The branch, v4-8-test has been updated
via 98fb60b s3:modules: fix the build of vfs_aixacl2.c
via 74da4c8 ldb/tests: avoid 'return void_function();' which isn't
portable
via 8c0a598 lib/crypto: avoid 'return void_function();' which isn't
portable
via 08d5ade s3:modules: make virusfilter_io_connect_path() more portable
via deb624c s3:modules: fix the picky-developer build of
vfs_virusfilter.c on FreeBSD 11
via bade8dc vfs_virusfilter: Fix CID 1428738 Macro compares unsigned to 0
via 932bdb2 vfs_virusfilter: Fix CID 1428740 Macro compares unsigned to 0
via c703cfb vfs_virusfilter: Fix CID 1428739 Buffer not null terminated
via 9e1b535 nsswitch: fix the developer build of nsswitch/wins.c on
freebsd 11
via f0aa869 nsswitch: add some const to _nss_winbind_initgroups_dyn()
prototype
via 5cc7432 nsswitch: maintain prototypes for the linux based functions
only once
via 63d9b53 lib/replace: define __[u]intptr_t_defined if we prove an
replacement
via f11278f s3:passdb: Do not return OK if we don't have pinfo set up
via cd2cc69 lib/util: remove unused '#include <sys/syscall.h>' from
tests/tfork.c
via f8abea5 winbindd: add retry to _winbind_SendToSam
via 71eb2d9 winbindd: add retry to
_winbind_DsrUpdateReadOnlyServerDnsRecords
via ce6357b winbindd: add retry to _wbint_DsGetDcName
via f9ccb90 winbindd: add retry to _wbint_LookupSids()
via 6e1018e winbindd: use reset_cm_connection_on_error() instead of
dcerpc_binding_handle_is_connected()
via 5bf61b0 winbindd: fix logic calling
dcerpc_binding_handle_is_connected()
via c4fd5a3 winbindd: call dcerpc_binding_handle_is_connected() from
reset_cm_connection_on_error()
via cde7022 winbindd: force netlogon reauth for certain errors in
reset_cm_connection_on_error()
via 7d9aa1d winbindd: call reset_cm_connection_on_error() from
reconnect_need_retry()
via 4d2968c winbindd: make reset_cm_connection_on_error() public
via 5c701c4 winbindd: check for NT_STATUS_IO_DEVICE_ERROR in
reset_cm_connection_on_error()
via 586a0ff winbindd: add and use ldap_reconnect_need_retry() in
winbindd_reconnect_ads.c
via 1e60ca5 winbind: Keep "force_reauth" in invalidate_cm_connection
via ad0b42a winbind: Add smbcontrol disconnect-dc
via ade0d54 utils: Add destroy_netlogon_creds_cli
from c45c96e smbclient: Handle ENUM_DIR in "notify" command
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-8-test
- Log -----------------------------------------------------------------
commit 98fb60b1ee32406a0705a831dd2207efca5160e8
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Mar 21 07:48:16 2018 +0100
s3:modules: fix the build of vfs_aixacl2.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13345
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Björn Jacke <bja...@samba.org>
Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(master): Tue Apr 3 20:18:58 CEST 2018 on sn-devel-144
(cherry picked from commit 702665cc52d5dc05ae636519e1ffe9c296f5ef77)
Autobuild-User(v4-8-test): Karolin Seeger <ksee...@samba.org>
Autobuild-Date(v4-8-test): Fri Apr 20 16:53:16 CEST 2018 on sn-devel-144
commit 74da4c879a1db1bd9ebac9df9bcfee00fa762015
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Mar 21 07:33:16 2018 +0100
ldb/tests: avoid 'return void_function();' which isn't portable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Björn Jacke <bja...@samba.org>
(cherry picked from commit 666dda907b7f190b2dff1f2639bd2518240b9fb2)
commit 8c0a598b035295713ce0c2c0df444ac01b336b68
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Mar 21 07:33:16 2018 +0100
lib/crypto: avoid 'return void_function();' which isn't portable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Björn Jacke <bja...@samba.org>
(cherry picked from commit 7ae77db3b29ef08e1f74aa413049b995a598a5dd)
commit 08d5ade345c2a4d92512dfe1e3019ab54e5473b6
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Mar 21 07:25:11 2018 +0100
s3:modules: make virusfilter_io_connect_path() more portable
We have existing utility functions to prepare a socket.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Björn Jacke <bja...@samba.org>
(cherry picked from commit 74278a70389e2479d80ec5c88b01a09c141e8d39)
commit deb624c8939fbd4a41b690ec410caa377ddf0bfd
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Mar 20 12:10:01 2018 +0100
s3:modules: fix the picky-developer build of vfs_virusfilter.c on FreeBSD 11
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Björn Jacke <bja...@samba.org>
(cherry picked from commit fb7b67af984812784756574df4f0fb55d472181b)
commit bade8dc3ccd1be5dba7d1dd61081a0763f770715
Author: Volker Lendecke <v...@samba.org>
Date: Tue Jan 30 12:37:30 2018 +0100
vfs_virusfilter: Fix CID 1428738 Macro compares unsigned to 0
vsnprintf returns "int" and not "size_t"
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
Autobuild-User(master): Jeremy Allison <j...@samba.org>
Autobuild-Date(master): Wed Jan 31 05:28:48 CET 2018 on sn-devel-144
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
(cherry picked from commit 21eb5169f46b8d819a5d5d028baff581e4e63de6)
commit 932bdb2052d21b70ecb6e473a7174c9cb3acad21
Author: Volker Lendecke <v...@samba.org>
Date: Tue Jan 30 12:36:14 2018 +0100
vfs_virusfilter: Fix CID 1428740 Macro compares unsigned to 0
vsnprintf returns "int" and not "size_t"
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
(cherry picked from commit 734404bbe911fd4aa6565b2a2aaecab4fbbf3c45)
commit c703cfb4c1cbeae9827594f59a2e02f78eafd101
Author: Volker Lendecke <v...@samba.org>
Date: Tue Jan 30 12:34:11 2018 +0100
vfs_virusfilter: Fix CID 1428739 Buffer not null terminated
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13343
(cherry picked from commit 8a4409c956bdbe5d928e685b7c219566d467a627)
commit 9e1b535d10b1cc3d8aa1fffa4cd33bba4d97a009
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Oct 21 14:15:12 2017 +0200
nsswitch: fix the developer build of nsswitch/wins.c on freebsd 11
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Björn Jacke <bja...@samba.org>
(cherry picked from commit dc160247d13e2c63574a7e7ec7720fc4c690483b)
commit f0aa869b1b2f136d046a8d22634cbc77bbb2d14a
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Oct 21 14:14:34 2017 +0200
nsswitch: add some const to _nss_winbind_initgroups_dyn() prototype
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Björn Jacke <bja...@samba.org>
(cherry picked from commit d5be3b3279162005d9ebea2eda71d455e4c48739)
commit 5cc7432b1d160c9406e093792b9e3cd310318b2c
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Oct 21 14:08:15 2017 +0200
nsswitch: maintain prototypes for the linux based functions only once
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Björn Jacke <bja...@samba.org>
(cherry picked from commit b8c30abb02f461f16af4da83eecd173993974dc1)
commit 63d9b5323d74eada4ba2cd7b9aa1819e1b38779e
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Mar 20 21:46:12 2018 +0100
lib/replace: define __[u]intptr_t_defined if we prove an replacement
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13344
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Björn Jacke <bja...@samba.org>
(cherry picked from commit 329a229af3c3c9475b9254ca68c413ec18fa3b71)
commit f11278fa9b9a91f2b6f73138a774034eb6048079
Author: Andreas Schneider <a...@samba.org>
Date: Tue Apr 17 08:55:23 2018 +0200
s3:passdb: Do not return OK if we don't have pinfo set up
This prevents a crash in fill_mem_keytab_from_secrets()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13376
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
(cherry picked from commit 99859479fc6e12b2f74ce2dfa83da56d8b8f3d26)
commit cd2cc69eb46e561155856355c513b3acdb6af9dc
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Mar 20 16:49:30 2018 +0100
lib/util: remove unused '#include <sys/syscall.h>' from tests/tfork.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13342
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit f2ff61ce9e8ab56d8a69fce29c9f214d5d98f89e)
commit f8abea57ec7c143cf793f502793a411f5cdd17f1
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 19:54:37 2018 +0100
winbindd: add retry to _winbind_SendToSam
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Autobuild-User(master): Ralph Böhme <s...@samba.org>
Autobuild-Date(master): Thu Mar 15 20:57:44 CET 2018 on sn-devel-144
(cherry picked from commit c37fbfcb248e5a8d6088a28eb0c1a62423f94502)
commit 71eb2d9c2a41cf40e084f2e4ce98c56211ae1382
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 19:53:53 2018 +0100
winbindd: add retry to _winbind_DsrUpdateReadOnlyServerDnsRecords
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit e608f058b8f2d2295e24498daa35852de3212b23)
commit ce6357b678dc0f16fc661a543a5298ddf17eac70
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 19:53:26 2018 +0100
winbindd: add retry to _wbint_DsGetDcName
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit fcf8edf9b8cdf5f3897c1a63ed97c302a231742f)
commit f9ccb90f2322529af882d244111728df66661010
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 17:09:34 2018 +0100
winbindd: add retry to _wbint_LookupSids()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit c2cd2d3f3137e27cd6e4cabd34f27b49251f078d)
commit 6e1018e5887031a011d34cb2817c6818fbd7036c
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 16:53:49 2018 +0100
winbindd: use reset_cm_connection_on_error() instead of
dcerpc_binding_handle_is_connected()
This catches more errors and triggers retry as appropriate.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit 6244a2beb184de8d050389e304f087ef153d61dd)
commit 5bf61b01164afec5678818cdfd5e1980ddc37acc
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 16:15:02 2018 +0100
winbindd: fix logic calling dcerpc_binding_handle_is_connected()
The calls were missing the negation operator, a retry should be
attempted is the binding handle got somehow disconnected behind the
scenes and is NOT connected.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit 08718af36f3ed6cf2308beb3800abfb0414f94b9)
commit c4fd5a390dfb6dbc4def7de110102008a765db85
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 16:11:37 2018 +0100
winbindd: call dcerpc_binding_handle_is_connected() from
reset_cm_connection_on_error()
To consolidate the error handling for RPC calls, add the binding handle
as an additional argument to reset_cm_connection_on_error().
All callers pass NULL for now, so no change in behaviour up to here.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit 966ff3793a867a5ffe1a49e48c8ab3ecb02f8359)
commit cde7022ccb868d0139f1104729a0f2c4db5ff740
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 13:39:59 2018 +0100
winbindd: force netlogon reauth for certain errors in
reset_cm_connection_on_error()
NT_STATUS_RPC_SEC_PKG_ERROR is returned by the server if the server
doesn't know the server-side netlogon credentials anymore, eg after a
reboot. If this happens we must force a full netlogon reauth.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <v...@samba.org>
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
(cherry picked from commit 2d1f00cc3ad77bed4e810dc910979e6cdf582216)
commit 7d9aa1d560f9e061665a67c6fe8fc0fea357ca17
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 12:20:04 2018 +0100
winbindd: call reset_cm_connection_on_error() from reconnect_need_retry()
This ensures we use the same disconnect logic in the reconnect backend,
which calls reconnect_need_retry(), and in the dual_srv frontend which
calls reset_cm_connection_on_error.
Both reset_cm_connection_on_error() and reconnect_need_retry() are very
similar, both return a bool indicating whether a retry should be
attempted, unfortunately the functions have a different default return,
so I don't dare unifying them, but instead just call one from the other.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit 2837b796af3e491b6bb34bd441758ae214f629ee)
commit 4d2968cb1513c54ce5eca7f1ef43fe0e8dd77f41
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 11:29:22 2018 +0100
winbindd: make reset_cm_connection_on_error() public
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit 17749a5d9fa08da1c61de45728656a2c9b85782d)
commit 5c701c461676a37b57f6b628e3729e8366699dda
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 11:12:34 2018 +0100
winbindd: check for NT_STATUS_IO_DEVICE_ERROR in
reset_cm_connection_on_error()
reconnect_need_retry() already checks for this error, it surfaces up
from tstream_smbXcli_np as a mapping for EIO.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit a33c1d25e0422483c903001dd246626f84c4cbc1)
commit 586a0ff38fa43ee837d10c982a480449d53ba88d
Author: Ralph Boehme <s...@samba.org>
Date: Mon Mar 12 13:30:01 2018 +0100
winbindd: add and use ldap_reconnect_need_retry() in
winbindd_reconnect_ads.c
ldap_reconnect_need_retry() is a copy of reconnect_need_retry() minus
the RPC connection invalidation.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit a8d5e4d36768bc199c631626488b2d0acbd6e91a)
commit 1e60ca513b5c46ba2cd28a70237719eb0b32c6fe
Author: Volker Lendecke <v...@samba.org>
Date: Wed Feb 28 15:09:28 2018 +0000
winbind: Keep "force_reauth" in invalidate_cm_connection
Right now I don't see a way to actually force a re-serverauth
from the client side as long as an entry in netlogon_creds_cli.tdb
exists. cm_connect_netlogon goes through invalidate_cm_connection, and
this wipes our wish to force a reauthenticatoin. Keep this intact until
we actually did reauthenticate.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
(cherry picked from commit 4b7a9d560a51b51ac88f30276c87edc097b00d0b)
commit ad0b42ae90e8409133227666bb6cb0972cf96d44
Author: Volker Lendecke <v...@samba.org>
Date: Wed Feb 28 15:08:44 2018 +0000
winbind: Add smbcontrol disconnect-dc
Make a winbind child drop all DC connections
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(backported from commit 0af88b98e7e1bba14827305257e77b63dc82d902)
commit ade0d54563fd11f1ca4cbae7d9550504b24473c7
Author: Volker Lendecke <v...@samba.org>
Date: Wed Feb 28 07:59:08 2018 +0000
utils: Add destroy_netlogon_creds_cli
This is a pure testing utility that will garble the netlogon_creds_cli
session_key. This creates a similar effect to our schannel credentials
as does a domain controller reboot.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13332
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
(cherry picked from commit bffae41842fe218959fe6f8b43df694feec1589c)
-----------------------------------------------------------------------
Summary of changes:
lib/crypto/aes.c | 10 +-
lib/ldb/tests/ldb_mod_op_test.c | 8 +-
lib/replace/replace.h | 2 +
lib/util/tests/tfork.c | 1 -
librpc/idl/messaging.idl | 1 +
nsswitch/winbind_nss.h | 6 ++
nsswitch/winbind_nss_freebsd.c | 19 ----
nsswitch/winbind_nss_linux.c | 24 +----
nsswitch/winbind_nss_linux.h | 24 ++++-
nsswitch/winbind_nss_netbsd.c | 26 ------
nsswitch/winbind_nss_solaris.h | 26 ------
nsswitch/wins.c | 2 +-
source3/modules/vfs_aixacl2.c | 5 +-
source3/modules/vfs_virusfilter.c | 5 +-
source3/modules/vfs_virusfilter_utils.c | 43 +++++----
source3/passdb/machine_account_secrets.c | 2 +-
source3/utils/destroy_netlogon_creds_cli.c | 137 +++++++++++++++++++++++++++
source3/utils/smbcontrol.c | 14 +++
source3/utils/wscript_build | 9 ++
source3/winbindd/winbindd.c | 4 +
source3/winbindd/winbindd_cm.c | 18 +++-
source3/winbindd/winbindd_dual.c | 21 ++++-
source3/winbindd/winbindd_dual_srv.c | 144 ++++++++++++++++++-----------
source3/winbindd/winbindd_proto.h | 15 +++
source3/winbindd/winbindd_reconnect.c | 8 +-
source3/winbindd/winbindd_reconnect_ads.c | 58 ++++++++++--
26 files changed, 434 insertions(+), 198 deletions(-)
create mode 100644 source3/utils/destroy_netlogon_creds_cli.c
Changeset truncated at 500 lines:
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index d16d715..4ff019a 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -236,18 +236,20 @@ void
AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
{
if (has_intel_aes_instructions()) {
- return AES_encrypt_aesni(in, out, key);
+ AES_encrypt_aesni(in, out, key);
+ return;
}
- return AES_encrypt_rj(in, out, key);
+ AES_encrypt_rj(in, out, key);
}
void
AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
{
if (has_intel_aes_instructions()) {
- return AES_decrypt_aesni(in, out, key);
+ AES_decrypt_aesni(in, out, key);
+ return;
}
- return AES_decrypt_rj(in, out, key);
+ AES_decrypt_rj(in, out, key);
}
#endif /* SAMBA_RIJNDAEL */
diff --git a/lib/ldb/tests/ldb_mod_op_test.c b/lib/ldb/tests/ldb_mod_op_test.c
index 766ca79..0f8642d 100644
--- a/lib/ldb/tests/ldb_mod_op_test.c
+++ b/lib/ldb/tests/ldb_mod_op_test.c
@@ -1914,22 +1914,22 @@ static void test_ldb_modify_during_search(void **state,
bool add_index,
static void test_ldb_modify_during_indexed_search(void **state)
{
- return test_ldb_modify_during_search(state, true, false);
+ test_ldb_modify_during_search(state, true, false);
}
static void test_ldb_modify_during_unindexed_search(void **state)
{
- return test_ldb_modify_during_search(state, false, false);
+ test_ldb_modify_during_search(state, false, false);
}
static void test_ldb_rename_during_indexed_search(void **state)
{
- return test_ldb_modify_during_search(state, true, true);
+ test_ldb_modify_during_search(state, true, true);
}
static void test_ldb_rename_during_unindexed_search(void **state)
{
- return test_ldb_modify_during_search(state, false, true);
+ test_ldb_modify_during_search(state, false, true);
}
/*
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index 128978c..3304cda 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -691,10 +691,12 @@ typedef int bool;
#if !defined(HAVE_INTPTR_T)
typedef long long intptr_t ;
+#define __intptr_t_defined
#endif
#if !defined(HAVE_UINTPTR_T)
typedef unsigned long long uintptr_t ;
+#define __uintptr_t_defined
#endif
#if !defined(HAVE_PTRDIFF_T)
diff --git a/lib/util/tests/tfork.c b/lib/util/tests/tfork.c
index bf642fe..9bcdc2f 100644
--- a/lib/util/tests/tfork.c
+++ b/lib/util/tests/tfork.c
@@ -32,7 +32,6 @@
#include "lib/util/sys_rw.h"
#ifdef HAVE_PTHREAD
#include <pthread.h>
-#include <sys/syscall.h>
#endif
static bool test_tfork_simple(struct torture_context *tctx)
diff --git a/librpc/idl/messaging.idl b/librpc/idl/messaging.idl
index b35f1e1..4bce820 100644
--- a/librpc/idl/messaging.idl
+++ b/librpc/idl/messaging.idl
@@ -124,6 +124,7 @@ interface messaging
MSG_WINBIND_DOMAIN_ONLINE = 0x040B,
MSG_WINBIND_DOMAIN_OFFLINE = 0x040C,
MSG_WINBIND_RELOAD_TRUSTED_DOMAINS = 0x040D,
+ MSG_WINBIND_DISCONNECT_DC = 0x040E,
/* event messages */
MSG_DUMP_EVENT_LIST = 0x0500,
diff --git a/nsswitch/winbind_nss.h b/nsswitch/winbind_nss.h
index 05e07ad..e98a961 100644
--- a/nsswitch/winbind_nss.h
+++ b/nsswitch/winbind_nss.h
@@ -30,6 +30,7 @@
*/
#include "nsswitch/winbind_nss_solaris.h"
+#include "nsswitch/winbind_nss_linux.h"
#elif HAVE_NSS_H
@@ -37,6 +38,10 @@
* Linux (glibc)
*/
+#include <nss.h>
+
+typedef enum nss_status NSS_STATUS;
+
#include "nsswitch/winbind_nss_linux.h"
#elif HAVE_NS_API_H
@@ -60,6 +65,7 @@
*/
#include "nsswitch/winbind_nss_netbsd.h"
+#include "nsswitch/winbind_nss_linux.h"
#else /* Nothing's defined. Neither gnu nor netbsd nor sun nor hp */
diff --git a/nsswitch/winbind_nss_freebsd.c b/nsswitch/winbind_nss_freebsd.c
index e283872..f424adb 100644
--- a/nsswitch/winbind_nss_freebsd.c
+++ b/nsswitch/winbind_nss_freebsd.c
@@ -24,25 +24,6 @@
#include "winbind_client.h"
/* Make sure that the module gets registered needed by freebsd 5.1 */
-extern enum nss_status _nss_winbind_getgrent_r(struct group *, char *, size_t,
- int *);
-extern enum nss_status _nss_winbind_getgrnam_r(const char *, struct group *,
- char *, size_t, int *);
-extern enum nss_status _nss_winbind_getgrgid_r(gid_t gid, struct group *, char
*,
- size_t, int *);
-extern enum nss_status _nss_winbind_setgrent(void);
-extern enum nss_status _nss_winbind_endgrent(void);
-extern enum nss_status _nss_winbind_initgroups_dyn(char *, gid_t, long int *,
- long int *, gid_t **, long int , int *);
-
-extern enum nss_status _nss_winbind_getpwent_r(struct passwd *, char *, size_t,
- int *);
-extern enum nss_status _nss_winbind_getpwnam_r(const char *, struct passwd *,
- char *, size_t, int *);
-extern enum nss_status _nss_winbind_getpwuid_r(gid_t gid, struct passwd *,
char *,
- size_t, int *);
-extern enum nss_status _nss_winbind_setpwent(void);
-extern enum nss_status _nss_winbind_endpwent(void);
ns_mtab *nss_module_register(const char *, unsigned int *,
nss_module_unregister_fn *);
NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r);
diff --git a/nsswitch/winbind_nss_linux.c b/nsswitch/winbind_nss_linux.c
index b5c50ef..442c06e 100644
--- a/nsswitch/winbind_nss_linux.c
+++ b/nsswitch/winbind_nss_linux.c
@@ -36,28 +36,6 @@ static pthread_mutex_t winbind_nss_mutex =
PTHREAD_MUTEX_INITIALIZER;
#define MAX_GETPWENT_USERS 250
#define MAX_GETGRENT_USERS 250
-NSS_STATUS _nss_winbind_setpwent(void);
-NSS_STATUS _nss_winbind_endpwent(void);
-NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
- char *buffer, size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result,
- char *buffer, size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_setgrent(void);
-NSS_STATUS _nss_winbind_endgrent(void);
-NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result,
- char *buffer, size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char
*buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int
*start,
- long int *size, gid_t **groups,
- long int limit, int *errnop);
-
/*************************************************************************
************************************************************************/
@@ -1046,7 +1024,7 @@ _nss_winbind_getgrgid_r(gid_t gid,
/* Initialise supplementary groups */
NSS_STATUS
-_nss_winbind_initgroups_dyn(char *user, gid_t group, long int *start,
+_nss_winbind_initgroups_dyn(const char *user, gid_t group, long int *start,
long int *size, gid_t **groups, long int limit,
int *errnop)
{
diff --git a/nsswitch/winbind_nss_linux.h b/nsswitch/winbind_nss_linux.h
index db5a378..d18799e 100644
--- a/nsswitch/winbind_nss_linux.h
+++ b/nsswitch/winbind_nss_linux.h
@@ -22,8 +22,26 @@
#ifndef _WINBIND_NSS_LINUX_H
#define _WINBIND_NSS_LINUX_H
-#include <nss.h>
-
-typedef enum nss_status NSS_STATUS;
+NSS_STATUS _nss_winbind_setpwent(void);
+NSS_STATUS _nss_winbind_endpwent(void);
+NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
+ size_t buflen, int *errnop);
+NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
+ char *buffer, size_t buflen, int *errnop);
+NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result,
+ char *buffer, size_t buflen, int *errnop);
+NSS_STATUS _nss_winbind_setgrent(void);
+NSS_STATUS _nss_winbind_endgrent(void);
+NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer,
+ size_t buflen, int *errnop);
+NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer,
+ size_t buflen, int *errnop);
+NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result,
+ char *buffer, size_t buflen, int *errnop);
+NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char
*buffer,
+ size_t buflen, int *errnop);
+NSS_STATUS _nss_winbind_initgroups_dyn(const char *user, gid_t group, long int
*start,
+ long int *size, gid_t **groups,
+ long int limit, int *errnop);
#endif /* _WINBIND_NSS_LINUX_H */
diff --git a/nsswitch/winbind_nss_netbsd.c b/nsswitch/winbind_nss_netbsd.c
index d3a558c..4edf64c 100644
--- a/nsswitch/winbind_nss_netbsd.c
+++ b/nsswitch/winbind_nss_netbsd.c
@@ -38,32 +38,6 @@
static struct group _winbind_group;
static char _winbind_groupbuf[1024];
-/*
- * We need a proper prototype for this :-)
- */
-
-NSS_STATUS _nss_winbind_setpwent(void);
-NSS_STATUS _nss_winbind_endpwent(void);
-NSS_STATUS _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
- char *buffer, size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getpwnam_r(const char *name, struct passwd *result,
- char *buffer, size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_setgrent(void);
-NSS_STATUS _nss_winbind_endgrent(void);
-NSS_STATUS _nss_winbind_getgrent_r(struct group *result, char *buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getgrlst_r(struct group *result, char *buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getgrnam_r(const char *name, struct group *result,
- char *buffer, size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid, struct group *result, char
*buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int
*start,
- long int *size, gid_t **groups,
- long int limit, int *errnop);
-
int
netbsdwinbind_endgrent(void *nsrv, void *nscb, va_list ap)
{
diff --git a/nsswitch/winbind_nss_solaris.h b/nsswitch/winbind_nss_solaris.h
index f0cc099..8e26d0d 100644
--- a/nsswitch/winbind_nss_solaris.h
+++ b/nsswitch/winbind_nss_solaris.h
@@ -34,30 +34,4 @@ typedef nss_status_t NSS_STATUS;
#define NSS_STATUS_UNAVAIL NSS_UNAVAIL
#define NSS_STATUS_TRYAGAIN NSS_TRYAGAIN
-/* The solaris winbind is implemented as a wrapper around the linux
- version. */
-
-NSS_STATUS _nss_winbind_setpwent(void);
-NSS_STATUS _nss_winbind_endpwent(void);
-NSS_STATUS _nss_winbind_getpwent_r(struct passwd* result, char* buffer,
- size_t buflen, int* errnop);
-NSS_STATUS _nss_winbind_getpwuid_r(uid_t, struct passwd*, char* buffer,
- size_t buflen, int* errnop);
-NSS_STATUS _nss_winbind_getpwnam_r(const char* name, struct passwd* result,
- char* buffer, size_t buflen, int* errnop);
-
-NSS_STATUS _nss_winbind_setgrent(void);
-NSS_STATUS _nss_winbind_endgrent(void);
-NSS_STATUS _nss_winbind_getgrent_r(struct group* result, char* buffer,
- size_t buflen, int* errnop);
-NSS_STATUS _nss_winbind_getgrnam_r(const char *name,
- struct group *result, char *buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_getgrgid_r(gid_t gid,
- struct group *result, char *buffer,
- size_t buflen, int *errnop);
-NSS_STATUS _nss_winbind_initgroups_dyn(char *user, gid_t group, long int
*start,
- long int *size, gid_t **groups,
- long int limit, int *errnop);
-
#endif /* _WINBIND_NSS_SOLARIS_H */
diff --git a/nsswitch/wins.c b/nsswitch/wins.c
index 19d3c5b..72055f0 100644
--- a/nsswitch/wins.c
+++ b/nsswitch/wins.c
@@ -19,7 +19,7 @@
*/
#include "includes.h"
-#include "nsswitch/winbind_nss.h"
+#include "nsswitch/winbind_client.h"
#include "nsswitch/libwbclient/wbclient.h"
#ifdef HAVE_NS_API_H
diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c
index d0cd2c1..e094be1 100644
--- a/source3/modules/vfs_aixacl2.c
+++ b/source3/modules/vfs_aixacl2.c
@@ -476,7 +476,8 @@ int aixjfs2_sys_acl_set_file(vfs_handle_struct *handle,
acl_type_t acl_type_info;
int rc;
- DEBUG(10, ("aixjfs2_sys_acl_set_file invoked for %s", name));
+ DEBUG(10, ("aixjfs2_sys_acl_set_file invoked for %s",
+ smb_fname->base_name));
rc = aixjfs2_query_acl_support((char *)smb_fname->base_name,
ACL_AIXC, &acl_type_info);
@@ -490,7 +491,7 @@ int aixjfs2_sys_acl_set_file(vfs_handle_struct *handle,
return -1;
rc = aclx_put(
- (char *)name,
+ (char *)smb_fname->base_name,
SET_ACL, /* set only the ACL, not mode bits */
acl_type_info,
acl_aixc,
diff --git a/source3/modules/vfs_virusfilter.c
b/source3/modules/vfs_virusfilter.c
index 571073f..7ae5a96 100644
--- a/source3/modules/vfs_virusfilter.c
+++ b/source3/modules/vfs_virusfilter.c
@@ -275,8 +275,9 @@ static int virusfilter_vfs_connect(
temp_quarantine_dir_mode = lp_parm_const_string(
snum, "virusfilter", "quarantine directory mode", "0755");
if (temp_quarantine_dir_mode != NULL) {
- sscanf(temp_quarantine_dir_mode, "%o",
- &config->quarantine_dir_mode);
+ unsigned int mode = 0;
+ sscanf(temp_quarantine_dir_mode, "%o", &mode);
+ config->quarantine_dir_mode = mode;
}
config->quarantine_prefix = lp_parm_const_string(
diff --git a/source3/modules/vfs_virusfilter_utils.c
b/source3/modules/vfs_virusfilter_utils.c
index 628e0ae..f56fc6e 100644
--- a/source3/modules/vfs_virusfilter_utils.c
+++ b/source3/modules/vfs_virusfilter_utils.c
@@ -147,11 +147,18 @@ bool virusfilter_io_connect_path(
{
struct sockaddr_un addr;
NTSTATUS status;
- int socket, bes_result, flags, ret;
+ int socket, ret;
+ size_t len;
+ bool ok;
ZERO_STRUCT(addr);
addr.sun_family = AF_UNIX;
- strncpy(addr.sun_path, path, sizeof(addr.sun_path));
+
+ len = strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
+ if (len >= sizeof(addr.sun_path)) {
+ io_h->stream = NULL;
+ return false;
+ }
status = open_socket_out((struct sockaddr_storage *)&addr, 0,
io_h->connect_timeout,
@@ -162,23 +169,23 @@ bool virusfilter_io_connect_path(
}
/* We must not block */
- flags = fcntl(socket, F_GETFL);
- if (flags <= 0) {
- /* Handle error by ignoring */;
- flags = 0;
- DBG_WARNING("Could not get flags on socket (%s).\n",
- strerror(errno));
- }
- flags |= SOCK_NONBLOCK;
- ret = fcntl(socket, F_SETFL, flags);
+ ret = set_blocking(socket, false);
if (ret == -1) {
- /* Handle error by ignoring for now */
- DBG_WARNING("Could not set flags on socket: %s.\n",
- strerror(errno));
+ close(socket);
+ io_h->stream = NULL;
+ return false;
}
- bes_result = tstream_bsd_existing_socket(io_h, socket, &io_h->stream);
- if (bes_result < 0) {
+ ok = smb_set_close_on_exec(socket);
+ if (!ok) {
+ close(socket);
+ io_h->stream = NULL;
+ return false;
+ }
+
+ ret = tstream_bsd_existing_socket(io_h, socket, &io_h->stream);
+ if (ret == -1) {
+ close(socket);
DBG_ERR("Could not convert socket to tstream: %s.\n",
strerror(errno));
io_h->stream = NULL;
@@ -389,7 +396,7 @@ bool virusfilter_io_writefl(
{
va_list ap;
char data[VIRUSFILTER_IO_BUFFER_SIZE + VIRUSFILTER_IO_EOL_SIZE];
- size_t data_size;
+ int data_size;
va_start(ap, data_fmt);
data_size = vsnprintf(data, VIRUSFILTER_IO_BUFFER_SIZE, data_fmt, ap);
@@ -411,7 +418,7 @@ bool virusfilter_io_vwritefl(
const char *data_fmt, va_list ap)
{
char data[VIRUSFILTER_IO_BUFFER_SIZE + VIRUSFILTER_IO_EOL_SIZE];
- size_t data_size;
+ int data_size;
data_size = vsnprintf(data, VIRUSFILTER_IO_BUFFER_SIZE, data_fmt, ap);
diff --git a/source3/passdb/machine_account_secrets.c
b/source3/passdb/machine_account_secrets.c
index 40511f9..94a7e21 100644
--- a/source3/passdb/machine_account_secrets.c
+++ b/source3/passdb/machine_account_secrets.c
@@ -1317,7 +1317,7 @@ NTSTATUS secrets_fetch_or_upgrade_domain_info(const char
*domain,
last_set_time = secrets_fetch_pass_last_set_time(domain);
if (last_set_time == 0) {
- return NT_STATUS_OK;
+ return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
unix_to_nt_time(&last_set_nt, last_set_time);
diff --git a/source3/utils/destroy_netlogon_creds_cli.c
b/source3/utils/destroy_netlogon_creds_cli.c
new file mode 100644
index 0000000..137ac83
--- /dev/null
+++ b/source3/utils/destroy_netlogon_creds_cli.c
@@ -0,0 +1,137 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * Garble the netlogon_creds_cli key for testing purposes
+ * Copyright (C) Volker Lendecke 2018
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+#include "system/filesys.h"
+#include <talloc.h>
+#include <tevent.h>
+#include "messages.h"
+#include "lib/util/talloc_stack.h"
+#include "popt_common.h"
+#include "lib/param/loadparm.h"
+#include "lib/param/param.h"
+#include "libcli/auth/netlogon_creds_cli.h"
+#include "lib/dbwrap/dbwrap.h"
+#include "lib/dbwrap/dbwrap_open.h"
+
+int main(int argc, const char *argv[])
+{
+ TALLOC_CTX *mem_ctx = talloc_stackframe();
+ struct tevent_context *ev;
+ struct messaging_context *msg_ctx;
+ struct loadparm_context *lp_ctx;
--
Samba Shared Repository
