Douglas Bagnall [Tue, 30 Jul 2024 21:20:50 +0000 (09:20 +1200)]
ldb:kv_index: help static analysers to not worry (CID 1615192)
The point of this realloc is that we are not using this array, but
keeping it around to remain a node the talloc tree. We'd prefer to
reduce it to nothing.
Coverity rightly spotted that it was reallocing an array of `struct
ldb_val` to an array of `struct ldb_val *`, which has a different size
and all. But it doesn't matter in this case, because we will never use
it.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
(cherry picked from commit e2a74963fb89f5409c236a0fbe4cd070e1a75a43)
Autobuild-User(v4-19-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-19-test): Mon Oct 7 15:22:36 UTC 2024 on atb-devel-224
Douglas Bagnall [Mon, 22 Jul 2024 10:22:15 +0000 (22:22 +1200)]
ldb:kv_index: realloc away old dn list
We can't just free it, because has the GUID index list as a child, and
these are shared by the new dn list (from the subtransaction we are
committing). But if the dn list is long and the main transaction is
long-lived, we can save a lot of memory by turning this dn list into
an almost empty node in the talloc tree. This returns us to roughly
the situation we had prior to the last commit.
For example, with the repro.sh script on bug 15590 in indexes mode
with 10000 rules, The last 3 commits use this much memory at the end
of an unusually large transaction:
full talloc report on 'struct ldb_context' (total 4012222 bytes in 90058 blocks)
full talloc report on 'struct ldb_context' (total 2405482219 bytes in 90058 blocks)
full talloc report on 'struct ldb_context' (total 4282195 bytes in 90058 blocks)
That is, the last commit increased usage 500 fold, and this commit
brings it back to normal.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 1bf9ede94f0a6b41fb18e880e59a8e390f8c21d3)
Douglas Bagnall [Tue, 25 Jun 2024 23:05:49 +0000 (11:05 +1200)]
ldb_kv_index: dn_list load sub transaction can re-use keys
We don't want to modify the original list, but we can reuse the keys
if we treat them as immutable and don't free them. That makes it a lot
quicker if there are many keys (i.e. where an index is useful) and may
sub-transactions. In particular, it avoids O(n²) talloc_memdups.
A removed comment that says "We have to free the top level index
memory otherwise we would leak", and this will be addressed in the
next commit.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 5f0198d69843c864f2b98a7c0c6305ad789a68a0)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Sep 18 19:45:56 UTC 2024 on atb-devel-224
s3:tests: let test_durable_handle_reconnect.sh run smb2.durable-v2-regressions.durable_v2_reconnect_bug15624
This demonstrates the dead lock after a durable reconnect failed
because the stat info changed, the file can't be accessed anymore
as we leak the incomplete share mode entry in a still running
process.
Can be used to enable printing an error message if tevent event handlers ran
longer then three seconds. Also logs a message with a loglevel of 3 if there
were no events at hall.
Enabled by default with 'log level = 10' or
'smbd profiling level = on'...
Ralph Boehme [Wed, 20 Mar 2024 13:27:27 +0000 (14:27 +0100)]
smbd: move trace_state variable behind tv variable
Next commit adds timestamp variables to trace_state that want to be initialized
with the current time, so moving behind tv we can then just reuse tv for that.
By enabling this a process sending a lease break message to another process
holding a lease will start watching that process and if that process didn't
process the lease break within 10 seconds (cf server_id_watch_waited()), we log
a kernel stack backtrace of that process.
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.
Reported-by: David Howells <dhowells@redhat.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224
David Disseldorp [Fri, 23 Aug 2024 13:01:24 +0000 (13:01 +0000)]
s4:torture/smb2: test FSCTL_QUERY_ALLOCATED_RANGES truncation
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.
Flag the new test knownfail; fix in subsequent commit.
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Noel Power <npower@samba.org>
(cherry picked from commit 5cf57f1f539021f1490285516d8cfb2a2ab483e0)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 13 22:29:28 UTC 2024 on atb-devel-224
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f6009aa73b9234df1e6ab689de322487ad1394ed)
Jones Syue [Fri, 5 Jul 2024 09:36:46 +0000 (17:36 +0800)]
s3:ntlm_auth: make logs more consistent with length check
Run ntlm_auth with options --lm-response/--nt-response/--challenge, and pass
wrong length to these options, got error prompted logs about 'only got xxx
bytes', which are not consistent with length check. This patch revise logs
for length check to make it more consistent.
For example --lm-response requires exact 24 hex, let us input three kinds
of length 23 24 25, prompted logs said 'only got 25 bytes' seems confusing.
script:
for length in 23 24 25; \
do \
ntlm_auth --username=${un} --password=${pw} \
--lm-response="`openssl rand -hex ${length}`"; \
done;
Signed-off-by: Jones Syue <jonessyue@qnap.com> Reviewed-by: David Mulder <dmulder@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jul 6 00:52:02 UTC 2024 on atb-devel-224
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Tue Aug 6 00:42:56 UTC 2024 on atb-devel-224
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Jul 25 06:27:27 UTC 2024 on atb-devel-224
Douglas Bagnall [Fri, 5 Jul 2024 02:31:58 +0000 (14:31 +1200)]
cmdline:burn: list commands to always burn; warn on unknown
We burn arguments to all unknown options containing "pass" (e.g.
"--passionate=false") in case they are a password option, but is bad
in the case where the unknown option takes no argument but the next
option *is* a password (like "--overpass --password2 barney". In that
case "--password2" would be burnt and not "barney".
The burning behaviour doesn't change with this commit, but users will now
see an error message explaining that the option was unknown. This is not
so much aimed at end users -- for who an invalid option will hopefully
lead to --help like output -- but to developers who add a new "pass"
option.
This also slightly speeds up the processing of known password options,
which is a little bit important because we are in a race to replace the
command line in /proc before an attacker sees it.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Jul 10 06:28:08 UTC 2024 on atb-devel-224
Douglas Bagnall [Fri, 5 Jul 2024 04:13:04 +0000 (16:13 +1200)]
cmdline: samba-tool test for bad option warning
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15674
(cherry picked from commit d2b119e34b4e523a3bc6699e4d8a370bf8403d0b)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 97be45f9ea3410392cd37eab5cfafd3ad00cfe57)
Douglas Bagnall [Tue, 2 Jul 2024 23:23:36 +0000 (11:23 +1200)]
cmdline:burn: explicitly burn --username
This is the long form of -U in samba-tool.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15674
(cherry picked from commit 63a83fb7bb312731047f361f89766e0be492f83e)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit f1fbba6dc609590854c0d7c5e72b58fabc356695)
Douglas Bagnall [Sat, 29 Jun 2024 01:43:03 +0000 (13:43 +1200)]
cmdline: test_cmdline tests more burning
We have more secret arguments, like --client-password, --adminpass,
so we are going to use an allowlist for options containing 'pass', but
we don't want to burn the likes of --group=passionfruit.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit c4df89e9640c1306aa390cdacaa974c870c3f5bb)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 6effed31899a1be8194a851e5a4023276b8a5f38)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit f5233ddf974f9649d8a12b151b6843412eab489c)
Douglas Bagnall [Thu, 27 Jun 2024 04:03:30 +0000 (16:03 +1200)]
cmdline:burn: always return true if burnt
Before we have been trying to cram three cases into a boolean return
value:
* cmdline had secrets, we burnt them -> true
* cmdline had no secrets, all good -> false
* cmdline has NULL string, WTF! emergency! -> false
This return value is only used by Python which wants to know whether to
go to the trouble of replacing the command line. If samba_cmdline_burn()
returns false, no action is taken.
If samba_cmdline_burn() burns a password and then hits a NULL, it would
be better not to do nothing. It would be better to crash. And that is
what Python will end up doing, by some talloc returning NULL triggering
a MemoryError.
What about the case like {"--foo", NULL, "-Ua%b"} where the secret comes
after the NULL? That will still be ignored by Python, as it is by all C
tools, but we are hoping that can't happen anyway.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit d3d8dffc0212662456a6251baee5afd432160fa2)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 53a1184525279741e116350a9b53da15cb2f41d0)
Douglas Bagnall [Thu, 27 Jun 2024 03:20:27 +0000 (15:20 +1200)]
cmdline:burn: do not retain false memories
If argv contains a secret option without an '=' (or in the case of
"-U", the username is separated by space), we will get to the
`if (strlen(p) == ulen) { continue; }` without resetting the found
and is_user variables. This *sometimes* has the right effect, because
the next string in argv ought to contain the secret.
But in a case like {"--password", "1234567890"}, where the secret
string is the same length as the option, we *again* take that branch
and the password is not redacted, though the argument after it will be
unless it is also of the same length.
If we always set the flags at the start we avoid this. This makes
things worse in the short term for secrets that are not the same
length as their options, but we'll get to that in another commit soon.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 2f6020cf3dadf484251701040e09a10fba2f644e)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 05128a1f5f17c55a8d8da42c6c52c4235adf36d4)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit f17a2b1b25f2ffa5e3caeb8f81101e66b843cc29)
[jsutton@samba.org Fixed conflict in selftest/tests.py]
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit f3b240da5c209a51fa43de23e8ecfea2f32bbfd5)
Douglas Bagnall [Thu, 20 Jun 2024 23:29:36 +0000 (11:29 +1200)]
docs-xml:manpages: allow for longer version strings
The default value (30) truncates "Samba 4.21.0pre1-DEVELOPERBUILD" to
"Samba 4.21.0pre1-DEVELOPE" in the bottom left corner of the man page.
("Samba 4.21.0pre1-DEVELOPE" is only 25 bytes long, not 30, but let's
not worry about that).
On narrow terminals (< ~75 columns) this makes it more likely that
the version string will run into the date string.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 7fb38aee129789cce28ddf54bd7234f8c5f57d97)
This is to fix the error when pushing to personal gitlab repo:
2024-07-04 08:16:05,460 Running: 'git clone --recursive --shared /builds/pfilipen/samba /builds/samba-testbase/master' in '/builds/pfilipen/samba'
Cloning into '/builds/samba-testbase/master'...
fatal: detected dubious ownership in repository at '/builds/pfilipen/samba/.git'
To add an exception for this directory, call:
git config --global --add safe.directory /builds/pfilipen/samba/.git
fatal: Could not read from remote repository.
Instead of adding more and more explicit repositories
we should just allow any, we're in an isolated environment...
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 10 10:35:00 UTC 2024 on atb-devel-224
gitlab-ci: Also add the git directory for pipeline in the main mirror
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jul 4 08:08:49 UTC 2024 on atb-devel-224
Signed-off-by: Ralph Boehme <slow@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jul 5 10:02:26 UTC 2024 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Jun 13 08:41:39 UTC 2024 on atb-devel-224
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit f88e60644e76c6310088934439f9c0da0f63905f)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 54fed589cca245c716492bcc78b574c30378b19c)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit f3af6e860800d0f837cdf6c2d16d1cd12feb08df)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit d00e9482a50b5a756f4847cde977c40c80e179c5)
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 84fb5cc8451c0af354850f39ae6debf388849ebb)
Andrew Bartlett [Tue, 18 Jul 2023 02:50:55 +0000 (14:50 +1200)]
selftest: Allow MIT Krb5 1.21 to still start to fl2000dc
This is the simplest way to keep this test environment alive.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
(cherry picked from commit 4ae3e9b208d4badee5765eddd832b258e84665b2)
Andrew Bartlett [Tue, 5 Sep 2023 21:37:19 +0000 (09:37 +1200)]
.gitlab-ci: Allow ext4 jobs to run on shared runners
At the time of this commit, GitLab shared runners
tagged "gce" were 2x AMD EPYC 7B12 with 8GB ram.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 19fb9a97dff2c0222d89a19bc9b0cd27f0306408)
.gitlab-ci: make it explicit that some tests require ext4/5.15 kernel
This is better then requiring private runners,
as we'll be able to use shared runners for ext4 soon.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit b1e83b6cede6ad50e417a6cff583a9ab25f8c980)
Xavi Hernandez [Thu, 27 Jun 2024 13:41:19 +0000 (15:41 +0200)]
Fix starvation of pending writes in CTDB queues
CTDB uses a queue to receive requests and send answers. It works
asynchronously using the tevent framework. However there was an issue
that gave priority to the receiving side so, when a request was
processed and the answer posted to the queue, if another incoming
request arrived, it was served before sending the previous answer.
This scenario could repeat for long periods of time if the frequency of
incoming requests was high enough.
Eventually, a small time gap between incoming request gave a chance to
process the pending output queue, sending many answers in a burst.
This patch makes sure that both queues (input and output) are processed
if the event contains the appropriate flag.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15678
RN: Fix unnecessary delays in CTDB while processing requests under high
load.
Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Jul 1 09:17:43 UTC 2024 on atb-devel-224
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 673c8e6ca5994973e4887641c3599707a66a608c)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 0bc5b6f29307ce758774c1b2f48ce62315fdc7f9)
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(backported from commit fe90576871b5d644b9e888fd7a0b0351feaba750)
[jsutton@samba.org Fixed conflicts in knownfails and
third_party/heimdal/kdc/fast.c]
Autobuild-User(v4-19-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-19-test): Wed Jul 3 09:56:13 UTC 2024 on atb-devel-224
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(backported from commit c5ee0b60b20011aeaa60c2f549c2a78269c97c8f)
[jsutton@samba.org Fixed conflicts in selftest/knownfail_heimdal_kdc]
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(backported from commit 6dc6168719cf232ac2c1d747f10aad9b13300c02)
[jsutton@samba.org Fixed conflicting import statements in
python/samba/tests/krb5/kdc_base_test.py]
[jsutton@samba.org Fixed conflicting import statements in
python/samba/tests/krb5/kdc_base_test.py]
Andrew Bartlett [Tue, 19 Mar 2024 01:37:24 +0000 (14:37 +1300)]
python/tests/krb5: Prepare for PKINIT tests with UF_SMARTCARD_REQUIRED
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(backported from commit b2fe1ea1c6aba116b31a1c803b4e0d36ac1a32ee)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15655
[jsutton@samba.org Fixed conflicting import statements in
python/samba/tests/krb5/pkinit_tests.py]
[jsutton@samba.org Fixed conflicting import statements in
python/samba/tests/krb5/kdc_base_test.py]
Jo Sutton [Thu, 21 Mar 2024 23:58:19 +0000 (12:58 +1300)]
tests/krb5: Fix PK-INIT test framework to allow expired password keys
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 7cc8f455191faacf32efc474c27e99d45ef2e024)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15655
Andrew Bartlett [Fri, 17 May 2024 02:19:31 +0000 (14:19 +1200)]
dsdb: Reduce minimum maxPwdAge from 1 day to nil
This allows us to have tests, which pass on Windows, that
use a very short maxPwdAge.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit 3669479f22f2109a64250ffabd1f6453882d29f1)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15655
Joseph Sutton [Mon, 30 Oct 2023 01:05:17 +0000 (14:05 +1300)]
tests/krb5: Use __slots__ to indicate which attributes are used by classes
These should help to catch mistaken attempts to set invalid attributes.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 2b69e1e7c316e634090aad1d97ecadf8cdf529f3)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15655
Joseph Sutton [Fri, 29 Sep 2023 00:13:01 +0000 (13:13 +1300)]
tests/krb5: Add method to perform an armored AS‐REQ
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 849ee959845832b206ae315ab5911c623ea61148)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15655
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jun 19 10:17:28 UTC 2024 on atb-devel-224
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit eeb60574b6bf1a5209b85a8af843b93300550ba7)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit c715ac5e496ddde119212d3b880ff0e68c2da67b)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit db2c576f329675e8d66e19c336fe04ccba918b4a)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit cda8beea45303a77080c64bb2391d22c59672deb)
Document the new optional argument to specify the namespace to be
associated with RADOS objects in a pool.
Pair-Programmed-With: Anoop C S <anoopcs@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Jun 14 07:42:25 UTC 2024 on atb-devel-224
RADOS objects within a pool can be associated to a namespace for
logical separation. librados already provides an API to configure
such a namespace with respect to a context. Make use of it as an
optional argument to the helper binary.
Pair-Programmed-With: Anoop C S <anoopcs@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit d8c52995f68fe088dd2174562faee69ed1c95edd)
vfs_default: also call vfs_offload_token_ctx_init in vfswrap_offload_write_send
If a client for whatever reason calls FSCTL_SRV_COPYCHUNK[_WRITE] without
FSCTL_SRV_REQUEST_RESUME_KEY, we call vfswrap_offload_write_send
before vfswrap_offload_read_send.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jun 17 18:02:27 UTC 2024 on atb-devel-224
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Noel Power <noel.power@suse.com>
(cherry picked from commit 372476aeb003e9c608cd2c0a78a9c577b57ba8f4)
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
RN: We have added new options --vendor-name and --vendor-patch-revision arguments
to ./configure to allow distributions and packagers to put their name in the Samba
version string so that when debugging Samba the source of the binary is obvious.
Andrew Bartlett [Wed, 29 May 2024 22:50:12 +0000 (10:50 +1200)]
build: Add --vendor-name --vendor-patch-revision options to ./configure
These options are for packagers and vendors to set so that when
Samba developers are debugging an issue, we know exactly which
package is in use, and so have an idea if any patches have been
applied.
This is included in the string that a Samba backtrace gives,
as part of the PANIC message.
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 651fb94c374c7f84405d960a9e0a0fd7fcb285dd)
s4:nbt_server: simulate nmbd and provide unexpected handling
This is needed in order to let nbt_getdc() work against
another AD DC and get back a modern response with
DNS based names. Instead of falling back to
the ugly name_status_find() that simulates just
an NETLOGON_SAM_LOGON_RESPONSE_NT40 response.
This way dsgetdcname() can work with just the netbios
domain name given and still return an active directory
response.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 796f33c05a0ca337b675b5d4d127f7c53b22528f)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit bfb10774b65af65f9c438a5d3e87529b1fcf46a1)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 77f4f1c7dbaa2bb04d59d908923f6d11fd514da2)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 11861bcfc3054894bc445e631ae03befb4865db8)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit cca373b806e01fc57bd5316d3f8a17578b4b6531)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 2b66663c75cdb3bc1b6bc5b1736dd9d35b094b42)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 696505a1efbcc9803a287d8c267fed9d04bf8885)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit f90cf0822d6e66426d72f92bd585119066e2a9c3)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 011f68ae5ddc3fae8b453744aeb95766d885915e)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 105247c90007474947e2314b63be72fb21f09811)
A lot of stuff is private to nmbd and can
be moved from nameserv.h.
This allows move required types from smb.h to
nameserv.h, so that this can be standalone.
Including it from smb.h is not a huge problem
as nmbd internals are gone from nameserv.h.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 7f96c21029e3b94d38bd871c79cabf872ad77fae)
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 11 19:31:40 UTC 2024 on atb-devel-224
(cherry picked from commit 788ef8f07c75d5e6eca5b8f18d93d96f31574267)
[noel.power@suse.com backported to Samba 4.19 changed test of errno
after return from widelink_openat to ENOENT because ELOOP isn't set
for msdfs links in 4.19, ENOENT is set instead. Also minor change
to use 4.19 create_open_symlink_err fn instead of read_symlink_reparse]
Noel Power [Tue, 11 Jun 2024 10:19:50 +0000 (11:19 +0100)]
selftest: Add a python blackbox test for some misc (widelink) DFS tests
On master attempting to chdir into a nested dfs link
e.g. cd dfslink (works)
cd dfslink/another_dfslink (fails)
[1] Add a test for this scenario (nested chdir)
[2] Add test for enumerating a dfs link in root of dfs share
[3] Add a test to check case insensitive chdir into dfs link on widelink
enabled share
Add knownfails for tests 1 and 3
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435
(cherry picked from commit 7f1de90f72d6e8287aec6ab1d9f7776b7df624e5)
[noel.power@suse.com backported to Samba 4.19 changed knownfails because
test_ci_chdir doen't fail in 4.19 but test_enumerate_dfs_link does]
s4:dns_server: no-op dns updates with ACCESS_DENIED should be ignored
If the client does not have permissions to update the record,
but the record already has the data the update tries to apply,
it's a no-op that should result in success instead of failing.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 6 03:18:16 UTC 2024 on atb-devel-224
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 76fec2668e73b9d15447abee551d5c04148aaf27)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit db350bc573b378fb0615bdd8592cc9c62f6db146)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 5906ed94f2c5c68e83c63e7c201534eeb323cfe7)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit ae7538af04435658d2ba6dcab109beecb6c5f13e)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit bd0235cd515d5602ed9501bfc810a2487364ea10)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 3467d1491490830d61d16cb6278051daf48466fc)
projects / thirdparty / samba.git / log
