summaryrefslogtreecommitdiff
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
...
* s4:ntvfs: Do not free eadb before we printed an errorAndreas Schneider2019-05-081-1/+1
| | | | | | | Found by GCC 9. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4:auth: Fix debug statement in gensec_gssapiAndreas Schneider2019-05-081-4/+5
| | | | | | | | | | The 'role' is set to null, we should first set it to the correct value before printing anything. Found by GCC 9. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* CID 1363286: Resource leak by failing to free tmp_ctxGarming Sam2019-05-081-9/+18
| | | | | | | | | | | | There are a few oddities in this function, including a duplicated NULL check, a talloc_free of a context which is passed in and a number of missing frees before a return. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Autobuild-User(master): Gary Lockyer <gary@samba.org> Autobuild-Date(master): Wed May 8 00:36:14 UTC 2019 on sn-devel-184
* CID 1363287: Resource leak using str_list_appendGarming Sam2019-05-071-0/+4
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* s4 dns_server Bind9: Log opertion durationsGary Lockyer2019-05-073-108/+366
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add duration debug logging to the samba bind9 dlz driver and the dnsserver_common routines. This should aid future diagnosis of performance issues, and could be used to monitor DNS performance. The logs are currently Human readable text only, i.e. no JSON formatted output. Log lines are of the form: <function>: DNS timing: result: [<result>] \ duration: (<duration>) zone: [<zone>] name: [<name>] \ data: [<data>] e.g. dns_common_wildcard_lookup: DNS timing: result: [WERR_OK] \ duration: (111) zone: [] \ name: [DC=_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones,\ DC=chgdcpassword.samba.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,\ DC=chgdcpassword,DC=samba,DC=example,DC=com] data: [] Enabled by setting log level to "dns:10" durations are in microseconds. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue May 7 05:03:26 UTC 2019 on sn-devel-184
* waf: Also check for gnutls_privkey_export_x509()Andreas Schneider2019-05-072-2/+4
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4 heimdal_build: disable leak checks for asn1 compilerGary Lockyer2019-05-061-1/+10
| | | | | | | | Disable Address Sanitizer leak checking for the heimdal asn1 compiler, this allows a samba build with Address Sanitizer enabled. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4/scripting/bin Remove unecessary scriptsNoel Power2019-05-062-753/+0
| | | | | | | Apparently we get official schema from MS these days Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libnet: Remove unused source4/libnet/libnet_sam{dump,sync}:Andrew Bartlett2019-05-069-602/+1
| | | | | | | | | | | | | | | | The last caller was removed in samba-tool: Remove C version of samba-tool (e2af38415163f248e3dbd5a2abc156761e74b87c) by Amitay Isaacs in 2011 This was a tool to dump a genine NT4 DC (never Samba) into smbpasswd file. It did work against Windows AD, but DRS replication is much more comprehensive. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Autobuild-User(master): Gary Lockyer <gary@samba.org> Autobuild-Date(master): Mon May 6 07:11:51 UTC 2019 on sn-devel-184
* libnet: Remove unused source4/libnet/libnet_samsync_ldb.cAndrew Bartlett2019-05-063-1301/+1
| | | | | | | | | | The last caller was removed in samba-tool: Remove C version of samba-tool (e2af38415163f248e3dbd5a2abc156761e74b87c) by Amitay Isaacs in 2011 This was a prototype tool to sync a genine NT4 DC (never Samba) into ldb. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* torture: Remove unused dsdb_attribute_ldb_to_drsuapi()Andrew Bartlett2019-05-061-21/+0
| | | | | | | | The last caller was removed in s4-drs: GetNCChanges() to return correct (in AD-way) ATTIDs (6a51afcfdbcbce7813fb59c0655e4178268ca70e) by Kamen Mazdrashki in 2010 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* torture: Remove unused torture_join_server_dn_str()Andrew Bartlett2019-05-061-9/+0
| | | | | | | | | The last caller was removed in 2010 by s4:torture Rework NET-API-BECOMEDC test to use libnet_vampire callbacks. in ecf782da87b67b8d977aa1bbfce21f1b6ed8288a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* torture: Remove unused torture_ldap_connection2()Andrew Bartlett2019-05-061-17/+0
| | | | | | | | The last caller was removed by 'r7626: a new ldap client library' in 2005 with bab977dad76e9204278c7afe0bb905cda064f488. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* lib/tls: Remove unused source4/lib/tls/tls.c (tls socket wrapper)Andrew Bartlett2019-05-062-611/+0
| | | | | | | | | | The last caller was removed in 72c79e30f07bcc98610cca878f5de50e7db239a0 to remove the web server as all other callers use tls_tstream. Found by callcatcher. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* s4-winbindd: Removed unused wb_utils.cAndrew Bartlett2019-05-063-59/+0
| | | | | | | Garming noticed this was untested code in the lcov report, and it turns out to be unused. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* build: Remove ndr_PyLong_FromUnsignedLongLong wrapper from NT_STATUS and ↵Andrew Bartlett2019-05-062-18/+2
| | | | | | | W_ERROR table generator Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* selftest: correcting empty attribute usage in requestsAaron Haslett2019-05-061-1/+1
| | | | | | | | | | | | | | | | Many parts of Samba use an empty attribute list in requests expecting all attributes to be returned in the response, which is incorrect. This patch corrects the instances found by current CI tests. Static analysis and debugging will need to be done before changing ildap to the correct semantics. Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon May 6 05:45:55 UTC 2019 on sn-devel-184
* ldap: test for empty attributes listAaron Haslett2019-05-061-0/+17
| | | | | | | | | | | | | Test for LDAP request with an empty attribute list. LDB responds with no attributes, but LDAP responds with all attributes. Fix is attached to the bug below but we can't push it upstream until we've found all instances of incorrect empty attribute list usage in Samba. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13852 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli: Align integer typesVolker Lendecke2019-05-031-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli: Remove an unnecessary #includeVolker Lendecke2019-05-031-1/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4:torture/smb2: add smb2.getinfo.normalized testStefan Metzmacher2019-05-011-0/+311
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13919 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4:libcli/raw: add RAW_FILEINFO_NORMALIZED_NAME_INFORMATION supportStefan Metzmacher2019-05-016-12/+24
| | | | | | | | | | This is supported over the wire in SMB 3.1.1 on starting with Windows 10 1803. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13919 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4:torture/smb2: add smb2.stream.names3 testStefan Metzmacher2019-05-011-0/+115
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13919 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* dsdb/modules: a module to count attribute searches and resultsDouglas Bagnall2019-05-012-0/+650
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The dsdb module stack can turn a simple search request into a complicated tree of sub-queries that include attributes not originally asked for and excluding those that were. The corresponding replies might contain unrequested attributes or (for good reasons, according to some module) hide requested ones. The entire stack is there to meddle and that is what is does. Except *this* module. It just counts. To understand dsdb performance it helps to have some idea what requests and replies are flying too and fro. This module, when inserted anywhere in the stack, counts the requests and replies passing through and the attributes they contain. This data is stored in on-disk tdbs in the private/debug directory. The module is not loaded by default. To load it you need to patch the source4/dsdb/samdb/ldb_modules/samba_dsdb.c and put "count_attrs" somewhere in the module lists in the samba_dsdb_init() function. For example, to examine the traffic between repl_meta_data and group_audit_log, you would do something like this around line 316: "subtree_delete", "repl_meta_data", + "count_attrs", "group_audit_log", "encrypted_secrets", and recompile. Samba will then write to a number of tdb files in the debug directory as requests and replies pass through. A simple script is included to read these files. Doing this: ./script/attr_count_read st/ad_dc/private/debug/debug/attr_counts_not_found.tdb will print a table showing how often various attritbutes were requested but not found (from the point of view of the module). A more sophisticated version of the script is coming in the next commit, but this one is included first because in its simplicity it documents the storage format reasonably well. The tdb keys are attribute names, and the values are uint32_t in machine native order. When the module is included in the stack there will be a very small decrease in performance. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* pytests: try ldap.modify_order with normal userDouglas Bagnall2019-05-0115-17/+3816
| | | | | | | | | | | | We run the tests again, trying to modify as a normal user rather than Administrator. It turns out that we do not always return the same error code as Windows, but in all these tests both Windows and Samba always return some kind of error (as you might hope). Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb pytests: test the effect of reordering modify requestsDouglas Bagnall2019-05-0115-0/+4306
| | | | | | | Do we interpret these the same way as Windows? In many cases, no. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4/tests.py: shorten lines with common pathDouglas Bagnall2019-05-011-22/+24
| | | | | | | A small step Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb/pytest/ldap: use idiomatic 'e' for exceptionsDouglas Bagnall2019-05-011-218/+218
| | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb/pytest/ldap: revive commented out test for attr size rangeDouglas Bagnall2019-05-011-21/+32
| | | | | | | | | | | | The test was presumably commented out because we fail it, and known-failing it would have hidden the attr-too-short tests that it was bundled with. If we disentangle them we can knwn-fail it, which serves as a TODO list. (passes against WIN2012R2). Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:samdb: Make sure value is initialized with 0Andreas Schneider2019-05-011-1/+1
| | | | | | | | | | Found by csbuild. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed May 1 05:02:22 UTC 2019 on sn-devel-184
* s4/replmd delete: optimise attribute preservation with binary searchDouglas Bagnall2019-05-011-13/+31
| | | | | | | | | | When we get here it is very likely that the attribute will not be preserved, as the preserved ones should have had the flag set, but we still end up loking through the whole list to confirm. With a binary search, we end up looking at ~5 attributes to confirm. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4/replmd: delete checks flag before laborious searchDouglas Bagnall2019-05-011-2/+2
| | | | | | | | | | Most (perhaps all) attributes that are in the "must not remove" list also have the PRESERVEONDELETE bit set, and checking bits is much cheaper than a linear search involving strcasecmp. If we check the bit first we save work. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:libcli:smb2: Use GnuTLS SHA256 HMAC for signingAndreas Schneider2019-04-301-17/+32
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:utils: Use gnutls SHA256 in oLschema2ldifAndreas Schneider2019-04-301-6/+12
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* waf: Move check for gnutls_aead_cipher_init to main gnutls wscriptAndreas Schneider2019-04-301-10/+0
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* waf: Add check for gnutls_x509_crt_set_subject_unique_id()Andreas Schneider2019-04-302-2/+2
| | | | | | | This is used by the GnuTLS backupkey implementation. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* waf: Remove configure steps from source4/lib/tlsAndreas Schneider2019-04-302-87/+17
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:rpc_server: Remove obsolete gcrypt initAndreas Schneider2019-04-302-8/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:tls: Remove #ifdef for GnuTLSAndreas Schneider2019-04-303-241/+3
| | | | | | | This is a requirement now. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftests: Place credential cache file inside environment directorySamuel Cabrero2019-04-291-1/+1
| | | | | | | Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4:dsdb: Use C99 initializer in dsdb util_trustsAndreas Schneider2019-04-291-11/+29
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:heimdal: Disable format truncation warningsAndreas Schneider2019-04-251-0/+5
| | | | | | | | We build that code and do not treat warnings as errors anyway, so just disable format truncation. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* selftest: Move simple-dc-steps.sh to correct folderAndrew Bartlett2019-04-231-0/+34
| | | | | | | This script helps re-create the environment for the dbcheck-oldrelease.sh links test. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* s4-torture: add test to check for max. number of channels per session.Sachin Prabhu2019-04-191-0/+115
| | | | | | | | Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Apr 19 18:26:18 UTC 2019 on sn-devel-144
* s4-torture: Add lease break retry tests - test4Sachin Prabhu2019-04-191-0/+190
| | | | | | | | | | | | | | Test to see how the server behaves when the client flushes data back to the server but doesn't send the lease break response over the channel. Does it then retry the lease break? This test is specifically expected to run against Samba and will not work against a MS Windows servers because it uses the ignore method to ignore oplock breaks sent by the server. Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-torture: Add lease break retry tests - test3Sachin Prabhu2019-04-191-0/+150
| | | | | | | | | | | | | | | Check to see how the server behaves if lease break response is sent over a different channel to one over which the break is received. The test by default blocks channels by ignoring incoming lease break requests on that channel. This does not work when testing against a windows server. Use --option=torture:use_iptables=true to use iptables to block ports instead when testing against windows servers. Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-torture: Add lease break retry tests - test2Sachin Prabhu2019-04-191-0/+314
| | | | | | | | | | | | | | Test to check if lease breaks are sent by the server as expected. The test by default blocks channels by ignoring incoming lease break requests on that channel. This does not work when testing against a windows server. Use --option=torture:use_iptables=true to use iptables to block ports instead when testing against windows servers. Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-torture: Add lease break retry tests - test1Sachin Prabhu2019-04-191-0/+213
| | | | | | | | Test to check if lease breaks are sent by the server as expected. Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-torture: Add oplock break retry tests - test2Sachin Prabhu2019-04-191-0/+256
| | | | | | | | | | | | | | | | Test to see if oplock break retries are sent by the server. Also checks to see if new channels can be created and used after an oplock break retry. The test by default blocks channels by ignoring incoming lease break requests on that channel. This does not work when testing against a windows server. Use --option=torture:use_iptables=true to use iptables to block ports instead when testing against windows servers. Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-torture: Add oplock break retry tests - test1Sachin Prabhu2019-04-191-0/+220
| | | | | | | | Test to confirm that server sends oplock breaks as expected. Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org>
View Lorry Controller Status