[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Mon Jun 21 00:11:02 UTC 2021
The branch, master has been updated
via 84de4eb19e5 WHATSNEW: Improved cmdline user experience
via 18eabaf34f6 lib:cmdline: Improve doxygen documentation
via 69368d8aca3 docs-xml: Remove unused manpage entities
via fad6786e74e docs-xml: Update samba-tool manpage for option parser changes
via 36bb6686cb2 python: Streamline option parser of python tools
via 7f27bbd540b docs-xml: Use new cmdline entities for traffic_replay.7 manpage
via 84f7db5f677 docs-xml: Update winexe.1 manpage for new cmdline opition parser
via f4bf1b2f528 winexe: Some code cleanup and fixes
via 32a71e50b49 winexe: Use the new cmdline option parser
via 9f514b37fbe s4:lib: Remove obsolete popt cmdline parser
via a8052d70cbb librpc:tools: Migrate ndrdump to new cmdline option parser
via 70a09d2cee7 librpc:tools: Remove '-l' which conflicts with '-l|--log-basename'
via 212038bbc6f docs-xml: Update wbinfo.1 manpage for new cmdline opition parser
via 387bb56bcdf nsswitch: Migrate wbinfo to new cmdline option parser
via 2e520feace8 libcli:nbt: Migrate nmblookup4 to new cmdline option parser
via 91c8c480f6f s4:utils: Migrate oLschema2ldif to new cmdline option parser
via 12ba3d9d8f2 s4:registry: Migrate regpatch to new cmdline option parser
via 8123c90edc0 s4:registry: Migrate regtree to new cmdline option parser
via bd52627e5bf s4:registry: Migrate regdiff to new cmdline option parser
via 4982beaabc6 s4:registry: Migrate regshell to new cmdline option parser
via 2af06390c3a dsdb periodic: DNS: split aging from tombstone deletion
via 020c76a523a dns scavenging: add an explanatory comment
via 3dd5ae46c91 dns scavenging: ensure tombstoned node has one record
via f52ce9f954a dns scavenging: avoid leak in dns_tombstone_records
via ef7daa51d88 dns scavenging: log tombstone inconsistency
via 9fb69274cab dns scavenging: tighten lifetime of filtered records
via 4a2bfd249d0 dns scavenging: avoid useless copy of msg
via 444b8178b86 dns scavenging: simplify copy_current_records
via 95e9da2fd7a dns scavenging: avoid passing blobs
via 2d98d733ab7 dns scavenging: ensure usual ownership of element values
via 2c6a0265f2b dns scavenging: avoid setting same flags twice
via 25be60a1cc4 dns scavenging: avoid another small memory leak
via 8f8eb92903c dns scavenging: avoid a small memory leak
via 546c64b3fcf dns scavenging: correctly set tombstome timestamp
via dbfbbd42976 dns scavenging: tombstone deletion uses correct time units
via bdd755a6795 pytest dns_aging: test tombstone timestamp ranges
via 16875db27e8 pytest: dns_aging: remove a test that fails on Windows
via 0c5dc26ddc0 pytest: dns_aging: add Samba-specific scavenging test
via b5c01f56f30 pytest: dns_aging: try queries of recently tombstoned nodes
via a7c0a17c48e pytest: dns_aging tests deletions using DNS update
via 3cee6c94109 pytest: dns_aging: remove/fix unused helper functions
via b1730288368 pytest: dns_aging: helper to get non-tombstoned records
via ad6d5a9c165 pytest: dns_aging: add helper for DNS delete updates
via 983955a2bc8 pytest: dns_aging: correct typo mis-assertions in 2 tests
via d7d4fd98be0 pytest: dns_aging: remind developers to use fl2003
via 0423b0b8844 pytest: dns_aging: use assert_timestamps_equal() widely
via 559384beb72 pytest: add A and AAAA aging tests
via 701e21ade91 pytest: adjust dns_aging to handle some non-TXT records
via c1504ae59bb pytests: dns_aging get informative assertions
from c09a56ea203 python:tests: Fix group_edit test with system libldb
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 84de4eb19e5f72550fbef52e22ff7b063d735638
Author: Andreas Schneider <asn at samba.org>
Date: Thu Dec 17 15:58:27 2020 +0100
WHATSNEW: Improved cmdline user experience
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Jun 21 00:10:21 UTC 2021 on sn-devel-184
commit 18eabaf34f6d0d599c0e4b7eaa382258304f6a83
Author: Andreas Schneider <asn at samba.org>
Date: Tue May 11 09:13:51 2021 +0200
lib:cmdline: Improve doxygen documentation
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 69368d8aca353b9bc498ea2c347036e42100f671
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 7 12:31:10 2021 +0200
docs-xml: Remove unused manpage entities
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit fad6786e74e04f7068c0657d731def3c8f5d2d59
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 7 14:25:41 2021 +0200
docs-xml: Update samba-tool manpage for option parser changes
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 36bb6686cb23971844585f29ae5eb6bbe4b5a12b
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 7 14:16:52 2021 +0200
python: Streamline option parser of python tools
The python tools, especially samba-tool should have the same option set
as the rest of the client utils.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 7f27bbd540bbf05fae2611faeb1367259f407752
Author: Andreas Schneider <asn at samba.org>
Date: Thu Feb 11 14:46:18 2021 +0100
docs-xml: Use new cmdline entities for traffic_replay.7 manpage
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 84f7db5f6772360f97c36e55b4c6739190486cbd
Author: Andreas Schneider <asn at samba.org>
Date: Thu Feb 11 14:49:42 2021 +0100
docs-xml: Update winexe.1 manpage for new cmdline opition parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit f4bf1b2f528ee7c5a02686bc2c54f436ccd5dc60
Author: Andreas Schneider <asn at samba.org>
Date: Thu Apr 8 10:16:54 2021 +0200
winexe: Some code cleanup and fixes
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 32a71e50b49db2b06ea7a8a2b8aa0606b0455f1f
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 15 16:34:55 2021 +0100
winexe: Use the new cmdline option parser
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14616
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 9f514b37fbe5a87b78ecba9f0518ca791d6919b8
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 14 13:05:05 2021 +0100
s4:lib: Remove obsolete popt cmdline parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit a8052d70cbbef61a081fe74fd898b5c25c973875
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 14 11:03:12 2021 +0100
librpc:tools: Migrate ndrdump to new cmdline option parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 70a09d2cee776dc5a5e99d0bb682e92e90de3f8f
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 15 09:21:56 2021 +0100
librpc:tools: Remove '-l' which conflicts with '-l|--log-basename'
The common cmdline parser already provides '-l'.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 212038bbc6f1250bc55b346122c83439714a20a3
Author: Andreas Schneider <asn at samba.org>
Date: Thu Feb 11 14:35:40 2021 +0100
docs-xml: Update wbinfo.1 manpage for new cmdline opition parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 387bb56bcdf7701717c85595d535d979bc043c71
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 14 10:53:35 2021 +0100
nsswitch: Migrate wbinfo to new cmdline option parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2e520feace893411522bf02718dd91d12de91074
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 14 10:50:28 2021 +0100
libcli:nbt: Migrate nmblookup4 to new cmdline option parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 91c8c480f6f7b05cc86b55160b224cd489af95e4
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 14 10:43:33 2021 +0100
s4:utils: Migrate oLschema2ldif to new cmdline option parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 12ba3d9d8f2e480d92da16831e09af0d16709724
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 14 09:23:25 2021 +0100
s4:registry: Migrate regpatch to new cmdline option parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 8123c90edc07db16d3817c1f17ebc60779c77bda
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 14 09:15:57 2021 +0100
s4:registry: Migrate regtree to new cmdline option parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit bd52627e5bfd5a891b884eb03b4eb97159becc0a
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 14 08:59:34 2021 +0100
s4:registry: Migrate regdiff to new cmdline option parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4982beaabc6ede4c029619a314963473139eb81c
Author: Andreas Schneider <asn at samba.org>
Date: Fri Dec 18 14:25:32 2020 +0100
s4:registry: Migrate regshell to new cmdline option parser
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2af06390c3aea5eed1c469fde0b403e9b1f44292
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sat Apr 10 14:08:09 2021 +1200
dsdb periodic: DNS: split aging from tombstone deletion
We have been conflating two things (under the term "scavenging"):
1. aging out stale DNS records into tombstones, which only happens if
this feature is switched on in general and for the zone.
2. removing expired DNS tombstones, which should always happen
(because we tombstone nodes in *other* ways).
With this patch, we un-conflate.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 020c76a523a256e9f2494c9bd5d4ea3b822f33a8
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Apr 14 16:13:01 2021 +1200
dns scavenging: add an explanatory comment
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 3dd5ae46c91cc00db4809db9b2fadae4281a1feb
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sun Apr 11 23:39:24 2021 +1200
dns scavenging: ensure tombstoned node has one record
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit f52ce9f954afe155ee30ddfeedfcff777aae8492
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Tue Apr 13 16:31:10 2021 +1200
dns scavenging: avoid leak in dns_tombstone_records
As always, we forget to free our zones. Also to check our zones.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit ef7daa51d88271a3d57a3418e2f2cc5c14e0e819
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Fri Apr 9 17:50:59 2021 +1200
dns scavenging: log tombstone inconsistency
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 9fb69274cab58ddd12f4af2cbd3deb40e42ef4d6
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Jun 14 23:16:46 2021 +1200
dns scavenging: tighten lifetime of filtered records
We were ending up with everything lasting as long as
kccsrv_periodic_run(), which could add to quite a pile.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4a2bfd249d06e229b080cb6f50a68086a8aa1e52
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sun Apr 11 13:45:19 2021 +1200
dns scavenging: avoid useless copy of msg
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 444b8178b8652f6e5273879a7036b23fe0057b37
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Mar 29 13:09:30 2021 +1300
dns scavenging: simplify copy_current_records
We don't need to pull and push to make a byte identical copy of an ldb
value, nor do we need a temporary array.
As part of this, we avoid leaving a dangling el->num_values pointing
into space where there were no actually allocated values, which is not
how we do things, even briefly.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 95e9da2fd7ae46fc8b0947dc51447fe1ecac606f
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sun Apr 11 13:15:29 2021 +1200
dns scavenging: avoid passing blobs
We can construct these ldb values for each zone with minimal cost and
it is less bamboozling to do so.
While we're fiddling with signatures, we can make this used-once local
function static.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2d98d733ab7e782e454d19dbc92cab669d89bd58
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Mar 29 13:11:01 2021 +1300
dns scavenging: ensure usual ownership of element values
An ldb message, its elements, and their values usually all share a
little talloc sub-tree with each other and nobody else. It is
conceivable that somewhere we rely on that.
In this case we were sharing an out-of-subtree values array across
multiple messages, which seems to be asking for trouble.
Also, add a comment explaining what we want.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2c6a0265f2b577be485744edc5e8951f31d7ecfd
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Mar 29 13:10:50 2021 +1300
dns scavenging: avoid setting same flags twice
We already did this with db_msg_add_empty(), ~20 lines up.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 25be60a1cc4779eee5613e2b3540d29890299a92
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Apr 14 17:35:01 2021 +1200
dns scavenging: avoid another small memory leak
We weren't freeing the zones, which is admittedly tricky with the dlink
list.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 8f8eb92903c0bdafa98d88429d1580868d5605dc
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Tue Mar 30 11:25:36 2021 +1300
dns scavenging: avoid a small memory leak
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 546c64b3fcf22d7eea253dd46e73e767ec54cad7
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sat Mar 27 22:59:08 2021 +1300
dns scavenging: correctly set tombstome timestamp
In a DNS tombstone record, the dwTimestamp is, as always, uint32_t hours
since 1601, while the wType-switched .data.EntombedTime timestamp is NTTIME.
We had that wrong, putting the hours in both places.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit dbfbbd429766c1c8a161b8950fbed98c5cfbcc16
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Sat Jun 5 18:04:55 2021 +1200
dns scavenging: tombstone deletion uses correct time units
Before we were comparing hours to 1e-7 second units.
Now we do it both ways. That's because in dns_tombstone_records (in
this same file) we have been putting hour timestamps in EntombedTime,
but this field is supposed to have NTTIME timestamps, and those
timestamps won't have updated themselves.
This wouldn't matter much in pure Samba networks if we weren't also
using the correct timestamp in dns_common_replace().
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit bdd755a6795eec20f2ef5b91d7d9dfa4173f8aa3
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Jun 16 22:48:56 2021 +0000
pytest dns_aging: test tombstone timestamp ranges
We have always used hours where we are meant to use NTTIME. Let's make
sure we don't break old tombstones.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 16875db27e8f9df8c989321a12897a13c05b35c8
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Wed Jun 16 22:51:42 2021 +0000
pytest: dns_aging: remove a test that fails on Windows
This fails on Windows due to apparent races between the RPC, DNS, and
LDAP servers. There is no point having it sit there doing nothing.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 0c5dc26ddc0602c8d2eeb7599efd8a9e0f252ffe
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Jun 14 23:41:14 2021 +1200
pytest: dns_aging: add Samba-specific scavenging test
We can't make scavenging happen on demand on Windows, so we just
concentrate on Samba here.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit b5c01f56f30ca3e954c4a53011ef5aceb5b897bb
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Jun 14 23:41:07 2021 +1200
pytest: dns_aging: try queries of recently tombstoned nodes
Windows fails this one.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit a7c0a17c48ee259db2c225f9dc9e674e1d51aa5f
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Jun 14 23:39:53 2021 +1200
pytest: dns_aging tests deletions using DNS update
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 3cee6c94109c7db107d03a13ab8ab847f2c0eac1
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Jun 14 23:30:23 2021 +1200
pytest: dns_aging: remove/fix unused helper functions
self.rpc_delete_txt() will be used next commit.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit b1730288368ade0daef637aace47de64f2aa8442
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Jun 14 23:37:37 2021 +1200
pytest: dns_aging: helper to get non-tombstoned records
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit ad6d5a9c165fd887e2f79e398235f5225910fcff
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Jun 14 23:36:57 2021 +1200
pytest: dns_aging: add helper for DNS delete updates
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 983955a2bc810248726339deb63fbe9ebc783563
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Mon Jun 14 23:36:04 2021 +1200
pytest: dns_aging: correct typo mis-assertions in 2 tests
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit d7d4fd98be0c3c200442cd61bfd0d4c75619394e
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Fri Jun 11 17:31:54 2021 +1200
pytest: dns_aging: remind developers to use fl2003
By "developers", I of course mean "me".
Other environments insist on secure updates, which these tests don't
do.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 0423b0b88446ce4196b10414d885f6cf5921b9f1
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Thu Jun 10 23:31:09 2021 +0000
pytest: dns_aging: use assert_timestamps_equal() widely
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 559384beb7272f9d30fb20177d4b9f5292516bb6
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Thu Jun 10 23:30:19 2021 +0000
pytest: add A and AAAA aging tests
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 701e21ade9180507c24fb594d7a212d603b67a0e
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Thu Jun 10 23:29:15 2021 +0000
pytest: adjust dns_aging to handle some non-TXT records
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit c1504ae59bb251615673e686e517e2d0ea8bedad
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date: Thu Jun 10 11:58:43 2021 +1200
pytests: dns_aging get informative assertions
When trying to understand the results of these tests, it is not very
helpful to have messages like:
AssertionError: 3685511 != 3685343
when the only thing you want to know is the difference between these two
numbers. So here we make timestamp specific assertions.
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 62 +++
docs-xml/build/DTD/samba.entities | 359 +-----------
docs-xml/manpages/samba-tool.8.xml | 53 +-
docs-xml/manpages/traffic_replay.7.xml | 12 +-
docs-xml/manpages/wbinfo.1.xml | 4 +-
docs-xml/manpages/winexe.1.xml | 48 +-
examples/winexe/winexe.c | 149 ++---
examples/winexe/wscript_build | 2 +-
lib/cmdline/cmdline.h | 33 +-
libcli/nbt/tools/nmblookup.c | 50 +-
libcli/nbt/wscript_build | 2 +-
librpc/tools/ndrdump.c | 39 +-
librpc/tools/wscript_build | 2 +-
nsswitch/wbinfo.c | 13 +-
nsswitch/wscript_build | 2 +-
python/samba/getopt.py | 42 +-
python/samba/tests/blackbox/ndrdump.py | 64 +--
python/samba/tests/dns_aging.py | 849 +++++++++++++++++++++++------
python/samba/tests/get_opt.py | 35 +-
selftest/knownfail.d/dns-aging | 15 +
source4/dsdb/kcc/kcc_periodic.c | 45 +-
source4/dsdb/kcc/scavenge_dns_records.c | 319 ++++++-----
source4/dsdb/kcc/scavenge_dns_records.h | 7 -
source4/lib/cmdline/credentials.c | 54 --
source4/lib/cmdline/popt_common.c | 346 ------------
source4/lib/cmdline/popt_common.h | 47 --
source4/lib/cmdline/popt_credentials.c | 256 ---------
source4/lib/cmdline/wscript_build | 23 -
source4/lib/registry/tools/regdiff.c | 41 +-
source4/lib/registry/tools/regpatch.c | 54 +-
source4/lib/registry/tools/regshell.c | 78 ++-
source4/lib/registry/tools/regtree.c | 57 +-
source4/lib/registry/wscript_build | 8 +-
source4/torture/drs/python/drs_base.py | 2 +-
source4/torture/drs/python/fsmo.py | 2 +-
source4/torture/drs/python/replica_sync.py | 2 +-
source4/utils/oLschema2ldif/main.c | 46 +-
source4/utils/oLschema2ldif/wscript_build | 2 +-
wscript_build | 1 -
39 files changed, 1478 insertions(+), 1747 deletions(-)
delete mode 100644 source4/lib/cmdline/credentials.c
delete mode 100644 source4/lib/cmdline/popt_common.c
delete mode 100644 source4/lib/cmdline/popt_common.h
delete mode 100644 source4/lib/cmdline/popt_credentials.c
delete mode 100644 source4/lib/cmdline/wscript_build
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index b28722c6f92..b36036a25d4 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -46,7 +46,67 @@ NEW FEATURES/CHANGES
In order to be accepted, the request must be issued by a client
that is in the allow list and NOT in the deny list.
+Improved command line user experience
+-------------------------------------
+Samba utilities did not consistently implement their command line interface. A
+number of options were requiring to specify values in one tool and not in the
+other, some options meant different in different tools.
+
+These should be stories of the past now. A new command line parser has been
+implemented with sanity checking. Also the command line interface has been
+simplified and provides better control for encryption, singing and kerberos.
+
+Also several command line options have a smb.conf variable to control the
+default now.
+
+All tools are logging to stderr by default. You can use --debug-stdout to
+change the behavior.
+
+### Common parser:
+
+Options added:
+--client-protection=off|sign|encrypt
+
+Options renamed:
+--kerberos -> --use-kerberos=required|desired|off
+--krb5-ccache -> --use-krb5-ccache=CCACHE
+--scope -> --netbios-scope=SCOPE
+--use-ccache -> --use-winbind-ccache
+
+Options removed:
+-e|--encrypt
+-C removed from --use-winbind-ccache
+-i removed from --netbios-scope
+-S|--signing
+
+
+### Duplicates in command line utils
+
+ldbadd/ldbsearch/ldbdel/ldbmodify/ldbrename:
+-e is not available for --editor anymore
+-s is not used for --configfile anymore
+
+ndrdump:
+-l is not available for --load-dso anymore
+
+net:
+-l is not available for --long anymore
+
+sharesec:
+-V is not available for --viewsddl anymore
+
+smbcquotas:
+--user -> --quota-user
+
+nmbd:
+--log-stdout -> --debug-stdout
+
+smbd:
+--log-stdout -> --debug-stdout
+
+winbindd:
+--log-stdout -> --debug-stdout
REMOVED FEATURES
@@ -66,6 +126,8 @@ smb.conf changes
Parameter Name Description Default
-------------- ----------- -------
+ client use kerberos New desired
+ client protection New default
KNOWN ISSUES
diff --git a/docs-xml/build/DTD/samba.entities b/docs-xml/build/DTD/samba.entities
index 1e69148a205..80e051e7684 100644
--- a/docs-xml/build/DTD/samba.entities
+++ b/docs-xml/build/DTD/samba.entities
@@ -584,6 +584,8 @@
&cmdline.common.connection.realm;
'>
+<!ENTITY pct "%">
+
<!ENTITY cmdline.common.credentials.user '
<varlistentry>
<term>-U|--user=[DOMAIN\]USERNAME[&pct;PASSWORD]</term>
@@ -838,363 +840,6 @@
-<!ENTITY stdarg.server.debug '
-<varlistentry>
-<term>-d|--debuglevel=level</term>
-<listitem>
-<para><replaceable>level</replaceable> is an integer
-from 0 to 10. The default value if this parameter is
-not specified is 0.</para>
-
-<para>The higher this value, the more detail will be
-logged to the log files about the activities of the
-server. At level 0, only critical errors and serious
-warnings will be logged. Level 1 is a reasonable level for
-day-to-day running - it generates a small amount of
-information about operations carried out.</para>
-
-<para>Levels above 1 will generate considerable
-amounts of log data, and should only be used when
-investigating a problem. Levels above 3 are designed for
-use only by developers and generate HUGE amounts of log
-data, most of which is extremely cryptic.</para>
-
-<para>Note that specifying this parameter here will
-override the <smbconfoption name="log level" /> parameter
-in the &smb.conf; file.</para>
-</listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.client.debug '
-<varlistentry>
-<term>-d|--debuglevel=level</term>
-<listitem>
-<para><replaceable>level</replaceable> is an integer
-from 0 to 10. The default value if this parameter is
-not specified is 1.</para>
-
-<para>The higher this value, the more detail will be
-logged to the log files about the activities of the
-server. At level 0, only critical errors and serious
-warnings will be logged. Level 1 is a reasonable level for
-day-to-day running - it generates a small amount of
-information about operations carried out.</para>
-
-<para>Levels above 1 will generate considerable
-amounts of log data, and should only be used when
-investigating a problem. Levels above 3 are designed for
-use only by developers and generate HUGE amounts of log
-data, most of which is extremely cryptic.</para>
-
-<para>Note that specifying this parameter here will
-override the <smbconfoption name="log level" /> parameter
-in the &smb.conf; file.</para>
-</listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.configfile '
-<varlistentry>
-<term>-s|--configfile=<configuration file></term>
-<listitem><para>The file specified contains the
-configuration details required by the server. The
-information in this file includes server-specific
-information such as what printcap file to use, as well
-as descriptions of all the services that the server is
-to provide. See &smb.conf; for more information.
-The default configuration file name is determined at
-compile time.</para></listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.version '
-<varlistentry>
-<term>-V|--version</term>
-<listitem><para>Prints the program version number.
-</para></listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.log-basename '
-<varlistentry>
-<term>-l|--log-basename=logdirectory</term>
-<listitem><para>Base directory name for log/debug files. The extension
-<constant>".progname"</constant> will be appended (e.g. log.smbclient,
-log.smbd, etc...). The log file is never removed by the client.
-</para></listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.option '
-<varlistentry>
-<term>--option=<name>=<value></term>
-<listitem><para>Set the
-<citerefentry><refentrytitle>smb.conf</refentrytitle>
-<manvolnum>5</manvolnum></citerefentry>
-option "<name>" to value "<value>" from the command line.
-This overrides compiled-in defaults and options read from the configuration
-file.
-</para></listitem>
-</varlistentry>'>
-
-<!ENTITY popt.common.samba '
-&stdarg.version;
-&stdarg.configfile;
-&stdarg.log-basename;
-&stdarg.option;
-'>
-
-<!ENTITY popt.common.samba.client '
-&stdarg.client.debug;
-&popt.common.samba;
-'>
-
-<!ENTITY popt.common.samba.server '
-&stdarg.server.debug;
-&popt.common.samba;
-'>
-
-
-<!ENTITY stdarg.resolve.order '
-<varlistentry>
-<term>-R|--name-resolve <name resolve order></term>
-<listitem><para>This option is used to determine what naming
-services and in what order to resolve
-host names to IP addresses. The option takes a space-separated
-string of different name resolution options.</para>
-
-<para>The options are: "lmhosts", "host", "wins" and "bcast".
-They cause names to be resolved as follows :</para>
-
-<itemizedlist>
-<listitem><para><constant>lmhosts</constant>:
-Lookup an IP address in the Samba lmhosts file. If the
-line in lmhosts has no name type attached to the
-NetBIOS name
-(see the <citerefentry><refentrytitle>lmhosts</refentrytitle>
- <manvolnum>5</manvolnum></citerefentry> for details)
-then any name type matches for lookup.
-</para></listitem>
-
-<listitem><para><constant>host</constant>:
-Do a standard host name to IP address resolution, using
-the system <filename>/etc/hosts</filename>, NIS, or DNS
-lookups. This method of name resolution is operating
-system dependent, for instance on IRIX or Solaris this
-may be controlled by the <filename>/etc/nsswitch.conf
-</filename> file). Note that this method is only used
-if the NetBIOS name type being queried is the 0x20
-(server) name type, otherwise it is ignored.
-</para></listitem>
-
-<listitem><para><constant>wins</constant>:
-Query a name with the IP address listed in the
-<parameter>wins server</parameter> parameter. If no
-WINS server has been specified this method will be
-ignored.
-</para></listitem>
-
-<listitem><para><constant>bcast</constant>:
-Do a broadcast on each of the known local interfaces
-listed in the <parameter>interfaces</parameter>
-parameter. This is the least reliable of the name
-resolution methods as it depends on the target host
-being on a locally connected subnet.
-</para></listitem>
-</itemizedlist>
-
-<para>If this parameter is not set then the name resolve order
-defined in the &smb.conf; file parameter
-(<smbconfoption name="name resolve order" />) will be used.
-</para>
-
-<para>The default order is lmhosts, host, wins, bcast. Without
-this parameter or any entry in the
-<smbconfoption name="name resolve order" /> parameter of
-the &smb.conf; file, the name
-resolution methods will be attempted in this order. </para></listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.netbios.name '
-<varlistentry>
-<term>-n|--netbiosname <primary NetBIOS name></term>
-<listitem><para>This option allows you to override
-the NetBIOS name that Samba uses for itself. This is identical
-to setting the <smbconfoption name="netbios name" /> parameter in
-the &smb.conf; file.
-However, a command
-line setting will take precedence over settings in
-&smb.conf;.</para></listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.scope '
-<varlistentry>
-<term>-i|--scope <scope></term>
-<listitem><para>This specifies a NetBIOS scope that
-<command>nmblookup</command> will use to communicate with when
-generating NetBIOS names. For details on the use of NetBIOS
-scopes, see rfc1001.txt and rfc1002.txt. NetBIOS scopes are
-<emphasis>very</emphasis> rarely used, only set this parameter
-if you are the system administrator in charge of all the
-NetBIOS systems you communicate with.</para></listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.workgroup '
-<varlistentry>
-<term>-W|--workgroup=domain</term>
-<listitem><para>Set the SMB domain of the username. This
-overrides the default domain which is the domain defined in
-smb.conf. If the domain specified is the same as the servers
-NetBIOS name, it causes the client to log on using the servers local
-SAM (as opposed to the Domain SAM). </para></listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.socket.options '
-<varlistentry>
-<term>-O|--socket-options socket options</term>
-<listitem><para>TCP socket options to set on the client
-socket. See the socket options parameter in
-the &smb.conf; manual page for the list of valid
-options. </para></listitem>
-</varlistentry>
-'>
-
-<!ENTITY popt.common.connection '
-&stdarg.netbios.name;
-&stdarg.scope;
-&stdarg.workgroup;
-&stdarg.socket.options;
-'>
-
-<!ENTITY stdarg.nopass '
-<varlistentry>
-<term>-N|--no-pass</term>
-<listitem><para>If specified, this parameter suppresses the normal
-password prompt from the client to the user. This is useful when
-accessing a service that does not require a password. </para>
-
-<para>Unless a password is specified on the command line or
-this parameter is specified, the client will request a
-password.</para>
-
-<para>If a password is specified on the command line and this
-option is also defined the password on the command line will
-be silently ignored and no password will be used.</para></listitem>
-</varlistentry>'>
-
-<!ENTITY pct "%">
-
-<!ENTITY stdarg.username '
-<varlistentry>
-<term>-U|--user=username[&pct;password]</term>
-<listitem><para>Sets the SMB username or username and password. </para>
-
-<para>If &pct;password is not specified, the user will be prompted. The
-client will first check the <envar>USER</envar> environment variable, then the
-<envar>LOGNAME</envar> variable and if either exists, the
-string is uppercased. If these environmental variables are not
-found, the username <constant>GUEST</constant> is used. </para>
-
-<para>A third option is to use a credentials file which
-contains the plaintext of the username and password. This
-option is mainly provided for scripts where the admin does not
-wish to pass the credentials on the command line or via environment
-variables. If this method is used, make certain that the permissions
-on the file restrict access from unwanted users. See the
-<parameter>-A</parameter> for more details. </para>
-
-<para>Be cautious about including passwords in scripts. Also, on
-many systems the command line of a running process may be seen
-via the <command>ps</command> command. To be safe always allow
-<command>rpcclient</command> to prompt for a password and type
-it in directly. </para></listitem>
-</varlistentry>
-'>
-
-<!ENTITY stdarg.authfile '
-<varlistentry>
-<term>-A|--authentication-file=filename</term>
-<listitem><para>This option allows
-you to specify a file from which to read the username and
-password used in the connection. The format of the file is
-</para>
-
-<para><programlisting>
-username = <value>
-password = <value>
-domain = <value>
-</programlisting></para>
-
-<para>Make certain that the permissions on the file restrict
-access from unwanted users. </para></listitem>
-</varlistentry>'>
-
-<!ENTITY stdarg.kerberos '
-<varlistentry>
-<term>-k|--kerberos</term>
-<listitem><para>
-Try to authenticate with kerberos. Only useful in
-an Active Directory environment.
-</para></listitem>
-</varlistentry>
-'>
-
-<!ENTITY stdarg.useccache '
-<varlistentry>
-<term>-C|--use-ccache</term>
-<listitem><para>
-Try to use the credentials cached by winbind.
-</para></listitem>
-</varlistentry>
-'>
-
-<!ENTITY stdarg.signing '
-<varlistentry>
-<term>-S|--signing on|off|required</term>
-<listitem><para>Set the client signing state.
-</para></listitem>
-</varlistentry>
-'>
-
-<!ENTITY stdarg.machinepass '
-<varlistentry>
-<term>-P|--machine-pass</term>
-<listitem><para>Use stored machine account password.
-</para></listitem>
-</varlistentry>
-'>
-
-<!ENTITY stdarg.encrypt '
-<varlistentry>
-<term>-e|--encrypt</term>
-<listitem><para>
-This command line parameter requires the remote
-server support the UNIX extensions or that the SMB3 protocol has been selected.
-Requests that the connection be encrypted. Negotiates SMB encryption using either
-SMB3 or POSIX extensions via GSSAPI. Uses the given credentials for
-the encryption negotiation (either kerberos or NTLMv1/v2 if given
-domain/username/password triple. Fails the connection if encryption
-cannot be negotiated.
-</para></listitem>
-</varlistentry>
-'>
-
-<!ENTITY stdarg.pwnthash '
-<varlistentry>
-<term>--pw-nt-hash</term>
-<listitem><para>The supplied password is the NT hash.
-</para></listitem>
-</varlistentry>
-'>
-
-<!ENTITY popt.common.credentials '
-&stdarg.nopass;
-&stdarg.kerberos;
-&stdarg.useccache;
-&stdarg.authfile;
-&stdarg.username;
-&stdarg.signing;
-&stdarg.machinepass;
-&stdarg.encrypt;
-&stdarg.pwnthash;
-'>
-
<!ENTITY stdarg.help '
<varlistentry>
<term>-?|--help</term>
diff --git a/docs-xml/manpages/samba-tool.8.xml b/docs-xml/manpages/samba-tool.8.xml
index beef6cfb265..9a40bb1bec4 100644
--- a/docs-xml/manpages/samba-tool.8.xml
+++ b/docs-xml/manpages/samba-tool.8.xml
@@ -46,54 +46,21 @@
</para></listitem>
</varlistentry>
- <varlistentry>
- <term>--realm=REALM</term>
- <listitem><para>
- Set the realm name
- </para></listitem>
- </varlistentry>
+ &cmdline.common.connection.realm;
- <varlistentry>
- <term>--simple-bind-dn=DN</term>
- <listitem><para>
- DN to use for a simple bind
- </para></listitem>
- </varlistentry>
+ &cmdline.common.credentials.simplebinddn;
- <varlistentry>
- <term>--password=PASSWORD</term>
- <listitem><para>
- Password
- </para></listitem>
- </varlistentry>
+ &cmdline.common.credentials.password;
- <varlistentry>
- <term>-U USERNAME|--username=USERNAME</term>
- <listitem><para>
- Username
- </para></listitem>
- </varlistentry>
+ &cmdline.common.credentials.user;
- <varlistentry>
- <term>-W WORKGROUP|--workgroup=WORKGROUP</term>
--
Samba Shared Repository
More information about the samba-cvs
mailing list