The branch, master has been updated
via f00dd4a provision: Allow more OS levels in sambadns
via 35f2673 dsdb: Add functional levels for 2012 and 2012R2
via e8bab90 samba_upgradedns: Remove unused variable
via 5701b99 samba-tool dns: Trap on conneciton errors and give useful
info
via 751ea34 selftest: Correct comment about MAX_WRAPPED_INTERFACES
via 56dd83b torture: Add better debug message when
tsocket_address_inet_from_strings fails
via 05d4dbd async_req: fix non-blocking connect()
via aa96c75 selftest: add a test for async_connect_send()
via 6c81ecc README.Coding: initialize pointers
from 1dba498 s4:lib/messaging: use a helper variable for tdb flags
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit f00dd4a8d13bb6806ac2b123a99ad9db8a8a2482
Author: Andrew Bartlett <[email protected]>
Date: Tue Mar 17 16:05:37 2015 +1300
provision: Allow more OS levels in sambadns
While we do not support these yet, they make no difference to DNS, so
permit up to 2012R2
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Autobuild-User(master): Jeremy Allison <[email protected]>
Autobuild-Date(master): Tue Oct 20 23:23:13 CEST 2015 on sn-devel-104
commit 35f267304e89d870cbd645dbba8ed06f88686e1a
Author: Andrew Bartlett <[email protected]>
Date: Tue Mar 17 16:02:52 2015 +1300
dsdb: Add functional levels for 2012 and 2012R2
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit e8bab905d304158c63e6af54903aea10a63684e1
Author: Andrew Bartlett <[email protected]>
Date: Tue Aug 11 14:03:55 2015 +1200
samba_upgradedns: Remove unused variable
dnssecret is not used at any point later in the script
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 5701b99b5c134ee6ffffa0f34c2797c9c814d280
Author: Andrew Bartlett <[email protected]>
Date: Fri Aug 7 16:27:23 2015 +1200
samba-tool dns: Trap on conneciton errors and give useful info
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 751ea346bc9a1b915ec11b59d04f585647a2e385
Author: Andrew Bartlett <[email protected]>
Date: Fri Aug 7 12:53:08 2015 +1200
selftest: Correct comment about MAX_WRAPPED_INTERFACES
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 56dd83b9f662cde99b7d00b8250e36cd5947a86c
Author: Andrew Bartlett <[email protected]>
Date: Mon Aug 31 12:51:14 2015 +1200
torture: Add better debug message when tsocket_address_inet_from_strings
fails
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 05d4dbda8357712cb81008e0d611fdb0e7239587
Author: Ralph Boehme <[email protected]>
Date: Sun Oct 18 22:21:10 2015 +0200
async_req: fix non-blocking connect()
According to Stevens UNIX Network Programming and various other sources,
the correct handling for non-blocking connect() is:
- when the initial connect() return -1/EINPROGRESS polling the socket
for *writeability*
- in the poll handler call getsocktopt() with SO_ERROR to get the
finished connect() return value
Simply calling connect() a second time without error checking is
probably wrong and not portable. For a successfull connect() Linux
returns 0, but Solaris will return EISCONN:
24254: 0.0336 0.0002 connect(4, 0xFEFFECAC, 16, SOV_DEFAULT) Err#150
EINPROGRESS
24254: AF_INET name = 10.10.10.143 port = 1024
24254: 0.0349 0.0001 port_associate(3, 4, 0x00000004,
0x0000001D,0x080648A8) = 0
24254: 0.0495 0.0146 port_getn(3, 0xFEFFEB50, 1, 1, 0xFEFFEB60) = 1 [0]
24254: 0.0497 0.0002 connect(4, 0x080646E4, 16, SOV_DEFAULT) Err#133
EISCONN
24254: AF_INET name = 10.10.10.143 port = 1024
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11564
Signed-off-by: Ralph Boehme <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit aa96c75346a9bad60471a206d65c7b7049b9ca83
Author: Ralph Boehme <[email protected]>
Date: Sun Oct 18 22:23:20 2015 +0200
selftest: add a test for async_connect_send()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11564
Signed-off-by: Ralph Boehme <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 6c81ecc795d729fc049d42b4df6deff520edd81a
Author: Ralph Boehme <[email protected]>
Date: Tue Oct 20 12:01:22 2015 +0200
README.Coding: initialize pointers
Pointers must be initialized to NULL.
Signed-off-by: Ralph Boehme <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
README.Coding | 35 ++++++++-
lib/async_req/async_connect_send_test.c | 130 ++++++++++++++++++++++++++++++++
lib/async_req/async_sock.c | 56 +++++++-------
lib/async_req/wscript_build | 4 +
libds/common/flags.h | 4 +-
python/samba/netcmd/dns.py | 6 +-
python/samba/provision/sambadns.py | 5 +-
selftest/target/Samba.pm | 4 +-
source3/script/tests/test_async_req.sh | 11 +++
source3/selftest/tests.py | 3 +
source4/dsdb/pydsdb.c | 2 +
source4/scripting/bin/samba_upgradedns | 1 -
source4/torture/rpc/lsa.c | 5 +-
13 files changed, 228 insertions(+), 38 deletions(-)
create mode 100644 lib/async_req/async_connect_send_test.c
create mode 100755 source3/script/tests/test_async_req.sh
Changeset truncated at 500 lines:
diff --git a/README.Coding b/README.Coding
index 52dca49..9073b77 100644
--- a/README.Coding
+++ b/README.Coding
@@ -320,6 +320,39 @@ Samba tries to avoid "typedef struct { .. } x_t;" so we do
always try to use
"struct x { .. };". We know there are still such typedefs in the code,
but for new code, please don't do that anymore.
+Initialize pointers
+-------------------
+
+All pointer variables MUST be initialized to NULL. History has
+demonstrated that uninitialized pointer variables have lead to various
+bugs and security issues.
+
+Pointers MUST be initialized even if the assignment directly follows
+the declaration, like pointer2 in the example below, because the
+instructions sequence may change over time.
+
+Good Example:
+
+ char *pointer1 = NULL;
+ char *pointer2 = NULL;
+
+ pointer2 = some_func2();
+
+ ...
+
+ pointer1 = some_func1();
+
+Bad Example:
+
+ char *pointer1;
+ char *pointer2;
+
+ pointer2 = some_func2();
+
+ ...
+
+ pointer1 = some_func1();
+
Make use of helper variables
----------------------------
@@ -329,7 +362,7 @@ it's also easier to use the "step" command within gdb.
Good Example:
- char *name;
+ char *name = NULL;
name = get_some_name();
if (name == NULL) {
diff --git a/lib/async_req/async_connect_send_test.c
b/lib/async_req/async_connect_send_test.c
new file mode 100644
index 0000000..e612056
--- /dev/null
+++ b/lib/async_req/async_connect_send_test.c
@@ -0,0 +1,130 @@
+/*
+ * Test async connect
+ * Copyright (C) Ralph Boehme 2015
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "replace.h"
+#include "lib/tevent/tevent.h"
+#include "lib/async_req/async_sock.h"
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+int main(int argc, const char *argv[])
+{
+ int result, listen_sock, status, exit_status;
+ uint16_t port;
+ struct sockaddr_in addr = { 0 };
+ pid_t pid;
+
+ listen_sock = socket(PF_INET, SOCK_STREAM, 0);
+ if (listen_sock == -1) {
+ perror("socket() failed");
+ exit(1);
+ }
+
+ addr.sin_family = AF_INET;
+ addr.sin_addr.s_addr = inet_addr("127.0.0.1");
+
+ for (port = 1024; port < UINT16_MAX; port++) {
+ addr.sin_port = htons(port);
+ result = bind(listen_sock, (struct sockaddr *)&addr,
sizeof(addr));
+ if (result == 0) {
+ break;
+ }
+ }
+
+ if (port == UINT16_MAX) {
+ printf("Huh, no free port?\n");
+ return 1;
+ }
+
+ result = listen(listen_sock, 1);
+ if (result == -1) {
+ perror("listen() failed");
+ close(listen_sock);
+ return 1;
+ }
+
+ pid = fork();
+ if (pid == -1) {
+ perror("fork");
+ return 1;
+ }
+
+ if (pid == 0) {
+ struct tevent_context *ev;
+ struct tevent_req *req;
+ int fd;
+
+ ev = tevent_context_init(NULL);
+ if (ev == NULL) {
+ fprintf(stderr, "tevent_context_init failed\n");
+ return 1;
+ }
+
+ fd = socket(PF_INET, SOCK_STREAM, 0);
+ if (fd == -1) {
+ perror("socket");
+ return 1;
+ }
+
+ memset(&addr, sizeof(addr), 0);
+ addr.sin_family = AF_INET;
+ addr.sin_port = htons(port);
+ addr.sin_addr.s_addr = inet_addr("127.0.0.1");
+
+ req = async_connect_send(ev, ev, fd,
+ (struct sockaddr *)&addr,
+ sizeof(struct sockaddr_in),
+ NULL, NULL, NULL);
+
+ if (!tevent_req_poll(req, ev)) {
+ perror("tevent_req_poll() failed");
+ return 1;
+ }
+
+ status = 0;
+ result = async_connect_recv(req, &status);
+ if (result != 0) {
+ return status;
+ }
+ return 0;
+ }
+
+ result = waitpid(pid, &status, 0);
+ if (result == -1) {
+ perror("waitpid");
+ return 1;
+ }
+
+ if (!WIFEXITED(status)) {
+ printf("child status: %d\n", status);
+ return 2;
+ }
+
+ exit_status = WEXITSTATUS(status);
+ printf("test done: status=%d\n", exit_status);
+
+ if (exit_status != 0) {
+ return exit_status;
+ }
+
+ return 0;
+}
diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c
index bc3780c..c0ad8f3 100644
--- a/lib/async_req/async_sock.c
+++ b/lib/async_req/async_sock.c
@@ -127,24 +127,17 @@ struct tevent_req *async_connect_send(
return tevent_req_post(req, ev);
}
- /**
- * A number of error messages show that something good is progressing
- * and that we have to wait for readability.
- *
- * If none of them are present, bail out.
+ /*
+ * The only errno indicating that the connect is still in
+ * flight is EINPROGRESS, everything else is an error
*/
- if (!(errno == EINPROGRESS || errno == EALREADY ||
-#ifdef EISCONN
- errno == EISCONN ||
-#endif
- errno == EAGAIN || errno == EINTR)) {
+ if (errno != EINPROGRESS) {
tevent_req_error(req, errno);
return tevent_req_post(req, ev);
}
- state->fde = tevent_add_fd(ev, state, fd,
- TEVENT_FD_READ | TEVENT_FD_WRITE,
+ state->fde = tevent_add_fd(ev, state, fd, TEVENT_FD_WRITE,
async_connect_connected, req);
if (state->fde == NULL) {
tevent_req_error(req, ENOMEM);
@@ -189,27 +182,32 @@ static void async_connect_connected(struct tevent_context
*ev,
struct async_connect_state *state =
tevent_req_data(req, struct async_connect_state);
int ret;
-
- if (state->before_connect != NULL) {
- state->before_connect(state->private_data);
- }
-
- ret = connect(state->fd, (struct sockaddr *)(void *)&state->address,
- state->address_len);
-
- if (state->after_connect != NULL) {
- state->after_connect(state->private_data);
- }
-
- if (ret == 0) {
- tevent_req_done(req);
+ int socket_error = 0;
+ socklen_t slen = sizeof(socket_error);
+
+ ret = getsockopt(state->fd, SOL_SOCKET, SO_ERROR,
+ &socket_error, &slen);
+
+ if (ret != 0) {
+ /*
+ * According to Stevens this is the Solaris behaviour
+ * in case the connection encountered an error:
+ * getsockopt() fails, error is in errno
+ */
+ tevent_req_error(req, errno);
return;
}
- if (errno == EINPROGRESS) {
- /* Try again later, leave the fde around */
+
+ if (socket_error != 0) {
+ /*
+ * Berkeley derived implementations (including) Linux
+ * return the pending error via socket_error.
+ */
+ tevent_req_error(req, socket_error);
return;
}
- tevent_req_error(req, errno);
+
+ tevent_req_done(req);
return;
}
diff --git a/lib/async_req/wscript_build b/lib/async_req/wscript_build
index e8af569..9c25223 100644
--- a/lib/async_req/wscript_build
+++ b/lib/async_req/wscript_build
@@ -7,3 +7,7 @@ bld.SAMBA_SUBSYSTEM('LIBASYNC_REQ',
deps='tevent-util socket-blocking'
)
+bld.SAMBA_BINARY('async_connect_send_test',
+ source='async_connect_send_test.c',
+ deps='LIBASYNC_REQ'
+)
diff --git a/libds/common/flags.h b/libds/common/flags.h
index f821e17..88b93cb 100644
--- a/libds/common/flags.h
+++ b/libds/common/flags.h
@@ -187,7 +187,9 @@
* Level */
#define DS_DOMAIN_FUNCTION_2003 2
#define DS_DOMAIN_FUNCTION_2008 3
-#define DS_DOMAIN_FUNCTION_2008_R2 4
+#define DS_DOMAIN_FUNCTION_2008_R2 4
+#define DS_DOMAIN_FUNCTION_2012 5
+#define DS_DOMAIN_FUNCTION_2012_R2 6
/* sa->systemFlags on attributes */
#define DS_FLAG_ATTR_NOT_REPLICATED 0x00000001
diff --git a/python/samba/netcmd/dns.py b/python/samba/netcmd/dns.py
index 2cf9a1f..7cedffc 100644
--- a/python/samba/netcmd/dns.py
+++ b/python/samba/netcmd/dns.py
@@ -37,7 +37,11 @@ def dns_connect(server, lp, creds):
if server.lower() == 'localhost':
server = '127.0.0.1'
binding_str = "ncacn_ip_tcp:%s[sign]" % server
- dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
+ try:
+ dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
+ except RuntimeError, e:
+ raise CommandError('Connecting to DNS RPC server %s failed with %s' %
(server, e))
+
return dns_conn
diff --git a/python/samba/provision/sambadns.py
b/python/samba/provision/sambadns.py
index b563932..f3cdb32 100644
--- a/python/samba/provision/sambadns.py
+++ b/python/samba/provision/sambadns.py
@@ -35,7 +35,8 @@ from samba.dcerpc import dnsp, misc, security
from samba.dsdb import (
DS_DOMAIN_FUNCTION_2000,
DS_DOMAIN_FUNCTION_2003,
- DS_DOMAIN_FUNCTION_2008_R2
+ DS_DOMAIN_FUNCTION_2008_R2,
+ DS_DOMAIN_FUNCTION_2012_R2
)
from samba.descriptor import (
get_domain_descriptor,
@@ -967,7 +968,7 @@ def is_valid_dns_backend(dns_backend):
def is_valid_os_level(os_level):
- return DS_DOMAIN_FUNCTION_2000 <= os_level <= DS_DOMAIN_FUNCTION_2008_R2
+ return DS_DOMAIN_FUNCTION_2000 <= os_level <= DS_DOMAIN_FUNCTION_2012_R2
def create_dns_legacy(samdb, domainsid, forestdn, dnsadmins_sid):
diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index 9937203..9f3e6ec 100644
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -180,8 +180,8 @@ sub get_interface($)
$interfaces{"fileserver"} = 35;
# update lib/socket_wrapper/socket_wrapper.c
- # #define MAX_WRAPPED_INTERFACES 32
- # if you wish to have more than 32 interfaces
+ # #define MAX_WRAPPED_INTERFACES 40
+ # if you wish to have more than 40 interfaces
if (not defined($interfaces{$netbiosname})) {
die();
diff --git a/source3/script/tests/test_async_req.sh
b/source3/script/tests/test_async_req.sh
new file mode 100755
index 0000000..a92f990
--- /dev/null
+++ b/source3/script/tests/test_async_req.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+incdir=`dirname $0`/../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+failed=0
+
+testit "async_connect_send" $VALGRIND $BINDIR/async_connect_send_test ||
+ failed=`expr $failed + 1`
+
+testok $0 $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index ecbb368..4f6c123 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -249,6 +249,9 @@ plantestsuite(
"samba3.pthreadpool", "nt4_dc",
[os.path.join(samba3srcdir, "script/tests/test_pthreadpool.sh")])
+plantestsuite("samba3.async_req", "nt4_dc",
+ [os.path.join(samba3srcdir, "script/tests/test_async_req.sh")])
+
#smbtorture4 tests
base = ["base.attr", "base.charset", "base.chkpath", "base.defer_open",
"base.delaywrite", "base.delete",
diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c
index 9a3b509..8836d85 100644
--- a/source4/dsdb/pydsdb.c
+++ b/source4/dsdb/pydsdb.c
@@ -1180,6 +1180,8 @@ void initdsdb(void)
ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2003);
ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2008);
ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2008_R2);
+ ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2012);
+ ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2012_R2);
/* nc replica flags */
ADD_DSDB_FLAG(INSTANCE_TYPE_IS_NC_HEAD);
diff --git a/source4/scripting/bin/samba_upgradedns
b/source4/scripting/bin/samba_upgradedns
index 689c9a4..53e05a6 100755
--- a/source4/scripting/bin/samba_upgradedns
+++ b/source4/scripting/bin/samba_upgradedns
@@ -415,7 +415,6 @@ if __name__ == '__main__':
try:
dn = 'samAccountName=dns-%s,CN=Principals' % hostname
msg = ldbs.secrets.search(expression='(dn=%s)' % dn,
attrs=['secret'])
- dnssecret = msg[0]['secret'][0]
except IndexError:
logger.info("Adding dns-%s account" % hostname)
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 44cdbdc..4ba246f 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -4186,7 +4186,10 @@ static bool check_dom_trust_pw(struct dcerpc_pipe *p,
host,
lpcfg_cldap_port(tctx->lp_ctx),
&dest_addr);
- torture_assert_int_equal(tctx, rc, 0,
"tsocket_address_inet_from_strings");
+ torture_assert_int_equal(tctx, rc, 0,
+ talloc_asprintf(tctx,
+
"tsocket_address_inet_from_strings failed parsing %s:%d",
+ host,
lpcfg_cldap_port(tctx->lp_ctx)));
/* cldap_socket_init should now know about the dest. address */
status = cldap_socket_init(tctx, NULL, dest_addr, &cldap);
--
Samba Shared Repository
