Joseph Sutton [Thu, 29 Apr 2021 09:04:25 +0000 (21:04 +1200)]
python: Add RPC credentials cache test
Test that we can use a credentials cache with a user's service ticket
obtained with our Python code to connect to a service through RPC.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joseph Sutton [Thu, 29 Apr 2021 08:58:11 +0000 (20:58 +1200)]
python: Add LDAP credentials cache test
Test that we can use a credentials cache with a user's service ticket
obtained with our Python code to connect to a service through LDAP.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joseph Sutton [Tue, 27 Apr 2021 23:06:33 +0000 (11:06 +1200)]
python: Add credentials cache test
Test that we can use a credentials cache with a user's service ticket
obtained with our Python code to connect to a service using the normal
credentials system backed on to MIT/Heimdal Kerberos 5 libraries. This
will allow us to validate the output of the MIT/Heimdal libraries in the
future.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joseph Sutton [Tue, 27 Apr 2021 23:02:47 +0000 (11:02 +1200)]
krb5: Add Python functions to create a credentials cache containing a service ticket
This is a FILE: format credentials cache readable by the MIT/Heimdal
Kerberos libraries. This allows us to glue the Python ASN1 Kerberos
system to the MIT/Heimdal one.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joseph Sutton [Tue, 27 Apr 2021 22:58:48 +0000 (10:58 +1200)]
librpc: Test parsing a Kerberos 5 credentials cache with ndrdump
This is the format used by the FILE: credentials cache type.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joseph Sutton [Tue, 27 Apr 2021 22:57:00 +0000 (10:57 +1200)]
krb5ccache.idl: Add definition for a Kerberos credentials cache
Based on specifications found at
https://web.mit.edu/kerberos/krb5-devel/doc/formats/ccache_file_format.html
This is primarily designed for parsing and storing a single Kerberos
ticket, due to the limitations of PIDL.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joseph Sutton [Tue, 27 Apr 2021 23:07:22 +0000 (11:07 +1200)]
pygensec: Fix method documentation
This changes the docstrings to use the correct method names.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joseph Sutton [Tue, 27 Apr 2021 22:55:13 +0000 (10:55 +1200)]
auth:creds: Fix parameter in creds.set_named_ccache()
Use the passed-in value for 'obtained' rather than always using
CRED_SPECIFIED.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Joseph Sutton [Tue, 27 Apr 2021 22:54:05 +0000 (10:54 +1200)]
auth:creds: Remove unused variable
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Jeremy Allison [Mon, 17 May 2021 21:01:43 +0000 (14:01 -0700)]
s3: lib: Fix the solaris build. Commit 8d0ea8bafa00 added SMB_ACL_TYPE_T type to solarisacl_sys_acl_set_fd() in the .c file, but not the .h.
The fact no one noticed means currently no one is
building master on Solaris/Illumos/OmniOS.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 18 19:23:25 UTC 2021 on sn-devel-184
Jeremy Allison [Sat, 15 May 2021 04:41:49 +0000 (21:41 -0700)]
s3: VFS: Update status of SMB_VFS_SYS_ACL_DELETE_DEF_FILE() and SMB_VFS_SYS_ACL_DELETE_DEF_FD().
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 18 18:19:28 UTC 2021 on sn-devel-184
Leave the called function as that's in the public API.
We will be able to get rid of it when we delete sys_acl_delete_def_file()
after all the callers are gone.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Noel Power <npower@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue May 18 11:32:41 UTC 2021 on sn-devel-184
Volker Lendecke [Tue, 18 May 2021 06:32:45 +0000 (08:32 +0200)]
ctdb: Fix a crash in run_proc_signal_handler()
If a script times out the caller can talloc_free() the script_list
output of run_event_recv, which talloc_free's proc->output from
run_proc.c as well. If the script generates further output after the
timeout and then exits after a while, the SIGCHLD handler in the
eventd tries to read into proc->output, which was already free'ed.
Fix this by not doing just a talloc_steal but a talloc_move. This way
proc_read_handler() called from run_proc_signal_handler() does not try
to realloc the stale reference to proc->output but gets a NULL
reference.
I don't really know how to do a knownfail in ctdb, so this commit
actually activates catching the signal by waiting long enough for
22.bar to exit and generate the SIGCHLD.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14475 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Douglas Bagnall [Fri, 23 Apr 2021 07:37:55 +0000 (19:37 +1200)]
dlz: remove support for ancient binds
We no longer support versions of bind that have
DLZ_DLOPEN_VERSION != 3, so we no longer need all these ifdefs.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon May 17 22:29:01 UTC 2021 on sn-devel-184
Douglas Bagnall [Sat, 24 Apr 2021 03:25:25 +0000 (15:25 +1200)]
dlz: do not build for Bind 9.8 or 9.9
If we drop support for versions before Bind 9.10 (which itself went
EOL in 2018) we can get rid of a whole lot of ifdefs for old API
versions that no-one should be using.
This patch stops the build, the next one clears out the ifdefs.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Fri, 14 May 2021 10:35:44 +0000 (12:35 +0200)]
nmbd: Reduce the wait interface loop sleep time
Under some circumstances the network-online.target can be reached
without an IPv4 address, for example when using systemd-networkd and
having systemd-networkd-wait-online.service disabled. This will trigger
a five seconds sleep which seems a bit excessive. It is specially
critical when winbind.service is enabled as it won't be started until
nmbd.service is running, delaying the systemd-logind.service five seconds.
Reduce the sleep time from 5 seconds to 250ms to exit the loop as soon
as possible.
Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 14 20:52:47 UTC 2021 on sn-devel-184
Jeremy Allison [Thu, 13 May 2021 20:20:17 +0000 (13:20 -0700)]
build: wscript. Fix the build on FreeBSD with the clang ld.lld-XX linker.
FreeBSD is broken. It doesn't include 'extern char **environ'
in any shared library, but statically inside crt0.o.
If we're running on a FreeBSD with the GNU linker ld we
can get around this by explicitly telling the linker to
ignore 'environ' as an unresolved symbol in a shared library.
However, the clang linker ld.lld-XX is broken in that it
doesn't have that option.
First try to see if have '-Wl,--ignore-unresolved-symbol,environ'
and just use that if so.
If not, we have to use '-Wl,--allow-shlib-undefined' instead
and remove all instances of '-Wl,-no-undefined'.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 14 01:50:25 UTC 2021 on sn-devel-184
lib:util: Fix return value of tdb_fetch_uint32_byblob()
The initialize_winbindd_cache() function uses tdb_fetch_uint32_byblob()
to check if the cache version is valid and up to date. As
tdb_fetch_uint32_byblob() returns false for a successful fetch, we
always remove the winbind cache database. This breaks the winbind
offline logon feature.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 12 21:19:03 UTC 2021 on sn-devel-184
printing: Avoid a few references to background_lpq_updater_pid
We have the bgqd in the pidfile now
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 11 23:45:21 UTC 2021 on sn-devel-184
This is a separate binary executed from start_background_queue(). As
such it does not really gain much, but the idea is to move all the
code this runs out of the smbd and spoolssd binaries to just link
here.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Tue, 11 May 2021 18:41:42 +0000 (11:41 -0700)]
s3: smbd: Remove a STAT/LSTAT call on the parent pathname in a hot code path.
This optimization uses the stored errno result from check_parent_exists()
which already did a STAT/LSTAT if needed.
Best viewed with 'git show -b'.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 11 22:52:58 UTC 2021 on sn-devel-184
Noel Power [Thu, 29 Apr 2021 14:41:28 +0000 (15:41 +0100)]
VFS: Update status of SMB_VFS_STREAMINFO
Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue May 11 16:38:40 UTC 2021 on sn-devel-184
projects / thirdparty / samba.git / log
