summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* testprogs/blackbox: PY3 bulk change for python scripts use correct pythonNoel Power2018-11-1416-99/+99
| | | | | | | | Change all instance where python scripts are called so that the correct python version as specified by $PYTHON is used Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* python/samba/provision: PY3 port samba4.dlz_bind9.versionNoel Power2018-11-141-3/+4
| | | | | Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* ctdb: Fix an out of bound array accessAndreas Schneider2018-11-141-1/+1
| | | | | | | | | Found by cppcheck. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* lib:util Always initialize start and spaceAndreas Schneider2018-11-141-5/+2
| | | | | | | | | Found by cppcheck. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libgpo: Make sure status is intializedAndreas Schneider2018-11-141-1/+1
| | | | | | | | | Found by cppcheck. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* librpc:ndr: Initialize inblobAndreas Schneider2018-11-141-1/+3
| | | | | | | | | Found by cppcheck. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:rpcclient: Initialize domain_nameAndreas Schneider2018-11-141-1/+1
| | | | | | | | | | | This could be passed uninitialized to dcerpc_netr_DsRGetDCName() Found by cppcheck. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13680 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3: lib: nmbname: Ensure we limit the NetBIOS name correctly. CID: 1433607Jeremy Allison2018-11-131-13/+21
| | | | | | | | | | | | | | | | Firstly, make the exit condition from the loop explicit (we must never write into byte n, where n >= sizeof(name->name). Secondly ensure exiting from the loop that n==MAX_NETBIOSNAME_LEN, as this is the sign of a correct NetBIOS name encoding (RFC1002) in order to properly read the NetBIOS name type (which is always encoded in byte 16 == name->name[15]). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Tue Nov 13 20:54:56 CET 2018 on sn-devel-144
* libcli/smb: don't overwrite status codeRalph Boehme2018-11-132-7/+7
| | | | | | | | | | | | | | The original commit c5cd22b5bbce724dcd68fe94320382b3f772cabf from bug 9175 never worked, as the preceeding signing check overwrote the status variable. Bug: https://bugzilla.samba.org/show_bug.cgi?id=9175 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Tue Nov 13 17:28:45 CET 2018 on sn-devel-144
* s4:torture/smb2/session: test smbXcli_session_set_disconnect_expired() worksRalph Boehme2018-11-132-0/+112
| | | | | | | | | | | This adds a simple test that verifies that after having set smbXcli_session_set_disconnect_expired() a session gets disconnected when it expires. Bug: https://bugzilla.samba.org/show_bug.cgi?id=9175 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:smb2_sesssetup: check session_info security level before it gets ↵Ralph Boehme2018-11-132-5/+4
| | | | | | | | | | | | | | | | | | | talloc_move'd We talloc_move() session_info to session->global->auth_session_info which sets session_info to NULL. This means security_session_user_level(NULL, NULL) will always return SECURITY_ANONYMOUS so we never sign the session setup response. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Tue Nov 13 14:22:46 CET 2018 on sn-devel-144
* s4:torture/smb2/session: session reauth response must be signedRalph Boehme2018-11-132-0/+9
| | | | | | | | | | This test checks that a session setup reauth is signed even when neither client nor server require signing. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:torture/smb2/session: add force_signing to test_session_expire1iRalph Boehme2018-11-131-1/+6
| | | | | | | | | | Existing callers pass true, so no change in behaviour. The next commit adds an additional test that passes force_signing=false. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:torture/smb2/session: require a signed session setup reauth responseRalph Boehme2018-11-131-0/+8
| | | | | | | | | | | All existing tests using this function require signing, so currently this passes. A subsequent commit adds a test where neither client nor server require signing and that's where this trap will explode. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:torture/smb2/session: invalidate credential cacheRalph Boehme2018-11-131-0/+8
| | | | | | | | | | | | | | Invalidate credential cache before connecting to the server, otherwise we will reuse the credentials from the credential cache populated by the preceeding tests. Also invalidate it at the end, otherwise subsequent tests might run into problems if the credentials expire while authenticating. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/smb: use require_signed_response in smb2cli_conn_dispatch_incoming()Ralph Boehme2018-11-131-1/+16
| | | | | | | | | | | This can be used by the upper layers to force checking a response is signed. It will be used to implement verification of session setup reauth responses in a torture test. That comes next. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/smb: defer singing check a little bitRalph Boehme2018-11-131-6/+6
| | | | | | | | | | | | | This allows adding an additional condition to the if check where the condition state may be modified in the "if (opcode == SMB2_OP_SESSSETUP)" case directly above. No change in behaviour. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/smb: maintain require_signed_response in smbXcli_req_stateRalph Boehme2018-11-131-0/+3
| | | | | | | | | Not used for now, that comes next. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/smb: add smb2cli_session_require_signed_response()Ralph Boehme2018-11-132-0/+9
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:selftest: also run smb2.session torture testsuite against ad_memberRalph Boehme2018-11-131-0/+1
| | | | | | | | | | | | | | The next commit adds a subtest to the smb2.session testsuite that requires Kerberos (ad_dc would work), but where neither SMB2 server or client must require signing (ad_dc, being an AD DC, requires signing). The ad_member environment supports Kerberos with the SMB2 server not mandating signing, that'll do. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:selftest: split "raw.session" and "smb2.session"Ralph Boehme2018-11-131-1/+6
| | | | | | | | | The next commit is going to add a testsuite to "smb2.session". Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* replace: Add check for variable program_invocation_short_nameMartin Schwenke2018-11-132-5/+6
| | | | | | | | | | | | | | | | | | | | | It appears that wafsamba's configure() defines _GNU_SOURCE unconditionally, so checking _GNU_SOURCE isn't enough to know if this variable is available. For example, it isn't available on AIX with the xlc compiler: [ 6/10] Compiling lib/replace/replace.c ... "../../lib/replace/replace.c", line 991.16: 1506-045 (S) Undeclared identifier program_invocation_short_name. Instead, add a configure check for program_invocation_short_name and use it. Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Nov 13 11:11:11 CET 2018 on sn-devel-144
* nsswitch: Handle possible NULL return value of getprogname()Andreas Schneider2018-11-131-2/+7
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* lib:replace: Do not leak the file pointer in rep_getprogname()Andreas Schneider2018-11-131-5/+12
| | | | | | | And return NULL on error. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* smbd: Use wire_perms_to_unix in unix_perms_from_wireVolker Lendecke2018-11-131-18/+1
| | | | | | | | | | Same code, less lines Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Nov 13 04:10:54 CET 2018 on sn-devel-144
* winbindd: Fix crash when taking profilesVolker Lendecke2018-11-121-1/+2
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13629 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Björn Baumbach <bbaumbach@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Nov 12 20:20:52 CET 2018 on sn-devel-144
* pam_winbind: Set the request type as client nameAndreas Schneider2018-11-121-0/+8
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Nov 12 13:44:09 CET 2018 on sn-devel-144
* nss_wins: Set client process nameAndreas Schneider2018-11-121-0/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nss_winbind: Set the client process nameAndreas Schneider2018-11-121-0/+11
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* krb5_plugin: Set the wbclient process nameAndreas Schneider2018-11-121-0/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* wbclient: Add wbcSetClientProcessName()Andreas Schneider2018-11-126-2/+165
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:winbind: Log client process name for PAM authAndreas Schneider2018-11-121-2/+4
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:winbind: Log client process name in winbind_miscAndreas Schneider2018-11-121-16/+30
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:winbind: Log client process nameAndreas Schneider2018-11-1212-13/+46
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:winbindd: Also log the process name in winbinddAndreas Schneider2018-11-122-5/+15
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* wbclient: Send the client process name talking to winbindAndreas Schneider2018-11-123-1/+30
| | | | | | | This is for better debugging messages. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib:replace: Add getprogname()Andreas Schneider2018-11-123-0/+77
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-auth-tests: Fix test_kerberos with MIT krbJustin Stephenson2018-11-101-0/+17
| | | | | | | | | | | | | | | | When a keytab of type MEMORY is used, the MIT kerberos krb5_kt_add_entry() library function adds a keytab entry to the beginning of the keytab table, instead of the end. This adds a MIT kerberos conditional to reverse iterate through the keytable entries to address this. Signed-off-by: Justin Stephenson <jstephen@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Sat Nov 10 12:48:02 CET 2018 on sn-devel-144
* lib: Use dom_sid_str_bufVolker Lendecke2018-11-101-6/+9
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Nov 10 02:19:29 CET 2018 on sn-devel-144
* libgpo: Use dom_sid_str_bufVolker Lendecke2018-11-091-11/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* idmap: Use dom_sid_str_bufVolker Lendecke2018-11-091-1/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* idmap: Use dom_sid_str_bufVolker Lendecke2018-11-091-4/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* idmap: Use dom_sid_str_bufVolker Lendecke2018-11-091-2/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* passdb: Use dom_sid_str_bufVolker Lendecke2018-11-091-9/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* passdb: Use dom_sid_str_bufVolker Lendecke2018-11-091-7/+9
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* passdb: Use dom_sid_str_bufVolker Lendecke2018-11-091-3/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* passdb: Use dom_sid_str_bufVolker Lendecke2018-11-091-3/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Use dom_sid_str_bufVolker Lendecke2018-11-091-11/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbind: Use dom_sid_str_bufVolker Lendecke2018-11-091-27/+27
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbind: Use dom_sid_str_bufVolker Lendecke2018-11-091-2/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
View Lorry Controller Status