The branch, v4-6-stable has been updated
via fd09a02 VERSION: Disable GIT_SNAPSHOT for the 4.6.13 release.
via 38e71ba WHATSNEW: Add release notes for Samba 4.6.13.
via 666c680 build: fix ceph_statx check when configured with
libcephfs_dir
via 3015558 vfs_fruit: set delete-on-close for empty finderinfo
via 9e47e9e vfs_fruit: filter out AFP_AfpInfo streams with pending
delete-on-close
via c1e0396 vfs_fruit: factor out delete_invalid_meta_stream() from
fruit_streaminfo_meta_stream()
via d95b278 s4/torture/fruit: enhance zero AFP_AfpInfo stream test
via 26da45b s4/torture/fruit: ensure AFP_AfpInfo blobs are 0-initialized
via 21d0446 vfs_default: use VFS statvfs macro in fs_capabilities
via a6b780c vfs_ceph: add fs_capabilities hook to avoid local statvfs
via 579b6a4 s3: smbd: Use identical logic to test for kernel oplocks on
a share.
via 6ba6125 smbd: Fix coredump on failing chdir during logoff
via 60eb51d selftest: Add test for failing chdir call in smbd
via e6ec5ae selftest: Make location of log file available in tests
via 90d87d4 selftest: Add share for error injection testing
via 919d16e vfs_error_inject: Add new module
via d932fcf ctdb-recovery-helper: Deregister message handler in error
paths
via a3dc640 sysacls: change datatypes to 32 bits
via e64528a pysmbd: fix use of sysacl API
via f502340 HEIMDAL:kdc: fix dh->q allocation check in get_dh_param()
via c6dfb4e HEIMDAL: don't bother seeing q if not sent
via 03c69a5 HEIMDAL: allow optional q in DH DomainParameters
via f69814f g_lock: fix cleanup of stale entries in g_lock_trylock()
via e39dcec s4:kdc: only map SDB_ERR_NOT_FOUND_HERE to
HDB_ERR_NOT_FOUND_HERE
via 51fb772 VERSION: Bump version up to 4.6.13...
from 1377b56 VERSION: Disable GIT_SNAPSHOT for the 4.6.12 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-6-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 74 +++++++++++++-
ctdb/server/ctdb_recovery_helper.c | 16 ++-
selftest/selftest.pl | 1 +
selftest/target/Samba3.pm | 4 +
source3/include/smb_acls.h | 10 +-
source3/lib/g_lock.c | 6 +-
source3/modules/vfs_ceph.c | 15 +++
source3/modules/vfs_default.c | 14 +--
source3/modules/vfs_error_inject.c | 99 ++++++++++++++++++
source3/modules/vfs_fruit.c | 172 ++++++++++++++++++++++++--------
source3/modules/wscript_build | 7 ++
source3/script/tests/test_smbd_error.sh | 56 +++++++++++
source3/selftest/tests.py | 3 +
source3/smbd/oplock.c | 25 +++--
source3/smbd/pysmbd.c | 43 +++++++-
source3/smbd/server_exit.c | 4 -
source3/wscript | 10 +-
source4/heimdal/kdc/pkinit.c | 11 +-
source4/heimdal/lib/asn1/rfc2459.asn1 | 2 +-
source4/heimdal/lib/krb5/pkinit.c | 7 +-
source4/kdc/hdb-samba4.c | 24 +++--
source4/torture/vfs/fruit.c | 89 ++++++++++++++++-
23 files changed, 604 insertions(+), 90 deletions(-)
create mode 100644 source3/modules/vfs_error_inject.c
create mode 100755 source3/script/tests/test_smbd_error.sh
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 0c4ca38..8a613d1 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=6
-SAMBA_VERSION_RELEASE=12
+SAMBA_VERSION_RELEASE=13
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a759fa9..992007d 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,74 @@
==============================
+ Release Notes for Samba 4.6.13
+ February 14, 2017
+ =============================
+
+
+This is the latest stable release of the Samba 4.6 release series.
+
+
+Changes since 4.6.12:
+---------------------
+
+o Jeremy Allison <j...@samba.org>
+ * BUG 13193: s3: smbd: Use identical logic to test for kernel oplocks on a
+ share.
+
+o Love Hornquist Astrand <l...@h5l.org>
+ * BUG 12986: Kerberos: PKINIT: Can't decode algorithm parameters in
+ clientPublicValue.
+
+o Ralph Boehme <s...@samba.org>
+ * BUG 13181: vfs_fruit: Fail to copy file with empty FinderInfo from Windows
+ client to Samba share with fruit.
+
+o David Disseldorp <dd...@suse.de>
+ * BUG 13208: vfs_default: Use VFS statvfs macro in fs_capabilities.
+ * BUG 13250: build: Fix ceph_statx check when configured with libcephfs_dir.
+
+o Amitay Isaacs <ami...@gmail.com>
+ * BUG 13188: ctdb-recovery-helper: Deregister message handler in error
+ paths.
+
+o Christof Schmitt <c...@samba.org>
+ * BUG 13189: smbd: Fix coredump on failing chdir during logoff.
+
+o Stefan Metzmacher <me...@samba.org>
+ * BUG 12986: Kerberos: PKINIT: Can't decode algorithm parameters in
+ clientPublicValue.
+ * BUG 13132: s4:kdc: Only map SDB_ERR_NOT_FOUND_HERE to
+ HDB_ERR_NOT_FOUND_HERE.
+ * BUG 13195: g_lock: fix cleanup of stale entries in g_lock_trylock().
+
+o Uri Simchoni <u...@samba.org>
+ * BUG 13176: Fix POSIX ACL support on hpux and possibly other
+ big-endian OSs.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+ ==============================
Release Notes for Samba 4.6.12
December 20, 2017
=============================
@@ -90,8 +160,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
==============================
Release Notes for Samba 4.6.11
diff --git a/ctdb/server/ctdb_recovery_helper.c
b/ctdb/server/ctdb_recovery_helper.c
index 474b900..2c7bb4b 100644
--- a/ctdb/server/ctdb_recovery_helper.c
+++ b/ctdb/server/ctdb_recovery_helper.c
@@ -428,6 +428,7 @@ struct pull_database_state {
uint32_t pnn;
uint64_t srvid;
int num_records;
+ int result;
};
static void pull_database_handler(uint64_t srvid, TDB_DATA data,
@@ -625,8 +626,8 @@ static void pull_database_new_done(struct tevent_req
*subreq)
if (! status) {
LOG("control DB_PULL failed for %s on node %u, ret=%d\n",
recdb_name(state->recdb), state->pnn, ret);
- tevent_req_error(req, ret);
- return;
+ state->result = ret;
+ goto unregister;
}
ret = ctdb_reply_control_db_pull(reply, &num_records);
@@ -634,13 +635,15 @@ static void pull_database_new_done(struct tevent_req
*subreq)
if (num_records != state->num_records) {
LOG("mismatch (%u != %u) in DB_PULL records for %s\n",
num_records, state->num_records, recdb_name(state->recdb));
- tevent_req_error(req, EIO);
- return;
+ state->result = EIO;
+ goto unregister;
}
LOG("Pulled %d records for db %s from node %d\n",
state->num_records, recdb_name(state->recdb), state->pnn);
+unregister:
+
subreq = ctdb_client_remove_message_handler_send(
state, state->ev, state->client,
state->srvid, req);
@@ -668,6 +671,11 @@ static void pull_database_unregister_done(struct
tevent_req *subreq)
return;
}
+ if (state->result != 0) {
+ tevent_req_error(req, state->result);
+ return;
+ }
+
tevent_req_done(req);
}
diff --git a/selftest/selftest.pl b/selftest/selftest.pl
index c54ea68..c4a5464 100755
--- a/selftest/selftest.pl
+++ b/selftest/selftest.pl
@@ -843,6 +843,7 @@ my @exported_envvars = (
"DNS_FORWARDER2",
"RESOLV_CONF",
"UNACCEPTABLE_PASSWORD",
+ "SMBD_TEST_LOG",
# nss_wrapper
"NSS_WRAPPER_PASSWD",
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index dbfad1c..77716e9 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -2010,6 +2010,10 @@ sub provision($$$$$$$$)
copy = tmp
kernel oplocks = yes
vfs objects = streams_xattr xattr_tdb
+[error_inject]
+ copy = tmp
+ vfs objects = error_inject
+ include = $libdir/error_inject.conf
";
close(CONF);
diff --git a/source3/include/smb_acls.h b/source3/include/smb_acls.h
index 3ac23db..cd2452b 100644
--- a/source3/include/smb_acls.h
+++ b/source3/include/smb_acls.h
@@ -26,8 +26,14 @@ struct vfs_handle_struct;
struct files_struct;
typedef int SMB_ACL_TYPE_T;
-typedef mode_t *SMB_ACL_PERMSET_T;
-typedef mode_t SMB_ACL_PERM_T;
+/*
+ * struct smb_acl_entry is defined in IDL as
+ * using mode_t values, pidl always converts these
+ * to uint32_t. Ensure the external type definitions
+ * match.
+ */
+typedef uint32_t *SMB_ACL_PERMSET_T;
+typedef uint32_t SMB_ACL_PERM_T;
typedef enum smb_acl_tag_t SMB_ACL_TAG_T;
typedef struct smb_acl_t *SMB_ACL_T;
diff --git a/source3/lib/g_lock.c b/source3/lib/g_lock.c
index f954978..6a661cd 100644
--- a/source3/lib/g_lock.c
+++ b/source3/lib/g_lock.c
@@ -133,7 +133,9 @@ static NTSTATUS g_lock_trylock(struct db_record *rec,
struct server_id self,
return NT_STATUS_INTERNAL_ERROR;
}
- for (i=0; i<num_locks; i++) {
+ i=0;
+
+ while (i < num_locks) {
if (serverid_equal(&self, &locks[i].pid)) {
status = NT_STATUS_INTERNAL_ERROR;
goto done;
@@ -160,7 +162,9 @@ static NTSTATUS g_lock_trylock(struct db_record *rec,
struct server_id self,
locks[i] = locks[num_locks-1];
num_locks -= 1;
modified = true;
+ continue;
}
+ i++;
}
tmp = talloc_realloc(talloc_tos(), locks, struct g_lock_rec,
diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c
index e3d22bf..2842647 100644
--- a/source3/modules/vfs_ceph.c
+++ b/source3/modules/vfs_ceph.c
@@ -251,6 +251,20 @@ static int cephwrap_statvfs(struct vfs_handle_struct
*handle, const char *path,
return ret;
}
+static uint32_t cephwrap_fs_capabilities(struct vfs_handle_struct *handle,
+ enum timestamp_set_resolution
*p_ts_res)
+{
+ uint32_t caps = FILE_CASE_SENSITIVE_SEARCH | FILE_CASE_PRESERVED_NAMES;
+
+#ifdef HAVE_CEPH_STATX
+ *p_ts_res = TIMESTAMP_SET_NT_OR_BETTER;
+#else
+ *p_ts_res = TIMESTAMP_SET_MSEC;
+#endif
+
+ return caps;
+}
+
/* Directory operations */
static DIR *cephwrap_opendir(struct vfs_handle_struct *handle,
@@ -1339,6 +1353,7 @@ static struct vfs_fn_pointers ceph_fns = {
.get_quota_fn = cephwrap_get_quota,
.set_quota_fn = cephwrap_set_quota,
.statvfs_fn = cephwrap_statvfs,
+ .fs_capabilities_fn = cephwrap_fs_capabilities,
/* Directory operations */
diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index ce1b6e2..4889591 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -121,8 +121,14 @@ static uint32_t vfswrap_fs_capabilities(struct
vfs_handle_struct *handle,
struct vfs_statvfs_struct statbuf;
int ret;
+ smb_fname_cpath = synthetic_smb_fname(talloc_tos(), conn->connectpath,
+ NULL, NULL, 0);
+ if (smb_fname_cpath == NULL) {
+ return caps;
+ }
+
ZERO_STRUCT(statbuf);
- ret = sys_statvfs(conn->connectpath, &statbuf);
+ ret = SMB_VFS_STATVFS(conn, conn->connectpath, &statbuf);
if (ret == 0) {
caps = statbuf.FsCapabilities;
}
@@ -132,12 +138,6 @@ static uint32_t vfswrap_fs_capabilities(struct
vfs_handle_struct *handle,
/* Work out what timestamp resolution we can
* use when setting a timestamp. */
- smb_fname_cpath = synthetic_smb_fname(talloc_tos(), conn->connectpath,
- NULL, NULL, 0);
- if (smb_fname_cpath == NULL) {
- return caps;
- }
-
ret = SMB_VFS_STAT(conn, smb_fname_cpath);
if (ret == -1) {
TALLOC_FREE(smb_fname_cpath);
diff --git a/source3/modules/vfs_error_inject.c
b/source3/modules/vfs_error_inject.c
new file mode 100644
index 0000000..3196a2f
--- /dev/null
+++ b/source3/modules/vfs_error_inject.c
@@ -0,0 +1,99 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * Samba VFS module for error injection in VFS calls
+ * Copyright (C) Christof Schmitt 2017
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+#include "smbd/smbd.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_VFS
+
+struct unix_error_map {
+ const char *err_str;
+ int error;
+} unix_error_map_array[] = {
+ { "ESTALE", ESTALE },
+};
+
+static int find_unix_error_from_string(const char *err_str)
+{
+ int i;
+
+ for (i = 0; i < ARRAY_SIZE(unix_error_map_array); i++) {
+ struct unix_error_map *m = &unix_error_map_array[i];
+
+ if (strequal(err_str, m->err_str)) {
+ return m->error;
+ }
+ }
+
+ return 0;
+}
+
+static int inject_unix_error(const char *vfs_func, vfs_handle_struct *handle)
+{
+ const char *err_str;
+
+ err_str = lp_parm_const_string(SNUM(handle->conn),
+ "error_inject", vfs_func, NULL);
+
+ if (err_str != NULL) {
+ int error;
+
+ error = find_unix_error_from_string(err_str);
+ if (error != 0) {
+ DBG_WARNING("Returning error %s for VFS function %s\n",
+ err_str, vfs_func);
+ return error;
+ }
+
+ if (strequal(err_str, "panic")) {
+ DBG_ERR("Panic in VFS function %s\n", vfs_func);
+ smb_panic("error_inject");
+ }
+
+ DBG_ERR("Unknown error inject %s requested "
+ "for vfs function %s\n", err_str, vfs_func);
+ }
+
+ return 0;
+}
+
+static int vfs_error_inject_chdir(vfs_handle_struct *handle, const char *path)
+{
+ int error;
+
+ error = inject_unix_error("chdir", handle);
+ if (error != 0) {
+ errno = error;
+ return -1;
+ }
+
+ return SMB_VFS_NEXT_CHDIR(handle, path);
+}
+
+static struct vfs_fn_pointers vfs_error_inject_fns = {
+ .chdir_fn = vfs_error_inject_chdir,
+};
+
+static_decl_vfs;
+NTSTATUS vfs_error_inject_init(void)
+{
+ return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "error_inject",
+ &vfs_error_inject_fns);
+}
diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
index f7e57d0..7ae51ee 100644
--- a/source3/modules/vfs_fruit.c
+++ b/source3/modules/vfs_fruit.c
@@ -4065,26 +4065,35 @@ static ssize_t
fruit_pwrite_meta_stream(vfs_handle_struct *handle,
size_t n, off_t offset)
{
AfpInfo *ai = NULL;
- int ret;
+ size_t nwritten;
+ bool ok;
ai = afpinfo_unpack(talloc_tos(), data);
if (ai == NULL) {
return -1;
}
- if (ai_empty_finderinfo(ai)) {
- ret = SMB_VFS_NEXT_UNLINK(handle, fsp->fsp_name);
- if (ret != 0 && errno != ENOENT && errno != ENOATTR) {
- DBG_ERR("Can't delete metadata for %s: %s\n",
- fsp_str_dbg(fsp), strerror(errno));
- TALLOC_FREE(ai);
- return -1;
- }
+ nwritten = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
+ if (nwritten != n) {
+ return -1;
+ }
+ if (!ai_empty_finderinfo(ai)) {
return n;
}
- return SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
+ ok = set_delete_on_close(
+ fsp,
+ true,
+ handle->conn->session_info->security_token,
+ handle->conn->session_info->unix_token);
+ if (!ok) {
+ DBG_ERR("set_delete_on_close on [%s] failed\n",
+ fsp_str_dbg(fsp));
+ return -1;
+ }
+
+ return n;
}
static ssize_t fruit_pwrite_meta_netatalk(vfs_handle_struct *handle,
@@ -4095,26 +4104,13 @@ static ssize_t
fruit_pwrite_meta_netatalk(vfs_handle_struct *handle,
AfpInfo *ai = NULL;
char *p = NULL;
int ret;
+ bool ok;
ai = afpinfo_unpack(talloc_tos(), data);
if (ai == NULL) {
return -1;
}
- if (ai_empty_finderinfo(ai)) {
- ret = SMB_VFS_REMOVEXATTR(handle->conn,
- fsp->fsp_name->base_name,
- AFPINFO_EA_NETATALK);
-
- if (ret != 0 && errno != ENOENT && errno != ENOATTR) {
- DBG_ERR("Can't delete metadata for %s: %s\n",
- fsp_str_dbg(fsp), strerror(errno));
- return -1;
- }
-
- return n;
- }
-
ad = ad_fget(talloc_tos(), handle, fsp, ADOUBLE_META);
if (ad == NULL) {
ad = ad_init(talloc_tos(), handle, ADOUBLE_META);
@@ -4139,6 +4135,22 @@ static ssize_t
fruit_pwrite_meta_netatalk(vfs_handle_struct *handle,
}
TALLOC_FREE(ad);
+
+ if (!ai_empty_finderinfo(ai)) {
+ return n;
+ }
+
+ ok = set_delete_on_close(
+ fsp,
+ true,
+ handle->conn->session_info->security_token,
+ handle->conn->session_info->unix_token);
+ if (!ok) {
+ DBG_ERR("set_delete_on_close on [%s] failed\n",
+ fsp_str_dbg(fsp));
+ return -1;
+ }
+
return n;
}
--
Samba Shared Repository
