The branch, v4-0-test has been updated
via 1a0c013 s4 dns: Fix return code for deleted records
via 8d25b8a s4:dns_server - introduce the wildcard binding feature
via ddd07ae s4: Fix a -Wunused-value warning
via ba8b5e3 selftest/knownfail: samba*.smb2.oplock.stream1 doesn't work
via b2c591c s4:torture/smb2: remove samba specific stuff from
smb2.oplock
via c420163 s3:smb2_create: don't take 'state->te' as indication for
"was_deferred" (bug #9196)
via 2248884 Fix bug #9209 - Parse of invalid SMB2 create blob can cause
smbd crash.
via ff47fcd libcli/smb: fix padding in smb2_create_blob*
from d190b59 VERSION: Bump version up to 4.0.0rc3.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 1a0c013591f592339235370607685027425874a7
Author: Kai Blin <[email protected]>
Date: Sun Sep 30 11:26:24 2012 +0200
s4 dns: Fix return code for deleted records
This fixes bug #9225. We already had a test for this scenario, but the test
wasn't
correct. This patch fixes the test, and also fixes the bug.
Signed-off-by: Kai Blin <[email protected]>
Autobuild-User(v4-0-test): Karolin Seeger <[email protected]>
Autobuild-Date(v4-0-test): Tue Oct 2 16:46:06 CEST 2012 on sn-devel-104
commit 8d25b8ae35e2f190e42aa064ef3c60faf1a4ddf2
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sun Aug 12 18:08:20 2012 +0200
s4:dns_server - introduce the wildcard binding feature
We need the wildcard binding feature otherwise we might get bound to a
private interface in case of multiple interfaces and no "interfaces"
parameter in smb.conf.
Code taken from source4/ldap_server/ldap_server.c
Signed-off-by: Kai Blin <[email protected]>
Autobuild-User(master): Kai Blin <[email protected]>
Autobuild-Date(master): Sun Sep 23 23:44:03 CEST 2012 on sn-devel-104
Fix bug #9183 - DNS server does not listen on localhost.
commit ddd07ae4daef3bca2f6df521ffea707d41256248
Author: Volker Lendecke <[email protected]>
Date: Wed Sep 26 10:07:32 2012 -0700
s4: Fix a -Wunused-value warning
Autobuild-User(master): Volker Lendecke <[email protected]>
Autobuild-Date(master): Wed Sep 26 21:52:00 CEST 2012 on sn-devel-104
(cherry picked from commit 5022b3d8c183181b922e3ccac49e5819eb453035)
Fix bug #9223 - Uninitialized variable in the cldap server can give bad
netlogon
netsamlogon response.
commit ba8b5e396add96a679fcff92f5d20df40875514a
Author: Stefan Metzmacher <[email protected]>
Date: Wed Sep 26 03:24:22 2012 +0200
selftest/knownfail: samba*.smb2.oplock.stream1 doesn't work
metze
Autobuild-User(master): Stefan Metzmacher <[email protected]>
Autobuild-Date(master): Wed Sep 26 07:57:12 CEST 2012 on sn-devel-104
(cherry picked from commit 98d117a5424d62804b7cb3d8a9ad35e703fc158a)
commit b2c591c6ca66e117c350a53e4bd9028268d0076c
Author: Stefan Metzmacher <[email protected]>
Date: Wed Sep 26 03:08:33 2012 +0200
s4:torture/smb2: remove samba specific stuff from smb2.oplock
metze
(cherry picked from commit 7a14f09f9cc14cfb6234175add1841faf751d51a)
commit c4201630403edc338f6a3843fd4dd069f45b1fd2
Author: Stefan Metzmacher <[email protected]>
Date: Wed Sep 26 03:04:20 2012 +0200
s3:smb2_create: don't take 'state->te' as indication for "was_deferred"
(bug #9196)
We always set state->te = NULL of TALLOC_FREE(state->te),
before calling smbd_smb2_request_dispatch(), so
open_was_deferred_smb2() always returned false, while dispatching
it again.
But it's remove_deferred_open_message_smb2_internal() which
should reset this state.
In developer mode validate_my_share_entries() did call smb_panic()
before.
metze
(cherry picked from commit 4604219ceba96955b3c4bf6ab31aa70c11442d61)
commit 224888491f7a4ce88fd636e56d1438a8a84a48e9
Author: Jeremy Allison <[email protected]>
Date: Wed Sep 26 16:58:58 2012 -0700
Fix bug #9209 - Parse of invalid SMB2 create blob can cause smbd crash.
Ensure we correctly protect against blobs with data_offset==0
and data_length != 0.
Jeremy.
Autobuild-User(master): Jeremy Allison <[email protected]>
Autobuild-Date(master): Thu Sep 27 22:07:02 CEST 2012 on sn-devel-104
(cherry picked from commit 322e3d42f65dadabeccf8813fcb0e9b7d353ffb2)
commit ff47fcd3c9f4c8e470601c443d214b590288f655
Author: Stefan Metzmacher <[email protected]>
Date: Wed Sep 19 08:11:23 2012 +0200
libcli/smb: fix padding in smb2_create_blob*
metze
(cherry picked from commit aa5caf1fe92b159eae00c7b11499e9ec697cf9ae)
-----------------------------------------------------------------------
Summary of changes:
libcli/smb/smb2_create_blob.c | 46 ++++++++++++++++++--------
selftest/knownfail | 2 +
source3/smbd/smb2_create.c | 5 ++-
source4/cldap_server/netlogon.c | 2 +-
source4/dns_server/dns_server.c | 38 ++++++++++++++++------
source4/dns_server/dns_utils.c | 2 +-
source4/scripting/python/samba/tests/dns.py | 46 +++++++++++++++++++++++++--
source4/torture/smb2/oplock.c | 10 ------
8 files changed, 111 insertions(+), 40 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smb2_create_blob.c b/libcli/smb/smb2_create_blob.c
index 2175a0c..92387db 100644
--- a/libcli/smb/smb2_create_blob.c
+++ b/libcli/smb/smb2_create_blob.c
@@ -61,14 +61,13 @@ NTSTATUS smb2_create_blob_parse(TALLOC_CTX *mem_ctx, const
DATA_BLOB buffer,
if ((next & 0x7) != 0 ||
next > remaining ||
- name_offset < 16 ||
- name_offset > remaining ||
- name_length != 4 || /* windows enforces this */
+ name_offset != 16 ||
+ name_length < 4 ||
name_offset + name_length > remaining ||
+ (data_offset & 0x7) != 0 ||
(data_offset && (data_offset < name_offset + name_length))
||
- (data_offset && (data_offset > remaining)) ||
- (data_offset && data_length &&
- (data_offset + (uint64_t)data_length >
remaining))) {
+ (data_offset > remaining) ||
+ (data_offset + (uint64_t)data_length > remaining)) {
return NT_STATUS_INVALID_PARAMETER;
}
@@ -108,25 +107,44 @@ static NTSTATUS smb2_create_blob_push_one(TALLOC_CTX
*mem_ctx, DATA_BLOB *buffer
{
uint32_t ofs = buffer->length;
size_t tag_length = strlen(blob->tag);
- uint8_t pad = smb2_create_blob_padding(blob->data.length+tag_length, 4);
+ size_t blob_offset = 0;
+ size_t blob_pad = 0;
+ size_t next_offset = 0;
+ size_t next_pad = 0;
+ bool ok;
+
+ blob_offset = 0x14 + tag_length;
+ blob_pad = smb2_create_blob_padding(blob_offset, 8);
+ next_offset = blob_offset + blob_pad + blob->data.length;
+ if (!last) {
+ next_pad = smb2_create_blob_padding(next_offset, 8);
+ }
- if (!data_blob_realloc(mem_ctx, buffer,
- buffer->length + 0x14 + tag_length +
blob->data.length + pad))
+ ok = data_blob_realloc(mem_ctx, buffer,
+ buffer->length + next_offset + next_pad);
+ if (!ok) {
return NT_STATUS_NO_MEMORY;
+ }
if (last) {
SIVAL(buffer->data, ofs+0x00, 0);
} else {
- SIVAL(buffer->data, ofs+0x00, 0x14 + tag_length +
blob->data.length + pad);
+ SIVAL(buffer->data, ofs+0x00, next_offset + next_pad);
}
SSVAL(buffer->data, ofs+0x04, 0x10); /* offset of tag */
SIVAL(buffer->data, ofs+0x06, tag_length); /* tag length */
- SSVAL(buffer->data, ofs+0x0A, 0x14 + tag_length); /* offset of data */
+ SSVAL(buffer->data, ofs+0x0A, blob_offset + blob_pad); /* offset of
data */
SIVAL(buffer->data, ofs+0x0C, blob->data.length);
memcpy(buffer->data+ofs+0x10, blob->tag, tag_length);
- SIVAL(buffer->data, ofs+0x10+tag_length, 0); /* pad? */
- memcpy(buffer->data+ofs+0x14+tag_length, blob->data.data,
blob->data.length);
- memset(buffer->data+ofs+0x14+tag_length+blob->data.length, 0, pad);
+ if (blob_pad > 0) {
+ memset(buffer->data+ofs+blob_offset, 0, blob_pad);
+ blob_offset += blob_pad;
+ }
+ memcpy(buffer->data+ofs+blob_offset, blob->data.data,
blob->data.length);
+ if (next_pad > 0) {
+ memset(buffer->data+ofs+next_offset, 0, next_pad);
+ next_offset += next_pad;
+ }
return NT_STATUS_OK;
}
diff --git a/selftest/knownfail b/selftest/knownfail
index 3f4b513..30aef76 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -155,6 +155,7 @@
^samba4.smb2.oplock.batch9\(.*\)$ # samba 4 oplocks are a mess
^samba4.smb2.oplock.batch10\(.*\)$ # samba 4 oplocks are a mess
^samba4.smb2.oplock.batch20\(.*\)$ # samba 4 oplocks are a mess
+^samba4.smb2.oplock.stream1 # samba 4 oplocks are a mess
^samba4.smb2.getinfo.getinfo # streams on directories does not work
^samba4.ntvfs.cifs.krb5.base.createx_access.createx_access\(.*\)$
^samba4.ldap.acl.*.AclSearchTests.test_search_anonymous3\(.*\)$ # ACL search
behaviour not enabled by default
@@ -195,6 +196,7 @@
^samba3.smb2.lease.multibreak
^samba3.smb2.oplock.batch12
^samba3.smb2.oplock.batch20
+^samba3.smb2.oplock.stream1
^samba3.smb2.streams.rename
^samba3.smb2.streams.rename2
^samba3.smb2.streams.attributes
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index aff934f..7db6b00 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -377,6 +377,7 @@ static void smbd_smb2_request_create_done(struct tevent_req
*tsubreq)
struct smbd_smb2_create_state {
struct smbd_smb2_request *smb2req;
struct smb_request *smb1req;
+ bool open_was_deferred;
struct timed_event *te;
struct tevent_immediate *im;
struct timeval request_time;
@@ -1203,7 +1204,7 @@ bool open_was_deferred_smb2(struct smbd_server_connection
*sconn, uint64_t mid)
return false;
}
/* It's not in progress if there's no timeout event. */
- if (!state->te) {
+ if (!state->open_was_deferred) {
return false;
}
@@ -1234,6 +1235,7 @@ static void
remove_deferred_open_message_smb2_internal(struct smbd_smb2_request
"mid %llu\n",
(unsigned long long)mid ));
+ state->open_was_deferred = false;
/* Ensure we don't have any outstanding timer event. */
TALLOC_FREE(state->te);
/* Ensure we don't have any outstanding immediate event. */
@@ -1456,6 +1458,7 @@ bool push_deferred_open_message_smb2(struct
smbd_smb2_request *smb2req,
&end_time,
true) ));
+ state->open_was_deferred = true;
state->te = tevent_add_timer(smb2req->sconn->ev_ctx,
state,
end_time,
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index ce257e9..6d5efb5 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -241,7 +241,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context
*sam_ctx,
}
if (str_list_check(services, "ntp_signd")) {
- server_type | DS_SERVER_TIMESERV | DS_SERVER_GOOD_TIMESERV;
+ server_type |= DS_SERVER_TIMESERV | DS_SERVER_GOOD_TIMESERV;
}
if (samdb_rodc(sam_ctx, &am_rodc) == LDB_SUCCESS && !am_rodc) {
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index 21bd3b3..003dd4e 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -669,13 +669,29 @@ static NTSTATUS dns_startup_interfaces(struct dns_server
*dns, struct loadparm_c
return NT_STATUS_INTERNAL_ERROR;
}
- num_interfaces = iface_list_count(ifaces);
+ if (ifaces != NULL) {
+ num_interfaces = iface_list_count(ifaces);
- for (i=0; i<num_interfaces; i++) {
- const char *address = talloc_strdup(tmp_ctx,
iface_list_n_ip(ifaces, i));
+ for (i=0; i<num_interfaces; i++) {
+ const char *address = talloc_strdup(tmp_ctx,
+
iface_list_n_ip(ifaces, i));
- status = dns_add_socket(dns, model_ops, "dns", address,
DNS_SERVICE_PORT);
- NT_STATUS_NOT_OK_RETURN(status);
+ status = dns_add_socket(dns, model_ops, "dns", address,
+ DNS_SERVICE_PORT);
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
+ } else {
+ const char **wcard;
+ wcard = iface_list_wildcard(tmp_ctx, lp_ctx);
+ if (wcard == NULL) {
+ DEBUG(0, ("No wildcard address available\n"));
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+ for (i = 0; wcard[i] != NULL; i++) {
+ status = dns_add_socket(dns, model_ops, "dns", wcard[i],
+ DNS_SERVICE_PORT);
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
}
talloc_free(tmp_ctx);
@@ -729,7 +745,7 @@ static void dns_task_init(struct task_server *task)
{
struct dns_server *dns;
NTSTATUS status;
- struct interface *ifaces;
+ struct interface *ifaces = NULL;
int ret;
struct ldb_result *res;
static const char * const attrs[] = { "name", NULL};
@@ -747,11 +763,13 @@ static void dns_task_init(struct task_server *task)
break;
}
- load_interface_list(task, task->lp_ctx, &ifaces);
+ if (lpcfg_interfaces(task->lp_ctx) &&
lpcfg_bind_interfaces_only(task->lp_ctx)) {
+ load_interface_list(task, task->lp_ctx, &ifaces);
- if (iface_list_count(ifaces) == 0) {
- task_server_terminate(task, "dns: no network interfaces
configured", false);
- return;
+ if (iface_list_count(ifaces) == 0) {
+ task_server_terminate(task, "dns: no network interfaces
configured", false);
+ return;
+ }
}
task_server_set_title(task, "task[dns]");
diff --git a/source4/dns_server/dns_utils.c b/source4/dns_server/dns_utils.c
index 11ded68..cb2c6f4 100644
--- a/source4/dns_server/dns_utils.c
+++ b/source4/dns_server/dns_utils.c
@@ -201,7 +201,7 @@ WERROR dns_lookup_records(struct dns_server *dns,
if (el == NULL) {
*records = NULL;
*rec_count = 0;
- return WERR_OK;
+ return DNS_ERR(NAME_ERROR);
}
recs = talloc_zero_array(mem_ctx, struct dnsp_DnssrvRpcRecord,
el->num_values);
diff --git a/source4/scripting/python/samba/tests/dns.py
b/source4/scripting/python/samba/tests/dns.py
index be952c4..79d8736 100644
--- a/source4/scripting/python/samba/tests/dns.py
+++ b/source4/scripting/python/samba/tests/dns.py
@@ -432,6 +432,10 @@ class TestDNSUpdates(DNSTest):
def test_delete_record(self):
"Test if deleting records works"
+
+ NAME = "deleterec.%s" % self.get_dns_domain()
+
+ # First, create a record to make sure we have a record to delete.
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
@@ -443,7 +447,43 @@ class TestDNSUpdates(DNSTest):
updates = []
r = dns.res_rec()
- r.name = "textrec.%s" % self.get_dns_domain()
+ r.name = NAME
+ r.rr_type = dns.DNS_QTYPE_TXT
+ r.rr_class = dns.DNS_QCLASS_IN
+ r.ttl = 900
+ r.length = 0xffff
+ r.rdata = dns.txt_record()
+ r.rdata.txt = '"This is a test"'
+ updates.append(r)
+ p.nscount = len(updates)
+ p.nsrecs = updates
+
+ response = self.dns_transaction_udp(p)
+ self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+
+ # Now check the record is around
+ p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+ questions = []
+ q = self.make_name_question(NAME, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
+ questions.append(q)
+
+ self.finish_name_packet(p, questions)
+ response = self.dns_transaction_udp(p)
+ self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+
+ # Now delete the record
+ p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
+ updates = []
+
+ name = self.get_dns_domain()
+
+ u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
+ updates.append(u)
+ self.finish_name_packet(p, updates)
+
+ updates = []
+ r = dns.res_rec()
+ r.name = NAME
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_NONE
r.ttl = 0
@@ -457,11 +497,11 @@ class TestDNSUpdates(DNSTest):
response = self.dns_transaction_udp(p)
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+ # And finally check it's gone
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
- name = "textrec.%s" % self.get_dns_domain()
- q = self.make_name_question(name, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
+ q = self.make_name_question(NAME, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
diff --git a/source4/torture/smb2/oplock.c b/source4/torture/smb2/oplock.c
index fc939cc..4cf7c7d 100644
--- a/source4/torture/smb2/oplock.c
+++ b/source4/torture/smb2/oplock.c
@@ -2416,10 +2416,6 @@ static bool test_smb2_oplock_batch22(struct
torture_context *tctx,
int timeout = torture_setting_int(tctx, "oplocktimeout", 30);
int te;
- if (torture_setting_bool(tctx, "samba3", false)) {
- torture_skip(tctx, "BATCH22 disabled against samba3\n");
- }
-
status = torture_smb2_testdir(tree1, BASEDIR, &h);
torture_assert_ntstatus_ok(tctx, status, "Error creating directory");
@@ -2759,12 +2755,6 @@ static bool test_raw_oplock_stream1(struct
torture_context *tctx,
{&fname_default_stream, true, SMB2_OPLOCK_LEVEL_EXCLUSIVE,
SMB2_OPLOCK_LEVEL_II},
};
- /* Only passes against windows at the moment. */
- if (torture_setting_bool(tctx, "samba3", false) ||
- torture_setting_bool(tctx, "samba4", false)) {
- torture_skip(tctx, "STREAM1 disabled against samba3+4\n");
- }
-
fname_stream = talloc_asprintf(tctx, "%s:%s", fname_base, stream);
fname_default_stream = talloc_asprintf(tctx, "%s%s", fname_base,
default_stream);
--
Samba Shared Repository
