The branch, master has been updated
via 8466587 docs/idmap_rid: remove deprecated base_rid from example
via 6c9de0c libsmb: provide authinfo domain for DFS referral auth
via 7b7d4f7 libsmb: reuse connections derived from DFS referrals
via 4582980 utils: Fix 'net time' segfault.
via a0a254f cli_connect_nb_send: don't segfault on host == NULL.
from 4715564 wafsamba: create unique names when building shared modules
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8466587c589f01d59294be36ad0b347f5d82a11f
Author: David Disseldorp <[email protected]>
Date: Fri Jan 16 16:21:24 2015 +0100
docs/idmap_rid: remove deprecated base_rid from example
The base_rid option has been deprecated for some time. Specifying a
value of 1000 (as recommended in the parameter description and example
section) can result in failed mapping of group SIDs, where RIDs do not
start at 1000.
Signed-off-by: David Disseldorp <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Autobuild-User(master): Michael Adam <[email protected]>
Autobuild-Date(master): Mon Jan 19 09:09:22 CET 2015 on sn-devel-104
commit 6c9de0cd056afc0b478c02f1bdb0e06532388037
Author: David Disseldorp <[email protected]>
Date: Fri Jan 16 16:21:23 2015 +0100
libsmb: provide authinfo domain for DFS referral auth
libsmbclient uses the smbc_init->smbc_get_auth_data_fn() provided
workgroup/domain in initial connections, but then switches to the
default smb.conf workgroup/domain when handling DFS referrals.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059
Signed-off-by: David Disseldorp <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 7b7d4f740fe5017107d3100041cc8c7982f0eac7
Author: David Disseldorp <[email protected]>
Date: Fri Jan 16 16:21:22 2015 +0100
libsmb: reuse connections derived from DFS referrals
[MS-DFSC] 3.2.1.1 and 3.2.1.2 states that DFS targets with the same site
location or relative cost are placed in random order in a DFS referral
response.
libsmbclient currently resolves DFS referrals on every API call, always
using the first entry in the referral response. With random ordering,
libsmbclient may open a new server connection, rather than reuse an
existing (cached) connection established in a previous DFS referred API
call.
This change sees libsmbclient check the connection cache for any of the
DFS referral response entries before creating a new connection.
This change is based on a patch by Har Gagan Sahai
<[email protected]>.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10123
Signed-off-by: David Disseldorp <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 45829800eb3f3a8aeccfe7c1114dcf9df60371d5
Author: Andreas Schneider <[email protected]>
Date: Tue Jan 13 17:04:26 2015 +0100
utils: Fix 'net time' segfault.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058
This is part two of the bugfix. Make sure we pass the IP we found to
cli_servertime(). Hence we always pass at least one of name or IP.
Pair-Programmed-With: Michael Adam <[email protected]>
Signed-off-by: Andreas Schneider <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit a0a254f74234bed6c9a0c71a5bda8254fa6f633f
Author: Michael Adam <[email protected]>
Date: Fri Jan 16 16:18:45 2015 +0100
cli_connect_nb_send: don't segfault on host == NULL.
The functions called futher down can cope with host == NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058
This is part one of the bugfix:
This ensures that it is enough to pass one of host or address to the
function.
Pair-Programmed-With: Andreas Schneider <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages/idmap_rid.8.xml | 3 -
source3/libsmb/cliconnect.c | 22 +++++---
source3/libsmb/clidfs.c | 114 +++++++++++++++++++++++++++++---------
source3/utils/net_time.c | 21 ++++---
4 files changed, 116 insertions(+), 44 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages/idmap_rid.8.xml
b/docs-xml/manpages/idmap_rid.8.xml
index 2db15e2..520d605 100644
--- a/docs-xml/manpages/idmap_rid.8.xml
+++ b/docs-xml/manpages/idmap_rid.8.xml
@@ -65,8 +65,6 @@
This means SIDs with a RID less than the base rid are
filtered.
The default is not to restrict the allowed rids at all,
i.e. a base_rid value of 0.
- A good value for the base_rid can be 1000, since user
- RIDs by default start at 1000 (512 hexadecimal).
</para>
<para>
Use of this parameter is deprecated.
@@ -114,7 +112,6 @@
idmap config TRUSTED : backend = rid
idmap config TRUSTED : range = 50000 - 99999
- idmap config TRUSTED : base_rid = 1000
</programlisting>
</refsect1>
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 7a9e648..9cbf11f 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -3004,21 +3004,29 @@ static struct tevent_req *cli_connect_nb_send(
{
struct tevent_req *req, *subreq;
struct cli_connect_nb_state *state;
- char *p;
req = tevent_req_create(mem_ctx, &state, struct cli_connect_nb_state);
if (req == NULL) {
return NULL;
}
- state->desthost = host;
state->signing_state = signing_state;
state->flags = flags;
- p = strchr(host, '#');
- if (p != NULL) {
- name_type = strtol(p+1, NULL, 16);
- host = talloc_strndup(state, host, p - host);
- if (tevent_req_nomem(host, req)) {
+ if (host != NULL) {
+ char *p = strchr(host, '#');
+
+ if (p != NULL) {
+ name_type = strtol(p+1, NULL, 16);
+ host = talloc_strndup(state, host, p - host);
+ if (tevent_req_nomem(host, req)) {
+ return tevent_req_post(req, ev);
+ }
+ }
+
+ state->desthost = host;
+ } else {
+ state->desthost = print_canonical_sockaddr(state, dest_ss);
+ if (tevent_req_nomem(state->desthost, req)) {
return tevent_req_post(req, ev);
}
}
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index e5c03a8..79d88a5 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -111,6 +111,7 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
char *newserver, *newshare;
const char *username;
const char *password;
+ const char *domain;
NTSTATUS status;
int flags = 0;
@@ -184,11 +185,15 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
username = get_cmdline_auth_info_username(auth_info);
password = get_cmdline_auth_info_password(auth_info);
+ domain = get_cmdline_auth_info_domain(auth_info);
+ if ((domain == NULL) || (domain[0] == '\0')) {
+ domain = lp_workgroup();
+ }
status = cli_session_setup(c, username,
password, strlen(password),
password, strlen(password),
- lp_workgroup());
+ domain);
if (!NT_STATUS_IS_OK(status)) {
/* If a password was not supplied then
* try again with a null username. */
@@ -237,7 +242,7 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
force_encrypt,
username,
password,
- lp_workgroup())) {
+ domain)) {
cli_shutdown(c);
return do_connect(ctx, newserver,
newshare, auth_info, false,
@@ -259,7 +264,7 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
status = cli_cm_force_encryption(c,
username,
password,
- lp_workgroup(),
+ domain,
sharename);
if (!NT_STATUS_IS_OK(status)) {
cli_shutdown(c);
@@ -834,6 +839,11 @@ NTSTATUS cli_dfs_get_referral(TALLOC_CTX *ctx,
/********************************************************************
********************************************************************/
+struct cli_dfs_path_split {
+ char *server;
+ char *share;
+ char *extrapath;
+};
NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
const char *mountpt,
@@ -851,9 +861,9 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
char *cleanpath = NULL;
char *extrapath = NULL;
int pathlen;
- char *server = NULL;
- char *share = NULL;
struct cli_state *newcli = NULL;
+ struct cli_state *ccli = NULL;
+ int count = 0;
char *newpath = NULL;
char *newmount = NULL;
char *ppath = NULL;
@@ -862,6 +872,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
NTSTATUS status;
struct smbXcli_tcon *root_tcon = NULL;
struct smbXcli_tcon *target_tcon = NULL;
+ struct cli_dfs_path_split *dfs_refs = NULL;
if ( !rootcli || !path || !targetcli ) {
return NT_STATUS_INVALID_PARAMETER;
@@ -951,26 +962,83 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
return status;
}
- /* Just store the first referral for now. */
-
if (!refs[0].dfspath) {
return NT_STATUS_NOT_FOUND;
}
- if (!split_dfs_path(ctx, refs[0].dfspath, &server, &share,
- &extrapath)) {
- return NT_STATUS_NOT_FOUND;
+
+ /*
+ * Bug#10123 - DFS referal entries can be provided in a random order,
+ * so check the connection cache for each item to avoid unnecessary
+ * reconnections.
+ */
+ dfs_refs = talloc_array(ctx, struct cli_dfs_path_split, num_refs);
+ if (dfs_refs == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ for (count = 0; count < num_refs; count++) {
+ if (!split_dfs_path(dfs_refs, refs[count].dfspath,
+ &dfs_refs[count].server,
+ &dfs_refs[count].share,
+ &dfs_refs[count].extrapath)) {
+ TALLOC_FREE(dfs_refs);
+ return NT_STATUS_NOT_FOUND;
+ }
+
+ ccli = cli_cm_find(rootcli, dfs_refs[count].server,
+ dfs_refs[count].share);
+ if (ccli != NULL) {
+ extrapath = dfs_refs[count].extrapath;
+ *targetcli = ccli;
+ break;
+ }
+ }
+
+ /*
+ * If no cached connection was found, then connect to the first live
+ * referral server in the list.
+ */
+ for (count = 0; (ccli == NULL) && (count < num_refs); count++) {
+ /* Connect to the target server & share */
+ status = cli_cm_connect(ctx, rootcli,
+ dfs_refs[count].server,
+ dfs_refs[count].share,
+ dfs_auth_info,
+ false,
+ smb1cli_conn_encryption_on(rootcli->conn),
+ smbXcli_conn_protocol(rootcli->conn),
+ 0,
+ 0x20,
+ targetcli);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("Unable to follow dfs referral [\\%s\\%s]\n",
+ dfs_refs[count].server,
+ dfs_refs[count].share);
+ continue;
+ } else {
+ extrapath = dfs_refs[count].extrapath;
+ break;
+ }
+ }
+
+ /* No available referral server for the connection */
+ if (*targetcli == NULL) {
+ TALLOC_FREE(dfs_refs);
+ return status;
}
/* Make sure to recreate the original string including any wildcards. */
dfs_path = cli_dfs_make_full_path(ctx, rootcli, path);
if (!dfs_path) {
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_NO_MEMORY;
}
pathlen = strlen(dfs_path);
consumed = MIN(pathlen, consumed);
*pp_targetpath = talloc_strdup(ctx, &dfs_path[consumed]);
if (!*pp_targetpath) {
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_NO_MEMORY;
}
dfs_path[consumed] = '\0';
@@ -981,23 +1049,6 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
* (in \server\share\path format).
*/
- /* Open the connection to the target server & share */
- status = cli_cm_open(ctx, rootcli,
- server,
- share,
- dfs_auth_info,
- false,
- smb1cli_conn_encryption_on(rootcli->conn),
- smbXcli_conn_protocol(rootcli->conn),
- 0,
- 0x20,
- targetcli);
- if (!NT_STATUS_IS_OK(status)) {
- d_printf("Unable to follow dfs referral [\\%s\\%s]\n",
- server, share );
- return status;
- }
-
if (extrapath && strlen(extrapath) > 0) {
/* EMC Celerra NAS version 5.6.50 (at least) doesn't appear to
*/
/* put the trailing \ on the path, so to be save we put one in
if needed */
@@ -1013,6 +1064,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
*pp_targetpath);
}
if (!*pp_targetpath) {
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_NO_MEMORY;
}
}
@@ -1026,18 +1078,21 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
d_printf("cli_resolve_path: "
"dfs_path (%s) not in correct format.\n",
dfs_path );
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_NOT_FOUND;
}
ppath++; /* Now pointing at start of server name. */
if ((ppath = strchr_m( dfs_path, '\\' )) == NULL) {
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_NOT_FOUND;
}
ppath++; /* Now pointing at start of share name. */
if ((ppath = strchr_m( ppath+1, '\\' )) == NULL) {
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_NOT_FOUND;
}
@@ -1045,6 +1100,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
newmount = talloc_asprintf(ctx, "%s\\%s", mountpt, ppath );
if (!newmount) {
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_NOT_FOUND;
}
@@ -1069,6 +1125,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
*/
*targetcli = newcli;
*pp_targetpath = newpath;
+ TALLOC_FREE(dfs_refs);
return status;
}
}
@@ -1085,14 +1142,17 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
if (smbXcli_tcon_is_dfs_share(target_tcon)) {
dfs_path = talloc_strdup(ctx, *pp_targetpath);
if (!dfs_path) {
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_NO_MEMORY;
}
*pp_targetpath = cli_dfs_make_full_path(ctx, *targetcli,
dfs_path);
if (*pp_targetpath == NULL) {
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_NO_MEMORY;
}
}
+ TALLOC_FREE(dfs_refs);
return NT_STATUS_OK;
}
diff --git a/source3/utils/net_time.c b/source3/utils/net_time.c
index 56ce8f7..595d903 100644
--- a/source3/utils/net_time.c
+++ b/source3/utils/net_time.c
@@ -226,16 +226,23 @@ int net_time(struct net_context *c, int argc, const char
**argv)
return 0;
}
- if (!c->opt_host && !c->opt_have_ip &&
- !find_master_ip(c->opt_target_workgroup, &c->opt_dest_ip)) {
- d_fprintf(stderr, _("Could not locate a time server. Try "
- "specifying a target host.\n"));
- net_time_usage(c, argc,argv);
- return -1;
+ if (c->opt_host == NULL && !c->opt_have_ip) {
+ bool ok;
+
+ ok = find_master_ip(c->opt_target_workgroup, &c->opt_dest_ip);
+ if (!ok) {
+ d_fprintf(stderr,
+ _("Could not locate a time server. "
+ "Try specifying a target host.\n"));
+ net_time_usage(c, argc, argv);
+ return -1;
+ }
+ c->opt_have_ip = true;
}
/* default - print the time */
- t = cli_servertime(c->opt_host, c->opt_have_ip? &c->opt_dest_ip : NULL,
+ t = cli_servertime(c->opt_host,
+ c->opt_have_ip? &c->opt_dest_ip : NULL,
NULL);
if (t == 0) return -1;
--
Samba Shared Repository
