Gary Lockyer [Wed, 18 Jul 2018 03:33:26 +0000 (15:33 +1200)]
dns wildcards: fix BUG 13536
The current position in the dns name was not advanced past the '.'
character
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 20 04:40:31 CEST 2018 on sn-devel-144
Gary Lockyer [Wed, 18 Jul 2018 03:29:21 +0000 (15:29 +1200)]
dns wildcards: tests to confirm BUG 13536
DNS wildcard matching failing if more than one label to the left of the
wildcard. This commits adds tests to confirm the bug.
Wildcard entry: *.example.org
bar.example.com matches
foo.bar.example.com does not, but it it should.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 0d3aec18679a2637430263a55de5e210a9201e21)
Jeremy Allison [Thu, 12 Jul 2018 19:18:50 +0000 (12:18 -0700)]
s3: libsmbclient: Fix cli_splice() fallback when reading less than a complete file.
We were always asking for SPLICE_BLOCK_SIZE even when the
remaining bytes we wanted were smaller than that. This works
when using cli_splice() on a complete file, as the cli_read()
terminated the read at the right place. We always have the
space to read SPLICE_BLOCK_SIZE bytes so this isn't an overflow.
Signed-off-by: Bailey Berro <baileyberro@google.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jul 13 14:57:14 CEST 2018 on sn-devel-144
Mostly copied from the vfs_gluster manpage: the CephFS share path is not
locally mounted, which breaks the ctdb_check_directories_probe() check.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 6 23:19:02 CEST 2018 on sn-devel-144
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 926ae50627d536735cee9b3931ee35bc19060261)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
(cherry picked from commit 52efa796538ae004ca62ea32fc8c833472991be6)
Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Tue Jul 24 09:55:23 CEST 2018 on sn-devel-144
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 6800077c5c57c257326573537d1f2bb7a8066149)
Windows Server 1709 defaults to SMB2 and does not have SMB1 enabled.
When establishing trust, samba-tool does not specify SMB protocol
version and fail by default.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 4422f7382aad3090cb959ade030a02bf4fef81ac)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 802e43bf742e756896fa73fcd139feca9ae293dd)
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 70a9cf9ccfc4075cc08209191db1bce2c9b432fc)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit e4910f35eab008a41cfcac3d97b3647c721ac679)
s4:libcli: allow a fallback to NTLMSSP if SPNEGO is not supported locally
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 5188454bdce80f6e2bfc45deca18bd1b7289a7a6)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit ca000d8901e6acb8a7c59d26d4f75c9d92bafece)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit f20e607c15b4c8ae56ade5d7e68d832542a2cd5e)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 5ad5b81b6ef601596583b4ad7d6a14241fa99a71)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit ce2248c4b5aad2d00155a2e77b3e6340ce824979)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 2b68f9b8b0dd944fa89b9e0037886ddd4fb4e5f9)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 87d73397f9a9dee8fa0055a2ff08244b2c85e120)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit b7e99c2571e31971a6d7f1898e7458c16dc1031e)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 17b12a9b9a9dfd859679de77aa0c7ffbc782f1bc)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 062b518cabd9fb5f72f96cdf400c978c0b844619)
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Mar 22 18:26:04 CET 2018 on sn-devel-144
Ralph Boehme [Fri, 2 Mar 2018 14:50:29 +0000 (15:50 +0100)]
s3: smbd/durable: remove dev and inode check from vfs_default_durable_reconnect_check_stat()
On a cluster filesystem the device numbers may differ on the cluster
nodes. We already verify the file_id in vfs_default_durable_reconnect(),
so we can safely remove the dev/inode checks.
Signed-off-by: Bailey Berro <baileyberro@chromium.org> Reviewed-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Jul 9 21:29:48 CEST 2018 on sn-devel-144
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit 2e4878a69a62fb59d843ee53a1a9469b987e3a59)
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit e311801e0e7171a2b50e39d3e0c2d2137f8b3d7e)
Ralph Boehme [Sat, 26 May 2018 14:07:14 +0000 (16:07 +0200)]
s4:torture/smb2/streams: try to rename basefile while is has open streams
This tests the following:
- create a file with a stream
- open the the stream and keep it open
- on a second connection, try to rename the basefile, this should fail
with NT_STATUS_ACCESS_DENIED
Ralph Boehme [Sat, 26 May 2018 14:30:47 +0000 (16:30 +0200)]
selftest: run smb2.streams tests against a share with vfs_streams_xattr
The tests are currently only run against streams_depot, where stream IO
is handle based, compared to streams_xattr which is path
based. vfs_streams_xattr is also used much more in real world setups, so
we should run our tests against it.
Ralph Boehme [Thu, 17 May 2018 14:48:09 +0000 (16:48 +0200)]
vfs_fruit: delete 0 byte size streams if AAPL is enabled
macOS SMB server uses xattrs as storage backend for streams, directly
exposing xattr get/set characteristics. Setting EOF on a stream to 0
just deletes the xattr as macOS doesn't support 0-byte sized xattrs.
Note that this does not apply to the AFP_AfpInfo and AFP_Resource
streams, they have even stranger semantics and we have other tests
for those.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 30 02:34:29 CEST 2018 on sn-devel-144
Ralph Boehme [Thu, 17 May 2018 14:43:49 +0000 (16:43 +0200)]
s4:torture: test setting EOF of a stream to 0 with enabled AAPL extensions
macOS SMB server uses xattrs as storage backend for streams, directly
exposing xattr get/set characteristics. Setting EOF on a stream to 0
just deletes the xattr as macOS doesn't support 0-byte sized xattrs.
Note that this does not apply to the AFP_AfpInfo and AFP_Resource
streams, they have even stranger semantics and we have other tests
for those.
Amitay Isaacs [Thu, 21 Jun 2018 10:00:41 +0000 (20:00 +1000)]
ctdb-tests: Avoid segfault by initializing logging
Setting DEBUGLEVEL before calling debug_init() causes segmentation
violation with gcc8. DEBUGLEVEL_CLASS is statically initialized to
debug_class_list_initial which is defined as const. Only after
debug_init() is called, DEBUGLEVEL_CLASS becomes a talloc'd array.
So before modifying DEBUGLEVEL, ensure debug_init() is called via
setup_logging(). (debug_init is a static function.)
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit af697008531bd74546656841dd3a1ed92522fc57)
Amitay Isaacs [Thu, 1 Mar 2018 01:32:26 +0000 (12:32 +1100)]
ctdb-pmda: Use modified API in pcp library 4.0
Support backward compatibility by checking for __pmID_int type, which
was previously in <pcp/impl.h>. In the new version, this type is not
defined anymore and there is no need to include <pcp/impl.h>.
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Fri Mar 2 00:38:52 CET 2018 on sn-devel-144
Martin Schwenke [Tue, 26 Jun 2018 10:12:23 +0000 (20:12 +1000)]
ctdb-daemon: Only consider client ID for local database attach
The comment immediately above this code says "don't allow local
clients to attach" and then looks up the client ID regardless of
whether the request is local or remote.
This means that an intentional remote attach from a client will not
work correctly. No real client should ever do that since clients
attach so they an access databases locally. Perhaps some sanity
checks should be added.
This broadcast is misnamed. Both places where this type of broadcast
is used expect the broadcast to go to all active nodes.
Make the corresponding change to the semantics in the daemon by
sending to all active nodes.
There is a mismatch between the ideas of VNN map and active nodes. A
node that is not in the VNN map but is active can still host database
records. These were the same until the LMASTER capability was
introduced and then the logic was not updated.
The only place where the VNN map is relevant is when finding the
location master of a record in the migration code.
../source3/utils/smbget.c: In function ‘smb_download_file’:
../source3/utils/smbget.c:97:27: error: ‘b’ directive output may be truncated writing 1 byte into a region of size between 0 and 19 [-Werror=format-truncation=]
snprintf(buffer, l, "%jdb", (intmax_t)s);
^
s3:registry: Fix buffer truncation issues issues with gcc8
../source3/registry/reg_perfcount.c: In function ‘reg_perfcount_get_hkpd’:
../source3/registry/reg_perfcount.c:337:29: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
snprintf(buf, buflen,"%d%s", key_part1, key_part2);
../source4/dsdb/samdb/ldb_modules/samldb.c: In function ‘samldb_add’:
../source4/dsdb/samdb/ldb_modules/samldb.c:424:6: error: ‘found’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
if (found) {
^
../source4/dsdb/samdb/ldb_modules/samldb.c:348:11: note: ‘found’ was declared here
bool ok, found;
^~~~~
s3:libnet: Fix format-truncation warning in samsync_ldif
error: ‘%s’ directive output may be truncated writing up to 255 bytes
into a region of size 250 [-Werror=format-truncation=]
snprintf(homedir, sizeof(homedir), "/home/%s", username);
^~ ~~~~~~~~
../lib/audit_logging/audit_logging.c: In function ‘json_add_timestamp’:
../lib/audit_logging/audit_logging.c:603:12: error: ‘%s’ directive
output may be truncated writing up to 9 bytes into a region of size
between 0 and 43 [-Werror=format-truncation=]
"%s.%06ld%s",
^~
../lib/audit_logging/audit_logging.c:606:3:
tz);
~~
../lib/audit_logging/audit_logging.c:600:2: note: ‘snprintf’ output
between 8 and 70 bytes into a destination of size 50
snprintf(
^~~~~~~~~
timestamp,
~~~~~~~~~~
sizeof(timestamp),
~~~~~~~~~~~~~~~~~~
"%s.%06ld%s",
~~~~~~~~~~~~~
buffer,
~~~~~~~
tv.tv_usec,
~~~~~~~~~~~
tz);
~~~
../source3/passdb/pdb_smbpasswd.c: In function ‘mod_smbfilepwd_entry’:
../source3/passdb/pdb_smbpasswd.c:1015:7: error: ‘:LCT-’ directive
output may be truncated writing 5 bytes into a region of size between 0
and 255 [-Werror=format-truncat ion=]
"%s:LCT-%08X:",
^~~~~
../source3/passdb/pdb_smbpasswd.c:1015:4: note: using the range [0, 4294967295] for directive argument
"%s:LCT-%08X:",
^~~~~~~~~~~~~~
In file included from ../source3/include/includes.h:23,
from ../source3/passdb/pdb_smbpasswd.c:23:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output
between 15 and 270 bytes into a destination of size 255
#define slprintf snprintf
../source3/passdb/pdb_smbpasswd.c:1013:3: note: in expansion of macro ‘slprintf’
slprintf(&ascii_p16[strlen(ascii_p16)],
^~~~~~~~
../source3/lib/ldap_escape.c: In function ‘escape_ldap_string’:
../source3/lib/ldap_escape.c:79:4: error: ‘strncpy’ output truncated
before terminating nul copying 3 bytes from a string of the same length
[-Werror=stringop-truncation]
strncpy (p, sub, 3);
^~~~~~~~~~~~~~~~~~~
We concatenat and do not care about NUL-termination till the loop has
finished.
../source4/torture/basic/mangle_test.c: In function ‘gen_name’:
../source4/torture/basic/mangle_test.c:148:3: error: ‘strncpy’ output
truncated before terminating nul copying 5 bytes from a string of the
same length [-Werror=stringop-truncation]
strncpy(p, "ABCDE", 5);
^~~~~~~~~~~~~~~~~~~~~~
../source3/utils/smbpasswd.c: In function ‘process_root’:
../source3/utils/smbpasswd.c:414:37: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
^
In file included from ../source3/include/includes.h:23,
from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
#define slprintf snprintf
../source3/utils/smbpasswd.c:414:3: note: in expansion of macro ‘slprintf’
slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
^~~~~~~~
../source3/utils/smbpasswd.c:397:35: error: ‘$’ directive output may be truncated writing 1 byte into a region of size between 0 and 255 [-Werror=format-truncation=]
slprintf(buf, sizeof(buf)-1, "%s$", user_name);
^
In file included from ../source3/include/includes.h:23,
from ../source3/utils/smbpasswd.c:19:
../lib/replace/../replace/replace.h:514:18: note: ‘snprintf’ output between 2 and 257 bytes into a destination of size 255
#define slprintf snprintf
../source3/utils/smbpasswd.c:397:3: note: in expansion of macro ‘slprintf’
slprintf(buf, sizeof(buf)-1, "%s$", user_name);
^~~~~~~~
cc1: some warnings being treated as errors
s4-torture: fix format-truncation warning in smb2 session tests.
../source4/torture/smb2/session.c: In function ‘test_session_reauth5’:
../source4/torture/smb2/session.c:645:36: error: ‘\file.dat’ directive output may be truncated writing 9 bytes into a region of size between 1 and 256 [-Werror=format-truncation=]
snprintf(fname, sizeof(fname), "%s\\file.dat", dname);
^~~~~~~~~~
../source4/torture/smb2/session.c:645:2: note: ‘snprintf’ output between 10 and 265 bytes into a destination of size 256
snprintf(fname, sizeof(fname), "%s\\file.dat", dname);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/torture/smb2/session.c:696:38: error: ‘\file2.dat’ directive output may be truncated writing 10 bytes into a region of size between 1 and 256 [-Werror=format-truncation=]
snprintf(fname2, sizeof(fname2), "%s\\file2.dat", dname);
^~~~~~~~~~~
../source4/torture/smb2/session.c:696:2: note: ‘snprintf’ output between 11 and 266 bytes into a destination of size 256
snprintf(fname2, sizeof(fname2), "%s\\file2.dat", dname);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
s3-printing: fix format-truncation in print_queue_update()
../source3/printing/printing.c: In function ‘print_queue_update’:
../source3/printing/printing.c:1809:42: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 244 [-Werror=format-truncation=]
snprintf(key, sizeof(key), "MSG_PENDING/%s", sharename);
^~ ~~~~~~~~~
../source3/printing/printing.c:1809:2: note: ‘snprintf’ output between 13 and 268 bytes into a destination of size 256
snprintf(key, sizeof(key), "MSG_PENDING/%s", sharename);
Jeffrey Altman [Thu, 16 Jun 2016 20:25:41 +0000 (16:25 -0400)]
heimdal: lib/krb5: do not fail set_config_files due to parse error
Follow Apple's lead and do not fail krb5_set_config_files() simply
because one of the files in the profile list fails to parse correctly.
Doing so can lead to hard to find failures and could lead to an end
user shooting themselves in the foot and no longer be able to login
to their system to fix it.
Parse as many of the files as we can. Only fail krb5_set_config_files()
if init_context_from_config_file() fails.
Christof Schmitt [Tue, 19 Jun 2018 22:09:41 +0000 (15:09 -0700)]
krb5_wrap: fix keep_old_entries logic for older kerberos libraries
MIT kerberos 1.13 and older only stores 8 bits of the KVNO. The change
from commit 35b2fb4ff32 resulted in breakage for these kerberos
versions: 'net ads keytab create' reads a large KVNO from AD, and only
the lower 8 bits are stored. The next check then removed the entry again
as the 8 bit value did not match the currently valid KVNO.
Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Christof Schmitt <cs@samba.org>
Autobuild-Date(master): Sat Jun 23 00:57:47 CEST 2018 on sn-devel-144
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
This was fixed differently by commit 539f51f0dfbe4ce317a2978982fd0fc9a7fd6922 in master.
Autobuild-User(v4-7-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-7-test): Tue Jun 19 17:54:45 CEST 2018 on sn-devel-144
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 1 20:32:03 CEST 2018 on sn-devel-144
Günther Deschner [Wed, 30 May 2018 07:27:49 +0000 (09:27 +0200)]
s4-heimdal: Fix the format-truncation errors.
../source4/heimdal/lib/com_err/compile_et.c: In function ‘generate_h’:
../source4/heimdal/lib/com_err/compile_et.c:138:33: error: ‘%s’ directive output may be truncated writing up to 127 bytes into a region of size 126 [-Werror=format-truncation=]
snprintf(fn, sizeof(fn), "__%s__", hfn);
^~ ~~~
../source4/heimdal/lib/com_err/compile_et.c:138:5: note: ‘snprintf’ output between 5 and 132 bytes into a destination of size 128
snprintf(fn, sizeof(fn), "__%s__", hfn);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/heimdal/lib/com_err/compile_et.c: In function ‘main’:
../source4/heimdal/lib/com_err/compile_et.c:234:35: error: ‘.h’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
snprintf(hfn, sizeof(hfn), "%s.h", Basename);
^~
../source4/heimdal/lib/com_err/compile_et.c:234:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
snprintf(hfn, sizeof(hfn), "%s.h", Basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../source4/heimdal/lib/com_err/compile_et.c:235:35: error: ‘.c’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
snprintf(cfn, sizeof(cfn), "%s.c", Basename);
^~
../source4/heimdal/lib/com_err/compile_et.c:235:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
snprintf(cfn, sizeof(cfn), "%s.c", Basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 8 13:23:51 CEST 2018 on sn-devel-144
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 18 02:38:50 CEST 2018 on sn-devel-144
Christof Schmitt [Wed, 16 May 2018 20:17:52 +0000 (13:17 -0700)]
smbd: Cache dfree information based on query path
Sub directories in a SMB share can have different free space information
(e.g. when a different file system is mounted there). Caching the dfree
information per SMB share will return invalid data. Address this by
switching to memcache and store the cached data based on the query path.
Andrew Bartlett [Tue, 10 Apr 2018 04:35:07 +0000 (16:35 +1200)]
lib/util: Move log_stack_trace() to common code
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit bf9551902afdb32310db4a3381964c435dd08bf0)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit 3acc00b6808d5d5ad035d9d43526204db1608c8a)
Andrew Bartlett [Tue, 10 Apr 2018 03:54:10 +0000 (15:54 +1200)]
s3-lib: Remove support for libexc for IRIX backtraces
IRIX is long dead, and this code needs become_root() which is not in
the top level code.
Additionally, the check for libexc never made it into waf, so this
has been dead code since Samba 4.1.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13454
(cherry picked from commit 85dc9ee14023a8fb84b5c74555d43008bb6bb0c0)
auth/ntlmssp: fix handling of GENSEC_FEATURE_LDAP_STYLE as a server
This fixes "NTLMSSP NTLM2 packet check failed due to invalid signature!"
error messages, which were generated if the client only sends
NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL on an LDAP
connection.
We need to evaluate GENSEC_FEATURE_LDAP_STYLE at the end
of the authentication (as a server, while we already
do so at the beginning as a client).
As a reminder I introduced GENSEC_FEATURE_LDAP_STYLE
(as an internal flag) in order to let us work as a
Windows using NTLMSSP for LDAP. Even if only signing is
negotiated during the authentication the following PDUs
will still be encrypted if NTLMSSP is used. This is exactly the
same as if the client would have negotiated NTLMSSP_NEGOTIATE_SEAL.
I guess it's a bug in Windows, but we have to reimplement that
bug. Note this only applies to NTLMSSP and only to LDAP!
Signing only works fine for LDAP with Kerberos
or DCERPC and NTLMSSP.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 16 03:26:03 CEST 2018 on sn-devel-144
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit fc1c5bd3be2c3f90eab2f31e43cf053f7ff13782)
This will be used to similate a Windows client only
using NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL
on an LDAP connection, which is indicated internally by
GENSEC_FEATURE_LDAP_STYLE.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 7f2bebf09cd8056b3f901dd9ff1fc9e9525f3e9d)
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 11 23:30:32 CEST 2018 on sn-devel-144
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 2715f52f54e66a73131a92d752a8c2447da1fd33)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 5319cae00096dcecc29aa9fa675a983352ad64d8)
nsswitch: Lookup the domain in tests with the wb seperator
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 4fa811ec7bc301e96f5e40ba281e8d4e8709b94f)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 0aceca6a94e868f9c01a66f79624ca10d80560ab)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 0d2f743d826b87b369e25fc6bb9ff61f2b0896aa)
Volker Lendecke [Sun, 6 Aug 2017 16:13:10 +0000 (18:13 +0200)]
winbindd: Move name<->sid cache to gencache
The mapping from name to sid and vice versa has nothing to
do with a specific domain. It is publically available. Thus put
it into gencache without referring to the domain this was
retrieved from
projects / thirdparty / samba.git / log
