Martin Schwenke [Tue, 15 May 2018 08:47:29 +0000 (18:47 +1000)]
ctdb-scripts: Drop CTDB_MAX_PERSISTENT_CHECK_ERRORS option
This must harken back to the days of yore when corrupt persistent
databases were an issue. We haven't seen this used. If CTDB fails to
start due to a corrupt persistent database then this database can be
removed by hand.
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
s4:torture: Do not leak file descriptor in smb2 oplock test
Found by Coverity.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu May 17 04:03:21 CEST 2018 on sn-devel-144
ctdb: Check return values of tevent_req_set_endtime()
Found by Coverity.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu May 17 01:09:46 CEST 2018 on sn-devel-144
s3:smbd: Fix converity warning with _smb_setlen_large()
result_independent_of_operands: "(outsize - 4 & 0xffffff) >> 16 >> 8" is
0 regardless of the values of its operands. This occurs as the bitwise
first operand of "&".
So we should just pass a variable to silence the warning. However for
this, we should calculate it correctly and use size_t for it.
Found by Coverity.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli: Fix coverity warning in smb2cli_notify_send()
result_independent_of_operands: "(uint16_t)(recursive ? 1 : 0) >> 8" is
0 regardless of the values of its operands. This occurs as the operand
of assignment.
Found by Coverity.
Pair-Programmed-With: Ralph Boehme <slow@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Timur I. Bakeyev [Sun, 13 May 2018 04:18:21 +0000 (12:18 +0800)]
Convert affected by previous commit lines from DEBUG(10,..) to DBG_DEBUG().
Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed May 16 21:29:24 CEST 2018 on sn-devel-144
Tim Beale [Wed, 16 May 2018 01:19:58 +0000 (13:19 +1200)]
script: Add 'random-seed' option to traffic_replay
When using a traffic-model file to generate traffic, there is some
randomness in the actual packets that get generated. This means it's
hard to use the tool to detect an increase/decrease in Samba
performance - we don't know whether a decrease in packets sent is due
to a regression in the Samba codebase, or just due to the tool sending
different types of packets (i.e. ones that take longer to process).
This patch adds an option to seed the python random number generator.
This means that exactly the same traffic can be generated across
multiple test runs.
(Previously we were using the '--traffic-summary' option to avoid this
problem - we can generate a summary-file based on the model, and then
use the same summary file across multiple runs. However, this proved
impractical when you want to run multiple combinations of scale/rate
parameters, e.g. 21 x 8 different permutations just fills up disk space
with summary-files.)
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: William Brown <william@blackhats.net.au>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 16 13:53:26 CEST 2018 on sn-devel-144
Gary Lockyer [Mon, 23 Apr 2018 00:24:34 +0000 (12:24 +1200)]
debug: Add group logging classes
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 16 07:02:20 CEST 2018 on sn-devel-144
auth/ntlmssp: fix handling of GENSEC_FEATURE_LDAP_STYLE as a server
This fixes "NTLMSSP NTLM2 packet check failed due to invalid signature!"
error messages, which were generated if the client only sends
NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL on an LDAP
connection.
We need to evaluate GENSEC_FEATURE_LDAP_STYLE at the end
of the authentication (as a server, while we already
do so at the beginning as a client).
As a reminder I introduced GENSEC_FEATURE_LDAP_STYLE
(as an internal flag) in order to let us work as a
Windows using NTLMSSP for LDAP. Even if only signing is
negotiated during the authentication the following PDUs
will still be encrypted if NTLMSSP is used. This is exactly the
same as if the client would have negotiated NTLMSSP_NEGOTIATE_SEAL.
I guess it's a bug in Windows, but we have to reimplement that
bug. Note this only applies to NTLMSSP and only to LDAP!
Signing only works fine for LDAP with Kerberos
or DCERPC and NTLMSSP.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed May 16 03:26:03 CEST 2018 on sn-devel-144
This will be used to similate a Windows client only
using NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL
on an LDAP connection, which is indicated internally by
GENSEC_FEATURE_LDAP_STYLE.
Andrew Bartlett [Tue, 15 May 2018 00:26:03 +0000 (12:26 +1200)]
selftest: Make setexpiry test much more reliable
Rather than setting all the expiries and expecting that they will be done within 5 seconds,
measure and check the time individually for each record.
This should make this test much less prone to flapping.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue May 15 23:58:17 CEST 2018 on sn-devel-144
Andrew Bartlett [Sun, 13 May 2018 23:30:17 +0000 (11:30 +1200)]
samba-tool domain: Create a common --use-ntvfs option for provision, join, dcpromo and classicupgrade
The NTVFS fileserver mode is still integral to the selftest system (often simply used to
make the rest of the command run and not fuss with POSIX ACLs and permissions).
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue May 15 21:12:33 CEST 2018 on sn-devel-144
chgtdcpass should add a new DC password and delete the old ones but the bug
exposed by this test causes the tool to remove only a single record from
the old entries, leaving the old passwords functional. Since the tool is
used by administrators who may have disclosed their domain join password and
want to invalidate it, this is a security concern.
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue May 15 15:45:08 CEST 2018 on sn-devel-144
chgtdcpass should add a new DC password and delete the old ones but the bug
exposed by this test causes the tool to remove only a single record from
the old entries, leaving the old passwords functional. Since the tool is
used by administrators who may have disclosed their domain join password and
want to invalidate it, this is a security concern.
Volker Lendecke [Mon, 7 May 2018 14:53:00 +0000 (16:53 +0200)]
lib: Hold at most 10 outstanding paged result cookies
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13362 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 15 09:37:21 CEST 2018 on sn-devel-144
Andrew Bartlett [Thu, 10 May 2018 02:00:54 +0000 (14:00 +1200)]
selftest: Require libarchive for --enable-selftest
This avoids one more case where tests can go missing by removing the conditional.
(Yes, this has happend for other tests in the past).
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue May 15 06:31:03 CEST 2018 on sn-devel-144
Björn Jacke [Mon, 12 Mar 2018 18:13:04 +0000 (19:13 +0100)]
s3/wscript: remove test, that we do in lib/replace
Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Björn Baumbach <bb@sernet.de>
Autobuild-User(master): Björn Baumbach <bbaumbach@samba.org>
Autobuild-Date(master): Mon May 14 21:15:21 CEST 2018 on sn-devel-144
Joe Guo [Thu, 10 May 2018 05:23:02 +0000 (17:23 +1200)]
traffic: improve add_short_packet by avoiding dict.get
dict.get is slower than [].
Avoid get to improve performance.
(For 3989418 calls, total time decease from 9.395 to 8.573)
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon May 14 05:38:06 CEST 2018 on sn-devel-144
Joe Guo [Thu, 10 May 2018 02:53:55 +0000 (14:53 +1200)]
traffic: optimize packet init for better performance
When we run traffic_replay, we are creating millions of Packet objects.
So small change in Packet.__init__ will make big difference.
By initializing packet with converted values without parsing string, the time
cost for 3961148 calls of Packet.__init__ dcrease from 17s to 4s, according
to cProfile.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Volker Lendecke [Mon, 26 Mar 2018 09:36:25 +0000 (04:36 -0500)]
smbd: Fix "reset on zero vc"
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13340 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sun May 13 23:43:56 CEST 2018 on sn-devel-144
There might be strings allocated on state, which are part of the
result.
The reason for the TALLOC_FREE(state) was to cleanup the possible
irpc_handle before leaving the function. Now we call
TALLOC_FREE(state->wb.irpc_handle) explicitly in
dcesrv_lsa_Lookup{Names,Sids}_base_done() instead.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun May 13 10:27:28 CEST 2018 on sn-devel-144
Noel Power [Fri, 4 May 2018 14:30:22 +0000 (15:30 +0100)]
auth/credentials/test: py2/py3 compat always decode result of b64encode
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun May 13 00:24:35 CEST 2018 on sn-devel-144
ctdb-tools: Add logging config options to config tool
Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Sat May 12 15:01:32 CEST 2018 on sn-devel-144
Aaron Haslett [Tue, 1 May 2018 03:54:07 +0000 (15:54 +1200)]
devel: removing unused code from chgkrbtgtpass
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat May 12 12:05:31 CEST 2018 on sn-devel-144
Martin Schwenke [Tue, 24 Apr 2018 04:13:35 +0000 (14:13 +1000)]
ctdb-scripts: Drop CTDB_SUPPRESS_COREFILE and CTDB_MAX_OPEN_FILES options
These should be done using features provided by the operating system.
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Sat May 12 09:13:28 CEST 2018 on sn-devel-144
projects / thirdparty / samba.git / log
