +1100)]
ctdb-vacuum: Simplify the deletion of vacuumed records
The 3-phase deletion of vacuumed records was introduced to overcome
the problem of record(s) resurrection during recovery. This problem
is now handled by avoiding the records from recently INACTIVE nodes in
the recovery process.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
202b9027ba44eee33c2fde2332126be10f719423 )
Martin Schwenke [Mon, 24 Sep 2018 06:17:19 +0000 (16:17 +1000)]
ctdb-tests: Add recovery record resurrection test for volatile databases
Ensure that deleted records and vacuumed records are not resurrected
from recently inactive nodes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
dcc9935995a5a7b40df64653a605d1af89075bd1 )
Amitay Isaacs [Wed, 14 Feb 2018 03:19:44 +0000 (14:19 +1100)]
ctdb-daemon: Invalidate records if a node becomes INACTIVE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
c4ec99b1d3f1c5bff83bf66e3fd64d45a8be7441 )
Amitay Isaacs [Wed, 14 Feb 2018 03:27:32 +0000 (14:27 +1100)]
ctdb-daemon: Don't pull any records if records are invalidated
This avoids unnecessary work during recovery to pull records from nodes
that were INACTIVE just before the recovery.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
040401ca3abfa266261130f6c5ae4e9718f19cd7 )
Amitay Isaacs [Wed, 14 Feb 2018 03:29:18 +0000 (14:29 +1100)]
ctdb-daemon: Add invalid_records flag to ctdb_db_context
If a node becomes INACTIVE, then all the records in volatile databases
are invalidated. This avoids the need to include records from such
nodes during subsequent recovery after the node comes out INACTIVE state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13641
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit
71896fddf10a92237d332779ccbb26c059caa649 )
Jeremy Allison [Thu, 27 Sep 2018 21:12:47 +0000 (14:12 -0700)]
s3: smbd: Prevent valgrind errors in smbtorture3 POSIX test.
Missing fsp talloc free and linked list delete in error
paths in close_directory(). Now matches close_normal_file()
and close_fake_file().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13633
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 29 05:32:41 CEST 2018 on sn-devel-144
(cherry picked from commit
660dbfaeff493359474ebdb36098ac49b3f7ba0c )
Volker Lendecke [Fri, 7 Sep 2018 05:27:46 +0000 (07:27 +0200)]
examples: Fix the smb2mount build
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
94852e3544bf2cace3ddba8b9c89d986d77fdab5 )
Christof Schmitt [Tue, 21 Aug 2018 23:11:02 +0000 (16:11 -0700)]
s3:smbget: Use cmdline_messaging_context
Initialize the messaging context through cmdline_messaging_context to
allow access to config in clustered Samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
20ed13923ed3c55e1b293e5440028d29384e9d3a )
Christof Schmitt [Tue, 21 Aug 2018 19:35:11 +0000 (12:35 -0700)]
s3:smbcontrol: Use cmdline_messaging_context
Initialize the messaging context through cmdline_messaging_context to
allow access to config in clustered Samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
de040eafbd7d729316d757c14c44df163a4b36ad )
Christof Schmitt [Tue, 21 Aug 2018 19:34:34 +0000 (12:34 -0700)]
s3:dbwrap_tool: Use cmdline_messaging_context
Initialize the messaging context through cmdline_messaging_context to
allow access to config in clustered Samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
7eeff96b826711b5a8d44ab24603dafcc0343d84 )
Christof Schmitt [Mon, 20 Aug 2018 23:21:51 +0000 (16:21 -0700)]
s3:eventlogadm: Use cmdline_messaging_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(backported from commit
095123df945270bc51635a19125a7abdfcd4ab80 )
Christof Schmitt [Mon, 20 Aug 2018 23:18:20 +0000 (16:18 -0700)]
s3: ntlm_auth: Use cmdline_messaging_context
Call cmdline_messaging_context to initialize the messaging context
before accessing clustered Samba config.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
9ed617474f588ceb42c8929ee8a51071a408c219 )
Christof Schmitt [Mon, 20 Aug 2018 23:15:02 +0000 (16:15 -0700)]
s3:sharesec: Use cmdline_messaging_context
Call cmdline_messasging_context to initialize messaging context before
accessing clustered Samba config.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
cab8f27bbc927e48c52bac6350325e8ec38092b2 )
Christof Schmitt [Mon, 20 Aug 2018 23:11:11 +0000 (16:11 -0700)]
s3:testparm: Use cmdline_messaging_context
Call cmdline_messaging_context to initialize a messaging config before
accessing clustered Samba config.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
ea7a4ff7ae5ef2b22fb7ef5640d6b946c064cfc3 )
Christof Schmitt [Mon, 20 Aug 2018 23:08:21 +0000 (16:08 -0700)]
s3:pdbedit: Use cmdline_messaging_context
Initialize the messaging context through cmdline_messaging_context to
allow access to config in clustered Samba.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
4661537c201acebee991d219d151cb481f56265c )
Ralph Boehme [Tue, 10 Jul 2018 14:29:46 +0000 (16:29 +0200)]
s3:messaging: remove unused messaging_init_client()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
f56496b11469f0e9af9ba81cefb796ca1febabb1 )
Christof Schmitt [Mon, 20 Aug 2018 23:01:00 +0000 (16:01 -0700)]
s3:net: Use cmdline_messaging_context
Use cmdline_messaging_context with its error checking instead of open
coding the same steps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(backported from commit
f2b659e4f518ccb06f221dd028f99883ca1a1847 )
Christof Schmitt [Mon, 20 Aug 2018 22:54:11 +0000 (15:54 -0700)]
rpcclient: Use cmdline_messaging_context
Use cmdline_messaging_context with its error checking instead of open
coding the same steps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
dd3ae2ffdc66be4707471bfccf27ef446b5599cb )
Christof Schmitt [Mon, 20 Aug 2018 22:46:27 +0000 (15:46 -0700)]
s3:smbstatus: Use cmdline_messaging_context
Use cmdline_messaging_context to initialize a messaging context instead
of open coding the same steps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(backported from commit
d7fa3815a83a50fd9e3d78cac0d5ef3eb79235e5 )
Christof Schmitt [Mon, 20 Aug 2018 22:38:33 +0000 (15:38 -0700)]
s3:smbpasswd: Use cmdline_messaging_context
smbpasswd does not use POPT_CREDENTIALS. Call cmdline_messaging_context
to initialize a messaging_context with proper error checking before
calling lp_load_global.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
29fd2c2e5ad3c2d44f3629c6b7b4139772fe350c )
Christof Schmitt [Tue, 21 Aug 2018 21:58:01 +0000 (14:58 -0700)]
test:doc: Skip 'clustering=yes'
As testparm will error out when running clustering=yes as non-root, skip
this step to avoid a test failure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(backported from commit
3ecb9ed7b079fc1bf74c311cf5f1684086b36883 )
Ralph Boehme [Tue, 10 Jul 2018 13:26:40 +0000 (15:26 +0200)]
s3:popt_common: use cmdline_messaging_context() in popt_common_credentials_callback()
This adds a call to cmdline_messaging_context() to the popt
popt_common_credentials_callback() hook and ensures that any client tool
that uses POPT_COMMON_CREDENTIALS gets an implicit messaging context,
ensuring it doesn't crash in the subsequent lp_load_client() with
include=registry in a cluster.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
2c63ce94ef3a55ab0aa1aae4f6fee88e29ac2efe )
Ralph Boehme [Tue, 10 Jul 2018 08:38:10 +0000 (10:38 +0200)]
selftest: pass configfile to pdbedit
This is needed otherwise pdbedit fails to initialize messaging in
autobuild.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
10e1a6ebb3d95b8a1584a9b90c2584536aa9c96d )
Ralph Boehme [Tue, 10 Jul 2018 06:11:31 +0000 (08:11 +0200)]
s3:loadparm: reinit_globals in lp_load_with_registry_shares()
This was set to false in
0e0d77519c27038b30fec92d542198e97be767d9 based
on the assumption that callers would have no need to call
lp_load_initial_only() with a later call to lp_load_something().
This is not quite correct, since for accessing registry config on a
cluster with include=registry, we need messaging up and running which
*itself* requires loadparm to be initialized to get the statedir,
lockdir asf. directories.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
3aca3f24d4bdacc11278388934b0b411d518d7b0 )
Christof Schmitt [Mon, 20 Aug 2018 21:44:28 +0000 (14:44 -0700)]
s3:lib: Introduce cmdline context wrapper
Command line tools need acccess to the same messaging context provided
by server_messaging_context, as common code for db_open uses that
context. We want to have additional checking for command line tools
without having that code part of the servers. Introduce a wrapper
library to use for command line tools with the additional checks, that
then acquires the server_messaging_context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
8c3b62e6231e62feafacf2a7ee4c9d41cd27a4a1 )
Christof Schmitt [Mon, 13 Aug 2018 22:39:08 +0000 (15:39 -0700)]
s3:lib: Move popt_common_credentials to separate file
This is only used by command line utilities and has additional
dependencies. Move to a separate file to contain the dependencies to the
command line tools.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
b7464fd89bc22b71c82bbaa424bcbfcf947db651 )
Christof Schmitt [Mon, 13 Aug 2018 22:07:20 +0000 (15:07 -0700)]
s3/lib:popt_common: Move setup_logging to common callback
The flag is set in the common callback, so be consistent
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
dff1028e8ba4c70e726283c12531853681034014 )
Ralph Boehme [Mon, 9 Jul 2018 15:11:57 +0000 (17:11 +0200)]
s3:lib/server_contexts: make server_event_ctx and server_msg_ctx static
server_event_ctx and server_msg_ctx static shouldn't be accessible from
outside this compilation unit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit
d920a725ee19215190bbccaefd5b426bedc98860 )
Karolin Seeger [Tue, 25 Sep 2018 07:48:24 +0000 (09:48 +0200)]
VERSION: Bump version up to 4.8.6...Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 25 Sep 2018 07:47:46 +0000 (09:47 +0200)]
VERSION: Disable GIT_SNAPSHOT for the 4.8.6 release.Signed-off-by: Karolin Seeger <kseeger@samba.org>
Karolin Seeger [Tue, 25 Sep 2018 07:47:04 +0000 (09:47 +0200)]
WHATSNEW: Add release notes for Samba 4.8.6.Signed-off-by: Karolin Seeger <kseeger@samba.org>
Volker Lendecke [Mon, 7 May 2018 14:53:00 +0000 (16:53 +0200)]
lib: Hold at most 10 outstanding paged result cookies
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13362
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 15 09:37:21 CEST 2018 on sn-devel-144
(cherry picked from commit
9fbd4672b06de5333a9c44fc126b8edac0b9d31a )
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Thu Sep 27 15:32:11 CEST 2018 on sn-devel-144
Volker Lendecke [Mon, 7 May 2018 14:41:55 +0000 (16:41 +0200)]
lib: Put "results_store" into a doubly linked list
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13362
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
8063995a92fffc93aa9d6d1d92a75bf3f3c9592b )
Martin Schwenke [Mon, 3 Sep 2018 03:30:57 +0000 (13:30 +1000)]
ctdb-recoverd: Set recovery lock handle at start of attempt
This allows the attempt to be cancelled if an election is lost and an
unlock is done before the attempt is completed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Sep 18 02:18:30 CEST 2018 on sn-devel-144
(cherry picked from commit
486022ef8f43251258f255ffa15f1a01bc6aa2b7 )
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Thu Sep 20 14:05:59 CEST 2018 on sn-devel-144
Martin Schwenke [Mon, 3 Sep 2018 03:01:19 +0000 (13:01 +1000)]
ctdb-recoverd: Handle cancellation when releasing recovery lock
If the recovery lock is in the process of being taken then free the
cluster mutex handle but leave the recovery lock handle in place.
This allows ctdb_recovery_lock() to fail.
Note that this isn't yet live because rec->recovery_lock_handle is
still only set at the completion of the attempt to take the lock.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
b1dc5687844e90b0e3c39cb46a1116c86118fbf4 )
Martin Schwenke [Tue, 11 Sep 2018 05:05:19 +0000 (15:05 +1000)]
ctdb-recoverd: Return early when the recovery lock is not held
This makes upcoming changes simpler.
Update to modern debug macro while touching relevant line.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
a755d060c13b65dfb6d73979aaf111c489882bfb )
Martin Schwenke [Mon, 3 Sep 2018 02:39:32 +0000 (12:39 +1000)]
ctdb-recoverd: Store recovery lock handle
... not just cluster mutex handle.
This makes the recovery lock handle long-lived and with allow the
releasing code to cancel an in-progress attempt to take the recovery
lock.
The cluster mutex handle is now allocated off the recovery lock
handle.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
c52216740bd81b68876de06e104822bbbca86df9 )
Martin Schwenke [Mon, 3 Sep 2018 01:43:44 +0000 (11:43 +1000)]
ctdb-recoverd: Use talloc() to allocate recovery lock handle
At the moment this is still local and is freed after the mutex is
successfully taken.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
a53b264aee7d620ee8ecf9114b0014c5bb678484 )
Martin Schwenke [Mon, 3 Sep 2018 01:30:06 +0000 (11:30 +1000)]
ctdb-recoverd: Rename hold_reclock_state to ctdb_recovery_lock_handle
This will be a longer lived structure.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
af22f03dbe9040f5f743eb85bb50d411269bbab4 )
Martin Schwenke [Sat, 8 Sep 2018 22:30:50 +0000 (08:30 +1000)]
ctdb-recoverd: Re-check master on failure to take recovery lock
If the master changed while trying to take the lock then fail gracefully.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
c516e58ce92c420dc993bd9b7f1433641bd764bd )
Martin Schwenke [Sat, 8 Sep 2018 22:27:46 +0000 (08:27 +1000)]
ctdb-recoverd: Clean up taking of recovery lock
No functional changes, just coding style cleanups and debug message
tweaks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
59fc01646c7d65ba90b0a1a34c3795ff842351c5 )
Martin Schwenke [Wed, 12 Sep 2018 07:51:47 +0000 (17:51 +1000)]
ctdb-cluster-mutex: Block signals around fork
If SIGTERM is received and the tevent signal handler setup in the
recovery daemon is still enabled then the signal is handled and a
corresponding event is queued. The child never runs an event loop so
the signal is effectively ignored.
Resetting the SIGTERM handler isn't enough. A signal can arrive
before that.
Block SIGTERM before forking and then immediately unblock it in the
parent.
In the child, unblock SIGTERM after the signal handler is reset. An
explicit unblock is needed because according to sigprocmask(2) "the
signal mask is preserved across execve(2)".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
e789d0da57fc3fc6d22bfa00577a2e65034ca27a )
Martin Schwenke [Wed, 12 Sep 2018 04:18:00 +0000 (14:18 +1000)]
ctdb-cluster-mutex: Reset SIGTERM handler in cluster mutex child
If SIGTERM is received and the tevent signal handler setup in the
recovery daemon is still enabled then the signal is handled and a
corresponding event is queued. The child never runs an event loop so
the signal is effectively ignored.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13617
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit
5a6b139884f08ee2ee10f9d16fe56ad8fb5352a6 )
Andreas Schneider [Thu, 6 Sep 2018 10:40:10 +0000 (12:40 +0200)]
wafsamba: Fix 'make -j<jobs>'
Currently only 'make -j' enables parallel builds and e.g. 'make -j4'
results in no parallel compile jobs at all.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13606
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Sep 7 20:24:46 CEST 2018 on sn-devel-144
(cherry picked from commit
70169d4789fe8b2ee4efe5e88eeaa80e1a641b32 )
Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-8-test): Mon Sep 10 16:45:04 CEST 2018 on sn-devel-144
Alexander Bokovoy [Fri, 16 Feb 2018 16:15:28 +0000 (18:15 +0200)]
krb5-samba: interdomain trust uses different salt principal
Salt principal for the interdomain trust is krbtgt/DOMAIN@REALM where
DOMAIN is the sAMAccountName without the dollar sign ($)
The salt principal for the BLA$ user object was generated wrong.
dn: CN=bla.base,CN=System,DC=w4edom-l4,DC=base
securityIdentifier: S-1-5-21-
4053568372 -
2049667917 -
3384589010
trustDirection: 3
trustPartner: bla.base
trustPosixOffset: -
2147483648
trustType: 2
trustAttributes: 8
flatName: BLA
dn: CN=BLA$,CN=Users,DC=w4edom-l4,DC=base
userAccountControl: 2080
primaryGroupID: 513
objectSid: S-1-5-21-
278041429 -
3399921908 -
1452754838 -1597
accountExpires:
9223372036854775807
sAMAccountName: BLA$
sAMAccountType:
805306370
pwdLastSet:
131485652467995000
The salt stored by Windows in the package_PrimaryKerberosBlob
(within supplementalCredentials) seems to be
'W4EDOM-L4.BASEkrbtgtBLA' for the above trust
and Samba stores 'W4EDOM-L4.BASEBLA$'.
While the salt used when building the keys from
trustAuthOutgoing/trustAuthIncoming is
'W4EDOM-L4.BASEkrbtgtBLA.BASE', which we handle correct.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Sep 5 03:57:22 CEST 2018 on sn-devel-144
(cherry picked from commit
f3e349bebc443133fdbe4e14b148ca8db8237060 )
Autobuild-User(v4-8-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-8-test): Wed Sep 5 18:32:05 CEST 2018 on sn-devel-144
Stefan Metzmacher [Tue, 4 Sep 2018 08:53:52 +0000 (10:53 +0200)]
testprogs/blackbox: let test_trust_user_account.sh check the correct kerberos salt
This demonstrates the bug we currently have.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
1b31fa62567ec549e32c9177b322cfbfb3b6ec1a )
Stefan Metzmacher [Tue, 4 Sep 2018 08:38:44 +0000 (10:38 +0200)]
testprogs/blackbox: add testit[_expect_failure]_grep() to subunit.sh
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
8526feb100e59bc5a15ceb940e6cecce0de59247 )
Stefan Metzmacher [Tue, 4 Sep 2018 08:16:59 +0000 (10:16 +0200)]
samba-tool: add virtualKerberosSalt attribute to 'user getpassword/syncpasswords'
This might be useful for someone, but at least it's very useful for
tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
39c281a23673691bab621de1a632d64df2c1c102 )
Alexander Bokovoy [Fri, 16 Feb 2018 16:15:28 +0000 (18:15 +0200)]
s4:selftest: test kinit with the interdomain trust user account
To test it, add a blackbox test that ensures we pass a keytab-based
authentication with the trust user account for a trusted domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
7df505298f71432d5adbcffccde8f97c117a57a6 )
Ralph Boehme [Thu, 8 Mar 2018 16:34:08 +0000 (17:34 +0100)]
libds: rename UF_MACHINE_ACCOUNT_MASK to UF_TRUST_ACCOUNT_MASK
The name UF_TRUST_ACCOUNT_MASK better reflects the use case and it's not
yet used.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
8497d2090900b252853278f29a4aaf3bce7515da )
Volker Lendecke [Tue, 7 Aug 2018 13:10:31 +0000 (15:10 +0200)]
vfs_fruit: Don't unlink the main file
The original fix for bug 13441 was missing a check that verifies that
fruit_ftruncate() is actually called on a stream.
Follow-up to
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 23 15:28:48 CEST 2018 on sn-devel-144
(cherry picked from commit
8c14234871820eacde46670d722a676fb5f3a46c )
Volker Lendecke [Tue, 7 Aug 2018 13:11:22 +0000 (15:11 +0200)]
torture: Make sure that fruit_ftruncate only unlinks streams
Follow-up to
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit
c39ec64231b261fe4ada02f1f1b9aa344cf35bb5 )
Ralph Boehme [Thu, 30 Aug 2018 13:57:33 +0000 (15:57 +0200)]
s3:smbd: add a comment stating that file_close_user() is redundant for SMB2
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Sep 1 01:26:35 CEST 2018 on sn-devel-144
(cherry picked from commit
5d95f79f604d90c2646225a0f2470f05dd71e19e )
Ralph Boehme [Wed, 29 Aug 2018 15:19:29 +0000 (17:19 +0200)]
s3:smbd: let session logoff close files and tcons before deleting the session
This avoids a race in durable handle reconnects if the reconnect comes
in while the old session is still in the tear-down phase.
The new session is supposed to rendezvous with and wait for destruction
of the old session, which is internally implemented with
dbwrap_watch_send() on the old session record.
If the old session deletes the session record before calling
file_close_user() which marks all file handles as disconnected, the
durable handle reconnect in the new session will fail as the records are
not yet marked as disconnected which is a prerequisite.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
8f6edcc1645e0ed35eaec914bd0b672500ce986c )
Ralph Boehme [Thu, 30 Aug 2018 13:50:02 +0000 (15:50 +0200)]
s3:smbd: reorder tcon global record deletion and closing files of a tcon
As such, this doesn't change overall behaviour, but in case we ever add
semantics acting on tcon record changes via an API like
dbwrap_watch_send(), this will make a difference as it enforces
ordering.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(backported from commit
b70b8503faded81b10859131f08486349876d132 )
Ralph Boehme [Thu, 30 Aug 2018 17:15:19 +0000 (19:15 +0200)]
selftest: add a durable handle test with delayed disconnect
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
5508024a861e7c85e6c837552ad142aa1d5e8eca )
Ralph Boehme [Fri, 31 Aug 2018 06:28:46 +0000 (08:28 +0200)]
s4:selftest: reformat smb2_s3only list
No change besides reformatting the list to one entry per line.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
3255822f75163cb38e53f634a5c6b03d46bfaff1 )
Ralph Boehme [Thu, 30 Aug 2018 15:27:08 +0000 (17:27 +0200)]
vfs_delay_inject: adding delay to VFS calls
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
44840ba5b32a2ce7959fd3d7c87822b3159416d3 )
Stefan Metzmacher [Tue, 28 Aug 2018 10:52:31 +0000 (12:52 +0200)]
s4:rpc_server/netlogon: don't treet trusted domains as primary in LogonGetDomainInfo()
We need to handle trusted domains differently than our primary
domain. The most important part is that we don't return
NETR_TRUST_FLAG_PRIMARY for them.
NETR_TRUST_FLAG_{INBOUND,OUTBOUND,IN_FOREST} are the relavant flags
for trusts.
This is an example of what Windows returns in a complex trust
environment:
netr_LogonGetDomainInfo: struct netr_LogonGetDomainInfo
out: struct netr_LogonGetDomainInfo
return_authenticator : *
return_authenticator: struct netr_Authenticator
cred: struct netr_Credential
data :
f48b51ff12ff8c6c
timestamp : Tue Aug 28 22:59:03 2018 CEST
info : *
info : union netr_DomainInfo(case 1)
domain_info : *
domain_info: struct netr_DomainInformation
primary_domain: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0014 (20)
size : 0x0016 (22)
string : *
string : 'W2012R2-L4'
dns_domainname: struct lsa_StringLarge
length : 0x0020 (32)
size : 0x0022 (34)
string : *
string : 'w2012r2-l4.base.'
dns_forestname: struct lsa_StringLarge
length : 0x0020 (32)
size : 0x0022 (34)
string : *
string : 'w2012r2-l4.base.'
domain_guid :
0a133c91 -8eac-4df0-96ac-
ede69044a38b
domain_sid : *
domain_sid : S-1-5-21-
2930975464 -
1937418634 -
1288008815
trust_extension: struct netr_trust_extension_container
length : 0x0000 (0)
size : 0x0000 (0)
info : NULL
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domain_count : 0x00000006 (6)
trusted_domains : *
trusted_domains: ARRAY(6)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x000e (14)
size : 0x0010 (16)
string : *
string : 'FREEIPA'
dns_domainname: struct lsa_StringLarge
length : 0x0018 (24)
size : 0x001a (26)
string : *
string : 'freeipa.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid :
00000000 -0000-0000-0000-
000000000000
domain_sid : *
domain_sid : S-1-5-21-
429948374 -
2562621466 -
335716826
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0016 (22)
size : 0x0018 (24)
string : *
string : 'S1-W2012-L4'
dns_domainname: struct lsa_StringLarge
length : 0x0036 (54)
size : 0x0038 (56)
string : *
string : 's1-w2012-l4.w2012r2-l4.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid :
afe7fbde -af82-46cf-88a2-
2df6920fc33e
domain_sid : *
domain_sid : S-1-5-21-
1368093395 -
3821428921 -
3924672915
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000023 (35)
1: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000004 (4)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000020 (32)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
1: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0006 (6)
size : 0x0008 (8)
string : *
string : 'BLA'
dns_domainname: struct lsa_StringLarge
length : 0x0010 (16)
size : 0x0012 (18)
string : *
string : 'bla.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid :
00000000 -0000-0000-0000-
000000000000
domain_sid : *
domain_sid : S-1-5-21-
4053568372 -
2049667917 -
3384589010
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x000c (12)
size : 0x000e (14)
string : *
string : 'S4XDOM'
dns_domainname: struct lsa_StringLarge
length : 0x0016 (22)
size : 0x0018 (24)
string : *
string : 's4xdom.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid :
00000000 -0000-0000-0000-
000000000000
domain_sid : *
domain_sid : S-1-5-21-
313966788 -
4060240134 -
2249344781
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0014 (20)
size : 0x0016 (22)
string : *
string : 'W2012R2-L4'
dns_domainname: struct lsa_StringLarge
length : 0x001e (30)
size : 0x0020 (32)
string : *
string : 'w2012r2-l4.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid :
0a133c91 -8eac-4df0-96ac-
ede69044a38b
domain_sid : *
domain_sid : S-1-5-21-
2930975464 -
1937418634 -
1288008815
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x0000001d (29)
1: NETR_TRUST_FLAG_IN_FOREST
0: NETR_TRUST_FLAG_OUTBOUND
1: NETR_TRUST_FLAG_TREEROOT
1: NETR_TRUST_FLAG_PRIMARY
1: NETR_TRUST_FLAG_NATIVE
0: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000000 (0)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0016 (22)
size : 0x0018 (24)
string : *
string : 'S2-W2012-L4'
dns_domainname: struct lsa_StringLarge
length : 0x004e (78)
size : 0x0050 (80)
string : *
string : 's2-w2012-l4.s1-w2012-l4.w2012r2-l4.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid :
29daace6 -cded-4ce3-a754-
7482a4d9127c
domain_sid : *
domain_sid : S-1-5-21-
167342819 -
981449877 -
2130266853
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000001 (1)
1: NETR_TRUST_FLAG_IN_FOREST
0: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
0: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000001 (1)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000000 (0)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
lsa_policy: struct netr_LsaPolicyInformation
policy_size : 0x00000000 (0)
policy : NULL
dns_hostname: struct lsa_StringLarge
length : 0x0036 (54)
size : 0x0038 (56)
string : *
string : 'torturetest.w2012r2-l4.base'
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
workstation_flags : 0x00000003 (3)
1: NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS
1: NETR_WS_FLAG_HANDLES_SPN_UPDATE
supported_enc_types : 0x0000001f (31)
1: KERB_ENCTYPE_DES_CBC_CRC
1: KERB_ENCTYPE_DES_CBC_MD5
1: KERB_ENCTYPE_RC4_HMAC_MD5
1: KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96
1: KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96
0: KERB_ENCTYPE_FAST_SUPPORTED
0: KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED
0: KERB_ENCTYPE_CLAIMS_SUPPORTED
0: KERB_ENCTYPE_RESOURCE_SID_COMPRESSION_DISABLED
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
result : NT_STATUS_OK
Best viewed with: git show --histogram -w
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
2099add0657126e4a5427ec2db0fe8025478b355 )
Stefan Metzmacher [Tue, 28 Aug 2018 14:30:17 +0000 (16:30 +0200)]
s4:rpc_server/netlogon: make use of talloc_zero_array() for the netr_OneDomainInfo array
It's much safer than having uninitialized memory when we hit an error
case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit
ef0b489ad0d93199e08415dd895da5cfe2d1c11a )
projects / thirdparty / samba.git / log
