Change-Id: I4cae47450e8026b10bd373828f235184560e0a99
Reviewed-on: https://code.wireshark.org/review/4308
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net> Signed-off-by: Aurelien Aptel <aaptel@suse.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
Ralph Boehme [Sun, 19 Jun 2016 17:22:02 +0000 (19:22 +0200)]
selftest: make samba3.blackbox.smbclient_tar as flapping
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jun 20 12:07:18 CEST 2016 on sn-devel-144
Martin Schwenke [Sat, 18 Jun 2016 20:47:09 +0000 (06:47 +1000)]
lib/util: Optimise trim_string() to use a single memmove(3)
Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Jun 20 04:47:26 CEST 2016 on sn-devel-144
This commit adds a simple test with smbclient -k against the aliases.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sun Jun 19 19:07:46 CEST 2016 on sn-devel-144
Richard Sharpe [Sat, 18 Jun 2016 20:29:36 +0000 (13:29 -0700)]
s3/net: print returned addresses in dns gethostbyname
Make net ads dns gethostbyname actually print out the returned addresses
so we can use it in self tests.
Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sun Jun 19 10:34:37 CEST 2016 on sn-devel-144
s4-kdc: Move KDC packet handling functions to kdc-server.c
Create an Kerberos implmentation independent KDC-SERVER subsystem so we
can use it to implement a kpasswd server with MIT Kerberos in future.
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Jun 19 03:31:32 CEST 2016 on sn-devel-144
Jeremy Allison [Fri, 10 Jun 2016 16:32:32 +0000 (09:32 -0700)]
s4: torture: Added raw readX test to ensure 'reserved' fields are zero.
Passes against Win2k12+, and smbd with the previous patch.
https://bugzilla.samba.org/show_bug.cgi?id=11845
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Sat Jun 18 19:32:22 CEST 2016 on sn-devel-144
Jeremy Allison [Mon, 13 Jun 2016 16:30:25 +0000 (09:30 -0700)]
s3: smbd: In reply_read_and_X() SMB1 server is overwriting part of the 'reserved' zero fields with reply data length.
This occurred due to old code that used to do:
SSVAL(smb_buf(req->outbuf),-2,nread);
to set the reply length. This code was not needed,
as srv_set_message() was already correctly setting
the bcc length and was probably left from much
earlier legacy code.
This code actually overwrites the last 'reserved'
field in the SMB_COM_READ_ANDX packet reply, but we
never noticed as no client (or server code) looks at or
checks vwv11 in a SMB_COM_READ_ANDX reply.
and indeed checking wireshark from Win2012R2
we find that smbd is writing the returned
read length into smb_vwv11 and Windows leaves
it as zeros (reserved).
Also fix the same problem in the named pipes code.
Torture test to ensure Reserved2[4] replies
are zero to follow.
https://bugzilla.samba.org/show_bug.cgi?id=11845
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Jeremy Allison [Fri, 10 Jun 2016 23:51:11 +0000 (16:51 -0700)]
s3: libsmb: Widen the internal client smb1.pid to 32-bits as is used on the wire and in libcli/smb/smb1*.c
Note: This has *NO* effect on the lock context code, as on the
wire for all SMB1 locking requests, the pid used as the lock
context is already truncated down to 16-bits - the field is only
16-bits wide.
This allows the cli_XXX() calls to correctly set pidlow AND pidhigh
in SMB1 requests put on the wire by the libcli/smb/smb1*.c code.
Note that currently the smbd server doesn't correctly return
pidhigh yet - a fix (and tests) for that will follow.
As pidhigh is not checked in any client code (mid is used
to differentiate different requests) this has no effect
other than a correctness fix.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 17 22:15:09 CEST 2016 on sn-devel-144
Andrew Bartlett [Wed, 15 Jun 2016 03:42:18 +0000 (15:42 +1200)]
lib/ldb-samba: We can confirm a GUID is a GUID by length
The GUID_from_ndr_blob() is pointless and costly
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jun 17 18:13:56 CEST 2016 on sn-devel-144
Garming Sam [Thu, 9 Jun 2016 05:03:18 +0000 (17:03 +1200)]
getncchanges: Match Windows on linked attribute sort
The order of linked attributes depends on comparison of the NDR packed
GUIDs (not its struct GUID form).
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
Garming Sam [Mon, 6 Jun 2016 23:56:49 +0000 (11:56 +1200)]
getncchanges: sort with precalculated target guid array
This avoids reparsing the linked attribute and schema refetching.
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
Garming Sam [Mon, 6 Jun 2016 23:57:02 +0000 (11:57 +1200)]
getncchanges: remove some whitespace
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
Garming Sam [Thu, 9 Jun 2016 03:54:25 +0000 (15:54 +1200)]
tests/drs: change sort order in tests to match Windows
Although we attempted to sort by GUID based on DRSR, it is actually
sorted by the ndr packed GUID.
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
Garming Sam [Thu, 9 Jun 2016 02:55:57 +0000 (14:55 +1200)]
tests/drs: assert sorted identifier GUIDs across getncchanges
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
Garming Sam [Wed, 8 Jun 2016 22:56:28 +0000 (10:56 +1200)]
tests/drs: make cleanup more robust
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
Garming Sam [Tue, 7 Jun 2016 23:10:58 +0000 (11:10 +1200)]
tests/drs: extend getnc_exop test to check linked attributes
Assert that linked attributes propagate across DRS and come in a
particular sorted order.
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
Michael Adam [Wed, 15 Jun 2016 22:15:00 +0000 (00:15 +0200)]
libnet: only create local private krb5.conf if joining an AD domain
This prevents irritating warning messages.
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 17 08:13:55 CEST 2016 on sn-devel-144
Garming Sam [Wed, 15 Jun 2016 04:32:23 +0000 (16:32 +1200)]
flapping: temporarily add samba_dnsupdate test
This should be removed when we can run nsupdate on sn-devel
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu Jun 16 08:37:56 CEST 2016 on sn-devel-144
Garming Sam [Tue, 7 Jun 2016 23:11:15 +0000 (11:11 +1200)]
tests/drs: cleanup some whitespace
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
Garming Sam [Wed, 8 Jun 2016 02:19:42 +0000 (14:19 +1200)]
drsuapi.idl: Add attid used in testing in idl
Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
Andrew Bartlett [Wed, 1 Jun 2016 09:27:07 +0000 (21:27 +1200)]
selftest: Rebase DrsBaseTestCase on SambaToolCmdTest
This then makes SambaToolCmdTest based on BlackboxTestCase.
This allows us to use better command output testing in the fsmo tests
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Thu Jun 16 04:07:41 CEST 2016 on sn-devel-144
Ralph Boehme [Mon, 30 May 2016 14:44:00 +0000 (16:44 +0200)]
s4/dns_server: enable sending of TSIG error records
This final patch enables sending TSIG error records by adding
DNS_RCODE_NOTAUTH to the set of error conditions that are allowed to
trigger sending a full generated response.
See RFC 2845 "4.5.1. KEY check and error handling" and "4.5.3. MAC check
and error handling".
Ralph Boehme [Mon, 30 May 2016 14:42:14 +0000 (16:42 +0200)]
s4/dns_server: prepare sending correct error responses for dns_verify_tsig() errors
Call dns_verify_tsig() after updating state.flags and assign and use
out_packet for dns_verify_tsig().
We will need the updated flags when sending TSIG error responses when
TSIG request MAC verification fails and dns_verify_tsig() uses the
passed in packet as response, so we have to make sure we copy in_packet
to out_packet before calling out and pass out_packet.
Ralph Boehme [Mon, 30 May 2016 14:03:33 +0000 (16:03 +0200)]
s4/dns_server: split out function that does the MAC computation
Split out function that does the MAC computation from the TSIG record
creating function. This will later simplify the code when creating error
responsed to TSIG requests with bad MACs where we have to add the TSIG
record with an empty MAC.
No functional behaviour change besides hard coding "gss-tsig" algorithm
name: later when sending a TSIG error response for a TKEY request with a
bad keyname, we won't have a tkey to fetch the algorithm name from.
Ralph Boehme [Sat, 14 May 2016 17:08:51 +0000 (19:08 +0200)]
librpc/dns: remove original_id from dns_fake_tsig_rec
Cf RFC2845, 3.4.2. "TSIG Variables", the request id (original_id) is not
used in the MAC calculation. This also explains the mysterious 2 bytes
padding.
Ralph Boehme [Tue, 17 May 2016 10:30:46 +0000 (12:30 +0200)]
librpc/ndr: add flag LIBNDR_FLAG_NO_COMPRESSION
This flag can be used to change marshalling behaviour with regard to
compression.
Example: DNS packets make use of so called DNS name compression which
means that for identical strings in a DNS packet, the second string is
replaced with a reference (an offset) to the first.
Setting this flag requests to turns off the marshalling compression.
This will be used in the next commit to prevent name compression in DNS
TSIG records.
Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jun 15 20:28:31 CEST 2016 on sn-devel-144
projects / thirdparty / samba.git / log
